Jump to content

Computer has really slowed down and IE closed down errors appearing even though I haven't ran it


Recommended Posts

Hiya,

Really appreciate any help on this. My computer has really slowed down recently and I haven't installed any new softwares. Asl I have been regularly getting windows errors regarding certain programs have stopped working. ONe of these programs is IE even though I dont use it. I have noticed that when I use ccleaner that there are some IE files to clear up but again I dont use it.

I have ran the DDS as requested and will put the DDS log and the attach log in the next replies.

Thanks in anticipation

Link to post
Share on other sites

DDS LOG

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2

Run by Andy at 14:52:30 on 2012-10-07

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.1916.244 [GMT 1:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Program Files\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

"C:\Windows\system32\svchost.exe"

"C:\Windows\system32\svchost.exe"

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Windows\system32\lxeacoms.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

D:\RoboSoft4\RSDBServer.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\SiS VGA Utilities\SiSTray.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

D:\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

D:\Spybot - Search & Destroy\SpybotSD.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = Preserve

uStart Page = hxxp://www.thetechguys.com/welcome

uDefault_Page_URL = hxxp://www.thetechguys.com/welcome

mDefault_Page_URL = hxxp://www.thetechguys.com/welcome

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = 0.0.0.0:80

uURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFree.dll

mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFree.dll

mURLSearchHooks: H - No File

BHO: s - No File

BHO: SlimBho2.dll' - No File

BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 10\SnagitBHO.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFree.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll

BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\spybot - search & destroy\SDHelper.dll

BHO: CmjBrowserHelperObject Object: {6fe6a929-59d1-4763-91ad-29b61cffb35b} - c:\program files\mindjet\mindmanager 8\Mm8InternetExplorer.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll

BHO: OrbiscomROTBho2 Class: {d81ab57b-7327-4347-b7c7-9ef7ca87ce09} - c:\windows\system32\SlimBho2.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll

TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 10\SnagitIEAddin.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

TB: {58ae4526-9474-4a80-a0ca-45beff07cec9} - No File

TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFree.dll

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

EB: {58ae4526-9474-4a80-a0ca-45beff07cec9} - No File

uRun: [spybotSD TeaTimer] d:\spybot - search & destroy\TeaTimer.exe

mRun: [siSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11e_ActiveX.exe -update activex

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\programs\partygaming\partycasino\RunApp.exe

IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\poker\partypoker\RunApp.exe

IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {2F72393D-2472-4F82-B600-ED77F354B7FF} - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - c:\program files\mindjet\mindmanager 8\Mm8InternetExplorer.dll

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\spybot - search & destroy\SDHelper.dll

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{4231FEBA-47F7-40B8-AD24-C4DDEE06B8EA} : DhcpNameServer = 198.41.0.4

TCP: Interfaces\{96328590-9B20-4478-B30C-47798DD37270} : DhcpNameServer = 192.168.1.254

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\andy\appdata\roaming\mozilla\firefox\profiles\eurdbb1x.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: keyword.URL - hxxp://uk.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_uk&p=

FF - prefs.js: network.proxy.type - 4

FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll

FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll

FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll

FF - component: c:\users\andy\appdata\roaming\mozilla\firefox\profiles\eurdbb1x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: c:\users\andy\appdata\roaming\mozilla\firefox\profiles\eurdbb1x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll

FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npmidas.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll

FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\users\andy\program files\dna\plugins\npbtdna.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - plugin: d:\realplayersp\netscape6\nppl3260.dll

FF - plugin: d:\realplayersp\netscape6\nppl3260.dll

FF - plugin: d:\realplayersp\netscape6\nprjplug.dll

FF - plugin: d:\realplayersp\netscape6\nprjplug.dll

FF - plugin: d:\realplayersp\netscape6\nprpjplug.dll

FF - plugin: d:\realplayersp\netscape6\nprpplugin.dll

FF - plugin: g:\itunes\mozilla plugins\npitunes.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-7-26 237408]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-8-24 301920]

R1 RapportBuka;RapportBuka;c:\windows\system32\drivers\RapportBuka.sys [2010-3-7 390528]

R1 RapportCerberus_43926;RapportCerberus_43926;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\43926\RapportCerberus32_43926.sys [2012-10-4 272216]

R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2012-9-22 71480]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]

R2 BecHelperService;BecHelperService;c:\program files\3 mobile broadband\3connect\BecHelperService.exe [2010-9-4 1737464]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-17 21504]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-12-29 47640]

R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?]

R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2012-9-22 976728]

R2 RSDBServerService;RoboSoft Database Server;d:\robosoft4\RSDBServer.exe [2012-5-8 1794048]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-8-13 3064000]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]

R3 RapportIaso;RapportIaso;c:\programdata\trusteer\rapport\store\exts\rapportms\39624\RapportIaso.sys [2012-5-30 21520]

R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2010-3-31 350720]

R3 SiS6350;SiS6350;c:\windows\system32\drivers\SISGRKMD.sys [2007-8-31 452096]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2007-8-31 46592]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-8-15 133104]

S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [2010-5-16 193192]

S2 SBSDWSCService;SBSD Security Center Service;d:\spybot - search & destroy\SDWinSec.exe [2012-10-7 1153368]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-15 133104]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2010-9-4 101120]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-27 114144]

S3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr73.sys [2007-8-31 351232]

S3 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2012-9-22 65848]

S3 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2012-9-22 166840]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-10-07 12:28:51 388096 ----a-r- c:\users\andy\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2012-10-07 12:28:50 -------- d-----w- c:\program files\Trend Micro

2012-10-07 10:58:57 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-09-25 20:44:28 -------- d-----w- c:\users\andy\appdata\roaming\MetaQuotes

2012-09-22 15:34:42 65848 ----a-w- c:\windows\system32\drivers\RapportKELL.sys

2012-09-17 13:18:32 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

.

==================== Find3M ====================

.

2012-09-17 13:17:29 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-09-17 13:17:29 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-24 14:43:18 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-07-26 02:21:30 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys

.

=================== ROOTKIT ====================

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 6.0.6002

.

CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.

device: opened successfully

user: error reading MBR

.

Disk trace:

called modules: ntkrnlpa.exe >>UNKNOWN [0x8A74AA0A]<<

_asm { MOV EDI, EDI; PUSH EBP; MOV EBP, ESP; PUSH EBX; MOV EBX, [EBP+0xc]; MOV EAX, [EBX+0x60]; MOV ECX, [EAX+0xc]; OR ECX, [EAX+0x10]; PUSH ESI; JNZ 0x94; MOV ESI, 0x200; CMP [EAX+0x4], ESI; JB 0x94; }

1 ntkrnlpa!IofCallDriver[0x86492936] -> \Device\Harddisk0\DR0[0x89AC6030]

\Driver\disk[0x89AC5C48] -> IRP_MJ_READ -> 0x8A74AA0A

kernel: MBR read successfully

_asm { NOP ; XOR AX, AX; NOP ; MOV DS, AX; MOV ES, AX; NOP ; MOV SS, AX; MOV SP, 0x7c00; MOV SI, 0x7c00; NOP ; MOV DI, 0x600; NOP ; MOV CX, 0x80; NOP ; CLD ; REP MOVSD ; NOP ; JMP FAR 0x0:0x626; }

user != kernel MBR !!!

Warning: possible TDL4 rootkit infection !

TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix.

.

============= FINISH: 15:08:03.06 ===============

Link to post
Share on other sites

ATTACH FILE

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 14/09/2007 03:04:59

System Uptime: 07/10/2012 14:23:47 (1 hours ago)

.

Motherboard: DIXONSXP | | N/A

Processor: Intel® Core2 Duo CPU T5250 @ 1.50GHz | uPGA 479M | 1500/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 61 GiB total, 4.535 GiB free.

D: is FIXED (NTFS) - 29 GiB total, 7.085 GiB free.

E: is CDROM ()

F: is Removable

G: is FIXED (NTFS) - 15 GiB total, 1.886 GiB free.

S: is FIXED (NTFS) - 1 GiB total, 1.399 GiB free.

.

==== Disabled Device Manager Items =============

.

==== Installed Programs ======================

.

.

Update for Microsoft Office 2007 (KB2508958)

1.3.0.1

3 USB Modem

3Connect

Adobe AIR

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Default Language CS3

Adobe Device Central CS3

Adobe Dreamweaver CS3

Adobe ExtendScript Toolkit 2

Adobe Extension Manager CS3

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Help Viewer CS3

Adobe PDF Library Files

Adobe Reader 8.2.0

Adobe Setup

Adobe Shockwave Player 11.5

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audacity 1.2.6

AVG 2012

BitTorrent

Bonjour

Buckaroo Watchboard

cahoot webcard

CamStudio Lossless Codec

Camtasia Studio 7

Canon Easy-WebPrint EX

Canon Inkjet Printer/Scanner/Fax Extended Survey Program

Canon iP4700 series Printer Driver

Canon iP4700 series User Registration

Canon Utilities My Printer

Canon Utilities Solution Menu

CassetteMate

CCleaner

CD-LabelPrint

ColorPic

CommissionMultiplier

Content Spinner

Convert AVI to MP4 1.3

DataFilter

Desktop Ticker 1.4.0

Digi Traffic Accelerator

DNA

Domain Match Pro

eCover Engineer 5.5

FileZilla Client 3.5.3

Freecorder 5

Freecorder Toolbar

FXCM MetaTrader 4

GIMP 2.6.10

Google Chrome

Google Gears

Google Update Helper

GoToMeeting 5.2.0.952

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Huawei modem

Instant Content Curator Pro

iTunes

iWisoft Flash SWF to Video Converter 3.4

Java 7 Update 7

Java Auto Updater

Jing

Keyword Corral PRO

KeywordVariationTool

king.com (remove only)

Lexmark Printable Web

Lexmark S300-S400 Series

Lexmark Toolbar

Lexmark Tools for Office

Logitech Vid

Logitech Webcam Software

Magic ISO Maker v5.4 (build 0239)

Magic Submitter version 2.76

Malwarebytes' Anti-Malware

Market Samurai

Micro Niche Finder 5.0

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office FrontPage 2003

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft XML Parser

Mindjet MindManager 8

MobileMe Control Panel

Motorola SM56 Data Fax Modem

Mozilla Firefox 15.0 (x86 en-US)

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

neroxml

Norton 360

OnlyWire

OSDInstall

PADGen 3.1.1.50

Paint.NET 3.8

phantomlinkcloaker

Photo Viewer 2.23

Pinterest - Buckaroo Watchboard

Placement Locator 1.0

Pocket Penguinator 1.0.0.0

Power2Go 5.0

PowerISO

QuickTime

Ralink Wireless LAN

Rank Tracker

Rapport

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

REALTEK RTL8187B Wireless LAN Driver

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

RoboSoft 4.0

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Security Update for Windows Media Encoder (KB979332)

SEO Link Robot - Fast Indexer 2.0.1.0

SERPAttacks

Setup-ExitPopup

SiS VGA Utilities

Skype Click to Call

Skype™ 5.10

Smash & Grab SEO Site Organizer

Snagit 10

SpeedFan (remove only)

Spybot - Search & Destroy

Subliminal Power

SUPERAntiSpyware

The Generator version 1.0

TimeLeft

Traffic Launch Pad

Ulead CD & DVD PictureShow 3 SE Basic

Ulead Photo Express 5 SE

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VCRedistSetup

vixy converter uninstall

Web 2.0 Mayhem 1.0.6.9

Web Page Analyzer

WebEx

Windows Live Essentials

Windows Live Sign-in Assistant

Windows Live Upload Tool

Windows Live Writer

Windows Media Encoder 9 Series

Windows Media Player Firefox Plugin

WinRAR archiver

Word Wizard

Xvid 1.1.3 final uninstall

.

==== Event Viewer Messages From Past Week ========

.

07/10/2012 14:27:17, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aybesy

07/10/2012 14:27:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

07/10/2012 14:27:11, Error: Service Control Manager [7001] - The SBSD Security Center Service service depends on the Security Center service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/10/2012 14:27:11, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/10/2012 14:27:11, Error: Service Control Manager [7000] - The lxeaCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

07/10/2012 14:27:11, Error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.

07/10/2012 14:26:20, Error: EventLog [6008] - The previous system shutdown at 14:22:32 on 07/10/2012 was unexpected.

07/10/2012 13:53:54, Error: EventLog [6008] - The previous system shutdown at 13:48:51 on 07/10/2012 was unexpected.

07/10/2012 12:51:52, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

07/10/2012 11:11:32, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

07/10/2012 09:38:36, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the stisvc service.

.

==== End Of File ===========================

Link to post
Share on other sites

Hello pooky78 and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

Step 1

Please uninstall the following applications:

BitTorrent

DNA

Freecorder Toolbar

Step 2

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • TDSSKiller log
  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log

Link to post
Share on other sites

Hi Maniac,

Many thanks for your help. I think I will go through the clean up as i can do that now and think about a reformat (For example can I find a way to still keep my data?) Anyway in the meantime I have performed the tasks. Please find the logs below.

20:41:18.0259 10124 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24

20:41:18.0568 10124 ============================================================

20:41:18.0568 10124 Current date / time: 2012/10/07 20:41:18.0568

20:41:18.0568 10124 SystemInfo:

20:41:18.0569 10124

20:41:18.0569 10124 OS Version: 6.0.6002 ServicePack: 2.0

20:41:18.0569 10124 Product type: Workstation

20:41:18.0569 10124 ComputerName: ANDY-LAPTOP

20:41:18.0570 10124 UserName: Andy

20:41:18.0570 10124 Windows directory: C:\Windows

20:41:18.0570 10124 System windows directory: C:\Windows

20:41:18.0570 10124 Processor architecture: Intel x86

20:41:18.0570 10124 Number of processors: 2

20:41:18.0570 10124 Page size: 0x1000

20:41:18.0570 10124 Boot type: Normal boot

20:41:18.0570 10124 ============================================================

20:41:20.0845 10124 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

20:41:21.0014 10124 ============================================================

20:41:21.0014 10124 \Device\Harddisk0\DR0:

20:41:21.0021 10124 MBR partitions:

20:41:21.0021 10124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xABE800, BlocksNum 0x2EE000

20:41:21.0021 10124 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xDAC800, BlocksNum 0x7A0C800

20:41:21.0035 10124 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x87B9800, BlocksNum 0x3A98000

20:41:21.0080 10124 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xC252000, BlocksNum 0x1D42000

20:41:21.0080 10124 ============================================================

20:41:21.0195 10124 C: <-> \Device\Harddisk0\DR0\Partition2

20:41:21.0227 10124 S: <-> \Device\Harddisk0\DR0\Partition1

20:41:21.0283 10124 D: <-> \Device\Harddisk0\DR0\Partition3

20:41:21.0355 10124 G: <-> \Device\Harddisk0\DR0\Partition4

20:41:21.0417 10124 ============================================================

20:41:21.0417 10124 Initialize success

20:41:21.0417 10124 ============================================================

20:42:33.0018 6492 Deinitialize success

.

Link to post
Share on other sites

This next TDSS log is split up as it's too long for one post

20:50:32.0120 1332 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24

20:50:32.0466 1332 ============================================================

20:50:32.0467 1332 Current date / time: 2012/10/07 20:50:32.0466

20:50:32.0467 1332 SystemInfo:

20:50:32.0467 1332

20:50:32.0467 1332 OS Version: 6.0.6002 ServicePack: 2.0

20:50:32.0467 1332 Product type: Workstation

20:50:32.0467 1332 ComputerName: ANDY-LAPTOP

20:50:32.0467 1332 UserName: Andy

20:50:32.0468 1332 Windows directory: C:\Windows

20:50:32.0468 1332 System windows directory: C:\Windows

20:50:32.0468 1332 Processor architecture: Intel x86

20:50:32.0468 1332 Number of processors: 2

20:50:32.0468 1332 Page size: 0x1000

20:50:32.0468 1332 Boot type: Normal boot

20:50:32.0468 1332 ============================================================

20:50:40.0203 1332 BG loaded

20:50:41.0061 1332 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

20:50:41.0121 1332 ============================================================

20:50:41.0121 1332 \Device\Harddisk0\DR0:

20:50:41.0141 1332 MBR partitions:

20:50:41.0141 1332 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xABE800, BlocksNum 0x2EE000

20:50:41.0141 1332 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xDAC800, BlocksNum 0x7A0C800

20:50:41.0152 1332 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x87B9800, BlocksNum 0x3A98000

20:50:41.0229 1332 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xC252000, BlocksNum 0x1D42000

20:50:41.0229 1332 ============================================================

20:50:41.0506 1332 C: <-> \Device\Harddisk0\DR0\Partition2

20:50:41.0756 1332 S: <-> \Device\Harddisk0\DR0\Partition1

20:50:41.0978 1332 D: <-> \Device\Harddisk0\DR0\Partition3

20:50:42.0261 1332 G: <-> \Device\Harddisk0\DR0\Partition4

20:50:42.0261 1332 ============================================================

20:50:42.0262 1332 Initialize success

20:50:42.0262 1332 ============================================================

20:56:53.0608 5396 ============================================================

20:56:53.0608 5396 Scan started

20:56:53.0608 5396 Mode: Manual; SigCheck; TDLFS;

20:56:53.0608 5396 ============================================================

20:57:06.0190 5396 ================ Scan system memory ========================

20:57:06.0191 5396 System memory - ok

20:57:06.0191 5396 ================ Scan services =============================

20:57:07.0117 5396 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

20:57:07.0493 5396 !SASCORE - ok

20:57:16.0378 5396 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys

20:57:16.0680 5396 ACPI - ok

20:57:17.0078 5396 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

20:57:17.0665 5396 adp94xx - ok

20:57:17.0929 5396 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys

20:57:18.0038 5396 adpahci - ok

20:57:18.0077 5396 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

20:57:18.0209 5396 adpu160m - ok

20:57:18.0719 5396 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys

20:57:18.0918 5396 adpu320 - ok

20:57:19.0221 5396 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

20:57:19.0754 5396 AeLookupSvc - ok

20:57:19.0984 5396 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys

20:57:20.0132 5396 AFD - ok

20:57:20.0781 5396 [ 5D97943C128ED756D1B0A08302C1B1F8 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys

20:57:21.0211 5396 AgereSoftModem - ok

20:57:21.0428 5396 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys

20:57:21.0513 5396 aic78xx - ok

20:57:21.0627 5396 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

20:57:21.0725 5396 ALG - ok

20:57:21.0866 5396 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys

20:57:21.0914 5396 aliide - ok

20:57:22.0040 5396 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys

20:57:22.0109 5396 amdagp - ok

20:57:22.0136 5396 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys

20:57:22.0189 5396 amdide - ok

20:57:22.0340 5396 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

20:57:22.0584 5396 AmdK7 - ok

20:57:22.0664 5396 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

20:57:22.0792 5396 AmdK8 - ok

20:57:23.0022 5396 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

20:57:23.0560 5396 Appinfo - ok

20:57:24.0439 5396 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:57:25.0138 5396 Apple Mobile Device - ok

20:57:25.0252 5396 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys

20:57:25.0854 5396 arc - ok

20:57:26.0332 5396 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys

20:57:26.0606 5396 arcsas - ok

20:57:27.0032 5396 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

20:57:27.0273 5396 AsyncMac - ok

20:57:27.0451 5396 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys

20:57:27.0566 5396 atapi - ok

20:57:28.0004 5396 [ E46D344412D1ABC60C58E95C73BCDC70 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys

20:57:28.0461 5396 atksgt - ok

20:57:28.0910 5396 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:57:29.0285 5396 AudioEndpointBuilder - ok

20:57:29.0495 5396 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll

20:57:29.0659 5396 Audiosrv - ok

20:57:34.0977 5396 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

20:57:40.0576 5396 AVGIDSAgent - ok

20:57:40.0969 5396 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys

20:57:41.0483 5396 AVGIDSDriver - ok

20:57:41.0661 5396 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys

20:57:41.0841 5396 AVGIDSFilter - ok

20:57:42.0095 5396 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys

20:57:42.0262 5396 AVGIDSHX - ok

20:57:42.0383 5396 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys

20:57:42.0448 5396 AVGIDSShim - ok

20:57:42.0663 5396 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys

20:57:42.0927 5396 Avgldx86 - ok

20:57:43.0059 5396 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys

20:57:43.0143 5396 Avgmfx86 - ok

20:57:43.0275 5396 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys

20:57:43.0406 5396 Avgrkx86 - ok

20:57:43.0752 5396 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys

20:57:43.0959 5396 Avgtdix - ok

20:57:44.0195 5396 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe

20:57:44.0457 5396 avgwd - ok

20:57:44.0554 5396 aybesy - ok

20:57:46.0516 5396 [ 553E94AE71D233C14A8C8B4AF9286ED0 ] BecHelperService C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe

20:57:53.0534 5396 BecHelperService - ok

20:57:53.0623 5396 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

20:57:53.0760 5396 Beep - ok

20:57:54.0530 5396 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll

20:57:55.0757 5396 BFE - ok

20:57:56.0500 5396 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll

20:57:58.0098 5396 BITS - ok

20:57:58.0110 5396 blbdrive - ok

20:57:58.0452 5396 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

20:57:59.0060 5396 Bonjour Service - ok

20:57:59.0164 5396 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys

20:57:59.0242 5396 bowser - ok

20:57:59.0400 5396 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

20:57:59.0563 5396 BrFiltLo - ok

20:57:59.0747 5396 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

20:58:00.0041 5396 BrFiltUp - ok

20:58:00.0122 5396 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

20:58:00.0298 5396 Browser - ok

20:58:00.0422 5396 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

20:58:00.0777 5396 Brserid - ok

20:58:01.0011 5396 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

20:58:01.0191 5396 BrSerWdm - ok

20:58:01.0667 5396 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

20:58:02.0205 5396 BrUsbMdm - ok

20:58:02.0237 5396 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

20:58:02.0376 5396 BrUsbSer - ok

20:58:02.0569 5396 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

20:58:02.0922 5396 BTHMODEM - ok

20:58:03.0244 5396 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

20:58:03.0654 5396 cdfs - ok

20:58:04.0099 5396 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

20:58:04.0489 5396 cdrom - ok

20:58:04.0658 5396 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll

20:58:04.0767 5396 CertPropSvc - ok

20:58:04.0999 5396 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys

20:58:05.0227 5396 circlass - ok

20:58:05.0424 5396 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys

20:58:05.0577 5396 CLFS - ok

20:58:06.0516 5396 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:58:06.0678 5396 clr_optimization_v2.0.50727_32 - ok

20:58:07.0823 5396 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:58:08.0638 5396 clr_optimization_v4.0.30319_32 - ok

20:58:08.0935 5396 CLTNetCnService - ok

20:58:09.0233 5396 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

20:58:09.0495 5396 CmBatt - ok

20:58:09.0864 5396 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys

20:58:09.0928 5396 cmdide - ok

20:58:10.0033 5396 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

20:58:10.0254 5396 Compbatt - ok

20:58:10.0267 5396 COMSysApp - ok

20:58:10.0479 5396 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

20:58:10.0572 5396 crcdisk - ok

20:58:10.0775 5396 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys

20:58:10.0966 5396 Crusoe - ok

20:58:11.0665 5396 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll

20:58:11.0815 5396 CryptSvc - ok

20:58:13.0026 5396 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll

20:58:13.0588 5396 DcomLaunch - ok

20:58:13.0783 5396 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys

20:58:13.0952 5396 DfsC - ok

20:58:14.0961 5396 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe

20:58:17.0778 5396 DFSR - ok

20:58:18.0360 5396 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll

20:58:19.0049 5396 Dhcp - ok

20:58:19.0300 5396 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys

20:58:19.0350 5396 disk - ok

20:58:19.0583 5396 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll

20:58:20.0153 5396 Dnscache - ok

20:58:20.0440 5396 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll

20:58:21.0107 5396 dot3svc - ok

20:58:21.0346 5396 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

20:58:21.0571 5396 DPS - ok

20:58:21.0715 5396 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

20:58:22.0124 5396 drmkaud - ok

20:58:22.0692 5396 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

20:58:23.0801 5396 DXGKrnl - ok

20:58:24.0172 5396 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

20:58:24.0624 5396 E1G60 - ok

20:58:24.0903 5396 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

20:58:25.0108 5396 EapHost - ok

20:58:25.0730 5396 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys

20:58:25.0910 5396 Ecache - ok

20:58:26.0272 5396 [ 1DF3D1BE3403D663827496E62D24CA4C ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

20:58:26.0816 5396 eeCtrl - ok

20:58:27.0392 5396 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

20:58:28.0127 5396 ehRecvr - ok

20:58:28.0327 5396 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe

20:58:29.0163 5396 ehSched - ok

20:58:29.0338 5396 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll

20:58:29.0545 5396 ehstart - ok

20:58:30.0024 5396 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys

20:58:30.0210 5396 elxstor - ok

20:58:31.0235 5396 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

20:58:32.0144 5396 EMDMgmt - ok

20:58:32.0669 5396 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll

20:58:33.0195 5396 EventSystem - ok

20:58:33.0656 5396 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys

20:58:34.0049 5396 exfat - ok

20:58:34.0154 5396 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

20:58:34.0314 5396 fastfat - ok

20:58:34.0609 5396 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

20:58:34.0952 5396 fdc - ok

20:58:35.0009 5396 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

20:58:35.0067 5396 fdPHost - ok

20:58:35.0146 5396 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

20:58:35.0276 5396 FDResPub - ok

20:58:35.0502 5396 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

20:58:35.0634 5396 FileInfo - ok

20:58:35.0872 5396 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

20:58:36.0028 5396 Filetrace - ok

20:58:36.0792 5396 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

20:58:37.0231 5396 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning

20:58:37.0231 5396 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)

20:58:37.0343 5396 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

20:58:37.0597 5396 flpydisk - ok

20:58:37.0914 5396 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

20:58:38.0167 5396 FltMgr - ok

20:58:39.0444 5396 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll

20:58:41.0196 5396 FontCache - ok

20:58:41.0919 5396 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

20:58:42.0245 5396 FontCache3.0.0.0 - ok

20:58:42.0328 5396 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

20:58:51.0780 5396 Fs_Rec - ok

20:58:52.0229 5396 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

20:58:52.0295 5396 gagp30kx - ok

20:58:52.0501 5396 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:58:52.0544 5396 GEARAspiWDM - ok

20:58:52.0788 5396 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys

20:58:52.0952 5396 giveio ( UnsignedFile.Multi.Generic ) - warning

20:58:52.0952 5396 giveio - detected UnsignedFile.Multi.Generic (1)

20:58:53.0262 5396 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll

20:58:53.0797 5396 gpsvc - ok

20:58:53.0841 5396 GT680x - ok

20:58:54.0133 5396 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

20:58:54.0281 5396 gupdate - ok

20:58:54.0485 5396 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

20:58:54.0505 5396 gupdatem - ok

20:58:54.0636 5396 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:58:54.0969 5396 HdAudAddService - ok

20:58:55.0165 5396 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

20:58:55.0818 5396 HDAudBus - ok

20:58:55.0921 5396 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

20:58:56.0053 5396 HidBth - ok

20:58:56.0121 5396 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys

20:58:56.0280 5396 HidIr - ok

20:58:56.0375 5396 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll

20:58:56.0726 5396 hidserv - ok

20:58:56.0849 5396 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

20:58:56.0979 5396 HidUsb - ok

20:58:57.0188 5396 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

20:58:57.0487 5396 hkmsvc - ok

20:58:57.0554 5396 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

20:58:57.0604 5396 HpCISSs - ok

20:58:57.0755 5396 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys

20:58:58.0036 5396 HTTP - ok

20:58:58.0164 5396 [ 0515065A3C7E8869DD01253E987C5BD1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys

20:58:58.0429 5396 hwdatacard - ok

20:58:58.0828 5396 [ A259D3619AA23D4562581067F85E2006 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys

20:58:58.0995 5396 hwusbdev - ok

20:58:59.0129 5396 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys

20:58:59.0192 5396 i2omp - ok

20:58:59.0451 5396 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

20:58:59.0683 5396 i8042prt - ok

20:59:00.0316 5396 [ 496DB78E6A0C4C44023D9A92B4A7AC31 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys

20:59:01.0300 5396 ialm - ok

20:59:01.0400 5396 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

20:59:01.0603 5396 iaStorV - ok

20:59:02.0017 5396 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

20:59:03.0061 5396 idsvc - ok

20:59:03.0135 5396 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

20:59:03.0197 5396 iirsp - ok

20:59:03.0802 5396 [ A06EFD4965F8A3F97A8C9A291D032678 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

20:59:03.0883 5396 IJPLMSVC - ok

20:59:04.0148 5396 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll

20:59:04.0630 5396 IKEEXT - ok

20:59:05.0784 5396 [ 97CAC2A7E92FFCB30C15101AB002ED30 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

20:59:11.0339 5396 IntcAzAudAddService - ok

20:59:11.0522 5396 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys

20:59:11.0604 5396 intelide - ok

20:59:11.0931 5396 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

20:59:12.0109 5396 intelppm - ok

20:59:12.0682 5396 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

20:59:12.0815 5396 IPBusEnum - ok

20:59:13.0073 5396 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:59:13.0228 5396 IpFilterDriver - ok

20:59:13.0370 5396 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

20:59:13.0511 5396 iphlpsvc - ok

20:59:13.0522 5396 IpInIp - ok

20:59:13.0586 5396 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

20:59:13.0822 5396 IPMIDRV - ok

20:59:13.0923 5396 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

20:59:14.0058 5396 IPNAT - ok

20:59:14.0698 5396 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

20:59:15.0325 5396 iPod Service - ok

20:59:15.0427 5396 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

20:59:15.0540 5396 IRENUM - ok

20:59:15.0636 5396 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys

20:59:15.0666 5396 isapnp - ok

20:59:15.0916 5396 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

20:59:16.0304 5396 iScsiPrt - ok

20:59:16.0366 5396 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

20:59:16.0425 5396 iteatapi - ok

20:59:16.0622 5396 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

20:59:16.0667 5396 iteraid - ok

20:59:16.0829 5396 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

20:59:16.0924 5396 kbdclass - ok

20:59:17.0100 5396 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

20:59:17.0309 5396 kbdhid - ok

20:59:17.0425 5396 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe

20:59:17.0601 5396 KeyIso - ok

20:59:17.0984 5396 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

20:59:18.0777 5396 KSecDD - ok

20:59:19.0268 5396 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

20:59:19.0857 5396 KtmRm - ok

20:59:20.0039 5396 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll

20:59:20.0476 5396 LanmanServer - ok

20:59:20.0757 5396 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:59:21.0142 5396 LanmanWorkstation - ok

20:59:21.0392 5396 [ 8CCF9ED46D52AF1375875F74A91FFACF ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys

20:59:21.0438 5396 lirsgt - ok

20:59:21.0583 5396 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

20:59:21.0784 5396 lltdio - ok

20:59:22.0037 5396 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

20:59:22.0340 5396 lltdsvc - ok

20:59:22.0428 5396 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

20:59:22.0522 5396 lmhosts - ok

20:59:22.0584 5396 LMIInfo - ok

20:59:22.0725 5396 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys

20:59:22.0799 5396 lmimirr - ok

20:59:22.0892 5396 LMIRfsClientNP - ok

20:59:23.0221 5396 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys

20:59:23.0277 5396 LMIRfsDriver - ok

20:59:23.0497 5396 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

20:59:23.0597 5396 LSI_FC - ok

20:59:23.0681 5396 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

20:59:23.0774 5396 LSI_SAS - ok

20:59:23.0907 5396 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

20:59:24.0203 5396 LSI_SCSI - ok

20:59:24.0320 5396 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

20:59:24.0499 5396 luafv - ok

20:59:24.0768 5396 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys

20:59:24.0819 5396 LVPr2Mon - ok

20:59:25.0241 5396 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

20:59:25.0391 5396 LVPrcSrv - ok

20:59:27.0646 5396 [ 2349335A8033FD9834D1C401EAE1C9BF ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe

20:59:30.0049 5396 lxeaCATSCustConnectService - ok

20:59:30.0059 5396 lxea_device - ok

20:59:30.0170 5396 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

20:59:30.0542 5396 Mcx2Svc - ok

20:59:30.0744 5396 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys

20:59:30.0838 5396 megasas - ok

20:59:32.0517 5396 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

20:59:32.0655 5396 Microsoft Office Groove Audit Service - ok

20:59:32.0751 5396 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

20:59:33.0030 5396 MMCSS - ok

20:59:33.0113 5396 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

20:59:33.0291 5396 Modem - ok

20:59:33.0558 5396 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

20:59:33.0771 5396 monitor - ok

20:59:33.0842 5396 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

20:59:33.0903 5396 mouclass - ok

20:59:33.0966 5396 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

20:59:34.0211 5396 mouhid - ok

20:59:34.0348 5396 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

20:59:34.0406 5396 MountMgr - ok

20:59:34.0598 5396 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

20:59:34.0704 5396 MozillaMaintenance - ok

20:59:34.0838 5396 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys

20:59:34.0935 5396 mpio - ok

20:59:35.0040 5396 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

20:59:35.0144 5396 mpsdrv - ok

20:59:35.0407 5396 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll

20:59:35.0741 5396 MpsSvc - ok

20:59:35.0881 5396 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

20:59:35.0937 5396 Mraid35x - ok

20:59:36.0049 5396 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

20:59:36.0259 5396 MRxDAV - ok

20:59:36.0424 5396 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

20:59:36.0636 5396 mrxsmb - ok

20:59:36.0803 5396 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:59:37.0172 5396 mrxsmb10 - ok

20:59:37.0305 5396 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:59:37.0520 5396 mrxsmb20 - ok

20:59:37.0664 5396 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys

20:59:37.0715 5396 msahci - ok

20:59:37.0797 5396 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys

20:59:37.0924 5396 msdsm - ok

20:59:38.0108 5396 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

20:59:38.0364 5396 MSDTC - ok

20:59:38.0439 5396 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

20:59:38.0555 5396 Msfs - ok

20:59:38.0656 5396 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

20:59:38.0687 5396 msisadrv - ok

20:59:38.0784 5396 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

20:59:38.0907 5396 MSiSCSI - ok

20:59:38.0919 5396 msiserver - ok

20:59:39.0025 5396 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

20:59:39.0138 5396 MSKSSRV - ok

20:59:39.0459 5396 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

20:59:39.0618 5396 MSPCLOCK - ok

20:59:39.0846 5396 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

20:59:40.0053 5396 MSPQM - ok

20:59:40.0591 5396 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

20:59:40.0795 5396 MsRPC - ok

20:59:41.0366 5396 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

20:59:41.0412 5396 mssmbios - ok

20:59:41.0828 5396 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

20:59:41.0966 5396 MSTEE - ok

20:59:42.0109 5396 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys

20:59:42.0188 5396 Mup - ok

20:59:42.0368 5396 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll

20:59:42.0958 5396 napagent - ok

20:59:43.0193 5396 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

20:59:43.0409 5396 NativeWifiP - ok

20:59:43.0969 5396 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys

20:59:44.0594 5396 NDIS - ok

20:59:44.0719 5396 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

20:59:44.0830 5396 NdisTapi - ok

20:59:44.0998 5396 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

20:59:45.0123 5396 Ndisuio - ok

20:59:45.0207 5396 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

20:59:45.0413 5396 NdisWan - ok

20:59:45.0537 5396 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

20:59:45.0796 5396 NDProxy - ok

20:59:45.0917 5396 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

20:59:46.0107 5396 NetBIOS - ok

20:59:46.0327 5396 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

20:59:46.0495 5396 netbt - ok

20:59:46.0613 5396 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe

20:59:46.0657 5396 Netlogon - ok

20:59:46.0783 5396 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

20:59:47.0468 5396 Netman - ok

20:59:47.0694 5396 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

20:59:48.0254 5396 netprofm - ok

20:59:48.0413 5396 [ 6CEE3BF2AB2839E6DCEE7C71D1C83E7B ] netr73 C:\Windows\system32\DRIVERS\netr73.sys

20:59:48.0827 5396 netr73 - ok

20:59:48.0905 5396 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:59:49.0026 5396 NetTcpPortSharing - ok

20:59:49.0611 5396 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys

20:59:51.0859 5396 NETw3v32 - ok

20:59:51.0895 5396 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

20:59:51.0944 5396 nfrd960 - ok

20:59:52.0149 5396 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

20:59:52.0378 5396 NlaSvc - ok

20:59:52.0518 5396 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

20:59:52.0640 5396 Npfs - ok

20:59:52.0710 5396 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

20:59:52.0860 5396 nsi - ok

20:59:52.0951 5396 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

20:59:53.0050 5396 nsiproxy - ok

20:59:53.0566 5396 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

20:59:56.0420 5396 Ntfs - ok

20:59:56.0526 5396 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

20:59:56.0685 5396 ntrigdigi - ok

20:59:56.0778 5396 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

20:59:56.0875 5396 Null - ok

20:59:56.0952 5396 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys

20:59:57.0027 5396 nvraid - ok

20:59:57.0156 5396 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys

20:59:57.0270 5396 nvstor - ok

20:59:57.0351 5396 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

20:59:57.0460 5396 nv_agp - ok

20:59:57.0473 5396 NwlnkFlt - ok

20:59:57.0492 5396 NwlnkFwd - ok

20:59:58.0263 5396 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

20:59:58.0599 5396 odserv - ok

20:59:58.0870 5396 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

20:59:58.0985 5396 ohci1394 - ok

20:59:59.0489 5396 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:59:59.0571 5396 ose - ok

20:59:59.0965 5396 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

21:00:00.0591 5396 p2pimsvc - ok

21:00:00.0821 5396 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll

21:00:01.0247 5396 p2psvc - ok

21:00:01.0373 5396 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys

21:00:02.0257 5396 Parport - ok

21:00:02.0449 5396 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

21:00:02.0650 5396 partmgr - ok

21:00:02.0775 5396 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

21:00:02.0901 5396 Parvdm - ok

21:00:02.0978 5396 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

21:00:03.0260 5396 PcaSvc - ok

21:00:03.0417 5396 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys

21:00:03.0539 5396 pci - ok

21:00:03.0610 5396 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys

21:00:03.0717 5396 pciide - ok

21:00:03.0910 5396 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

21:00:04.0016 5396 pcmcia - ok

21:00:04.0578 5396 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

21:00:05.0960 5396 PEAUTH - ok

21:00:07.0402 5396 [ DD184D9ADFE2A8A21741DBDFE9E22F5C ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V32.SYS

21:00:11.0228 5396 PID_PEPI - ok

21:00:11.0877 5396 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

21:00:14.0460 5396 pla - ok

21:00:14.0591 5396 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

21:00:14.0789 5396 PlugPlay - ok

21:00:14.0926 5396 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

21:00:15.0144 5396 PNRPAutoReg - ok

21:00:15.0590 5396 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

21:00:15.0754 5396 PNRPsvc - ok

21:00:16.0093 5396 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

21:00:16.0593 5396 PolicyAgent - ok

21:00:16.0862 5396 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

21:00:17.0027 5396 PptpMiniport - ok

21:00:18.0105 5396 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys

21:00:18.0221 5396 Processor - ok

21:00:18.0335 5396 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll

21:00:18.0507 5396 ProfSvc - ok

21:00:18.0570 5396 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

21:00:18.0691 5396 ProtectedStorage - ok

21:00:18.0860 5396 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys

21:00:19.0005 5396 PSched - ok

21:00:19.0427 5396 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys

21:00:20.0695 5396 ql2300 - ok

21:00:20.0813 5396 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

21:00:21.0059 5396 ql40xx - ok

21:00:21.0718 5396 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

21:00:21.0991 5396 QWAVE - ok

21:00:22.0158 5396 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

21:00:23.0000 5396 QWAVEdrv - ok

21:00:23.0594 5396 [ E2AA111B00F5205FFD52A57F48B4F642 ] RapportBuka C:\Windows\system32\drivers\RapportBuka.sys

21:00:24.0045 5396 RapportBuka ( UnsignedFile.Multi.Generic ) - warning

21:00:24.0046 5396 RapportBuka - detected UnsignedFile.Multi.Generic (1)

21:00:25.0453 5396 [ 3AF684252780CF87DC2809F85B8F7591 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys

21:00:25.0944 5396 RapportCerberus_43926 - ok

21:00:26.0698 5396 [ 032C53D286711390505A2DA074B36401 ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys

21:00:26.0813 5396 RapportEI - ok

21:00:27.0172 5396 [ 35199EC35EDC7DCBA71FDA711DFB05C0 ] RapportIaso c:\programdata\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys

21:00:27.0238 5396 RapportIaso - ok

21:00:27.0513 5396 [ 91FBC51EAC56DF03A8FE409C5CAF260D ] RapportKELL C:\Windows\system32\Drivers\RapportKELL.sys

21:00:27.0569 5396 RapportKELL - ok

21:00:28.0312 5396 [ 65AA99CB303BA21F9ACC8C1374A14798 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

21:00:29.0831 5396 RapportMgmtService - ok

21:00:30.0017 5396 [ 57195D4E4E6F2F9E38BA586C37ACD83A ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

21:00:30.0758 5396 RapportPG - ok

21:00:30.0928 5396 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

21:00:31.0206 5396 RasAcd - ok

21:00:31.0331 5396 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

21:00:31.0549 5396 RasAuto - ok

21:00:31.0770 5396 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

21:00:31.0903 5396 Rasl2tp - ok

21:00:32.0109 5396 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll

21:00:32.0356 5396 RasMan - ok

21:00:32.0446 5396 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

21:00:32.0579 5396 RasPppoe - ok

21:00:32.0673 5396 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

21:00:32.0937 5396 RasSstp - ok

21:00:33.0104 5396 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

21:00:33.0273 5396 rdbss - ok

21:00:33.0439 5396 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

21:00:33.0705 5396 RDPCDD - ok

21:00:33.0933 5396 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

21:00:34.0396 5396 rdpdr - ok

21:00:34.0454 5396 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

21:00:34.0602 5396 RDPENCDD - ok

21:00:34.0709 5396 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

21:00:34.0930 5396 RDPWD - ok

21:00:35.0560 5396 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

21:00:35.0745 5396 RemoteAccess - ok

21:00:35.0853 5396 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll

21:00:35.0979 5396 RemoteRegistry - ok

21:00:36.0109 5396 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys

21:00:36.0239 5396 RimUsb - ok

21:00:36.0309 5396 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

21:00:36.0635 5396 RpcLocator - ok

21:00:37.0171 5396 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll

21:00:37.0737 5396 RpcSs - ok

21:00:39.0020 5396 [ 7BC65E310562A17AA8AC2597418CAA3B ] RSDBServerService D:\RoboSoft4\RSDBServer.exe

21:00:45.0744 5396 RSDBServerService ( UnsignedFile.Multi.Generic ) - warning

21:00:45.0744 5396 RSDBServerService - detected UnsignedFile.Multi.Generic (1)

21:00:46.0073 5396 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

21:00:46.0184 5396 rspndr - ok

21:00:46.0399 5396 [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys

21:00:46.0491 5396 RTL8169 - ok

21:00:46.0599 5396 [ 661AF6A63DFF9F23B1DC3FB7B3E7A917 ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys

21:00:47.0203 5396 RTL8187B - ok

21:00:47.0433 5396 [ 4F31CFDEBD0A5BC27D45E7EBFEFAAF6F ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS

21:00:47.0526 5396 RTSTOR - ok

21:00:47.0571 5396 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe

21:00:47.0635 5396 SamSs - ok

21:00:48.0022 5396 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

21:00:48.0080 5396 SASDIFSV - ok

21:00:48.0233 5396 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

21:00:48.0295 5396 SASKUTIL - ok

21:00:48.0398 5396 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

21:00:48.0437 5396 sbp2port - ok

21:00:49.0119 5396 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService D:\Spybot - Search & Destroy\SDWinSec.exe

21:00:54.0293 5396 SBSDWSCService - ok

21:00:54.0464 5396 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

21:00:54.0638 5396 SCardSvr - ok

21:00:54.0999 5396 [ 612A3D69E603DBBE5C3C1079186A0393 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys

21:00:55.0119 5396 SCDEmu ( UnsignedFile.Multi.Generic ) - warning

21:00:55.0119 5396 SCDEmu - detected UnsignedFile.Multi.Generic (1)

21:00:55.0547 5396 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll

21:00:56.0512 5396 Schedule - ok

21:00:56.0592 5396 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

21:00:56.0676 5396 SCPolicySvc - ok

21:00:56.0773 5396 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

21:00:57.0006 5396 SDRSVC - ok

21:00:57.0065 5396 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

21:00:57.0253 5396 secdrv - ok

21:00:57.0425 5396 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

21:00:57.0785 5396 seclogon - ok

21:00:57.0816 5396 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll

21:00:57.0992 5396 SENS - ok

21:00:58.0015 5396 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys

21:00:58.0193 5396 Serenum - ok

21:00:58.0287 5396 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys

21:00:58.0454 5396 Serial - ok

21:00:58.0539 5396 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

21:00:58.0642 5396 sermouse - ok

21:00:58.0754 5396 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll

21:00:58.0823 5396 SessionEnv - ok

21:00:58.0891 5396 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

21:00:59.0115 5396 sffdisk - ok

21:00:59.0195 5396 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

21:01:00.0079 5396 sffp_mmc - ok

21:01:00.0267 5396 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

21:01:00.0439 5396 sffp_sd - ok

21:01:00.0480 5396 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

21:01:00.0658 5396 sfloppy - ok

21:01:00.0884 5396 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll

21:01:01.0029 5396 SharedAccess - ok

21:01:01.0448 5396 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

21:01:01.0705 5396 ShellHWDetection - ok

21:01:02.0062 5396 [ 456B6F04B620D473347A90B2772D3DA0 ] SiS6350 C:\Windows\system32\DRIVERS\SISGRKMD.sys

21:01:02.0285 5396 SiS6350 - ok

21:01:02.0406 5396 [ DF1AF7F5F1EC7800B3AC398ACC06C754 ] SISAGP C:\Windows\system32\DRIVERS\SISAGPX.sys

21:01:02.0682 5396 SISAGP - ok

21:01:02.0750 5396 [ F3C4C6C4DAF2212AC905475ED0F0FB1B ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSGB6.sys

21:01:02.0804 5396 SiSGbeLH - ok

21:01:02.0939 5396 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

21:01:03.0001 5396 SiSRaid2 - ok

21:01:03.0079 5396 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

21:01:03.0228 5396 SiSRaid4 - ok

21:01:04.0388 5396 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

21:01:09.0845 5396 Skype C2C Service - ok

21:01:10.0280 5396 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

21:01:10.0426 5396 SkypeUpdate - ok

21:01:11.0372 5396 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe

21:01:14.0774 5396 slsvc - ok

21:01:14.0849 5396 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll

21:01:14.0939 5396 SLUINotify - ok

21:01:15.0049 5396 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys

21:01:15.0307 5396 Smb - ok

21:01:15.0912 5396 [ D9BFD2298F5CF116D8EAAE3B02DCEE2E ] smserial C:\Windows\system32\DRIVERS\smserial.sys

21:01:16.0359 5396 smserial - ok

21:01:16.0461 5396 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

21:01:16.0504 5396 SNMPTRAP - ok

21:01:16.0581 5396 [ 3FA2E254BFBCE52B3C6F1BF23AAB6911 ] speedfan C:\Windows\system32\speedfan.sys

21:01:16.0624 5396 speedfan - ok

21:01:16.0685 5396 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys

21:01:16.0717 5396 spldr - ok

21:01:16.0799 5396 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe

21:01:16.0976 5396 Spooler - ok

21:01:17.0101 5396 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys

21:01:17.0228 5396 srv - ok

21:01:17.0285 5396 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

21:01:17.0411 5396 srv2 - ok

21:01:17.0486 5396 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

21:01:17.0563 5396 srvnet - ok

21:01:17.0685 5396 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

21:01:17.0992 5396 SSDPSRV - ok

21:01:18.0262 5396 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

21:01:18.0312 5396 SstpSvc - ok

21:01:18.0572 5396 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll

21:01:18.0913 5396 stisvc - ok

21:01:18.0946 5396 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

21:01:19.0014 5396 swenum - ok

21:01:19.0127 5396 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll

21:01:19.0218 5396 swprv - ok

21:01:19.0259 5396 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

21:01:19.0313 5396 Symc8xx - ok

21:01:19.0442 5396 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

21:01:19.0501 5396 Sym_hi - ok

21:01:19.0571 5396 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

21:01:19.0645 5396 Sym_u3 - ok

21:01:19.0977 5396 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll

21:01:20.0161 5396 SysMain - ok

21:01:20.0219 5396 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

21:01:20.0361 5396 TabletInputService - ok

21:01:20.0435 5396 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll

21:01:20.0528 5396 TapiSrv - ok

21:01:20.0594 5396 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll

21:01:20.0688 5396 TBS - ok

21:01:20.0978 5396 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

21:01:21.0861 5396 Tcpip - ok

21:01:22.0390 5396 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

21:01:22.0701 5396 Tcpip6 - ok

21:01:22.0753 5396 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

21:01:23.0236 5396 tcpipreg - ok

21:01:23.0268 5396 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

21:01:23.0367 5396 TDPIPE - ok

21:01:23.0420 5396 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

21:01:23.0495 5396 TDTCP - ok

21:01:23.0546 5396 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

21:01:23.0631 5396 tdx - ok

21:01:23.0654 5396 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

21:01:23.0682 5396 TermDD - ok

21:01:23.0860 5396 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll

21:01:24.0246 5396 TermService - ok

21:01:24.0329 5396 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll

21:01:24.0421 5396 Themes - ok

21:01:24.0574 5396 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll

21:01:24.0632 5396 THREADORDER - ok

21:01:24.0670 5396 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll

21:01:24.0860 5396 TrkWks - ok

21:01:24.0931 5396 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

21:01:24.0983 5396 TrustedInstaller - ok

21:01:25.0103 5396 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

21:01:25.0229 5396 tssecsrv - ok

21:01:25.0301 5396 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

21:01:25.0440 5396 tunmp - ok

21:01:25.0497 5396 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

21:01:25.0594 5396 tunnel - ok

21:01:25.0652 5396 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

21:01:25.0690 5396 uagp35 - ok

21:01:25.0761 5396 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

21:01:25.0817 5396 udfs - ok

21:01:26.0066 5396 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

21:01:26.0188 5396 UI0Detect - ok

21:01:26.0364 5396 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

21:01:26.0421 5396 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning

21:01:26.0422 5396 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)

21:01:26.0469 5396 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

21:01:26.0515 5396 uliagpkx - ok

21:01:26.0577 5396 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys

21:01:26.0631 5396 uliahci - ok

21:01:26.0676 5396 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys

21:01:26.0752 5396 UlSata - ok

21:01:26.0797 5396 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

21:01:26.0851 5396 ulsata2 - ok

21:01:26.0894 5396 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

21:01:26.0998 5396 umbus - ok

21:01:27.0145 5396 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll

21:01:27.0357 5396 upnphost - ok

21:01:27.0609 5396 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys

21:01:27.0749 5396 USBAAPL - ok

21:01:27.0848 5396 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

21:01:27.0936 5396 usbaudio - ok

21:01:28.0079 5396 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

21:01:28.0322 5396 usbccgp - ok

21:01:28.0491 5396 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

21:01:28.0666 5396 usbcir - ok

21:01:28.0709 5396 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

21:01:28.0791 5396 usbehci - ok

21:01:28.0887 5396 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

21:01:29.0005 5396 usbhub - ok

21:01:29.0028 5396 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

21:01:29.0134 5396 usbohci - ok

21:01:29.0225 5396 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

21:01:29.0375 5396 usbprint - ok

21:01:29.0459 5396 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

21:01:29.0544 5396 usbscan - ok

21:01:29.0615 5396 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:01:29.0703 5396 USBSTOR - ok

21:01:29.0768 5396 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

21:01:29.0922 5396 usbuhci - ok

21:01:29.0983 5396 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll

21:01:30.0088 5396 UxSms - ok

21:01:30.0355 5396 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe

21:01:30.0549 5396 vds - ok

21:01:30.0636 5396 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

21:01:30.0749 5396 vga - ok

21:01:30.0819 5396 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys

21:01:30.0869 5396 VgaSave - ok

21:01:30.0898 5396 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys

21:01:30.0941 5396 viaagp - ok

21:01:30.0970 5396 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys

21:01:31.0056 5396 ViaC7 - ok

21:01:31.0089 5396 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys

21:01:31.0124 5396 viaide - ok

21:01:31.0182 5396 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

21:01:31.0257 5396 volmgr - ok

21:01:31.0465 5396 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

21:01:31.0531 5396 volmgrx - ok

21:01:31.0589 5396 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys

21:01:31.0640 5396 volsnap - ok

21:01:31.0687 5396 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

21:01:31.0750 5396 vsmraid - ok

21:01:32.0074 5396 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe

21:01:33.0203 5396 VSS - ok

21:01:33.0413 5396 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll

21:01:33.0602 5396 W32Time - ok

21:01:33.0661 5396 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

21:01:33.0744 5396 WacomPen - ok

21:01:33.0844 5396 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

21:01:34.0045 5396 Wanarp - ok

21:01:34.0114 5396 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

21:01:34.0166 5396 Wanarpv6 - ok

21:01:34.0315 5396 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll

21:01:34.0598 5396 wcncsvc - ok

21:01:34.0648 5396 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

21:01:34.0745 5396 WcsPlugInService - ok

21:01:34.0791 5396 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys

21:01:34.0841 5396 Wd - ok

21:01:34.0955 5396 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

21:01:35.0033 5396 Wdf01000 - ok

21:01:35.0085 5396 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll

21:01:35.0165 5396 WdiServiceHost - ok

21:01:35.0181 5396 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll

21:01:35.0231 5396 WdiSystemHost - ok

21:01:35.0442 5396 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll

21:01:35.0763 5396 WebClient - ok

21:01:35.0820 5396 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll

21:01:35.0986 5396 Wecsvc - ok

21:01:36.0046 5396 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

21:01:36.0133 5396 wercplsupport - ok

21:01:36.0207 5396 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll

21:01:36.0302 5396 WerSvc - ok

21:01:36.0579 5396 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

21:01:36.0724 5396 WinDefend - ok

21:01:36.0751 5396 WinHttpAutoProxySvc - ok

21:01:36.0936 5396 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

21:01:37.0019 5396 Winmgmt - ok

21:01:37.0261 5396 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

21:01:37.0828 5396 WinRM - ok

21:01:37.0915 5396 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll

21:01:38.0130 5396 Wlansvc - ok

21:01:38.0177 5396 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

21:01:38.0362 5396 WmiAcpi - ok

21:01:38.0529 5396 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

21:01:38.0760 5396 wmiApSrv - ok

21:01:39.0057 5396 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

21:01:39.0852 5396 WMPNetworkSvc - ok

21:01:39.0961 5396 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll

21:01:40.0054 5396 WPCSvc - ok

21:01:40.0254 5396 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

21:01:40.0564 5396 WPDBusEnum - ok

21:01:40.0773 5396 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

21:01:40.0932 5396 WpdUsb - ok

21:01:41.0394 5396 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

21:01:41.0594 5396 WPFFontCache_v0400 - ok

21:01:41.0708 5396 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

21:01:41.0885 5396 ws2ifsl - ok

21:01:41.0998 5396 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll

21:01:42.0072 5396 wscsvc - ok

21:01:42.0082 5396 WSearch - ok

21:01:42.0353 5396 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll

21:01:43.0324 5396 wuauserv - ok

21:01:43.0403 5396 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

21:01:43.0494 5396 WUDFRd - ok

21:01:43.0562 5396 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll

21:01:43.0685 5396 wudfsvc - ok

21:01:43.0924 5396 ================ Scan global ===============================

21:01:44.0067 5396 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll

21:01:44.0143 5396 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

21:01:44.0429 5396 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

21:01:44.0608 5396 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe

21:01:44.0778 5396 [Global] - ok

21:01:44.0781 5396 ================ Scan MBR ==================================

21:01:44.0804 5396 [ 9C603BC3977968C891DE319283E1E7AF ] \Device\Harddisk0\DR0

21:01:44.0804 5396 Suspicious mbr (Forged): \Device\Harddisk0\DR0

21:01:45.0043 5396 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected

21:01:45.0043 5396 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)

21:01:45.0262 5396 ================ Scan VBR ==================================

21:01:45.0286 5396 [ 9AEA3E35DDA44BFC7210A83DD4946489 ] \Device\Harddisk0\DR0\Partition1

21:01:45.0314 5396 \Device\Harddisk0\DR0\Partition1 - ok

21:01:45.0351 5396 [ 048AF7943D7A84EA76A102433AA4CEFF ] \Device\Harddisk0\DR0\Partition2

21:01:45.0371 5396 \Device\Harddisk0\DR0\Partition2 - ok

21:01:45.0418 5396 [ 44742DA5A7721381D970DCCA7F527031 ] \Device\Harddisk0\DR0\Partition3

21:01:45.0421 5396 \Device\Harddisk0\DR0\Partition3 - ok

21:01:45.0450 5396 [ 92B37BF1F0516ED43D19C21353420675 ] \Device\Harddisk0\DR0\Partition4

21:01:45.0494 5396 \Device\Harddisk0\DR0\Partition4 - ok

21:01:45.0495 5396 ================ Scan active images ========================

21:01:45.0500 5396 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys

21:01:45.0501 5396 C:\Windows\System32\drivers\crashdmp.sys - ok

21:01:45.0518 5396 [ C67EBF9C05531C406E1E079FF669A2E6 ] C:\Windows\System32\drivers\Dumpata.sys

21:01:45.0518 5396 C:\Windows\System32\drivers\Dumpata.sys - ok

21:01:45.0531 5396 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] C:\Windows\System32\drivers\atapi.sys

21:01:45.0532 5396 C:\Windows\System32\drivers\atapi.sys - ok

21:01:45.0551 5396 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys

21:01:45.0551 5396 C:\Windows\System32\drivers\tunnel.sys - ok

21:01:45.0559 5396 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS

21:01:45.0560 5396 C:\Windows\System32\drivers\TUNMP.SYS - ok

21:01:45.0572 5396 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys

21:01:45.0572 5396 C:\Windows\System32\drivers\intelppm.sys - ok

21:01:45.0589 5396 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] C:\Windows\System32\drivers\CmBatt.sys

21:01:45.0590 5396 C:\Windows\System32\drivers\CmBatt.sys - ok

21:01:45.0602 5396 [ 456B6F04B620D473347A90B2772D3DA0 ] C:\Windows\System32\drivers\SISGRKMD.sys

21:01:45.0602 5396 C:\Windows\System32\drivers\SISGRKMD.sys - ok

21:01:45.0617 5396 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys

21:01:45.0618 5396 C:\Windows\System32\drivers\watchdog.sys - ok

21:01:45.0624 5396 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys

21:01:45.0624 5396 C:\Windows\System32\drivers\dxgkrnl.sys - ok

21:01:45.0635 5396 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\Windows\System32\drivers\i8042prt.sys

21:01:45.0635 5396 C:\Windows\System32\drivers\i8042prt.sys - ok

21:01:45.0655 5396 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys

21:01:45.0655 5396 C:\Windows\System32\drivers\kbdclass.sys - ok

21:01:45.0662 5396 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys

21:01:45.0662 5396 C:\Windows\System32\drivers\cdrom.sys - ok

21:01:45.0671 5396 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys

21:01:45.0671 5396 C:\Windows\System32\drivers\mouclass.sys - ok

21:01:45.0680 5396 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\Windows\System32\drivers\GEARAspiWDM.sys

21:01:45.0680 5396 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok

21:01:45.0692 5396 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys

21:01:45.0692 5396 C:\Windows\System32\drivers\usbport.sys - ok

21:01:45.0703 5396 [ CE697FEE0D479290D89BEC80DFE793B7 ] C:\Windows\System32\drivers\usbohci.sys

21:01:45.0703 5396 C:\Windows\System32\drivers\usbohci.sys - ok

21:01:45.0718 5396 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys

21:01:45.0718 5396 C:\Windows\System32\drivers\usbehci.sys - ok

21:01:45.0729 5396 [ F3C4C6C4DAF2212AC905475ED0F0FB1B ] C:\Windows\System32\drivers\SiSGB6.sys

21:01:45.0729 5396 C:\Windows\System32\drivers\SiSGB6.sys - ok

21:01:45.0742 5396 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys

21:01:45.0742 5396 C:\Windows\System32\drivers\hdaudbus.sys - ok

21:01:45.0769 5396 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys

21:01:45.0769 5396 C:\Windows\System32\drivers\videoprt.sys - ok

21:01:45.0787 5396 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] C:\Windows\System32\drivers\lmimirr.sys

21:01:45.0787 5396 C:\Windows\System32\drivers\lmimirr.sys - ok

21:01:45.0823 5396 [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\Windows\System32\drivers\Storport.sys

21:01:45.0823 5396 C:\Windows\System32\drivers\Storport.sys - ok

21:01:45.0867 5396 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys

21:01:45.0867 5396 C:\Windows\System32\drivers\tdi.sys - ok

21:01:45.0894 5396 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys

21:01:45.0895 5396 C:\Windows\System32\drivers\msiscsi.sys - ok

21:01:45.0904 5396 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys

21:01:45.0905 5396 C:\Windows\System32\drivers\rasl2tp.sys - ok

21:01:45.0924 5396 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys

21:01:45.0924 5396 C:\Windows\System32\drivers\ndistapi.sys - ok

21:01:45.0926 5396 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys

21:01:45.0926 5396 C:\Windows\System32\drivers\ndiswan.sys - ok

21:01:45.0938 5396 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys

21:01:45.0939 5396 C:\Windows\System32\drivers\raspppoe.sys - ok

21:01:45.0956 5396 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys

21:01:45.0956 5396 C:\Windows\System32\drivers\raspptp.sys - ok

21:01:45.0967 5396 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys

21:01:45.0967 5396 C:\Windows\System32\drivers\rassstp.sys - ok

21:01:45.0977 5396 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys

21:01:45.0977 5396 C:\Windows\System32\drivers\termdd.sys - ok

21:01:45.0995 5396 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys

21:01:45.0995 5396 C:\Windows\System32\drivers\ks.sys - ok

21:01:46.0004 5396 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys

21:01:46.0004 5396 C:\Windows\System32\drivers\swenum.sys - ok

21:01:46.0010 5396 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys

21:01:46.0010 5396 C:\Windows\System32\drivers\mssmbios.sys - ok

21:01:46.0021 5396 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys

21:01:46.0021 5396 C:\Windows\System32\drivers\umbus.sys - ok

21:01:46.0033 5396 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys

21:01:46.0033 5396 C:\Windows\System32\drivers\usbhub.sys - ok

21:01:46.0043 5396 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys

21:01:46.0043 5396 C:\Windows\System32\drivers\ndproxy.sys - ok

21:01:46.0060 5396 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys

21:01:46.0060 5396 C:\Windows\System32\drivers\drmk.sys - ok

21:01:46.0070 5396 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys

21:01:46.0070 5396 C:\Windows\System32\drivers\portcls.sys - ok

21:01:46.0080 5396 [ 97CAC2A7E92FFCB30C15101AB002ED30 ] C:\Windows\System32\drivers\RTKVHDA.sys

21:01:46.0081 5396 C:\Windows\System32\drivers\RTKVHDA.sys - ok

21:01:46.0093 5396 [ D9BFD2298F5CF116D8EAAE3B02DCEE2E ] C:\Windows\System32\drivers\smserial.sys

21:01:46.0093 5396 C:\Windows\System32\drivers\smserial.sys - ok

21:01:46.0103 5396 [ E13B5EA0F51BA5B1512EC671393D09BA ] C:\Windows\System32\drivers\modem.sys

21:01:46.0104 5396 C:\Windows\System32\drivers\modem.sys - ok

21:01:46.0122 5396 [ CCDD61545AAEA265977E4B1EFDC74E8C ] C:\Windows\System32\drivers\avgmfx86.sys

21:01:46.0122 5396 C:\Windows\System32\drivers\avgmfx86.sys - ok

21:01:46.0134 5396 [ 3AF684252780CF87DC2809F85B8F7591 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys

21:01:46.0134 5396 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys - ok

21:01:46.0146 5396 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys

21:01:46.0146 5396 C:\Windows\System32\drivers\fs_rec.sys - ok

21:01:46.0158 5396 [ 661AF6A63DFF9F23B1DC3FB7B3E7A917 ] C:\Windows\System32\drivers\RTL8187B.sys

21:01:46.0158 5396 C:\Windows\System32\drivers\RTL8187B.sys - ok

21:01:46.0167 5396 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys

21:01:46.0167 5396 C:\Windows\System32\drivers\beep.sys - ok

21:01:46.0178 5396 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys

21:01:46.0178 5396 C:\Windows\System32\drivers\null.sys - ok

21:01:46.0179 5396 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys

21:01:46.0179 5396 C:\Windows\System32\drivers\vga.sys - ok

21:01:46.0203 5396 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys

21:01:46.0203 5396 C:\Windows\System32\drivers\RDPCDD.sys - ok

21:01:46.0222 5396 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys

21:01:46.0222 5396 C:\Windows\System32\drivers\RDPENCDD.sys - ok

21:01:46.0234 5396 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys

21:01:46.0235 5396 C:\Windows\System32\drivers\msfs.sys - ok

21:01:46.0249 5396 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys

21:01:46.0249 5396 C:\Windows\System32\drivers\npfs.sys - ok

21:01:46.0265 5396 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys

21:01:46.0265 5396 C:\Windows\System32\drivers\rasacd.sys - ok

21:01:46.0273 5396 [ 4F31CFDEBD0A5BC27D45E7EBFEFAAF6F ] C:\Windows\System32\drivers\RTSTOR.sys

21:01:46.0274 5396 C:\Windows\System32\drivers\RTSTOR.sys - ok

21:01:46.0289 5396 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys

21:01:46.0289 5396 C:\Windows\System32\drivers\usbd.sys - ok

21:01:46.0299 5396 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys

21:01:46.0300 5396 C:\Windows\System32\drivers\tdx.sys - ok

21:01:46.0309 5396 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] C:\Windows\System32\drivers\avgtdix.sys

21:01:46.0309 5396 C:\Windows\System32\drivers\avgtdix.sys - ok

21:01:46.0326 5396 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\Windows\System32\drivers\netbt.sys

21:01:46.0326 5396 C:\Windows\System32\drivers\netbt.sys - ok

21:01:46.0335 5396 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys

21:01:46.0335 5396 C:\Windows\System32\drivers\smb.sys - ok

21:01:46.0347 5396 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys

21:01:46.0347 5396 C:\Windows\System32\drivers\afd.sys - ok

21:01:46.0364 5396 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys

21:01:46.0364 5396 C:\Windows\System32\drivers\pacer.sys - ok

21:01:46.0377 5396 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys

21:01:46.0377 5396 C:\Windows\System32\drivers\netbios.sys - ok

21:01:46.0402 5396 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys

21:01:46.0403 5396 C:\Windows\System32\drivers\wanarp.sys - ok

21:01:46.0410 5396 [ 612A3D69E603DBBE5C3C1079186A0393 ] C:\Windows\System32\drivers\scdemu.sys

21:01:46.0410 5396 C:\Windows\System32\drivers\scdemu.sys - ok

21:01:46.0428 5396 [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

21:01:46.0428 5396 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok

21:01:46.0441 5396 [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys

21:01:46.0441 5396 C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok

21:01:46.0452 5396 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys

21:01:46.0453 5396 C:\Windows\System32\drivers\rdbss.sys - ok

21:01:46.0464 5396 [ 032C53D286711390505A2DA074B36401 ] C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys

21:01:46.0465 5396 C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys - ok

21:01:46.0475 5396 [ E2AA111B00F5205FFD52A57F48B4F642 ] C:\Windows\System32\drivers\RapportBuka.sys

21:01:46.0476 5396 C:\Windows\System32\drivers\RapportBuka.sys - ok

21:01:46.0492 5396 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys

21:01:46.0493 5396 C:\Windows\System32\drivers\nsiproxy.sys - ok

21:01:46.0502 5396 [ 1DF3D1BE3403D663827496E62D24CA4C ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

21:01:46.0502 5396 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok

21:01:46.0514 5396 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys

21:01:46.0514 5396 C:\Windows\System32\drivers\dfsc.sys - ok

21:01:46.0530 5396 [ DCB09125C8B4766A88C86914B65487C1 ] C:\Windows\System32\drivers\avgldx86.sys

21:01:46.0530 5396 C:\Windows\System32\drivers\avgldx86.sys - ok

21:01:46.0539 5396 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll

21:01:46.0539 5396 C:\Windows\System32\ntdll.dll - ok

21:01:46.0556 5396 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\Windows\System32\smss.exe

21:01:46.0556 5396 C:\Windows\System32\smss.exe - ok

21:01:46.0567 5396 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe

21:01:46.0567 5396 C:\Windows\System32\autochk.exe - ok

21:01:46.0577 5396 [ CE1288544F75F7AE26C0E59697819FEA ] C:\Program Files\AVG\AVG2012\avgrsx.exe

21:01:46.0577 5396 C:\Program Files\AVG\AVG2012\avgrsx.exe - ok

21:01:46.0602 5396 [ 91DC97F9DA3E2B59049D410870935C78 ] C:\Program Files\AVG\AVG2012\avgntopensslx.dll

21:01:46.0602 5396 C:\Program Files\AVG\AVG2012\avgntopensslx.dll - ok

21:01:46.0615 5396 [ 93312F83FD4D5C38CEE8AA1265C061EE ] C:\Program Files\AVG\AVG2012\avgsysx.dll

21:01:46.0616 5396 C:\Program Files\AVG\AVG2012\avgsysx.dll - ok

21:01:46.0632 5396 [ 25CD97F030AE70AF458FF6AB0B7E9B2E ] C:\Program Files\AVG\AVG2012\avglogx.dll

21:01:46.0632 5396 C:\Program Files\AVG\AVG2012\avglogx.dll - ok

21:01:46.0642 5396 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys

21:01:46.0642 5396 C:\Windows\System32\drivers\cdfs.sys - ok

21:01:46.0660 5396 [ 483288CDA81482A615C6B5F8F7BC00E5 ] C:\Program Files\AVG\AVG2012\avgchjwx.dll

21:01:46.0660 5396 C:\Program Files\AVG\AVG2012\avgchjwx.dll - ok

21:01:46.0669 5396 [ 60732ECEC8AEF0A05FE36E661AA1C99C ] C:\Program Files\AVG\AVG2012\avgclitx.dll

21:01:46.0669 5396 C:\Program Files\AVG\AVG2012\avgclitx.dll - ok

21:01:46.0689 5396 [ 11790A73767FBC981BA961D2231907E2 ] C:\Program Files\AVG\AVG2012\avgcclix.dll

21:01:46.0689 5396 C:\Program Files\AVG\AVG2012\avgcclix.dll - ok

21:01:46.0696 5396 [ ECC96985954185DFCF455FBBB8037A1B ] C:\Program Files\AVG\AVG2012\avgcsrvx.exe

21:01:46.0696 5396 C:\Program Files\AVG\AVG2012\avgcsrvx.exe - ok

21:01:46.0701 5396 [ CA4912C91BAD92DD2AFCF282039740EC ] C:\Program Files\AVG\AVG2012\avgcorex.dll

21:01:46.0702 5396 C:\Program Files\AVG\AVG2012\avgcorex.dll - ok

21:01:46.0713 5396 [ 583D2AB70DA4BDC7DCB5EC5C7B87A57C ] C:\Program Files\AVG\AVG2012\avgcertx.dll

21:01:46.0713 5396 C:\Program Files\AVG\AVG2012\avgcertx.dll - ok

21:01:46.0730 5396 [ 3466855DE825F86C484A3454AD090967 ] C:\Program Files\AVG\AVG2012\avgchclx.dll

21:01:46.0730 5396 C:\Program Files\AVG\AVG2012\avgchclx.dll - ok

21:01:46.0740 5396 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll

21:01:46.0740 5396 C:\Windows\System32\user32.dll - ok

21:01:46.0756 5396 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll

21:01:46.0756 5396 C:\Windows\System32\shell32.dll - ok

21:01:46.0767 5396 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll

21:01:46.0767 5396 C:\Windows\System32\rpcrt4.dll - ok

21:01:46.0777 5396 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll

21:01:46.0777 5396 C:\Windows\System32\setupapi.dll - ok

21:01:46.0794 5396 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll

21:01:46.0794 5396 C:\Windows\System32\lpk.dll - ok

21:01:46.0804 5396 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll

21:01:46.0804 5396 C:\Windows\System32\normaliz.dll - ok

21:01:46.0822 5396 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\System32\urlmon.dll

21:01:46.0822 5396 C:\Windows\System32\urlmon.dll - ok

21:01:46.0832 5396 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll

21:01:46.0832 5396 C:\Windows\System32\advapi32.dll - ok

21:01:46.0842 5396 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll

21:01:46.0842 5396 C:\Windows\System32\comdlg32.dll - ok

21:01:46.0860 5396 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\System32\iertutil.dll

21:01:46.0860 5396 C:\Windows\System32\iertutil.dll - ok

21:01:46.0869 5396 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll

21:01:46.0869 5396 C:\Windows\System32\msctf.dll - ok

21:01:46.0883 5396 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll

21:01:46.0883 5396 C:\Windows\System32\oleaut32.dll - ok

21:01:46.0899 5396 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll

21:01:46.0899 5396 C:\Windows\System32\imagehlp.dll - ok

21:01:46.0909 5396 [ 574B473FACAA0E91702B86578440B525 ] C:\Windows\System32\kernel32.dll

21:01:46.0909 5396 C:\Windows\System32\kernel32.dll - ok

21:01:46.0925 5396 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll

21:01:46.0926 5396 C:\Windows\System32\msvcrt.dll - ok

21:01:46.0935 5396 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll

21:01:46.0936 5396 C:\Windows\System32\imm32.dll - ok

21:01:46.0945 5396 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll

21:01:46.0954 5396 C:\Windows\System32\ole32.dll - ok

21:01:46.0957 5396 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll

21:01:46.0957 5396 C:\Windows\System32\gdi32.dll - ok

21:01:46.0967 5396 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll

Link to post
Share on other sites

Part 2

21:01:46.0967 5396 C:\Windows\System32\ws2_32.dll - ok

21:01:46.0977 5396 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll

21:01:46.0977 5396 C:\Windows\System32\usp10.dll - ok

21:01:46.0993 5396 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\System32\wininet.dll

21:01:46.0993 5396 C:\Windows\System32\wininet.dll - ok

21:01:47.0003 5396 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll

21:01:47.0003 5396 C:\Windows\System32\Wldap32.dll - ok

21:01:47.0015 5396 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll

21:01:47.0015 5396 C:\Windows\System32\clbcatq.dll - ok

21:01:47.0031 5396 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll

21:01:47.0031 5396 C:\Windows\System32\nsi.dll - ok

21:01:47.0039 5396 [ 9176285122B7B849FEC2AA1B72A8F7A8 ] C:\Windows\System32\shlwapi.dll

21:01:47.0040 5396 C:\Windows\System32\shlwapi.dll - ok

21:01:47.0056 5396 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll

21:01:47.0056 5396 C:\Windows\System32\comctl32.dll - ok

21:01:47.0067 5396 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll

21:01:47.0067 5396 C:\Windows\System32\psapi.dll - ok

21:01:47.0076 5396 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe

21:01:47.0076 5396 C:\Windows\System32\csrss.exe - ok

21:01:47.0093 5396 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys

21:01:47.0094 5396 C:\Windows\System32\drivers\dxapi.sys - ok

21:01:47.0106 5396 [ 92D85E8A4129FE44A3266266AC8D151D ] C:\Windows\System32\win32k.sys

21:01:47.0106 5396 C:\Windows\System32\win32k.sys - ok

21:01:47.0123 5396 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\Windows\System32\csrsrv.dll

21:01:47.0123 5396 C:\Windows\System32\csrsrv.dll - ok

21:01:47.0131 5396 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll

21:01:47.0131 5396 C:\Windows\System32\basesrv.dll - ok

21:01:47.0141 5396 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\System32\winsrv.dll

21:01:47.0141 5396 C:\Windows\System32\winsrv.dll - ok

21:01:47.0158 5396 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys

21:01:47.0158 5396 C:\Windows\System32\drivers\monitor.sys - ok

21:01:47.0168 5396 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll

21:01:47.0168 5396 C:\Windows\System32\tsddd.dll - ok

21:01:47.0178 5396 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe

21:01:47.0178 5396 C:\Windows\System32\wininit.exe - ok

21:01:47.0195 5396 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll

21:01:47.0195 5396 C:\Windows\System32\secur32.dll - ok

21:01:47.0204 5396 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll

21:01:47.0204 5396 C:\Windows\System32\userenv.dll - ok

21:01:47.0223 5396 [ C2383A7FA2608D384ACAE1CDDE19A9F2 ] C:\Windows\System32\KBDUK.DLL

21:01:47.0223 5396 C:\Windows\System32\KBDUK.DLL - ok

21:01:47.0229 5396 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll

21:01:47.0229 5396 C:\Windows\System32\cdd.dll - ok

21:01:47.0239 5396 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll

21:01:47.0239 5396 C:\Windows\System32\apphelp.dll - ok

21:01:47.0255 5396 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll

21:01:47.0256 5396 C:\Windows\System32\WlS0WndH.dll - ok

21:01:47.0268 5396 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe

21:01:47.0268 5396 C:\Windows\System32\services.exe - ok

21:01:47.0282 5396 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll

21:01:47.0282 5396 C:\Windows\System32\sxs.dll - ok

21:01:47.0296 5396 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe

21:01:47.0297 5396 C:\Windows\System32\winlogon.exe - ok

21:01:47.0306 5396 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll

21:01:47.0307 5396 C:\Windows\System32\winsta.dll - ok

21:01:47.0321 5396 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe

21:01:47.0322 5396 C:\Windows\System32\lsass.exe - ok

21:01:47.0332 5396 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe

21:01:47.0332 5396 C:\Windows\System32\lsm.exe - ok

21:01:47.0341 5396 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll

21:01:47.0342 5396 C:\Windows\System32\sysntfy.dll - ok

21:01:47.0358 5396 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll

21:01:47.0358 5396 C:\Windows\System32\authz.dll - ok

21:01:47.0368 5396 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll

21:01:47.0368 5396 C:\Windows\System32\lsasrv.dll - ok

21:01:47.0379 5396 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll

21:01:47.0379 5396 C:\Windows\System32\scesrv.dll - ok

21:01:47.0396 5396 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll

21:01:47.0397 5396 C:\Windows\System32\wmsgapi.dll - ok

21:01:47.0407 5396 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll

21:01:47.0407 5396 C:\Windows\System32\samsrv.dll - ok

21:01:47.0422 5396 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll

21:01:47.0422 5396 C:\Windows\System32\cryptdll.dll - ok

21:01:47.0433 5396 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll

21:01:47.0434 5396 C:\Windows\System32\dnsapi.dll - ok

21:01:47.0443 5396 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll

21:01:47.0444 5396 C:\Windows\System32\ncobjapi.dll - ok

21:01:47.0460 5396 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll

21:01:47.0460 5396 C:\Windows\System32\netapi32.dll - ok

21:01:47.0465 5396 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll

21:01:47.0466 5396 C:\Windows\System32\samlib.dll - ok

21:01:47.0477 5396 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe

21:01:47.0477 5396 C:\Windows\System32\svchost.exe - ok

21:01:47.0494 5396 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll

21:01:47.0494 5396 C:\Windows\System32\feclient.dll - ok

21:01:47.0506 5396 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll

21:01:47.0506 5396 C:\Windows\System32\mpr.dll - ok

21:01:47.0523 5396 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll

21:01:47.0523 5396 C:\Windows\System32\msasn1.dll - ok

21:01:47.0532 5396 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll

21:01:47.0532 5396 C:\Windows\System32\ntdsapi.dll - ok

21:01:47.0541 5396 [ F180EDE9CFC3FF218D4B45155119F4D9 ] C:\Windows\System32\crypt32.dll

21:01:47.0541 5396 C:\Windows\System32\crypt32.dll - ok

21:01:47.0558 5396 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll

21:01:47.0559 5396 C:\Windows\System32\aelupsvc.dll - ok

21:01:47.0568 5396 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL

21:01:47.0569 5396 C:\Windows\System32\IPHLPAPI.DLL - ok

21:01:47.0590 5396 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll

21:01:47.0590 5396 C:\Windows\System32\SLC.dll - ok

21:01:47.0596 5396 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll

21:01:47.0597 5396 C:\Windows\System32\wevtapi.dll - ok

21:01:47.0606 5396 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe

21:01:47.0607 5396 C:\Windows\System32\alg.exe - ok

21:01:47.0623 5396 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll

21:01:47.0623 5396 C:\Windows\System32\appinfo.dll - ok

21:01:47.0633 5396 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll

21:01:47.0633 5396 C:\Windows\System32\audiosrv.dll - ok

21:01:47.0642 5396 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll

21:01:47.0643 5396 C:\Windows\System32\dhcpcsvc.dll - ok

21:01:47.0658 5396 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll

21:01:47.0658 5396 C:\Windows\System32\dhcpcsvc6.dll - ok

21:01:47.0668 5396 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll

21:01:47.0668 5396 C:\Windows\System32\winnsi.dll - ok

21:01:47.0678 5396 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL

21:01:47.0678 5396 C:\Windows\System32\BFE.DLL - ok

21:01:47.0697 5396 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll

21:01:47.0697 5396 C:\Windows\System32\bcrypt.dll - ok

21:01:47.0706 5396 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll

21:01:47.0706 5396 C:\Windows\System32\browser.dll - ok

21:01:47.0721 5396 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll

21:01:47.0721 5396 C:\Windows\System32\cngaudit.dll - ok

21:01:47.0733 5396 [ 188CC19108B0EBD6332D6628D4EDE469 ] C:\Windows\System32\ncrypt.dll

21:01:47.0733 5396 C:\Windows\System32\ncrypt.dll - ok

21:01:47.0743 5396 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll

21:01:47.0743 5396 C:\Windows\System32\qmgr.dll - ok

21:01:47.0762 5396 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll

21:01:47.0762 5396 C:\Windows\System32\certprop.dll - ok

21:01:47.0773 5396 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll

21:01:47.0773 5396 C:\Windows\System32\comres.dll - ok

21:01:47.0786 5396 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll

21:01:47.0786 5396 C:\Windows\System32\credssp.dll - ok

21:01:47.0799 5396 [ 75C6A297E364014840B48ECCD7525E30 ] C:\Windows\System32\cryptsvc.dll

21:01:47.0799 5396 C:\Windows\System32\cryptsvc.dll - ok

21:01:47.0809 5396 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll

21:01:47.0809 5396 C:\Windows\System32\msprivs.dll - ok

21:01:47.0824 5396 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll

21:01:47.0824 5396 C:\Windows\System32\oleres.dll - ok

21:01:47.0835 5396 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll

21:01:47.0835 5396 C:\Windows\System32\kerberos.dll - ok

21:01:47.0845 5396 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll

21:01:47.0846 5396 C:\Windows\System32\dfsrres.dll - ok

21:01:47.0866 5396 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL

21:01:47.0866 5396 C:\Windows\System32\WSHTCPIP.DLL - ok

21:01:47.0873 5396 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll

21:01:47.0873 5396 C:\Windows\System32\dot3svc.dll - ok

21:01:47.0895 5396 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll

21:01:47.0895 5396 C:\Windows\System32\dps.dll - ok

21:01:47.0905 5396 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll

21:01:47.0905 5396 C:\Windows\System32\wship6.dll - ok

21:01:47.0926 5396 [ 9BE3744D295A7701EB425332014F0797 ] C:\Windows\ehome\ehrecvr.exe

21:01:47.0926 5396 C:\Windows\ehome\ehrecvr.exe - ok

21:01:47.0933 5396 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll

21:01:47.0933 5396 C:\Windows\System32\eapsvc.dll - ok

21:01:47.0943 5396 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll

21:01:47.0943 5396 C:\Windows\System32\wshqos.dll - ok

21:01:47.0959 5396 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\Windows\ehome\ehsched.exe

21:01:47.0959 5396 C:\Windows\ehome\ehsched.exe - ok

21:01:47.0970 5396 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\Windows\ehome\ehstart.dll

21:01:47.0970 5396 C:\Windows\ehome\ehstart.dll - ok

21:01:47.0980 5396 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll

21:01:47.0980 5396 C:\Windows\System32\wevtsvc.dll - ok

21:01:47.0991 5396 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll

21:01:47.0991 5396 C:\Windows\System32\fdPHost.dll - ok

21:01:48.0001 5396 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll

21:01:48.0002 5396 C:\Windows\System32\FDResPub.dll - ok

21:01:48.0012 5396 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll

21:01:48.0013 5396 C:\Windows\System32\NapiNSP.dll - ok

21:01:48.0030 5396 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll

21:01:48.0030 5396 C:\Windows\System32\nlasvc.dll - ok

21:01:48.0039 5396 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll

21:01:48.0039 5396 C:\Windows\System32\FntCache.dll - ok

21:01:48.0054 5396 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll

21:01:48.0054 5396 C:\Windows\System32\pnrpnsp.dll - ok

21:01:48.0067 5396 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll

21:01:48.0067 5396 C:\Windows\System32\mswsock.dll - ok

21:01:48.0078 5396 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll

21:01:48.0078 5396 C:\Windows\System32\msv1_0.dll - ok

21:01:48.0097 5396 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll

21:01:48.0097 5396 C:\Windows\System32\netlogon.dll - ok

21:01:48.0107 5396 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe

21:01:48.0107 5396 C:\Windows\System32\PresentationHost.exe - ok

21:01:48.0126 5396 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll

21:01:48.0126 5396 C:\Windows\System32\schannel.dll - ok

21:01:48.0136 5396 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll

21:01:48.0136 5396 C:\Windows\System32\winbrand.dll - ok

21:01:48.0146 5396 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll

21:01:48.0146 5396 C:\Windows\System32\wdigest.dll - ok

21:01:48.0164 5396 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll

21:01:48.0164 5396 C:\Windows\System32\gpapi.dll - ok

21:01:48.0174 5396 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll

21:01:48.0174 5396 C:\Windows\System32\hidserv.dll - ok

21:01:48.0190 5396 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL

21:01:48.0191 5396 C:\Windows\System32\KMSVC.DLL - ok

21:01:48.0201 5396 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll

21:01:48.0201 5396 C:\Windows\System32\rsaenh.dll - ok

21:01:48.0210 5396 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll

21:01:48.0211 5396 C:\Windows\System32\TSpkg.dll - ok

21:01:48.0227 5396 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll

21:01:48.0227 5396 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok

21:01:48.0237 5396 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL

21:01:48.0237 5396 C:\Windows\System32\IKEEXT.DLL - ok

21:01:48.0242 5396 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll

21:01:48.0242 5396 C:\Windows\System32\IPBusEnum.dll - ok

21:01:48.0259 5396 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll

21:01:48.0259 5396 C:\Windows\System32\rascfg.dll - ok

21:01:48.0270 5396 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll

21:01:48.0270 5396 C:\Windows\System32\iphlpsvc.dll - ok

21:01:48.0280 5396 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll

21:01:48.0280 5396 C:\Windows\System32\keyiso.dll - ok

21:01:48.0295 5396 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll

21:01:48.0295 5396 C:\Windows\System32\srvsvc.dll - ok

21:01:48.0305 5396 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll

21:01:48.0305 5396 C:\Windows\System32\lltdres.dll - ok

21:01:48.0316 5396 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll

21:01:48.0316 5396 C:\Windows\System32\lmhsvc.dll - ok

21:01:48.0330 5396 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll

21:01:48.0331 5396 C:\Windows\System32\wkssvc.dll - ok

21:01:48.0340 5396 [ 132F6237FA3BF3E9715F63A1CCF72BF1 ] C:\Windows\ehome\ehres.dll

21:01:48.0340 5396 C:\Windows\ehome\ehres.dll - ok

21:01:48.0360 5396 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll

21:01:48.0361 5396 C:\Windows\System32\FirewallAPI.dll - ok

21:01:48.0374 5396 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll

21:01:48.0375 5396 C:\Windows\System32\mmcss.dll - ok

21:01:48.0381 5396 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll

21:01:48.0381 5396 C:\Windows\System32\iscsidsc.dll - ok

21:01:48.0399 5396 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll

21:01:48.0399 5396 C:\Windows\System32\msimsg.dll - ok

21:01:48.0409 5396 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL

21:01:48.0409 5396 C:\Windows\System32\QAGENTRT.DLL - ok

21:01:48.0427 5396 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

21:01:48.0427 5396 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok

21:01:48.0441 5396 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll

21:01:48.0441 5396 C:\Windows\System32\netman.dll - ok

21:01:48.0459 5396 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll

21:01:48.0459 5396 C:\Windows\System32\netprof.dll - ok

21:01:48.0471 5396 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll

21:01:48.0471 5396 C:\Windows\System32\nsisvc.dll - ok

21:01:48.0480 5396 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll

21:01:48.0480 5396 C:\Windows\System32\p2psvc.dll - ok

21:01:48.0496 5396 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll

21:01:48.0496 5396 C:\Windows\System32\pcasvc.dll - ok

21:01:48.0503 5396 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll

21:01:48.0503 5396 C:\Windows\System32\pla.dll - ok

21:01:48.0513 5396 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll

21:01:48.0513 5396 C:\Windows\System32\umpnpmgr.dll - ok

21:01:48.0530 5396 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll

21:01:48.0530 5396 C:\Windows\System32\polstore.dll - ok

21:01:48.0541 5396 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll

21:01:48.0541 5396 C:\Windows\System32\profsvc.dll - ok

21:01:48.0556 5396 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys

21:01:48.0556 5396 C:\Windows\System32\drivers\qwavedrv.sys - ok

21:01:48.0567 5396 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll

21:01:48.0568 5396 C:\Windows\System32\psbase.dll - ok

21:01:48.0579 5396 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll

21:01:48.0579 5396 C:\Windows\System32\qwave.dll - ok

21:01:48.0598 5396 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll

21:01:48.0598 5396 C:\Windows\System32\rasauto.dll - ok

21:01:48.0608 5396 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll

21:01:48.0608 5396 C:\Windows\System32\rasmans.dll - ok

21:01:48.0622 5396 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll

21:01:48.0622 5396 C:\Windows\System32\sstpsvc.dll - ok

21:01:48.0635 5396 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe

21:01:48.0635 5396 C:\Windows\System32\Locator.exe - ok

21:01:48.0644 5396 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll

21:01:48.0645 5396 C:\Windows\System32\mprdim.dll - ok

21:01:48.0662 5396 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll

21:01:48.0662 5396 C:\Windows\System32\regsvc.dll - ok

21:01:48.0671 5396 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll

21:01:48.0671 5396 C:\Windows\System32\SCardSvr.dll - ok

21:01:48.0680 5396 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll

21:01:48.0681 5396 C:\Windows\System32\schedsvc.dll - ok

21:01:48.0696 5396 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll

21:01:48.0696 5396 C:\Windows\System32\sdrsvc.dll - ok

21:01:48.0706 5396 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll

21:01:48.0706 5396 C:\Windows\System32\seclogon.dll - ok

21:01:48.0719 5396 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll

21:01:48.0720 5396 C:\Windows\System32\Sens.dll - ok

21:01:48.0733 5396 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll

21:01:48.0733 5396 C:\Windows\System32\SessEnv.dll - ok

21:01:48.0742 5396 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll

21:01:48.0743 5396 C:\Windows\System32\ipnathlp.dll - ok

21:01:48.0751 5396 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll

21:01:48.0752 5396 C:\Windows\System32\shsvcs.dll - ok

21:01:48.0766 5396 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe

21:01:48.0766 5396 C:\Windows\System32\SLsvc.exe - ok

21:01:48.0777 5396 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll

21:01:48.0777 5396 C:\Windows\System32\SLUINotify.dll - ok

21:01:48.0792 5396 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll

21:01:48.0792 5396 C:\Windows\System32\tcpipcfg.dll - ok

21:01:48.0802 5396 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe

21:01:48.0803 5396 C:\Windows\System32\snmptrap.exe - ok

21:01:48.0813 5396 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe

21:01:48.0813 5396 C:\Windows\System32\spoolsv.exe - ok

21:01:48.0828 5396 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll

21:01:48.0828 5396 C:\Windows\System32\ssdpsrv.dll - ok

21:01:48.0838 5396 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll

21:01:48.0838 5396 C:\Windows\System32\swprv.dll - ok

21:01:48.0848 5396 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll

21:01:48.0848 5396 C:\Windows\System32\wiaservc.dll - ok

21:01:48.0863 5396 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll

21:01:48.0864 5396 C:\Windows\System32\sysmain.dll - ok

21:01:48.0873 5396 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll

21:01:48.0874 5396 C:\Windows\System32\TabSvc.dll - ok

21:01:48.0895 5396 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll

21:01:48.0895 5396 C:\Windows\System32\tapisrv.dll - ok

21:01:48.0904 5396 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll

21:01:48.0904 5396 C:\Windows\System32\tbssvc.dll - ok

21:01:48.0914 5396 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe

21:01:48.0914 5396 C:\Windows\servicing\TrustedInstaller.exe - ok

21:01:48.0931 5396 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll

21:01:48.0932 5396 C:\Windows\System32\termsrv.dll - ok

21:01:48.0942 5396 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll

21:01:48.0942 5396 C:\Windows\System32\trkwks.dll - ok

21:01:48.0960 5396 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe

21:01:48.0961 5396 C:\Windows\System32\dwm.exe - ok

21:01:48.0970 5396 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe

21:01:48.0970 5396 C:\Windows\System32\UI0Detect.exe - ok

21:01:48.0979 5396 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll

21:01:48.0980 5396 C:\Windows\System32\upnphost.dll - ok

21:01:48.0995 5396 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe

21:01:48.0995 5396 C:\Windows\System32\vds.exe - ok

21:01:49.0008 5396 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe

21:01:49.0008 5396 C:\Windows\System32\VSSVC.exe - ok

21:01:49.0015 5396 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll

21:01:49.0024 5396 C:\Windows\System32\w32time.dll - ok

21:01:49.0031 5396 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll

21:01:49.0032 5396 C:\Windows\System32\wcncsvc.dll - ok

21:01:49.0043 5396 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll

21:01:49.0043 5396 C:\Windows\System32\WcsPlugInService.dll - ok

21:01:49.0062 5396 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll

21:01:49.0062 5396 C:\Windows\System32\wdi.dll - ok

21:01:49.0070 5396 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll

21:01:49.0070 5396 C:\Windows\System32\WebClnt.dll - ok

21:01:49.0079 5396 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll

21:01:49.0079 5396 C:\Windows\System32\wecsvc.dll - ok

21:01:49.0097 5396 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll

21:01:49.0097 5396 C:\Windows\System32\wercplsupport.dll - ok

21:01:49.0109 5396 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll

21:01:49.0109 5396 C:\Windows\System32\wbem\WMIsvc.dll - ok

21:01:49.0122 5396 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll

21:01:49.0123 5396 C:\Windows\System32\wersvc.dll - ok

21:01:49.0137 5396 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll

21:01:49.0137 5396 C:\Windows\System32\winhttp.dll - ok

21:01:49.0147 5396 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll

21:01:49.0147 5396 C:\Windows\System32\wlansvc.dll - ok

21:01:49.0163 5396 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll

21:01:49.0164 5396 C:\Windows\System32\WsmSvc.dll - ok

21:01:49.0174 5396 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe

21:01:49.0174 5396 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

21:01:49.0188 5396 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe

21:01:49.0188 5396 C:\Windows\System32\wbem\WmiApSrv.exe - ok

21:01:49.0201 5396 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll

21:01:49.0201 5396 C:\Windows\System32\wpcsvc.dll - ok

21:01:49.0213 5396 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll

21:01:49.0213 5396 C:\Windows\System32\wpdbusenum.dll - ok

21:01:49.0229 5396 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

21:01:49.0229 5396 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok

21:01:49.0238 5396 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll

21:01:49.0239 5396 C:\Windows\System32\wscsvc.dll - ok

21:01:49.0248 5396 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll

21:01:49.0249 5396 C:\Windows\System32\wuaueng.dll - ok

21:01:49.0262 5396 [ 575A4190D989F64732119E4114045A4F ] C:\Windows\System32\WUDFSvc.dll

21:01:49.0262 5396 C:\Windows\System32\WUDFSvc.dll - ok

21:01:49.0272 5396 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll

21:01:49.0272 5396 C:\Windows\System32\scecli.dll - ok

21:01:49.0281 5396 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll

21:01:49.0281 5396 C:\Windows\System32\ntmarta.dll - ok

21:01:49.0297 5396 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll

21:01:49.0297 5396 C:\Windows\System32\powrprof.dll - ok

21:01:49.0307 5396 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys

21:01:49.0308 5396 C:\Windows\System32\drivers\luafv.sys - ok

21:01:49.0320 5396 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll

21:01:49.0321 5396 C:\Windows\System32\rpcss.dll - ok

21:01:49.0334 5396 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll

21:01:49.0334 5396 C:\Windows\System32\version.dll - ok

21:01:49.0344 5396 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe

21:01:49.0344 5396 C:\Windows\System32\LogonUI.exe - ok

21:01:49.0360 5396 [ 4575AA12561C5648483403541D0D7F2B ] C:\Program Files\Windows Defender\MpSvc.dll

21:01:49.0361 5396 C:\Program Files\Windows Defender\MpSvc.dll - ok

21:01:49.0369 5396 [ E253E5DA1249A471D913F7EA4C81FAF6 ] C:\Windows\System32\wintrust.dll

21:01:49.0370 5396 C:\Windows\System32\wintrust.dll - ok

21:01:49.0389 5396 [ 1BD363738B672A394EBE3B8A78EAB9D3 ] C:\Program Files\Windows Defender\MpClient.dll

21:01:49.0389 5396 C:\Program Files\Windows Defender\MpClient.dll - ok

21:01:49.0399 5396 [ 65AA99CB303BA21F9ACC8C1374A14798 ] C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

21:01:49.0399 5396 C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe - ok

21:01:49.0408 5396 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll

21:01:49.0408 5396 C:\Windows\System32\authui.dll - ok

21:01:49.0425 5396 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll

21:01:49.0425 5396 C:\Windows\System32\msimg32.dll - ok

21:01:49.0435 5396 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll

21:01:49.0435 5396 C:\Windows\System32\uxtheme.dll - ok

21:01:49.0445 5396 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll

21:01:49.0445 5396 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok

21:01:49.0463 5396 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll

21:01:49.0463 5396 C:\Windows\System32\duser.dll - ok

21:01:49.0473 5396 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll

21:01:49.0473 5396 C:\Windows\System32\xmllite.dll - ok

21:01:49.0492 5396 [ D0CE194506A22A8AEAC1B2B3843382BE ] C:\Windows\System32\LMIinit.dll

21:01:49.0492 5396 C:\Windows\System32\LMIinit.dll - ok

21:01:49.0498 5396 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll

21:01:49.0499 5396 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

21:01:49.0509 5396 [ 5C31F49A1D09ED34C59F4EF77972D878 ] C:\Program Files\Trusteer\Rapport\bin\RapportUtil.dll

21:01:49.0509 5396 C:\Program Files\Trusteer\Rapport\bin\RapportUtil.dll - ok

21:01:49.0515 5396 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll

21:01:49.0515 5396 C:\Windows\System32\rasplap.dll - ok

21:01:49.0532 5396 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll

21:01:49.0532 5396 C:\Windows\System32\rasapi32.dll - ok

21:01:49.0542 5396 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll

21:01:49.0542 5396 C:\Windows\System32\rasman.dll - ok

21:01:49.0557 5396 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll

21:01:49.0557 5396 C:\Windows\System32\tapi32.dll - ok

21:01:49.0570 5396 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll

21:01:49.0570 5396 C:\Windows\System32\wtsapi32.dll - ok

21:01:49.0592 5396 [ FB6BE8B297A2A927860B3DE942A7A973 ] C:\Program Files\Trusteer\Rapport\bin\msvcp80.dll

21:01:49.0593 5396 C:\Program Files\Trusteer\Rapport\bin\msvcp80.dll - ok

21:01:49.0599 5396 [ BEF8B39F19EB032FCB15F382C67BBDE9 ] C:\Program Files\Trusteer\Rapport\bin\msvcr80.dll

21:01:49.0599 5396 C:\Program Files\Trusteer\Rapport\bin\msvcr80.dll - ok

21:01:49.0609 5396 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll

21:01:49.0609 5396 C:\Windows\System32\oleacc.dll - ok

21:01:49.0627 5396 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll

21:01:49.0627 5396 C:\Windows\System32\rtutils.dll - ok

21:01:49.0637 5396 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll

21:01:49.0637 5396 C:\Windows\System32\winmm.dll - ok

21:01:49.0647 5396 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll

21:01:49.0647 5396 C:\Windows\System32\WinSCard.dll - ok

21:01:49.0664 5396 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll

21:01:49.0664 5396 C:\Windows\System32\wsock32.dll - ok

21:01:49.0674 5396 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll

21:01:49.0674 5396 C:\Windows\System32\shgina.dll - ok

21:01:49.0686 5396 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll

21:01:49.0687 5396 C:\Windows\System32\propsys.dll - ok

21:01:49.0702 5396 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll

21:01:49.0702 5396 C:\Windows\System32\shacct.dll - ok

21:01:49.0712 5396 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll

21:01:49.0712 5396 C:\Windows\System32\msi.dll - ok

21:01:49.0728 5396 [ 3F58067E7D3B00E27B34BBD76089F962 ] C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll.data

21:01:49.0729 5396 C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll.data - ok

21:01:49.0737 5396 [ 4C089FA7CE5FF366E32BE3B3AEA71ED1 ] C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll

21:01:49.0737 5396 C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll - ok

21:01:49.0748 5396 [ B4A20CB7ED000397E60E21C1CA393C09 ] C:\Program Files\Trusteer\Rapport\bin\rookscom.dll

21:01:49.0748 5396 C:\Program Files\Trusteer\Rapport\bin\rookscom.dll - ok

21:01:49.0768 5396 [ 8DA5A78317A51900930559E4937B169A ] C:\Program Files\Trusteer\Rapport\bin\rookscom.dll.data

21:01:49.0768 5396 C:\Program Files\Trusteer\Rapport\bin\rookscom.dll.data - ok

21:01:49.0774 5396 [ 381B78593AE1749344701AD79D79F617 ] C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll.data

21:01:49.0775 5396 C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll.data - ok

21:01:49.0787 5396 [ 6037EEF7EB7EA12608EAE2CA92AED509 ] C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll

21:01:49.0788 5396 C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll - ok

21:01:49.0803 5396 [ 5DB99BBD7A50F2A45A5118D9532064C4 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll

21:01:49.0803 5396 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll - ok

21:01:49.0814 5396 [ FB6BE8B297A2A927860B3DE942A7A973 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcp80.dll

21:01:49.0814 5396 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcp80.dll - ok

21:01:49.0831 5396 [ BEF8B39F19EB032FCB15F382C67BBDE9 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcr80.dll

21:01:49.0831 5396 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcr80.dll - ok

21:01:49.0845 5396 [ C5E9CA9E60BCAE0F7BA4053414A516A5 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\atl80.dll

21:01:49.0845 5396 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\atl80.dll - ok

21:01:49.0859 5396 [ 29820425D7B6407793C8C0ACB9622FF0 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll

21:01:49.0859 5396 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll - ok

21:01:49.0870 5396 [ BEF8B39F19EB032FCB15F382C67BBDE9 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcr80.dll

21:01:49.0870 5396 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcr80.dll - ok

21:01:49.0881 5396 [ FB6BE8B297A2A927860B3DE942A7A973 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcp80.dll

21:01:49.0881 5396 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcp80.dll - ok

21:01:49.0899 5396 [ C5E9CA9E60BCAE0F7BA4053414A516A5 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\atl80.dll

21:01:49.0899 5396 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\atl80.dll - ok

21:01:49.0909 5396 [ 378C296F78EBC17E57C6CF96CD024D59 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus.dll

21:01:49.0909 5396 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus.dll - ok

21:01:49.0927 5396 [ B076A8C175D93FBB569DD9B10307CDE2 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll

21:01:49.0927 5396 C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll - ok

21:01:49.0939 5396 [ FB6BE8B297A2A927860B3DE942A7A973 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcp80.dll

21:01:49.0939 5396 C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcp80.dll - ok

21:01:49.0948 5396 [ BEF8B39F19EB032FCB15F382C67BBDE9 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcr80.dll

21:01:49.0948 5396 C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcr80.dll - ok

21:01:49.0966 5396 [ 5BEB722294C6A21BBE79E816F4E933DA ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll

21:01:49.0966 5396 C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll - ok

21:01:49.0976 5396 [ B7AB636643F405839CB3D1684145651C ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll

21:01:49.0976 5396 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll - ok

21:01:49.0996 5396 [ FB6BE8B297A2A927860B3DE942A7A973 ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcp80.dll

21:01:49.0996 5396 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcp80.dll - ok

21:01:50.0007 5396 [ C5E9CA9E60BCAE0F7BA4053414A516A5 ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\atl80.dll

21:01:50.0007 5396 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\atl80.dll - ok

21:01:50.0025 5396 [ BEF8B39F19EB032FCB15F382C67BBDE9 ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcr80.dll

21:01:50.0025 5396 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcr80.dll - ok

21:01:50.0034 5396 [ DA887F28054D78EE8637BEBB924A2DB5 ] C:\Windows\System32\slwga.dll

21:01:50.0034 5396 C:\Windows\System32\slwga.dll - ok

21:01:50.0047 5396 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll

21:01:50.0047 5396 C:\Windows\System32\MMDevAPI.dll - ok

21:01:50.0066 5396 [ 801F1E963F7EEFFDA3F9EF89DB3EF133 ] C:\Windows\System32\radardt.dll

21:01:50.0067 5396 C:\Windows\System32\radardt.dll - ok

21:01:50.0083 5396 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll

21:01:50.0083 5396 C:\Windows\System32\cabinet.dll - ok

21:01:50.0101 5396 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll

21:01:50.0101 5396 C:\Windows\System32\adtschema.dll - ok

21:01:50.0112 5396 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll

21:01:50.0112 5396 C:\Windows\System32\avrt.dll - ok

21:01:50.0132 5396 [ 399BB52AD0668472717498E97CF28341 ] C:\Windows\System32\WUDFPlatform.dll

21:01:50.0132 5396 C:\Windows\System32\WUDFPlatform.dll - ok

21:01:50.0144 5396 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll

21:01:50.0144 5396 C:\Windows\System32\ci.dll - ok

21:01:50.0162 5396 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys

21:01:50.0162 5396 C:\Windows\System32\drivers\fltMgr.sys - ok

21:01:50.0172 5396 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL

21:01:50.0173 5396 C:\Windows\System32\PSHED.DLL - ok

21:01:50.0182 5396 [ 97FEF831AB90BEE128C9AF390E243F80 ] C:\Windows\System32\drivers\drmkaud.sys

21:01:50.0183 5396 C:\Windows\System32\drivers\drmkaud.sys - ok

21:01:50.0200 5396 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe

21:01:50.0200 5396 C:\Windows\System32\audiodg.exe - ok

21:01:50.0210 5396 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv

21:01:50.0210 5396 C:\Windows\System32\wdmaud.drv - ok

21:01:50.0227 5396 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll

21:01:50.0227 5396 C:\Windows\System32\gpsvc.dll - ok

21:01:50.0236 5396 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll

21:01:50.0237 5396 C:\Windows\System32\nlaapi.dll - ok

21:01:50.0246 5396 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll

21:01:50.0246 5396 C:\Windows\System32\atl.dll - ok

21:01:50.0262 5396 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll

21:01:50.0262 5396 C:\Windows\System32\ksuser.dll - ok

21:01:50.0272 5396 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll

21:01:50.0272 5396 C:\Windows\System32\AudioEng.dll - ok

21:01:50.0281 5396 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll

21:01:50.0282 5396 C:\Windows\System32\AudioSes.dll - ok

21:01:50.0298 5396 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv

21:01:50.0298 5396 C:\Windows\System32\msacm32.drv - ok

21:01:50.0308 5396 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll

21:01:50.0308 5396 C:\Windows\System32\msacm32.dll - ok

21:01:50.0317 5396 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll

21:01:50.0318 5396 C:\Windows\System32\midimap.dll - ok

21:01:50.0335 5396 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll

21:01:50.0335 5396 C:\Windows\System32\WindowsCodecs.dll - ok

21:01:50.0345 5396 [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll

21:01:50.0345 5396 C:\Windows\System32\AUDIOKSE.dll - ok

21:01:50.0361 5396 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll

21:01:50.0361 5396 C:\Windows\System32\hid.dll - ok

21:01:50.0371 5396 [ 6D4FF460ED427A1F5C741B9480116C2F ] C:\Windows\System32\RtkAPO.dll

21:01:50.0371 5396 C:\Windows\System32\RtkAPO.dll - ok

21:01:50.0381 5396 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll

21:01:50.0382 5396 C:\Windows\System32\es.dll - ok

21:01:50.0398 5396 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys

21:01:50.0398 5396 C:\Windows\System32\drivers\spsys.sys - ok

21:01:50.0408 5396 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll

21:01:50.0409 5396 C:\Windows\System32\uxsms.dll - ok

21:01:50.0427 5396 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll

21:01:50.0427 5396 C:\Windows\System32\mfplat.dll - ok

21:01:50.0436 5396 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll

21:01:50.0436 5396 C:\Windows\System32\WMALFXGFXDSP.dll - ok

21:01:50.0445 5396 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys

21:01:50.0445 5396 C:\Windows\System32\drivers\lltdio.sys - ok

21:01:50.0461 5396 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\Windows\System32\drivers\nwifi.sys

21:01:50.0462 5396 C:\Windows\System32\drivers\nwifi.sys - ok

21:01:50.0472 5396 [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\Windows\System32\drivers\ndisuio.sys

21:01:50.0472 5396 C:\Windows\System32\drivers\ndisuio.sys - ok

21:01:50.0482 5396 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys

Link to post
Share on other sites

Part 3

21:01:50.0482 5396 C:\Windows\System32\drivers\rspndr.sys - ok

21:01:50.0498 5396 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll

21:01:50.0498 5396 C:\Windows\System32\dnsrslvr.dll - ok

21:01:50.0508 5396 [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\Windows\System32\eapphost.dll

21:01:50.0509 5396 C:\Windows\System32\eapphost.dll - ok

21:01:50.0527 5396 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll

21:01:50.0528 5396 C:\Windows\System32\rastls.dll - ok

21:01:50.0534 5396 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll

21:01:50.0534 5396 C:\Windows\System32\raschap.dll - ok

21:01:50.0544 5396 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll

21:01:50.0544 5396 C:\Windows\System32\umb.dll - ok

21:01:50.0550 5396 [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\Windows\System32\wlanmsm.dll

21:01:50.0551 5396 C:\Windows\System32\wlanmsm.dll - ok

21:01:50.0567 5396 [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\Windows\System32\wlansec.dll

21:01:50.0567 5396 C:\Windows\System32\wlansec.dll - ok

21:01:50.0580 5396 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll

21:01:50.0580 5396 C:\Windows\System32\onex.dll - ok

21:01:50.0595 5396 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll

21:01:50.0595 5396 C:\Windows\System32\eappprxy.dll - ok

21:01:50.0606 5396 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll

21:01:50.0606 5396 C:\Windows\System32\eappcfg.dll - ok

21:01:50.0615 5396 [ 91D995A67D9447592A1BF21CBC15C628 ] C:\Windows\System32\wlgpclnt.dll

21:01:50.0615 5396 C:\Windows\System32\wlgpclnt.dll - ok

21:01:50.0637 5396 [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\Windows\System32\l2gpstore.dll

21:01:50.0638 5396 C:\Windows\System32\l2gpstore.dll - ok

21:01:50.0657 5396 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll

21:01:50.0657 5396 C:\Windows\System32\wlanutil.dll - ok

21:01:50.0666 5396 [ 024528E25BBE8768536861EA09BE1672 ] C:\Windows\System32\msxml6.dll

21:01:50.0666 5396 C:\Windows\System32\msxml6.dll - ok

21:01:50.0677 5396 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll

21:01:50.0678 5396 C:\Windows\System32\SensApi.dll - ok

21:01:50.0693 5396 [ CAD95AFB7FDDCC490681555C570FBB7D ] C:\Windows\System32\ntkrnlpa.exe

21:01:50.0693 5396 C:\Windows\System32\ntkrnlpa.exe - ok

21:01:50.0706 5396 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll

21:01:50.0706 5396 C:\Windows\System32\ktmw32.dll - ok

21:01:50.0716 5396 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll

21:01:50.0716 5396 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok

21:01:50.0732 5396 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll

21:01:50.0732 5396 C:\Windows\System32\taskcomp.dll - ok

21:01:50.0744 5396 [ F870AA3E254628EBEAFE754108D664DE ] C:\Windows\System32\drivers\http.sys

21:01:50.0744 5396 C:\Windows\System32\drivers\http.sys - ok

21:01:50.0763 5396 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll

21:01:50.0763 5396 C:\Windows\System32\spoolss.dll - ok

21:01:50.0774 5396 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys

21:01:50.0774 5396 C:\Windows\System32\drivers\srvnet.sys - ok

21:01:50.0792 5396 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL

21:01:50.0792 5396 C:\Windows\System32\FWPUCLNT.DLL - ok

21:01:50.0800 5396 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys

21:01:50.0800 5396 C:\Windows\System32\drivers\bowser.sys - ok

21:01:50.0810 5396 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys

21:01:50.0811 5396 C:\Windows\System32\drivers\mpsdrv.sys - ok

21:01:50.0822 5396 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys

21:01:50.0822 5396 C:\Windows\System32\drivers\mrxdav.sys - ok

21:01:50.0836 5396 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys

21:01:50.0837 5396 C:\Windows\System32\drivers\mrxsmb.sys - ok

21:01:50.0847 5396 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys

21:01:50.0847 5396 C:\Windows\System32\drivers\mrxsmb10.sys - ok

21:01:50.0862 5396 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys

21:01:50.0863 5396 C:\Windows\System32\drivers\mrxsmb20.sys - ok

21:01:50.0874 5396 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys

21:01:50.0874 5396 C:\Windows\System32\drivers\srv2.sys - ok

21:01:50.0894 5396 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll

21:01:50.0894 5396 C:\Windows\System32\MPSSVC.dll - ok

21:01:50.0905 5396 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys

21:01:50.0905 5396 C:\Windows\System32\drivers\srv.sys - ok

21:01:50.0915 5396 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll

21:01:50.0915 5396 C:\Windows\System32\netmsg.dll - ok

21:01:50.0933 5396 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll

21:01:50.0933 5396 C:\Windows\System32\sscore.dll - ok

21:01:50.0943 5396 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll

21:01:50.0943 5396 C:\Windows\System32\clusapi.dll - ok

21:01:50.0963 5396 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll

21:01:50.0963 5396 C:\Windows\System32\activeds.dll - ok

21:01:50.0973 5396 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll

21:01:50.0974 5396 C:\Windows\System32\adsldpc.dll - ok

21:01:50.0983 5396 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll

21:01:50.0983 5396 C:\Windows\System32\credui.dll - ok

21:01:51.0001 5396 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll

21:01:51.0001 5396 C:\Windows\System32\resutils.dll - ok

21:01:51.0012 5396 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll

21:01:51.0012 5396 C:\Windows\System32\wfapigp.dll - ok

21:01:51.0026 5396 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll

21:01:51.0027 5396 C:\Windows\System32\mscms.dll - ok

21:01:51.0037 5396 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\Windows\System32\drivers\parport.sys

21:01:51.0037 5396 C:\Windows\System32\drivers\parport.sys - ok

21:01:51.0047 5396 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe

21:01:51.0048 5396 C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok

21:01:51.0060 5396 [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll

21:01:51.0060 5396 C:\Windows\System32\WsmRes.dll - ok

21:01:51.0072 5396 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe

21:01:51.0072 5396 C:\Windows\System32\plasrv.exe - ok

21:01:51.0083 5396 [ 3DEBBECF665DCDDE3A95D9B902010817 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:01:51.0083 5396 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

21:01:51.0100 5396 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

21:01:51.0100 5396 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

21:01:51.0111 5396 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

21:01:51.0111 5396 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

21:01:51.0128 5396 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll

21:01:51.0129 5396 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

21:01:51.0139 5396 [ 2503287BD19AE52E36E9DE42834A2AC0 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll

21:01:51.0140 5396 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

21:01:51.0150 5396 [ 6FE3E3A215E55C76A811B9B56A5AEB09 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll

21:01:51.0150 5396 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

21:01:51.0168 5396 [ 0D75A1CFD1215875C8DD0BB9AFF4695C ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll

21:01:51.0168 5396 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

21:01:51.0179 5396 [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

21:01:51.0179 5396 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok

21:01:51.0196 5396 [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll

21:01:51.0196 5396 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

21:01:51.0206 5396 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll

21:01:51.0207 5396 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok

21:01:51.0217 5396 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll

21:01:51.0217 5396 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

21:01:51.0234 5396 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll

21:01:51.0235 5396 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok

21:01:51.0245 5396 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll

21:01:51.0245 5396 C:\Windows\System32\wiarpc.dll - ok

21:01:51.0261 5396 [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

21:01:51.0262 5396 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok

21:01:51.0273 5396 [ 1224BC6DE919F8CD8C1C945280E63852 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

21:01:51.0273 5396 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok

21:01:51.0294 5396 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll

21:01:51.0294 5396 C:\Windows\System32\dnssd.dll - ok

21:01:51.0302 5396 [ E46D344412D1ABC60C58E95C73BCDC70 ] C:\Windows\System32\drivers\atksgt.sys

21:01:51.0302 5396 C:\Windows\System32\drivers\atksgt.sys - ok

21:01:51.0312 5396 [ BAF975B72062F53D327788E99D64197E ] C:\Windows\System32\drivers\avgidsshimx.sys

21:01:51.0312 5396 C:\Windows\System32\drivers\avgidsshimx.sys - ok

21:01:51.0319 5396 [ 905B5BF5BE0A86E8412801BF20357195 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll

21:01:51.0319 5396 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok

21:01:51.0335 5396 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

21:01:51.0335 5396 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok

21:01:51.0346 5396 [ 5D76C8CC87D0EFBE0B4A3BEF6B67EBF0 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll

21:01:51.0346 5396 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

21:01:51.0362 5396 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll

21:01:51.0362 5396 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

21:01:51.0373 5396 [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

21:01:51.0373 5396 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok

21:01:51.0383 5396 [ EA1145DEBCD508FD25BD1E95C4346929 ] C:\Program Files\AVG\AVG2012\avgwdsvc.exe

21:01:51.0384 5396 C:\Program Files\AVG\AVG2012\avgwdsvc.exe - ok

21:01:51.0399 5396 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll

21:01:51.0504 5396 C:\Windows\System32\netcfgx.dll - ok

21:01:51.0510 5396 [ 22CC6CDBA678790046693654C3B212E4 ] C:\Program Files\Internet Explorer\iexplore.exe

21:01:51.0511 5396 C:\Program Files\Internet Explorer\iexplore.exe - ok

21:01:51.0522 5396 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\System32\ieframe.dll

21:01:51.0522 5396 C:\Windows\System32\ieframe.dll - ok

21:01:51.0537 5396 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll

21:01:51.0537 5396 C:\Program Files\Bonjour\mdnsNSP.dll - ok

21:01:51.0547 5396 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll

21:01:51.0547 5396 C:\Windows\System32\winrnr.dll - ok

21:01:51.0563 5396 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll

21:01:51.0563 5396 C:\Windows\System32\actxprxy.dll - ok

21:01:51.0570 5396 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll

21:01:51.0570 5396 C:\Windows\System32\rasadhlp.dll - ok

21:01:51.0583 5396 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

21:01:51.0583 5396 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok

21:01:51.0600 5396 [ 553E94AE71D233C14A8C8B4AF9286ED0 ] C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe

21:01:51.0601 5396 C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe - ok

21:01:51.0610 5396 [ 89C6E108EAE76877A89480FBE106603B ] C:\Program Files\3 Mobile Broadband\3Connect\Logger.dll

21:01:51.0610 5396 C:\Program Files\3 Mobile Broadband\3Connect\Logger.dll - ok

21:01:51.0627 5396 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

21:01:51.0627 5396 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok

21:01:51.0640 5396 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll

21:01:51.0640 5396 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok

21:01:51.0649 5396 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll

21:01:51.0649 5396 C:\Windows\System32\dwmapi.dll - ok

21:01:51.0667 5396 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL

21:01:51.0667 5396 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok

21:01:51.0677 5396 [ CC0713B192BF47A124168957ACD75CC1 ] C:\Windows\System32\ieui.dll

21:01:51.0677 5396 C:\Windows\System32\ieui.dll - ok

21:01:51.0689 5396 [ 5E4FF36923C37C80B537DCE6CAA755F9 ] C:\Program Files\Internet Explorer\ieproxy.dll

21:01:51.0690 5396 C:\Program Files\Internet Explorer\ieproxy.dll - ok

21:01:51.0704 5396 [ 2DAD4B6B659F7E5DFBCB6D2C634FA6F3 ] C:\Program Files\Internet Explorer\IEShims.dll

21:01:51.0704 5396 C:\Program Files\Internet Explorer\IEShims.dll - ok

21:01:51.0715 5396 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe

21:01:51.0715 5396 C:\Program Files\Bonjour\mDNSResponder.exe - ok

21:01:51.0731 5396 [ AC633C7D40C63A197649955A512AD7BD ] C:\Program Files\AVG\AVG2012\avgwd.dll

21:01:51.0731 5396 C:\Program Files\AVG\AVG2012\avgwd.dll - ok

21:01:51.0741 5396 [ BB197F54A8F69EEA8356B7F70E6D3A20 ] C:\Windows\System32\mshtml.dll

21:01:51.0741 5396 C:\Windows\System32\mshtml.dll - ok

21:01:51.0751 5396 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll

21:01:51.0751 5396 C:\Windows\System32\taskschd.dll - ok

21:01:51.0769 5396 [ A06EFD4965F8A3F97A8C9A291D032678 ] C:\Program Files\Canon\IJPLM\ijplmsvc.exe

21:01:51.0770 5396 C:\Program Files\Canon\IJPLM\ijplmsvc.exe - ok

21:01:51.0779 5396 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll

21:01:51.0780 5396 C:\Windows\System32\vssapi.dll - ok

21:01:51.0797 5396 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll

21:01:51.0797 5396 C:\Windows\System32\vsstrace.dll - ok

21:01:51.0809 5396 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll

21:01:51.0809 5396 C:\Windows\System32\WSDApi.dll - ok

21:01:51.0829 5396 [ F798A893C8C214F74889DBF9D3A412DE ] C:\Windows\System32\cryptnet.dll

21:01:51.0830 5396 C:\Windows\System32\cryptnet.dll - ok

21:01:51.0835 5396 [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\Windows\System32\httpapi.dll

21:01:51.0836 5396 C:\Windows\System32\httpapi.dll - ok

21:01:51.0846 5396 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv

21:01:51.0846 5396 C:\Windows\System32\winspool.drv - ok

21:01:51.0863 5396 [ E2C78D19572AACC2062A00F01503807E ] C:\Program Files\AVG\AVG2012\avgcfgx.dll

21:01:51.0864 5396 C:\Program Files\AVG\AVG2012\avgcfgx.dll - ok

21:01:51.0873 5396 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll

21:01:51.0874 5396 C:\Windows\System32\fundisc.dll - ok

21:01:51.0882 5396 [ 8CCF9ED46D52AF1375875F74A91FFACF ] C:\Windows\System32\drivers\lirsgt.sys

21:01:51.0883 5396 C:\Windows\System32\drivers\lirsgt.sys - ok

21:01:51.0898 5396 [ 3FAA563DDF853320F90259D455A01D79 ] C:\Windows\System32\drivers\LMIRfsDriver.sys

21:01:51.0898 5396 C:\Windows\System32\drivers\LMIRfsDriver.sys - ok

21:01:51.0910 5396 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe

21:01:51.0910 5396 C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe - ok

21:01:51.0929 5396 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll

21:01:51.0930 5396 C:\Windows\System32\msxml3.dll - ok

21:01:51.0939 5396 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll

21:01:51.0939 5396 C:\Windows\System32\mlang.dll - ok

21:01:51.0950 5396 [ 2349335A8033FD9834D1C401EAE1C9BF ] C:\Windows\System32\spool\drivers\w32x86\3\lxeaserv.exe

21:01:51.0951 5396 C:\Windows\System32\spool\drivers\w32x86\3\lxeaserv.exe - ok

21:01:51.0967 5396 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll

21:01:51.0967 5396 C:\Windows\System32\esent.dll - ok

21:01:51.0978 5396 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll

21:01:51.0978 5396 C:\Windows\System32\diagperf.dll - ok

21:01:51.0992 5396 [ 37B19585E146D283ADFFCBEDDA01DE70 ] C:\Windows\System32\lxeacoms.exe

21:01:51.0993 5396 C:\Windows\System32\lxeacoms.exe - ok

21:01:52.0005 5396 [ 6D7C6A0A885B54B18AE2009CF21CBBAB ] C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll

21:01:52.0005 5396 C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll - ok

21:01:52.0016 5396 [ 87DE2A1A211A8B9C7F2D093660CBF563 ] C:\Program Files\TechSmith\Snagit 10\SnagitIEAddinRes.dll

21:01:52.0016 5396 C:\Program Files\TechSmith\Snagit 10\SnagitIEAddinRes.dll - ok

21:01:52.0036 5396 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys

21:01:52.0036 5396 C:\Windows\System32\drivers\PEAuth.sys - ok

21:01:52.0046 5396 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll

21:01:52.0046 5396 C:\Windows\System32\ncsi.dll - ok

21:01:52.0064 5396 [ 272AEAEBAF6AE6242CA956E4FD660B9E ] C:\Program Files\TechSmith\Snagit 10\Snagit32.exe

21:01:52.0064 5396 C:\Program Files\TechSmith\Snagit 10\Snagit32.exe - ok

21:01:52.0071 5396 [ 5F380A33FE12E6ECF932C2B0366069FC ] C:\Windows\System32\lxeaserv.dll

21:01:52.0072 5396 C:\Windows\System32\lxeaserv.dll - ok

21:01:52.0082 5396 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll

21:01:52.0082 5396 C:\Windows\System32\cfgmgr32.dll - ok

21:01:52.0091 5396 [ 478B2775651ECB9425E7501DFC109278 ] C:\Windows\System32\lxeaiesc.dll

21:01:52.0092 5396 C:\Windows\System32\lxeaiesc.dll - ok

21:01:52.0105 5396 [ 018FE7935604F87605026B2448E2722D ] C:\Windows\System32\lxeainpa.dll

21:01:52.0106 5396 C:\Windows\System32\lxeainpa.dll - ok

21:01:52.0115 5396 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL

21:01:52.0116 5396 C:\Windows\System32\IPSECSVC.DLL - ok

21:01:52.0137 5396 [ 7E9A589A73E89332B3F2D801A0B1B7F6 ] C:\Windows\System32\lxeausb1.dll

21:01:52.0137 5396 C:\Windows\System32\lxeausb1.dll - ok

21:01:52.0147 5396 [ 2DBAD1C00A95674AA34BAE88C3B66DDD ] C:\Windows\System32\lxeahbn3.dll

21:01:52.0147 5396 C:\Windows\System32\lxeahbn3.dll - ok

21:01:52.0163 5396 [ 1A43B16FE11B3B4C2A69777A25D7F876 ] C:\Windows\System32\lxeahcp.dll

21:01:52.0164 5396 C:\Windows\System32\lxeahcp.dll - ok

21:01:52.0175 5396 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll

21:01:52.0175 5396 C:\Windows\System32\ssdpapi.dll - ok

21:01:52.0187 5396 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll

21:01:52.0187 5396 C:\Windows\System32\FwRemoteSvr.dll - ok

21:01:52.0205 5396 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\System32\msimtf.dll

21:01:52.0205 5396 C:\Windows\System32\msimtf.dll - ok

21:01:52.0215 5396 [ 394373142655ACCF49D64AAD466C86FF ] C:\Windows\System32\jscript9.dll

21:01:52.0215 5396 C:\Windows\System32\jscript9.dll - ok

21:01:52.0231 5396 [ 17BD4BA2058C38AE1A512AE81F244F38 ] C:\Program Files\Lexmark Toolbar\toolband.dll

21:01:52.0232 5396 C:\Program Files\Lexmark Toolbar\toolband.dll - ok

21:01:52.0242 5396 [ A8446FDD75525D8AB24B010C3C692673 ] C:\Program Files\Lexmark Toolbar\resource.dll

21:01:52.0243 5396 C:\Program Files\Lexmark Toolbar\resource.dll - ok

21:01:52.0253 5396 [ 59D4207E76ED648D1AEC8F0B97FCE013 ] C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll

21:01:52.0253 5396 C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll - ok

21:01:52.0269 5396 [ EAE7D779D59448F98B8A7F9102199DEB ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

21:01:52.0269 5396 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - ok

21:01:52.0278 5396 [ 7BC65E310562A17AA8AC2597418CAA3B ] D:\RoboSoft4\RSDBServer.exe

21:01:52.0279 5396 D:\RoboSoft4\RSDBServer.exe - ok

21:01:52.0296 5396 [ 3DE544A34B868038BC704CEF76C40A09 ] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

21:01:52.0297 5396 C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll - ok

21:01:52.0305 5396 [ 9FE93E05194427727A755032436533B3 ] C:\Program Files\AVG\AVG2012\avgssie.dll

21:01:52.0305 5396 C:\Program Files\AVG\AVG2012\avgssie.dll - ok

21:01:52.0315 5396 [ AFF2E23E4E867140F07ABADC9E29ACDC ] C:\Program Files\AVG\AVG2012\avgopensslx.dll

21:01:52.0315 5396 C:\Program Files\AVG\AVG2012\avgopensslx.dll - ok

21:01:52.0334 5396 [ 5B8D71AC2074550D78BC188A8888054F ] C:\Program Files\AVG\AVG2012\avgidpsdkx.dll

21:01:52.0335 5396 C:\Program Files\AVG\AVG2012\avgidpsdkx.dll - ok

21:01:52.0342 5396 [ 283BA4ACC3CF1E5797AF7879EFB38386 ] C:\Program Files\AVG\AVG2012\avgxpl.dll

21:01:52.0342 5396 C:\Program Files\AVG\AVG2012\avgxpl.dll - ok

21:01:52.0353 5396 [ B642E645D7A790E0FA41E16C6C4234E6 ] C:\Program Files\AVG\AVG2012\avgwdwsc.dll

21:01:52.0353 5396 C:\Program Files\AVG\AVG2012\avgwdwsc.dll - ok

21:01:52.0370 5396 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll

21:01:52.0370 5396 C:\Windows\System32\wscapi.dll - ok

21:01:52.0382 5396 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll

21:01:52.0382 5396 C:\Windows\System32\wbem\wbemprox.dll - ok

21:01:52.0400 5396 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll

21:01:52.0401 5396 C:\Windows\System32\wbemcomn.dll - ok

21:01:52.0412 5396 [ 64D1ACA8FE1A6CD83CB682299EC0B7C3 ] C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll

21:01:52.0448 5396 C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll - ok

21:01:52.0454 5396 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll

21:01:52.0454 5396 C:\Windows\System32\msiltcfg.dll - ok

21:01:52.0464 5396 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll

21:01:52.0464 5396 C:\Windows\System32\sfc.dll - ok

21:01:52.0473 5396 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll

21:01:52.0474 5396 C:\Windows\System32\sfc_os.dll - ok

21:01:52.0482 5396 [ FAB5650F32677320A5056A9A540F36C9 ] C:\Program Files\AVG\AVG2012\avgnsx.exe

21:01:52.0483 5396 C:\Program Files\AVG\AVG2012\avgnsx.exe - ok

21:01:52.0500 5396 [ A5675206B80C4127BC687DCCA9A57212 ] C:\Program Files\AVG\AVG2012\avgntsqlitex.dll

21:01:52.0500 5396 C:\Program Files\AVG\AVG2012\avgntsqlitex.dll - ok

21:01:52.0511 5396 [ EB4A30EAC3B3C304EAC8A10970E3402E ] C:\Program Files\AVG\AVG2012\avgsched.dll

21:01:52.0511 5396 C:\Program Files\AVG\AVG2012\avgsched.dll - ok

21:01:52.0523 5396 [ B7899C3E21B299D7A3C0DA96CAE340BD ] C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll

21:01:52.0525 5396 C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll - ok

21:01:52.0540 5396 [ 377AFFD4A663EEC45EC4A93DD79F8F8F ] C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

21:01:52.0540 5396 C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll - ok

21:01:52.0550 5396 [ E2E37D570AAF48781BD00DD243456E7D ] C:\Program Files\Common Files\microsoft shared\Windows Live\msidcrl40.dll

21:01:52.0550 5396 C:\Program Files\Common Files\microsoft shared\Windows Live\msidcrl40.dll - ok

21:01:52.0568 5396 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll

21:01:52.0568 5396 C:\Windows\System32\p2pcollab.dll - ok

21:01:52.0582 5396 [ 41941C0132685526753B02087FC8A34E ] C:\Program Files\Lexmark Printable Web\bho.dll

21:01:52.0582 5396 C:\Program Files\Lexmark Printable Web\bho.dll - ok

21:01:52.0589 5396 [ F6AE2DDD49D76776AFF174F3F76CF1CB ] C:\Program Files\Lexmark Printable Web\resource.dll

21:01:52.0589 5396 C:\Program Files\Lexmark Printable Web\resource.dll - ok

21:01:52.0604 5396 [ 098E0FE8C1CD8A6444F58EFB1E51793E ] C:\Windows\System32\SlimBho2.dll

21:01:52.0604 5396 C:\Windows\System32\SlimBho2.dll - ok

21:01:52.0614 5396 [ 87E063F1E676C99B6C1C047794DEB115 ] C:\Program Files\Java\jre7\bin\jp2ssv.dll

21:01:52.0614 5396 C:\Program Files\Java\jre7\bin\jp2ssv.dll - ok

21:01:52.0630 5396 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll

21:01:52.0631 5396 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok

21:01:52.0641 5396 [ A944A73CEC5921B871542FE5CC5E03E4 ] C:\Windows\System32\olepro32.dll

21:01:52.0641 5396 C:\Windows\System32\olepro32.dll - ok

21:01:52.0650 5396 [ D4C0D211332DEC5B8C11899E97F1D27C ] D:\RoboSoft4\ssleay32.dll

21:01:52.0650 5396 D:\RoboSoft4\ssleay32.dll - ok

21:01:52.0667 5396 [ 40D1D0A2569395D34A7CE070F99A5365 ] C:\Program Files\Java\jre7\bin\deploy.dll

21:01:52.0667 5396 C:\Program Files\Java\jre7\bin\deploy.dll - ok

21:01:52.0678 5396 [ C1B41CE18F8065A5B0CE66A4FBA48794 ] D:\RoboSoft4\libeay32.dll

21:01:52.0678 5396 D:\RoboSoft4\libeay32.dll - ok

21:01:52.0689 5396 [ 432226E3E9C09A73F389A65DEC49BB2F ] C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

21:01:52.0689 5396 C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll - ok

21:01:52.0707 5396 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys

21:01:52.0708 5396 C:\Windows\System32\drivers\secdrv.sys - ok

21:01:52.0718 5396 [ 753D254205E0A62100A050BD8B458D06 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

21:01:52.0718 5396 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok

21:01:52.0733 5396 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll

21:01:52.0733 5396 C:\Windows\System32\dbghelp.dll - ok

21:01:52.0743 5396 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll

21:01:52.0743 5396 C:\Windows\System32\msls31.dll - ok

21:01:52.0753 5396 [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll

21:01:52.0754 5396 C:\Windows\System32\d2d1.dll - ok

21:01:52.0769 5396 [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll

21:01:52.0769 5396 C:\Windows\System32\DWrite.dll - ok

21:01:52.0780 5396 [ 23BB24B3CC03F7788A8EB6FE64947BBD ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig.dll

21:01:52.0780 5396 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig.dll - ok

21:01:52.0797 5396 [ DDAA5F4A6B958FC313EBD02DD925752F ] C:\Program Files\Skype\Updater\Updater.exe

21:01:52.0797 5396 C:\Program Files\Skype\Updater\Updater.exe - ok

21:01:52.0808 5396 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll

21:01:52.0808 5396 C:\Windows\System32\shimeng.dll - ok

21:01:52.0816 5396 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll

21:01:52.0816 5396 C:\Windows\System32\wiatrace.dll - ok

21:01:52.0834 5396 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys

21:01:52.0834 5396 C:\Windows\System32\drivers\tcpipreg.sys - ok

21:01:52.0844 5396 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll

21:01:52.0844 5396 C:\Windows\System32\icaapi.dll - ok

21:01:52.0850 5396 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe

21:01:52.0850 5396 C:\Windows\System32\SearchIndexer.exe - ok

21:01:52.0865 5396 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll

21:01:52.0865 5396 C:\Windows\System32\wsdchngr.dll - ok

21:01:52.0875 5396 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll

21:01:52.0876 5396 C:\Windows\System32\wbem\WinMgmtR.dll - ok

21:01:52.0885 5396 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll

21:01:52.0885 5396 C:\Windows\System32\PortableDeviceApi.dll - ok

21:01:52.0902 5396 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll

21:01:52.0902 5396 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

21:01:52.0913 5396 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll

21:01:52.0914 5396 C:\Windows\System32\tquery.dll - ok

21:01:52.0930 5396 [ 13B5F255E90624A5BA0441D39CFB6BE2 ] C:\Windows\System32\drivers\WUDFPf.sys

21:01:52.0930 5396 C:\Windows\System32\drivers\WUDFPf.sys - ok

21:01:52.0940 5396 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] C:\Windows\System32\drivers\WUDFRd.sys

21:01:52.0940 5396 C:\Windows\System32\drivers\WUDFRd.sys - ok

21:01:52.0950 5396 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll

21:01:52.0950 5396 C:\Windows\System32\mssrch.dll - ok

21:01:52.0968 5396 [ 09C7859269563C240AB2AAAB574483DD ] C:\Windows\System32\WUDFHost.exe

21:01:52.0968 5396 C:\Windows\System32\WUDFHost.exe - ok

21:01:52.0977 5396 [ 4B72B5B342ADA4DE8DEEA39CCE465B58 ] C:\Windows\System32\WUDFx.dll

21:01:52.0978 5396 C:\Windows\System32\WUDFx.dll - ok

21:01:52.0988 5396 [ 119A487B94FCB54D5154EBFBFA124755 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll

21:01:52.0989 5396 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok

21:01:53.0004 5396 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll

21:01:53.0004 5396 C:\Windows\System32\msidle.dll - ok

21:01:53.0014 5396 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] C:\Windows\System32\drivers\avgidsfilterx.sys

21:01:53.0014 5396 C:\Windows\System32\drivers\avgidsfilterx.sys - ok

21:01:53.0030 5396 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll

21:01:53.0030 5396 C:\Windows\System32\netprofm.dll - ok

21:01:53.0040 5396 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll

21:01:53.0040 5396 C:\Windows\System32\sqmapi.dll - ok

21:01:53.0051 5396 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll

21:01:53.0051 5396 C:\Windows\System32\Query.dll - ok

21:01:53.0069 5396 [ 1074F787080068C71303B61FAE7E7CA4 ] C:\Windows\System32\drivers\avgidsdriverx.sys

21:01:53.0069 5396 C:\Windows\System32\drivers\avgidsdriverx.sys - ok

21:01:53.0080 5396 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll

21:01:53.0080 5396 C:\Windows\System32\npmproxy.dll - ok

21:01:53.0094 5396 [ 50ABE7CDA2DAE898216121D14092C182 ] C:\Windows\System32\WMVCORE.DLL

21:01:53.0094 5396 C:\Windows\System32\WMVCORE.DLL - ok

21:01:53.0102 5396 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll

21:01:53.0102 5396 C:\Windows\System32\hnetcfg.dll - ok

21:01:53.0112 5396 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] C:\Program Files\AVG\AVG2012\avgidsagent.exe

21:01:53.0112 5396 C:\Program Files\AVG\AVG2012\avgidsagent.exe - ok

21:01:53.0131 5396 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll

21:01:53.0131 5396 C:\Windows\System32\wbem\wbemcore.dll - ok

21:01:53.0139 5396 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll

21:01:53.0139 5396 C:\Windows\System32\wbem\esscli.dll - ok

21:01:53.0149 5396 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll

21:01:53.0149 5396 C:\Windows\System32\wbem\fastprox.dll - ok

21:01:53.0165 5396 [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\Windows\System32\WMASF.DLL

21:01:53.0166 5396 C:\Windows\System32\WMASF.DLL - ok

21:01:53.0176 5396 [ B2B117BD8D1EA80536CDD91797EF4A0A ] C:\Windows\System32\PortableDeviceClassExtension.dll

21:01:53.0176 5396 C:\Windows\System32\PortableDeviceClassExtension.dll - ok

21:01:53.0197 5396 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll

21:01:53.0198 5396 C:\Windows\System32\wbem\wbemsvc.dll - ok

21:01:53.0205 5396 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll

21:01:53.0205 5396 C:\Windows\System32\PortableDeviceTypes.dll - ok

21:01:53.0215 5396 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll

21:01:53.0215 5396 C:\Windows\System32\wbem\wmiutils.dll - ok

21:01:53.0232 5396 [ B288FF7C1987A736726E87C79148C360 ] C:\Windows\System32\PortableDeviceWiaCompat.dll

21:01:53.0232 5396 C:\Windows\System32\PortableDeviceWiaCompat.dll - ok

21:01:53.0243 5396 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll

21:01:53.0244 5396 C:\Windows\System32\wbem\repdrvfs.dll - ok

21:01:53.0253 5396 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui

21:01:53.0254 5396 C:\Windows\System32\en-US\tquery.dll.mui - ok

21:01:53.0272 5396 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll

21:01:53.0272 5396 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

21:01:53.0282 5396 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll

21:01:53.0282 5396 C:\Windows\System32\msscb.dll - ok

21:01:53.0298 5396 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll

21:01:53.0298 5396 C:\Windows\System32\wbem\wbemess.dll - ok

21:01:53.0308 5396 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll

21:01:53.0308 5396 C:\Windows\System32\wbem\NCProv.dll - ok

21:01:53.0319 5396 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll

21:01:53.0319 5396 C:\Windows\System32\wbem\wbemcons.dll - ok

21:01:53.0335 5396 [ BF2156D8D9866983B55D95382131DC4A ] C:\Windows\System32\lsmproxy.dll

21:01:53.0335 5396 C:\Windows\System32\lsmproxy.dll - ok

21:01:53.0345 5396 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll

21:01:53.0346 5396 C:\Windows\System32\pnpts.dll - ok

21:01:53.0356 5396 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] C:\Windows\System32\drivers\LVPr2Mon.sys

21:01:53.0356 5396 C:\Windows\System32\drivers\LVPr2Mon.sys - ok

21:01:53.0368 5396 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll

21:01:53.0368 5396 C:\Windows\System32\mssprxy.dll - ok

21:01:53.0378 5396 [ A6250DF429D0D78DACFBC6B87074E584 ] C:\Windows\System32\regapi.dll

21:01:53.0378 5396 C:\Windows\System32\regapi.dll - ok

21:01:53.0391 5396 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll

21:01:53.0391 5396 C:\Windows\System32\rastapi.dll - ok

21:01:53.0406 5396 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll

21:01:53.0406 5396 C:\Windows\System32\pcadm.dll - ok

21:01:53.0416 5396 [ E67DAF21DDBE6D4B5771E12902902EEA ] C:\Windows\System32\rdpwsx.dll

21:01:53.0417 5396 C:\Windows\System32\rdpwsx.dll - ok

21:01:53.0438 5396 [ EE60FC8F65B94C392DE0F75533C014FB ] C:\Windows\System32\mstlsapi.dll

21:01:53.0438 5396 C:\Windows\System32\mstlsapi.dll - ok

21:01:53.0445 5396 [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll

21:01:53.0445 5396 C:\Windows\System32\dxgi.dll - ok

21:01:53.0465 5396 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp

21:01:53.0465 5396 C:\Windows\System32\unimdm.tsp - ok

21:01:53.0471 5396 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll

21:01:53.0471 5396 C:\Windows\System32\shfolder.dll - ok

21:01:53.0480 5396 [ F21F255B91CA4F04E4250DECD2067CBB ] C:\Windows\System32\bitsperf.dll

21:01:53.0480 5396 C:\Windows\System32\bitsperf.dll - ok

21:01:53.0495 5396 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll

21:01:53.0495 5396 C:\Windows\System32\uniplat.dll - ok

21:01:53.0515 5396 [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll

21:01:53.0515 5396 C:\Windows\System32\d3d10_1.dll - ok

21:01:53.0520 5396 [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\System32\d3d10warp.dll

21:01:53.0521 5396 C:\Windows\System32\d3d10warp.dll - ok

21:01:53.0537 5396 [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll

21:01:53.0538 5396 C:\Windows\System32\d3d10_1core.dll - ok

21:01:53.0547 5396 [ E200C57584BA6AB8541E2DA34A6AC968 ] C:\Windows\System32\SISGRUMD.dll

21:01:53.0548 5396 C:\Windows\System32\SISGRUMD.dll - ok

21:01:53.0561 5396 [ 632557F2495931D952161465AA177B3B ] C:\Windows\System32\bitsigd.dll

21:01:53.0561 5396 C:\Windows\System32\bitsigd.dll - ok

21:01:53.0574 5396 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll

21:01:53.0574 5396 C:\Windows\System32\upnp.dll - ok

21:01:53.0586 5396 [ 0B71899E60D1265229BF3D080EAB573D ] C:\Windows\System32\unimdmat.dll

21:01:53.0586 5396 C:\Windows\System32\unimdmat.dll - ok

21:01:53.0604 5396 [ 2E837F3D406224DF131C34BC8F71621E ] C:\Windows\System32\modemui.dll

21:01:53.0604 5396 C:\Windows\System32\modemui.dll - ok

21:01:53.0617 5396 [ 10F13FFF542FEC4A2C4FA734EEBE56B9 ] C:\Windows\System32\qmgrprxy.dll

21:01:53.0617 5396 C:\Windows\System32\qmgrprxy.dll - ok

21:01:53.0631 5396 [ 389C63E32B3CEFED425B61ED92D3F021 ] C:\Windows\System32\drivers\tdtcp.sys

21:01:53.0632 5396 C:\Windows\System32\drivers\tdtcp.sys - ok

21:01:53.0641 5396 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp

21:01:53.0641 5396 C:\Windows\System32\kmddsp.tsp - ok

21:01:53.0651 5396 [ DCF0F056A2E4F52287264F5AB29CF206 ] C:\Windows\System32\drivers\tssecsrv.sys

21:01:53.0651 5396 C:\Windows\System32\drivers\tssecsrv.sys - ok

21:01:53.0668 5396 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp

21:01:53.0668 5396 C:\Windows\System32\ndptsp.tsp - ok

21:01:53.0678 5396 [ C127EBD5AFAB31524662C48DFCEB773A ] C:\Windows\System32\drivers\rdpwd.sys

21:01:53.0678 5396 C:\Windows\System32\drivers\rdpwd.sys - ok

21:01:53.0688 5396 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp

21:01:53.0688 5396 C:\Windows\System32\hidphone.tsp - ok

21:01:53.0706 5396 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll

21:01:53.0707 5396 C:\Windows\System32\rasppp.dll - ok

21:01:53.0716 5396 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll

21:01:53.0716 5396 C:\Windows\System32\mprapi.dll - ok

21:01:53.0732 5396 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll

21:01:53.0732 5396 C:\Windows\System32\rasqec.dll - ok

21:01:53.0742 5396 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL

21:01:53.0742 5396 C:\Windows\System32\QUTIL.DLL - ok

21:01:53.0752 5396 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll

21:01:53.0752 5396 C:\Windows\System32\cryptui.dll - ok

21:01:53.0769 5396 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll

21:01:53.0769 5396 C:\Windows\System32\cscapi.dll - ok

21:01:53.0779 5396 [ CBEC06E32D0AC9C3D0A9199EDC1FB959 ] C:\Program Files\Skype\Phone\Skype.exe

21:01:53.0779 5396 C:\Program Files\Skype\Phone\Skype.exe - ok

21:01:53.0791 5396 [ BFA034AAC103D8A6F591AC9364688339 ] C:\Windows\System32\t2embed.dll

21:01:53.0791 5396 C:\Windows\System32\t2embed.dll - ok

21:01:53.0807 5396 [ 568039AA91D8282D2FEBCE6F8CEA0B49 ] C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll

21:01:53.0807 5396 C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll - ok

21:01:53.0817 5396 [ E9F427EF46965D33E878A507A2F5CCB6 ] C:\Windows\System32\Macromed\Flash\Flash11e.ocx

21:01:53.0817 5396 C:\Windows\System32\Macromed\Flash\Flash11e.ocx - ok

21:01:53.0835 5396 [ 6C016ADD0240EB7174102DAF57BC4F76 ] C:\Program Files\Skype\Toolbars\Shared\SkypeBrowserOptions.dll

21:01:53.0835 5396 C:\Program Files\Skype\Toolbars\Shared\SkypeBrowserOptions.dll - ok

21:01:53.0846 5396 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\Windows\System32\dsound.dll

21:01:53.0846 5396 C:\Windows\System32\dsound.dll - ok

21:01:53.0865 5396 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll

21:01:53.0865 5396 C:\Windows\System32\d3d9.dll - ok

21:01:53.0871 5396 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll

21:01:53.0871 5396 C:\Windows\System32\d3d8thk.dll - ok

21:01:53.0883 5396 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\System32\dssenh.dll

21:01:53.0883 5396 C:\Windows\System32\dssenh.dll - ok

21:01:53.0888 5396 [ 8B02D2ECC7EF6E1F6AF08459E3F741F6 ] C:\Windows\System32\d3d10.dll

21:01:53.0889 5396 C:\Windows\System32\d3d10.dll - ok

21:01:53.0904 5396 [ 9C7094F537782A82B6A29B4A7172E180 ] C:\Windows\System32\d3d10core.dll

21:01:53.0905 5396 C:\Windows\System32\d3d10core.dll - ok

21:01:53.0914 5396 [ DBBBE5B64E2FE1AF8BE76CCAA2B54DFC ] C:\Windows\System32\vbscript.dll

21:01:53.0915 5396 C:\Windows\System32\vbscript.dll - ok

Link to post
Share on other sites

Part 4

21:01:53.0932 5396 [ 012A965F34414458075EF4F0EDC11536 ] C:\Windows\System32\WindowsCodecsExt.dll

21:01:53.0932 5396 C:\Windows\System32\WindowsCodecsExt.dll - ok

21:01:53.0942 5396 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

21:01:53.0942 5396 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok

21:01:53.0952 5396 [ 35199EC35EDC7DCBA71FDA711DFB05C0 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys

21:01:53.0953 5396 C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys - ok

21:01:53.0972 5396 [ A25A46E0813B36797D7F31234764E17A ] C:\Windows\Temp\logishrd\LVPrcInj01.dll

21:01:53.0972 5396 C:\Windows\Temp\logishrd\LVPrcInj01.dll - ok

21:01:53.0981 5396 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe

21:01:53.0981 5396 C:\Windows\System32\taskeng.exe - ok

21:01:53.0999 5396 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll

21:01:54.0000 5396 C:\Windows\System32\TSChannel.dll - ok

21:01:54.0012 5396 [ 70C6489D56008D75DEDF73226FA63C11 ] C:\Windows\System32\dimsjob.dll

21:01:54.0012 5396 C:\Windows\System32\dimsjob.dll - ok

21:01:54.0036 5396 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll

21:01:54.0036 5396 C:\Windows\System32\pautoenr.dll - ok

21:01:54.0042 5396 [ AC48FD62E22C4425879FCA5A63F50497 ] C:\Windows\System32\certcli.dll

21:01:54.0042 5396 C:\Windows\System32\certcli.dll - ok

21:01:54.0052 5396 [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\Windows\System32\CertEnroll.dll

21:01:54.0052 5396 C:\Windows\System32\CertEnroll.dll - ok

21:01:54.0071 5396 [ 46DD33E12D12A03CABF009FBB3F3D0E4 ] C:\Windows\System32\mpnotify.exe

21:01:54.0071 5396 C:\Windows\System32\mpnotify.exe - ok

21:01:54.0080 5396 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe

21:01:54.0080 5396 C:\Windows\System32\SearchProtocolHost.exe - ok

21:01:54.0105 5396 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll

21:01:54.0105 5396 C:\Windows\System32\msshooks.dll - ok

21:01:54.0118 5396 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll

21:01:54.0118 5396 C:\Windows\System32\mssvp.dll - ok

21:01:54.0138 5396 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll

21:01:54.0138 5396 C:\Windows\System32\mapi32.dll - ok

21:01:54.0143 5396 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll

21:01:54.0143 5396 C:\Windows\System32\mssph.dll - ok

21:01:54.0155 5396 [ 58A18482F445D1C8DD51A1BC29251F61 ] C:\Windows\System32\msfeeds.dll

21:01:54.0155 5396 C:\Windows\System32\msfeeds.dll - ok

21:01:54.0174 5396 [ EB7EFAF850C1AD78B42A6DFB86681A1B ] C:\Windows\System32\LMIRfsClientNP.dll

21:01:54.0174 5396 C:\Windows\System32\LMIRfsClientNP.dll - ok

21:01:54.0183 5396 [ A1CD5CE96F0A5426DB9A2F793854D1B8 ] C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL

21:01:54.0184 5396 C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL - ok

21:01:54.0200 5396 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe

21:01:54.0200 5396 C:\Windows\System32\SearchFilterHost.exe - ok

21:01:54.0211 5396 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll

21:01:54.0212 5396 C:\Windows\System32\ntshrui.dll - ok

21:01:54.0221 5396 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll

21:01:54.0222 5396 C:\Windows\System32\localspl.dll - ok

21:01:54.0238 5396 [ B5CAEB3B93508958E517326F32DB67E3 ] C:\Windows\System32\CNMLMA1.DLL

21:01:54.0238 5396 C:\Windows\System32\CNMLMA1.DLL - ok

21:01:54.0248 5396 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe

21:01:54.0248 5396 C:\Windows\System32\dllhost.exe - ok

21:01:54.0266 5396 [ 4AB80A11CFB0FEEFAACFDB71B1DFEFE8 ] C:\Windows\System32\EP0SLM00.DLL

21:01:54.0267 5396 C:\Windows\System32\EP0SLM00.DLL - ok

21:01:54.0275 5396 [ 38B7335546AC7DF0BCF5A696D74EFCBC ] C:\Windows\System32\ipdfgenm.dll

21:01:54.0275 5396 C:\Windows\System32\ipdfgenm.dll - ok

21:01:54.0285 5396 [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe

21:01:54.0285 5396 C:\Windows\System32\AtBroker.exe - ok

21:01:54.0302 5396 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe

21:01:54.0302 5396 C:\Windows\System32\userinit.exe - ok

21:01:54.0311 5396 [ B3B93095AC132481F7EC951DD9D14B8D ] C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

21:01:54.0311 5396 C:\Program Files\Trusteer\Rapport\bin\RapportService.exe - ok

21:01:54.0321 5396 [ 796D64F189D436022A86FD8C73265A3D ] C:\Windows\System32\LMIport.dll

21:01:54.0321 5396 C:\Windows\System32\LMIport.dll - ok

21:01:54.0338 5396 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe

21:01:54.0338 5396 C:\Windows\explorer.exe - ok

21:01:54.0347 5396 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll

21:01:54.0347 5396 C:\Windows\System32\dwmredir.dll - ok

21:01:54.0358 5396 [ 6D615EF27B40EA511FEE7109C00828D1 ] C:\Windows\System32\lxealmpm.dll

21:01:54.0358 5396 C:\Windows\System32\lxealmpm.dll - ok

21:01:54.0374 5396 [ 626A24ED1228580B9518C01930936DF9 ] C:\Program Files\Google\Update\GoogleUpdate.exe

21:01:54.0375 5396 C:\Program Files\Google\Update\GoogleUpdate.exe - ok

21:01:54.0384 5396 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll

21:01:54.0385 5396 C:\Windows\System32\milcore.dll - ok

21:01:54.0400 5396 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll

21:01:54.0400 5396 C:\Windows\System32\HotStartUserAgent.dll - ok

21:01:54.0411 5396 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll

21:01:54.0411 5396 C:\Windows\System32\PlaySndSrv.dll - ok

21:01:54.0421 5396 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll

21:01:54.0421 5396 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok

21:01:54.0437 5396 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll

21:01:54.0437 5396 C:\Windows\System32\MsCtfMonitor.dll - ok

21:01:54.0454 5396 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll

21:01:54.0454 5396 C:\Windows\System32\NaturalLanguage6.dll - ok

21:01:54.0472 5396 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll

21:01:54.0472 5396 C:\Windows\System32\msutb.dll - ok

21:01:54.0485 5396 [ D412AC27FE3C9F8BC19741DAC0E0329D ] C:\Program Files\Real\RealUpgrade\realupgrade.exe

21:01:54.0485 5396 C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok

21:01:54.0497 5396 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll

21:01:54.0498 5396 C:\Windows\System32\TMM.dll - ok

21:01:54.0513 5396 [ 0F544B46F9966F29D05E0F998297C7E7 ] C:\Windows\System32\lxeacomc.dll

21:01:54.0513 5396 C:\Windows\System32\lxeacomc.dll - ok

21:01:54.0530 5396 [ 7011BD59DB1540D9A5C4E4BE5E917D34 ] C:\Windows\System32\SiSClone.dll

21:01:54.0530 5396 C:\Windows\System32\SiSClone.dll - ok

21:01:54.0543 5396 [ 893E0152D1EA2748E1B0772FBE8127D0 ] C:\Program Files\Trusteer\Rapport\bin\js32.dll

21:01:54.0543 5396 C:\Program Files\Trusteer\Rapport\bin\js32.dll - ok

21:01:54.0553 5396 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll

21:01:54.0553 5396 C:\Windows\System32\uDWM.dll - ok

21:01:54.0569 5396 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL

21:01:54.0570 5396 C:\Windows\System32\QAGENT.DLL - ok

21:01:54.0581 5396 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll

21:01:54.0582 5396 C:\Windows\System32\msonpmon.dll - ok

21:01:54.0597 5396 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll

21:01:54.0598 5396 C:\Windows\System32\tcpmon.dll - ok

21:01:54.0609 5396 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll

21:01:54.0609 5396 C:\Windows\System32\snmpapi.dll - ok

21:01:54.0619 5396 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll

21:01:54.0620 5396 C:\Windows\System32\wsnmp32.dll - ok

21:01:54.0638 5396 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll

21:01:54.0638 5396 C:\Windows\System32\tcpmib.dll - ok

21:01:54.0644 5396 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll

21:01:54.0645 5396 C:\Windows\System32\mgmtapi.dll - ok

21:01:54.0655 5396 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll

21:01:54.0655 5396 C:\Windows\System32\usbmon.dll - ok

21:01:54.0671 5396 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll

21:01:54.0671 5396 C:\Windows\System32\shdocvw.dll - ok

21:01:54.0680 5396 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll

21:01:54.0680 5396 C:\Windows\System32\WSDMon.dll - ok

21:01:54.0700 5396 [ 110571642A94AD5A582927E6DFA9A454 ] C:\Windows\System32\spool\prtprocs\w32x86\CNMPDA1.DLL

21:01:54.0700 5396 C:\Windows\System32\spool\prtprocs\w32x86\CNMPDA1.DLL - ok

21:01:54.0707 5396 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll

21:01:54.0707 5396 C:\Windows\System32\NlsData0009.dll - ok

21:01:54.0718 5396 [ 1A2CB2A86A6C3F0571394A9BBC0FB805 ] C:\Windows\System32\spool\prtprocs\w32x86\EP0NPP01.DLL

21:01:54.0718 5396 C:\Windows\System32\spool\prtprocs\w32x86\EP0NPP01.DLL - ok

21:01:54.0733 5396 [ B86988AF0ACC5BC2D98851B533858ECE ] C:\Windows\System32\spool\prtprocs\w32x86\lxeadrpp.dll

21:01:54.0733 5396 C:\Windows\System32\spool\prtprocs\w32x86\lxeadrpp.dll - ok

21:01:54.0745 5396 [ BD0DE8E2BF67667319146C14C7AB2E6D ] C:\Windows\System32\spool\prtprocs\w32x86\LMIproc.dll

21:01:54.0745 5396 C:\Windows\System32\spool\prtprocs\w32x86\LMIproc.dll - ok

21:01:54.0754 5396 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll

21:01:54.0754 5396 C:\Windows\System32\browseui.dll - ok

21:01:54.0771 5396 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

21:01:54.0771 5396 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok

21:01:54.0781 5396 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll

21:01:54.0781 5396 C:\Windows\System32\NlsLexicons0009.dll - ok

21:01:54.0792 5396 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll

21:01:54.0792 5396 C:\Windows\System32\win32spl.dll - ok

21:01:54.0807 5396 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll

21:01:54.0807 5396 C:\Windows\System32\netrap.dll - ok

21:01:54.0817 5396 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll

21:01:54.0817 5396 C:\Windows\System32\printcom.dll - ok

21:01:54.0832 5396 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll

21:01:54.0832 5396 C:\Windows\System32\EhStorShell.dll - ok

21:01:54.0843 5396 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll

21:01:54.0843 5396 C:\Windows\System32\inetpp.dll - ok

21:01:54.0853 5396 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

21:01:54.0854 5396 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok

21:01:54.0870 5396 [ AC0E465A91BE7ADC6713ED96A20F70D3 ] C:\Program Files\Trusteer\Rapport\bin\RapportKoan.dll

21:01:54.0870 5396 C:\Program Files\Trusteer\Rapport\bin\RapportKoan.dll - ok

21:01:54.0881 5396 [ 12517C9BB249B072A3179C786A0DD32F ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll

21:01:54.0881 5396 C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok

21:01:54.0900 5396 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

21:01:54.0900 5396 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

21:01:54.0907 5396 [ C5E9CA9E60BCAE0F7BA4053414A516A5 ] C:\Program Files\Trusteer\Rapport\bin\atl80.dll

21:01:54.0907 5396 C:\Program Files\Trusteer\Rapport\bin\atl80.dll - ok

21:01:54.0917 5396 [ 427CA7B04BB736B8C316F6A77AE53E1B ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan3.dll

21:01:54.0917 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan3.dll - ok

21:01:54.0934 5396 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll

21:01:54.0934 5396 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok

21:01:54.0945 5396 [ 4F36622EB39FCD56F6948D1015DEDCB8 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan35.dll

21:01:54.0946 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan35.dll - ok

21:01:54.0956 5396 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll

21:01:54.0956 5396 C:\Windows\System32\mstask.dll - ok

21:01:54.0973 5396 [ D4FCD2BD4B09CD3568BDA48C939211A3 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan36.dll

21:01:54.0973 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan36.dll - ok

21:01:54.0984 5396 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll

21:01:54.0984 5396 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok

21:01:55.0001 5396 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll

21:01:55.0001 5396 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok

21:01:55.0012 5396 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll

21:01:55.0012 5396 C:\Windows\System32\imageres.dll - ok

21:01:55.0021 5396 [ DEEDAB3B3F1395AFE9067F930E26BA13 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan4.dll

21:01:55.0021 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan4.dll - ok

21:01:55.0040 5396 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll

21:01:55.0040 5396 C:\Windows\System32\IconCodecService.dll - ok

21:01:55.0050 5396 [ BF574123981FA82C8AAA08B282640C4C ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan5.dll

21:01:55.0051 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan5.dll - ok

21:01:55.0067 5396 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe

21:01:55.0067 5396 C:\Windows\System32\runonce.exe - ok

21:01:55.0076 5396 [ A9254BD52DE9DBA0B2B41536D09B4064 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan6.dll

21:01:55.0076 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan6.dll - ok

21:01:55.0086 5396 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe

21:01:55.0087 5396 C:\Windows\System32\cmd.exe - ok

21:01:55.0103 5396 [ 6C08967F4502F7041CB2242FBF33D510 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan7.dll

21:01:55.0103 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan7.dll - ok

21:01:55.0115 5396 [ 7D5A8BD7548FB8EE039F3F3B45B1FCC8 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll

21:01:55.0115 5396 C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok

21:01:55.0128 5396 [ 9ED9F21D73F9D71E30EAB71835E656EB ] C:\Users\Andy\AppData\Local\Temp\49157B3A-6B5E-4320-86F4-798BBF9CB798.exe

21:01:55.0129 5396 C:\Users\Andy\AppData\Local\Temp\49157B3A-6B5E-4320-86F4-798BBF9CB798.exe - ok

21:01:55.0142 5396 [ CB8929900D2F9377D5EA84465C8607CF ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan8.dll

21:01:55.0143 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan8.dll - ok

21:01:55.0153 5396 [ 49B43D68855C9769FBE54275B6EC1EC0 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan9.dll

21:01:55.0153 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan9.dll - ok

21:01:55.0165 5396 [ A4254E4DFA1CD6AD98CC3F38A4B4D575 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan10.dll

21:01:55.0165 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan10.dll - ok

21:01:55.0177 5396 [ D1F40F9BC7B073E41EE3FC20AA97A995 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan11.dll

21:01:55.0177 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan11.dll - ok

21:01:55.0188 5396 [ E9BADD209616E7A4EE3FE1E60455710B ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan12.dll

21:01:55.0189 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan12.dll - ok

21:01:55.0207 5396 [ B1A16E6C1000A8F9DB60676CCDF5F7C2 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan13.dll

21:01:55.0208 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan13.dll - ok

21:01:55.0218 5396 [ 78788C4281C193D8B5572B7EED5FA7B7 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan14.dll

21:01:55.0218 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan14.dll - ok

21:01:55.0237 5396 [ 7CB894A7618BF374F8CC4E58DC220E8E ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan15.dll

21:01:55.0238 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan15.dll - ok

21:01:55.0249 5396 [ F6FFF810A7DFD6517738E12F49686638 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan16.dll

21:01:55.0249 5396 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan16.dll - ok

21:01:55.0267 5396 [ ADC30166FB29034F28AC13F2F078D115 ] C:\Program Files\Trusteer\Rapport\bin\RapportNikko.dll

21:01:55.0267 5396 C:\Program Files\Trusteer\Rapport\bin\RapportNikko.dll - ok

21:01:55.0276 5396 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll

21:01:55.0276 5396 C:\Windows\System32\netshell.dll - ok

21:01:55.0288 5396 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll

21:01:55.0288 5396 C:\Windows\System32\rasdlg.dll - ok

21:01:55.0313 5396 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:01:55.0313 5396 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok

21:01:55.0342 5396 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll

21:01:55.0342 5396 C:\Windows\System32\msvcr100_clr0400.dll - ok

21:01:55.0351 5396 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll

21:01:55.0351 5396 C:\Windows\System32\mscoree.dll - ok

21:01:55.0368 5396 [ 7AAC8CBAD3FE103F380076E7F679CE88 ] C:\Program Files\Google\Update\1.3.21.123\goopdateres_en-GB.dll

21:01:55.0369 5396 C:\Program Files\Google\Update\1.3.21.123\goopdateres_en-GB.dll - ok

21:01:55.0379 5396 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll

21:01:55.0379 5396 C:\Windows\System32\msdtckrm.dll - ok

21:01:55.0389 5396 [ 24B79ED15B4080F30D9ED109E0445088 ] C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

21:01:55.0389 5396 C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll - ok

21:01:55.0404 5396 [ 022C2F6DCCDFA0AD73024D254E62AFAC ] D:\Spybot - Search & Destroy\SDHelper.dll

21:01:55.0404 5396 D:\Spybot - Search & Destroy\SDHelper.dll - ok

21:01:55.0432 5396 [ 7E8D5AAD82BB989B982918700A30627D ] C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

21:01:55.0432 5396 C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll - ok

21:01:55.0456 5396 [ 2DE0F0CF9A7F1CBBC4860EB020E08660 ] C:\Program Files\AVG\AVG2012\avgdtiex.dll

21:01:55.0456 5396 C:\Program Files\AVG\AVG2012\avgdtiex.dll - ok

21:01:55.0468 5396 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe

21:01:55.0468 5396 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

21:01:55.0479 5396 [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\Windows\System32\wmpmde.dll

21:01:55.0479 5396 C:\Windows\System32\wmpmde.dll - ok

21:01:55.0493 5396 [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\Windows\System32\mf.dll

21:01:55.0493 5396 C:\Windows\System32\mf.dll - ok

21:01:55.0514 5396 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll

21:01:55.0514 5396 C:\Windows\System32\wbem\cimwin32.dll - ok

21:01:55.0535 5396 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll

21:01:55.0535 5396 C:\Windows\System32\framedynos.dll - ok

21:01:55.0548 5396 [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\Windows\System32\evr.dll

21:01:55.0548 5396 C:\Windows\System32\evr.dll - ok

21:01:55.0558 5396 [ 4DF10CE50010D70152944B51E03588B0 ] C:\Windows\System32\wmdrmsdk.dll

21:01:55.0558 5396 C:\Windows\System32\wmdrmsdk.dll - ok

21:01:55.0576 5396 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll

21:01:55.0576 5396 C:\Windows\System32\dxva2.dll - ok

21:01:55.0586 5396 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll

21:01:55.0586 5396 C:\Windows\System32\wmp.dll - ok

21:01:55.0601 5396 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll

21:01:55.0601 5396 C:\Windows\System32\mspatcha.dll - ok

21:01:55.0617 5396 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll

21:01:55.0617 5396 C:\Windows\System32\wmi.dll - ok

21:01:55.0647 5396 [ 7D1A10A1F3562CCA1FD38E9BADA8FEC0 ] C:\Windows\System32\perfos.dll

21:01:55.0647 5396 C:\Windows\System32\perfos.dll - ok

21:01:55.0661 5396 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll

21:01:55.0661 5396 C:\Windows\System32\msvfw32.dll - ok

21:01:55.0686 5396 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\Windows\System32\wmploc.DLL

21:01:55.0686 5396 C:\Windows\System32\wmploc.DLL - ok

21:01:55.0707 5396 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll

21:01:55.0707 5396 C:\Windows\System32\thumbcache.dll - ok

21:01:55.0723 5396 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll

21:01:55.0723 5396 C:\Windows\System32\wmpps.dll - ok

21:01:55.0743 5396 [ F1ECEC53B9FFC30E123D14E087C49111 ] C:\Windows\System32\wmdrmdev.dll

21:01:55.0743 5396 C:\Windows\System32\wmdrmdev.dll - ok

21:01:55.0754 5396 [ 7C7C620860819A62F926D7EC0B72C50B ] C:\Windows\System32\drmv2clt.dll

21:01:55.0754 5396 C:\Windows\System32\drmv2clt.dll - ok

21:01:55.0770 5396 [ D4AAF183844AA21BFAF2B21D986B30AA ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.key

21:01:55.0770 5396 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.key - ok

21:01:55.0780 5396 [ D571295B71C60A67F6F2EA987E5CC3B0 ] C:\Windows\System32\wmdrmnet.dll

21:01:55.0780 5396 C:\Windows\System32\wmdrmnet.dll - ok

21:01:55.0796 5396 [ CA21FA27DF770C209F272B74B9C2B4C4 ] C:\Windows\System32\srwmi.dll

21:01:55.0796 5396 C:\Windows\System32\srwmi.dll - ok

21:01:55.0812 5396 [ BC8E5F6AAF447364A6F6A00D3F8FAF29 ] C:\Windows\System32\srclient.dll

21:01:55.0813 5396 C:\Windows\System32\srclient.dll - ok

21:01:55.0823 5396 [ 43AEF7355D24090CA7C24C83846BD981 ] C:\Windows\System32\spp.dll

21:01:55.0823 5396 C:\Windows\System32\spp.dll - ok

21:01:55.0840 5396 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll

21:01:55.0840 5396 C:\Windows\System32\wups.dll - ok

21:01:55.0849 5396 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll

21:01:55.0849 5396 C:\Windows\System32\wups2.dll - ok

21:01:55.0860 5396 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll

21:01:55.0860 5396 C:\Windows\System32\wuapi.dll - ok

21:01:55.0878 5396 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\System32\wer.dll

21:01:55.0879 5396 C:\Windows\System32\wer.dll - ok

21:01:55.0905 5396 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\System32\security.dll

21:01:55.0905 5396 C:\Windows\System32\security.dll - ok

21:01:55.0916 5396 [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\Windows\System32\wbem\wmipcima.dll

21:01:55.0916 5396 C:\Windows\System32\wbem\wmipcima.dll - ok

21:01:55.0922 5396 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe

21:01:55.0922 5396 C:\Windows\System32\ie4uinit.exe - ok

21:01:55.0937 5396 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll

21:01:55.0938 5396 C:\Windows\System32\iedkcs32.dll - ok

21:01:55.0951 5396 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl

21:01:55.0951 5396 C:\Windows\System32\timedate.cpl - ok

21:01:55.0971 5396 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll

21:01:55.0971 5396 C:\Windows\System32\msshsq.dll - ok

21:01:55.0979 5396 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll

21:01:55.0979 5396 C:\Windows\System32\linkinfo.dll - ok

21:01:56.0003 5396 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\99803369.sys

21:01:56.0003 5396 C:\Windows\System32\drivers\99803369.sys - ok

21:01:56.0010 5396 [ D06F70B01524CE57AC1EE94D8E8595A1 ] C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

21:01:56.0011 5396 C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE - ok

21:01:56.0023 5396 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll

21:01:56.0023 5396 C:\Windows\System32\riched20.dll - ok

21:01:56.0046 5396 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll

21:01:56.0046 5396 C:\Windows\System32\networkexplorer.dll - ok

21:01:56.0069 5396 [ 77E9CE0672E3D3D0399D9DE2C657DA2D ] C:\Program Files\Common Files\microsoft shared\OFFICE11\MSO.DLL

21:01:56.0069 5396 C:\Program Files\Common Files\microsoft shared\OFFICE11\MSO.DLL - ok

21:01:56.0075 5396 [ 9C376F42BDE37F18D0A39AF7415D9BE6 ] C:\Program Files\Mozilla Firefox\firefox.exe

21:01:56.0075 5396 C:\Program Files\Mozilla Firefox\firefox.exe - ok

21:01:56.0086 5396 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

21:01:56.0086 5396 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok

21:01:56.0101 5396 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll

21:01:56.0102 5396 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok

21:01:56.0116 5396 [ 2C26887013A0159DE6EE84C28CFA8AF6 ] C:\Program Files\SiS VGA Utilities\SiSTray.exe

21:01:56.0116 5396 C:\Program Files\SiS VGA Utilities\SiSTray.exe - ok

21:01:56.0139 5396 [ FA4B5940B31853ADE67A73026884C8C9 ] C:\Windows\System32\dfshim.dll

21:01:56.0140 5396 C:\Windows\System32\dfshim.dll - ok

21:01:56.0155 5396 [ 596F5A2C5916EFD177B0614788B0CDF1 ] C:\Program Files\AVG\AVG2012\avgtray.exe

21:01:56.0155 5396 C:\Program Files\AVG\AVG2012\avgtray.exe - ok

21:01:56.0175 5396 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

21:01:56.0175 5396 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

21:01:56.0189 5396 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

21:01:56.0189 5396 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok

21:01:56.0207 5396 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll

21:01:56.0207 5396 C:\Windows\System32\ExplorerFrame.dll - ok

21:01:56.0220 5396 [ F2FD13B6AA16BCBF986C1A99A2033137 ] C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

21:01:56.0220 5396 C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe - ok

21:01:56.0241 5396 [ 6FD614E7109CC0A3DAFE65F9D394F66E ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

21:01:56.0241 5396 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok

21:01:56.0253 5396 [ 1ED2124313CCE34C877247574212EFC8 ] C:\Windows\System32\calc.exe

21:01:56.0254 5396 C:\Windows\System32\calc.exe - ok

21:01:56.0270 5396 [ 5564ACEB52E5264841ACE0E0471D9BEF ] C:\Program Files\Adobe\Adobe Bridge CS3\Bridge.exe

21:01:56.0270 5396 C:\Program Files\Adobe\Adobe Bridge CS3\Bridge.exe - ok

21:01:56.0285 5396 [ 45BCE4C331AAF8BD0F7F37A848C4140C ] C:\Program Files\FXCM MetaTrader 4\terminal.exe

21:01:56.0285 5396 C:\Program Files\FXCM MetaTrader 4\terminal.exe - ok

21:01:56.0306 5396 [ AB6D0A4EBA0B43A83A21F698F3E1BCC8 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfdll.dll

21:01:56.0306 5396 C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfdll.dll - ok

21:01:56.0318 5396 [ 6194CC4A71F51CF3E815252BB43AAC28 ] C:\Program Files\Google\Chrome\Application\chrome.exe

21:01:56.0318 5396 C:\Program Files\Google\Chrome\Application\chrome.exe - ok

21:01:56.0337 5396 [ 215CE077258CEDD5BE4C56E9D614DB9F ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll

21:01:56.0337 5396 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok

21:01:56.0348 5396 [ 7E6CA1F4037574013B47D4DDC274BF32 ] D:\SEO PowerSuite\SEO SpyGlass\bin\seospyglass.exe

21:01:56.0349 5396 D:\SEO PowerSuite\SEO SpyGlass\bin\seospyglass.exe - ok

21:01:56.0368 5396 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

21:01:56.0368 5396 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - ok

21:01:56.0375 5396 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll

21:01:56.0376 5396 C:\Windows\System32\stobject.dll - ok

21:01:56.0386 5396 [ 896A1DB9A972AD2339C2E8569EC926D1 ] D:\Spybot - Search & Destroy\TeaTimer.exe

21:01:56.0386 5396 D:\Spybot - Search & Destroy\TeaTimer.exe - ok

21:01:56.0401 5396 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll

21:01:56.0402 5396 C:\Windows\System32\batmeter.dll - ok

21:01:56.0414 5396 [ 29C81875332F7084321C3A82A9A7BF9F ] C:\Users\Andy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

21:01:56.0414 5396 C:\Users\Andy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe - ok

21:01:56.0424 5396 [ 3E536A49374BEE60E9F8BDCE4145BB0C ] C:\Program Files\Market Samurai\Market Samurai.exe

21:01:56.0424 5396 C:\Program Files\Market Samurai\Market Samurai.exe - ok

21:01:56.0436 5396 [ 618C824F34A3AF5DBFEFDE59BAD4B095 ] D:\SEO PowerSuite\LinkAssistant\bin\linkassistant.exe

21:01:56.0436 5396 D:\SEO PowerSuite\LinkAssistant\bin\linkassistant.exe - ok

21:01:56.0447 5396 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll

21:01:56.0447 5396 C:\Windows\System32\SndVolSSO.dll - ok

21:01:56.0457 5396 [ D827C94F6877A425AF031D848911C2C9 ] D:\SEO PowerSuite\WebSite Auditor\bin\websiteauditor.exe

21:01:56.0457 5396 D:\SEO PowerSuite\WebSite Auditor\bin\websiteauditor.exe - ok

21:01:56.0475 5396 [ 84A6E177837B414A57F4E82364535B11 ] D:\SEO PowerSuite\Rank Tracker\bin\ranktracker.exe

21:01:56.0475 5396 D:\SEO PowerSuite\Rank Tracker\bin\ranktracker.exe - ok

21:01:56.0485 5396 [ EDA076533CB6540B375DFEB51651B22C ] C:\Program Files\Betfair\Betfair Poker\Betfair Poker.exe

21:01:56.0485 5396 C:\Program Files\Betfair\Betfair Poker\Betfair Poker.exe - ok

21:01:56.0504 5396 [ DAF60E13E96ECB67F0EDAA89C6B01B8D ] C:\Windows\System32\notepad.exe

21:01:56.0504 5396 C:\Windows\System32\notepad.exe - ok

21:01:56.0513 5396 [ 313B30189557A2E2793F845DE0F0A4D5 ] C:\Windows\ehome\ehSSO.dll

21:01:56.0513 5396 C:\Windows\ehome\ehSSO.dll - ok

21:01:56.0525 5396 [ ADE16097319E9D48CE0D1CC5C7481008 ] C:\Users\Andy\AppData\Roaming\Microsoft\Installer\{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}\NewShortcut211_101D6EE4E57B4043B07B8C1A8CCFB32D.exe

21:01:56.0534 5396 C:\Users\Andy\AppData\Roaming\Microsoft\Installer\{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}\NewShortcut211_101D6EE4E57B4043B07B8C1A8CCFB32D.exe - ok

21:01:56.0542 5396 [ 1612D6AC62B33547B8B366AC3FF0A513 ] C:\Program Files\Adobe\Adobe Device Central CS3\DeviceCentral.exe

21:01:56.0542 5396 C:\Program Files\Adobe\Adobe Device Central CS3\DeviceCentral.exe - ok

21:01:56.0557 5396 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe

21:01:56.0557 5396 C:\Windows\System32\control.exe - ok

21:01:56.0571 5396 [ 8A561D57DCEAECC95B19DDBF267F6CBF ] C:\Program Files\cahoot webcard\CAHOOT~1.EXE

21:01:56.0571 5396 C:\Program Files\cahoot webcard\CAHOOT~1.EXE - ok

21:01:56.0587 5396 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll

21:01:56.0587 5396 C:\Windows\System32\pnidui.dll - ok

21:01:56.0607 5396 [ 16E3C0E47A954680ED5CE18FD01E9A1D ] C:\Program Files\AVG\AVG2012\avgui.exe

21:01:56.0607 5396 C:\Program Files\AVG\AVG2012\avgui.exe - ok

21:01:56.0618 5396 [ E1473471169EC64C57B49F9C984DFB1A ] C:\Program Files\Logitech\Logitech Vid\Vid.exe

21:01:56.0618 5396 C:\Program Files\Logitech\Logitech Vid\Vid.exe - ok

21:01:56.0631 5396 [ 05B6A5CE1C7767C32DF35966107CB1EC ] C:\Windows\System32\hhctrl.ocx

21:01:56.0632 5396 C:\Windows\System32\hhctrl.ocx - ok

21:01:56.0645 5396 [ A4347C12C57706F43A4F37D74FE01CD1 ] D:\Internet Marketing\ICCPro\ICCPro.exe

21:01:56.0645 5396 D:\Internet Marketing\ICCPro\ICCPro.exe - ok

21:01:56.0655 5396 [ 16FC5B430123238E522B18E63C257AF8 ] C:\Windows\System32\oobefldr.dll

21:01:56.0655 5396 C:\Windows\System32\oobefldr.dll - ok

21:01:56.0674 5396 [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\Windows\System32\fdProxy.dll

21:01:56.0674 5396 C:\Windows\System32\fdProxy.dll - ok

21:01:56.0688 5396 [ 21A554B844D714644C05D6773C2FB598 ] C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe

21:01:56.0688 5396 C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe - ok

21:01:56.0713 5396 [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\Windows\System32\fdWSD.dll

21:01:56.0713 5396 C:\Windows\System32\fdWSD.dll - ok

21:01:56.0722 5396 [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\Windows\System32\fdSSDP.dll

21:01:56.0722 5396 C:\Windows\System32\fdSSDP.dll - ok

21:01:56.0738 5396 [ 7E6EA9CB72B5DE84A5D700BED877E5F9 ] C:\Program Files\Windows Mail\WinMail.exe

21:01:56.0739 5396 C:\Program Files\Windows Mail\WinMail.exe - ok

21:01:56.0751 5396 [ 291515DC59DE0BF247AFD12F136A4938 ] C:\Program Files\Pocket Penguinator 1.0.0.0\PocketPenguinator.exe

21:01:56.0751 5396 C:\Program Files\Pocket Penguinator 1.0.0.0\PocketPenguinator.exe - ok

21:01:56.0769 5396 [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe

21:01:56.0769 5396 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok

21:01:56.0779 5396 [ 32288D2A44C99A769A8D3B6D627D7227 ] D:\realplayersp\realplay.exe

21:01:56.0779 5396 D:\realplayersp\realplay.exe - ok

21:01:56.0790 5396 [ FFB291205FB06A2A176F9D02CA245FDC ] C:\Program Files\WebSiteZip Packer 1.3\WSZPack.exe

21:01:56.0790 5396 C:\Program Files\WebSiteZip Packer 1.3\WSZPack.exe - ok

21:01:56.0806 5396 [ D5E00A92B66366CCAB2E20D7DDE189E2 ] C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe

21:01:56.0806 5396 C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe - ok

21:01:56.0817 5396 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll

21:01:56.0817 5396 C:\Windows\System32\wlanapi.dll - ok

21:01:56.0836 5396 [ 2D821AFA5A1A9CA7F9F997A1AAD09E72 ] C:\Program Files\Windows Media Player\wmplayer.exe

21:01:56.0836 5396 C:\Program Files\Windows Media Player\wmplayer.exe - ok

21:01:56.0844 5396 [ 5E817F27870C2B41C5B1C53172BA6180 ] G:\itunes\iTunes.exe

21:01:56.0844 5396 G:\itunes\iTunes.exe - ok

21:01:56.0854 5396 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll

21:01:56.0854 5396 C:\Program Files\Windows Media Player\wmpnssci.dll - ok

21:01:56.0871 5396 [ 2A0DD9961ED969EB10781DBC57EBA9CC ] C:\Program Files\QuickTime\QuickTimePlayer.exe

21:01:56.0871 5396 C:\Program Files\QuickTime\QuickTimePlayer.exe - ok

21:01:56.0903 5396 [ 5E7660E97932778596AAB57D9BF4732C ] C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit 2\ExtendScript Toolkit 2.exe

21:01:56.0903 5396 C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit 2\ExtendScript Toolkit 2.exe - ok

21:01:56.0938 5396 [ E477BAF6980CD2AD49FC4F58D8C6274D ] C:\Windows\Installer\{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}\iTunesIco.exe

21:01:56.0938 5396 C:\Windows\Installer\{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}\iTunesIco.exe - ok

21:01:56.0949 5396 [ A470CC40B031A0EE22017FBA72898A12 ] C:\Program Files\SpeedFan\speedfan.exe

21:01:56.0949 5396 C:\Program Files\SpeedFan\speedfan.exe - ok

21:01:56.0968 5396 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll

21:01:56.0969 5396 C:\Windows\System32\AltTab.dll - ok

21:01:56.0987 5396 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll

21:01:56.0987 5396 C:\Windows\System32\WPDShServiceObj.dll - ok

21:01:57.0007 5396 [ C6DE38AACBC927B40B769C928689FBF7 ] C:\Program Files\stephenhawkins\SEOINDEXER\fastindexer.exe

21:01:57.0007 5396 C:\Program Files\stephenhawkins\SEOINDEXER\fastindexer.exe - ok

21:01:57.0017 5396 [ 03655F4324F287CCDD5354699D7858F6 ] D:\PowerISO\PowerISO.exe

21:01:57.0017 5396 D:\PowerISO\PowerISO.exe - ok

21:01:57.0038 5396 [ 509D846FDF0C83158ED5970DE751364C ] C:\Windows\System32\jsproxy.dll

21:01:57.0038 5396 C:\Windows\System32\jsproxy.dll - ok

21:01:57.0050 5396 [ 941486AB385556BF6A62342F8CA15BD8 ] C:\Windows\System32\accessibilitycpl.dll

21:01:57.0051 5396 C:\Windows\System32\accessibilitycpl.dll - ok

21:01:57.0065 5396 [ 66AA43F07DEE7FE8F22D955E06A1FB0B ] C:\Program Files\FileZilla FTP Client\fzshellext.dll

21:01:57.0066 5396 C:\Program Files\FileZilla FTP Client\fzshellext.dll - ok

21:01:57.0080 5396 [ E47C854A28A81F2939F42CBE9FEA994C ] C:\Windows\System32\Magnify.exe

21:01:57.0081 5396 C:\Windows\System32\Magnify.exe - ok

21:01:57.0091 5396 [ 65163AE77734C346C044B13F287B423B ] C:\Program Files\Adobe\Adobe Extension Manager\Extension Manager.exe

21:01:57.0091 5396 C:\Program Files\Adobe\Adobe Extension Manager\Extension Manager.exe - ok

21:01:57.0110 5396 [ 1A4414A67C28DEDEE45955C639AE431D ] C:\Program Files\Ulead Systems\Ulead CD & DVD PictureShow 3 SE Basic\DVDPS.exe

21:01:57.0111 5396 C:\Program Files\Ulead Systems\Ulead CD & DVD PictureShow 3 SE Basic\DVDPS.exe - ok

21:01:57.0121 5396 [ 695E56BDEB5E2BDD3EEF689D49E2F24D ] C:\Program Files\Paint.NET\PaintDotNet.exe

21:01:57.0122 5396 C:\Program Files\Paint.NET\PaintDotNet.exe - ok

21:01:57.0141 5396 [ 27BB54357A51594D9F9B6257B5B9A879 ] C:\Windows\System32\Narrator.exe

21:01:57.0142 5396 C:\Windows\System32\Narrator.exe - ok

21:01:57.0152 5396 [ ADE16097319E9D48CE0D1CC5C7481008 ] C:\Windows\Installer\{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}\NewShortcut21_BCF7F5E6C66640739052047505D9E3F9.exe

21:01:57.0153 5396 C:\Windows\Installer\{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}\NewShortcut21_BCF7F5E6C66640739052047505D9E3F9.exe - ok

21:01:57.0169 5396 [ 6479FD0EB8173CD9E48E1ECF291F5EC3 ] C:\Program Files\Placement Locator\ploc.exe

21:01:57.0169 5396 C:\Program Files\Placement Locator\ploc.exe - ok

21:01:57.0180 5396 [ 314C76642049DD4E9B964BC333A620B1 ] C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe

21:01:57.0180 5396 C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe - ok

21:01:57.0192 5396 [ AAAA860379845F0A3FBE8BF0E05581CD ] C:\Program Files\Lexmark\Dashboard\LX__Dashboard.exe

21:01:57.0201 5396 C:\Program Files\Lexmark\Dashboard\LX__Dashboard.exe - ok

21:01:57.0214 5396 [ 5A5DEC75F662FBB8E48DD29B2D929473 ] C:\Windows\AppPatch\AcSpecfc.dll

21:01:57.0214 5396 C:\Windows\AppPatch\AcSpecfc.dll - ok

21:01:57.0222 5396 [ 877F2939794EBA4F3D1BB967007E99E8 ] C:\Windows\System32\osk.exe

21:01:57.0223 5396 C:\Windows\System32\osk.exe - ok

21:01:57.0242 5396 [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\Windows\System32\ddraw.dll

21:01:57.0242 5396 C:\Windows\System32\ddraw.dll - ok

21:01:57.0256 5396 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll

21:01:57.0256 5396 C:\Windows\System32\srchadmin.dll - ok

21:01:57.0271 5396 [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\System32\dciman32.dll

21:01:57.0271 5396 C:\Windows\System32\dciman32.dll - ok

21:01:57.0282 5396 [ 93A3C22BDA9CDD2AC424D1D2789BFE56 ] C:\Program Files\Canon\IJ Manual\Easy Guide Viewer\cmview.exe

21:01:57.0282 5396 C:\Program Files\Canon\IJ Manual\Easy Guide Viewer\cmview.exe - ok

21:01:57.0294 5396 [ 7043D485AEAE435312659FF1461F1491 ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSO.DLL

21:01:57.0294 5396 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSO.DLL - ok

21:01:57.0312 5396 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll

21:01:57.0312 5396 C:\Windows\System32\webcheck.dll - ok

21:01:57.0322 5396 [ 0282F454BF380AF26EFC3913C6D435FF ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

21:01:57.0322 5396 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok

21:01:57.0341 5396 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll

21:01:57.0341 5396 C:\Windows\System32\SyncCenter.dll - ok

21:01:57.0351 5396 [ 223AD0CA4092AEFFE0D0DE25502A3DB6 ] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE

21:01:57.0351 5396 C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE - ok

21:01:57.0362 5396 [ 7D821FF8789BF6F5CB1ED8755E647770 ] C:\Program Files\Audacity\audacity.exe

21:01:57.0363 5396 C:\Program Files\Audacity\audacity.exe - ok

21:01:57.0379 5396 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\Windows\System32\wuauclt.exe

21:01:57.0379 5396 C:\Windows\System32\wuauclt.exe - ok

21:01:57.0388 5396 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll

21:01:57.0388 5396 C:\Windows\System32\wucltux.dll - ok

21:01:57.0405 5396 [ CAB80174DB12D06E4CEFCDAD6A8A2015 ] C:\Program Files\Microsoft Office\Office12\OLMAPI32.DLL

21:01:57.0405 5396 C:\Program Files\Microsoft Office\Office12\OLMAPI32.DLL - ok

21:01:57.0417 5396 [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\Windows\System32\wscntfy.dll

21:01:57.0417 5396 C:\Windows\System32\wscntfy.dll - ok

21:01:57.0429 5396 [ C42AE64F5DB6BC5E947B7E3E1B1E633E ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

21:01:57.0430 5396 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

21:01:57.0441 5396 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll

21:01:57.0441 5396 C:\Windows\System32\imapi2.dll - ok

21:01:57.0452 5396 [ 80CD76569F68AF3A4E86DDB6F669B761 ] C:\Program Files\Canon\IJEREG\iP4700 series\IJEREG.exe

21:01:57.0452 5396 C:\Program Files\Canon\IJEREG\iP4700 series\IJEREG.exe - ok

21:01:57.0468 5396 [ ADE16097319E9D48CE0D1CC5C7481008 ] C:\Users\Andy\AppData\Roaming\Microsoft\Installer\{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}\NewShortcut2_0D9F414113FB41AC8DAEBDFA71A42EE0.exe

21:01:57.0468 5396 C:\Users\Andy\AppData\Roaming\Microsoft\Installer\{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}\NewShortcut2_0D9F414113FB41AC8DAEBDFA71A42EE0.exe - ok

21:01:57.0480 5396 [ 324FE631F3D9DAE5A6E74171AB5C7D65 ] C:\Program Files\3 Mobile Broadband\3Connect\Wilog.exe

21:01:57.0480 5396 C:\Program Files\3 Mobile Broadband\3Connect\Wilog.exe - ok

21:01:57.0490 5396 [ 4380EF35C118E071D1D5EE17F2FAF513 ] C:\Program Files\Microsoft Office\Office12\1033\OUTLLIBR.DLL

21:01:57.0490 5396 C:\Program Files\Microsoft Office\Office12\1033\OUTLLIBR.DLL - ok

21:01:57.0508 5396 [ C7D010BD8BCEF2EB3FCA8F7CD3C08D9F ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSORES.DLL

21:01:57.0508 5396 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSORES.DLL - ok

21:01:57.0518 5396 [ C299655BF2C7F028F23287D72857F94F ] C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe

21:01:57.0518 5396 C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe - ok

21:01:57.0537 5396 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll

21:01:57.0537 5396 C:\Windows\System32\davclnt.dll - ok

21:01:57.0545 5396 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll

21:01:57.0545 5396 C:\Windows\System32\ntlanman.dll - ok

21:01:57.0554 5396 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll

21:01:57.0554 5396 C:\Windows\System32\drprov.dll - ok

21:01:57.0576 5396 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl

21:01:57.0576 5396 C:\Windows\System32\bthprops.cpl - ok

21:01:57.0583 5396 [ D1D634B573E9EA6F34AAFEC5FA9E0948 ] C:\Program Files\MetaTrader 4\terminal.exe

21:01:57.0583 5396 C:\Program Files\MetaTrader 4\terminal.exe - ok

21:01:57.0602 5396 [ 0093A27D0C6A85A6611F4196F50426CC ] C:\Program Files\Citrix\GoToMeeting\952\g2mstart.exe

21:01:57.0602 5396 C:\Program Files\Citrix\GoToMeeting\952\g2mstart.exe - ok

21:01:57.0616 5396 [ FAE5B9F04008B0F9C97946796ACA37C6 ] C:\Program Files\TechSmith\Camtasia Studio 7\CamtasiaStudio.exe

21:01:57.0616 5396 C:\Program Files\TechSmith\Camtasia Studio 7\CamtasiaStudio.exe - ok

21:01:57.0627 5396 [ 4C5D603A632023BFDB8EDD4436882ABF ] C:\Program Files\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL

21:01:57.0627 5396 C:\Program Files\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL - ok

21:01:57.0646 5396 [ 8FECD12803558FA84F63B7DDD16D89F1 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\MSXML5.DLL

21:01:57.0646 5396 C:\Program Files\Common Files\microsoft shared\OFFICE11\MSXML5.DLL - ok

21:01:57.0656 5396 [ 7961F9C2EDD3602BA544BBEE3CB9D5DC ] C:\Program Files\Buckaroo Watchboard\Buckaroo Watchboard.exe

21:01:57.0657 5396 C:\Program Files\Buckaroo Watchboard\Buckaroo Watchboard.exe - ok

21:01:57.0673 5396 [ 134402DBDD98CBF84E3F0253E27005D7 ] C:\Program Files\Domain Match Pro\Domain Match Pro.exe

21:01:57.0673 5396 C:\Program Files\Domain Match Pro\Domain Match Pro.exe - ok

21:01:57.0684 5396 [ F4BB50AB9A66466CFAE54F5637B34C21 ] C:\Program Files\CyberLink\Power2Go\OLRSubmission\OLRSubmission.exe

21:01:57.0684 5396 C:\Program Files\CyberLink\Power2Go\OLRSubmission\OLRSubmission.exe - ok

21:01:57.0703 5396 [ 1A8B4857F2CAAED89E16B1ED1F24930D ] C:\Program Files\Common Files\microsoft shared\OFFICE12\RICHED20.DLL

21:01:57.0704 5396 C:\Program Files\Common Files\microsoft shared\OFFICE12\RICHED20.DLL - ok

21:01:57.0712 5396 [ 653445A26C72D19AC4E66B91C38EFBD3 ] C:\Program Files\TheGenerator\Generator.exe

21:01:57.0712 5396 C:\Program Files\TheGenerator\Generator.exe - ok

21:01:57.0722 5396 [ 2C99C70615AE0E8B1CDB2F6662D233B0 ] C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe

21:01:57.0722 5396 C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe - ok

21:01:57.0738 5396 [ A5240FFD1A470EA47F95DC34E065E249 ] C:\Program Files\Microsoft Office\Office12\1033\MAPIR.DLL

21:01:57.0738 5396 C:\Program Files\Microsoft Office\Office12\1033\MAPIR.DLL - ok

21:01:57.0749 5396 [ FCF1A9C3FB29786946302B4470952D85 ] C:\Program Files\AVG\AVG2012\avgcslx.dll

21:01:57.0749 5396 C:\Program Files\AVG\AVG2012\avgcslx.dll - ok

21:01:57.0759 5396 [ 20B6B6946CBCD62C0035F12583E5156B ] C:\Windows\Installer\{D7FD752A-DDB9-4685-83FD-E20C7C59BD84}\Desktop_MindManager6_C4D150117314479F90CAEF8478756B79.exe

21:01:57.0759 5396 C:\Windows\Installer\{D7FD752A-DDB9-4685-83FD-E20C7C59BD84}\Desktop_MindManager6_C4D150117314479F90CAEF8478756B79.exe - ok

21:01:57.0777 5396 [ 69C5CB89C17E2B7838B07DF539388A08 ] C:\Program Files\Traffic Launch Pad\Traffic Launch Pad.exe

21:01:57.0777 5396 C:\Program Files\Traffic Launch Pad\Traffic Launch Pad.exe - ok

21:01:57.0790 5396 [ AB208D359E98D646BACB560EF4B52739 ] C:\Program Files\Micro Niche Finder 5.0\MicroNicheFinder.exe

21:01:57.0790 5396 C:\Program Files\Micro Niche Finder 5.0\MicroNicheFinder.exe - ok

21:01:57.0818 5396 [ 2ED95EEA3489E516FAA87FF49D29E7C8 ] C:\Program Files\Microsoft Office\Office12\WWLIB.DLL

21:01:57.0818 5396 C:\Program Files\Microsoft Office\Office12\WWLIB.DLL - ok

21:01:57.0831 5396 [ DB6262E5D02FE4DE60EDCDA6894AC5AE ] C:\Program Files\CyberLink\Power2Go\Power2Go.exe

21:01:57.0831 5396 C:\Program Files\CyberLink\Power2Go\Power2Go.exe - ok

21:01:57.0855 5396 [ F8D8BB3F6173FFF00128612F33D3197A ] C:\Windows\System32\wbem\WMIADAP.exe

Link to post
Share on other sites

Part 5

21:01:57.0855 5396 C:\Windows\System32\wbem\WMIADAP.exe - ok

21:01:57.0876 5396 [ 8B2D61CA83825CEAD423228ACD40CFBC ] C:\Windows\System32\loadperf.dll

21:01:57.0877 5396 C:\Windows\System32\loadperf.dll - ok

21:01:57.0886 5396 [ E7195C281266390B91E6F607981BD052 ] C:\Applications\oem\Reminder\Reminder_MUI.exe

21:01:57.0886 5396 C:\Applications\oem\Reminder\Reminder_MUI.exe - ok

21:01:57.0900 5396 [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL

21:01:57.0900 5396 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok

21:01:57.0916 5396 [ A9711AFB3DF5925DA73CFA65BDDC17C1 ] C:\Program Files\Photo Viewer\PhotoViewer.exe

21:01:57.0917 5396 C:\Program Files\Photo Viewer\PhotoViewer.exe - ok

21:01:57.0931 5396 [ CFACF5AF94DA304F26C69CF709491C95 ] C:\Program Files\MB Free Subliminal Message Software\MBFreeSubliminalMessageSoftware.exe

21:01:57.0932 5396 C:\Program Files\MB Free Subliminal Message Software\MBFreeSubliminalMessageSoftware.exe - ok

21:01:57.0946 5396 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe

21:01:57.0946 5396 C:\Windows\System32\rundll32.exe - ok

21:01:57.0952 5396 [ BF8D866FCA9758E71DDDB5B91ED882C9 ] C:\Program Files\MagicISO\MagicISO.exe

21:01:57.0952 5396 C:\Program Files\MagicISO\MagicISO.exe - ok

21:01:57.0972 5396 [ 0763F10177E9EA1036C3D9AC70873232 ] C:\Users\Andy\Desktop\Best Indexing Software.exe

21:01:57.0973 5396 C:\Users\Andy\Desktop\Best Indexing Software.exe - ok

21:01:57.0983 5396 [ 3DB4D69B3F1DEC143C3A427AFC86C75E ] C:\Program Files\TechSmith\Snagit 10\SnagitEditor.exe

21:01:57.0983 5396 C:\Program Files\TechSmith\Snagit 10\SnagitEditor.exe - ok

21:01:58.0009 5396 [ 8B9D6D070113CFD8E20793768AFA26FC ] C:\Program Files\AVG\AVG2012\avglngx.dll

21:01:58.0009 5396 C:\Program Files\AVG\AVG2012\avglngx.dll - ok

21:01:58.0022 5396 [ D78BC832DA33BB0835C95CD338BB7F2A ] C:\Program Files\Microsoft Office\Office12\OART.DLL

21:01:58.0022 5396 C:\Program Files\Microsoft Office\Office12\OART.DLL - ok

21:01:58.0040 5396 [ 20B6B6946CBCD62C0035F12583E5156B ] C:\Windows\Installer\{D7FD752A-DDB9-4685-83FD-E20C7C59BD84}\StartMenu_MindManage_C4D150117314479F90CAEF8478756B79.exe

21:01:58.0040 5396 C:\Windows\Installer\{D7FD752A-DDB9-4685-83FD-E20C7C59BD84}\StartMenu_MindManage_C4D150117314479F90CAEF8478756B79.exe - ok

21:01:58.0046 5396 [ 3EA18C2B6AC3925EA62F189B24CC5EF1 ] C:\Program Files\TimeLeft3\TimeLeft.exe

21:01:58.0046 5396 C:\Program Files\TimeLeft3\TimeLeft.exe - ok

21:01:58.0058 5396 [ 015A9D857726C083144CA352A273378A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll

21:01:58.0058 5396 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll - ok

21:01:58.0075 5396 [ 7240EA3FA768ED1E6E52741AE47EA08A ] C:\Program Files\AVG\AVG2012\avgabout.dll

21:01:58.0075 5396 C:\Program Files\AVG\AVG2012\avgabout.dll - ok

21:01:58.0102 5396 [ 1A04ECFEFEC96A31A89E2AC3EE96C1B9 ] C:\Program Files\ColorPic 4.1\ColorPic.exe

21:01:58.0102 5396 C:\Program Files\ColorPic 4.1\ColorPic.exe - ok

21:01:58.0109 5396 [ 6F20729E802D5CC643A73A7F0339032B ] C:\Program Files\AVG\AVG2012\avguires.dll

21:01:58.0109 5396 C:\Program Files\AVG\AVG2012\avguires.dll - ok

21:01:58.0119 5396 [ 7606B8B56116BEDFBCFECD7107511ED6 ] C:\Program Files\Microsoft Office\Office12\CONTAB32.DLL

21:01:58.0120 5396 C:\Program Files\Microsoft Office\Office12\CONTAB32.DLL - ok

21:01:58.0135 5396 [ 62AFE150A440B9DBC615F623EEEFB102 ] C:\Program Files\Pinterest - Buckaroo Watchboard\Pinterest - Buckaroo Watchboard.exe

21:01:58.0135 5396 C:\Program Files\Pinterest - Buckaroo Watchboard\Pinterest - Buckaroo Watchboard.exe - ok

21:01:58.0148 5396 [ D80C1289A285506E3FFFE67E936AA262 ] C:\Program Files\Microsoft Office\Office12\MSPST32.DLL

21:01:58.0148 5396 C:\Program Files\Microsoft Office\Office12\MSPST32.DLL - ok

21:01:58.0160 5396 [ 740F6451DAA6FE1F8DF42164752AE09A ] C:\Program Files\CassetteMate\CassetteMate.exe

21:01:58.0160 5396 C:\Program Files\CassetteMate\CassetteMate.exe - ok

21:01:58.0182 5396 [ 3787A4BC97CE6C630F4B581425223D96 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

21:01:58.0182 5396 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok

21:01:58.0191 5396 [ BE1D1961F9F82F40A6DADB340819ABCF ] C:\Program Files\Citrix\GoToMeeting\952\G2MResource_en.dll

21:01:58.0191 5396 C:\Program Files\Citrix\GoToMeeting\952\G2MResource_en.dll - ok

21:01:58.0208 5396 [ 1E03BABB4D6CA5C27BD2C822F7F95788 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll

21:01:58.0208 5396 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll - ok

21:01:58.0214 5396 [ 053D8D245118BEA6E21E1812871F67BA ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

21:01:58.0215 5396 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok

21:01:58.0227 5396 [ E642DD3B53456D9C2E9CA7055D01B48C ] C:\Program Files\iWisoft Flash SWF to Video Converter\swf2avi.exe

21:01:58.0228 5396 C:\Program Files\iWisoft Flash SWF to Video Converter\swf2avi.exe - ok

21:01:58.0245 5396 [ 919F2B95F6A86AA1AE56E5A25E167F57 ] D:\Internet Marketing\BlogBlueprint\Web2Mayhem\Web2Mayhem.exe

21:01:58.0246 5396 D:\Internet Marketing\BlogBlueprint\Web2Mayhem\Web2Mayhem.exe - ok

21:01:58.0255 5396 [ B2E9DB5E5F4091FCDA0C9249C1E3F974 ] C:\Program Files\AVG\AVG2012\avgidpmx.dll

21:01:58.0255 5396 C:\Program Files\AVG\AVG2012\avgidpmx.dll - ok

21:01:58.0275 5396 [ 820AB10BB0186A7845A1B6460E50088B ] D:\Spybot - Search & Destroy\advcheck.dll

21:01:58.0275 5396 D:\Spybot - Search & Destroy\advcheck.dll - ok

21:01:58.0286 5396 [ E57F87E5E479D74169B3E973DA83893E ] D:\SERPAttacks\SERPattacks.exe

21:01:58.0286 5396 D:\SERPAttacks\SERPattacks.exe - ok

21:01:58.0309 5396 [ F05FDB5756F82C6CBBC9203D974A0C3B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll

21:01:58.0309 5396 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll - ok

21:01:58.0318 5396 [ DF8F477D51A39F9997926FC854B38C18 ] C:\Program Files\Pocket Penguinator 1.0.0.0\Uninstall-PocketPenguinator.exe

21:01:58.0318 5396 C:\Program Files\Pocket Penguinator 1.0.0.0\Uninstall-PocketPenguinator.exe - ok

21:01:58.0344 5396 [ 938ACF2A4F7FDAFF322FD36F0B14D45A ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll

21:01:58.0345 5396 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok

21:01:58.0354 5396 [ 279A8BE318EBC0C25C5EA9AED19E0CF9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll

21:01:58.0354 5396 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll - ok

21:01:58.0378 5396 [ 5AD35E233268773895A512035377767E ] C:\Program Files\AVG\AVG2012\avgoutlookx.dll

21:01:58.0378 5396 C:\Program Files\AVG\AVG2012\avgoutlookx.dll - ok

21:01:58.0390 5396 [ 761D609E63D60404B436286DFC6AFFA8 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

21:01:58.0391 5396 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok

21:01:58.0407 5396 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll

21:01:58.0407 5396 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok

21:01:58.0417 5396 [ 530ED4B00397C2E65DDFDDFAC60744D2 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

21:01:58.0418 5396 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok

21:01:58.0428 5396 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe

21:01:58.0428 5396 C:\Program Files\Windows Calendar\WinCal.exe - ok

21:01:58.0447 5396 [ 7801AFE8E9E15CC19065DD35D35D2680 ] C:\Program Files\Common Files\System\MSMAPI\1033\MSMAPI32.DLL

21:01:58.0447 5396 C:\Program Files\Common Files\System\MSMAPI\1033\MSMAPI32.DLL - ok

21:01:58.0460 5396 [ 22BB068A94C4679F8A46435FF1C80607 ] D:\RoboSoft4\RoboSoft.exe

21:01:58.0460 5396 D:\RoboSoft4\RoboSoft.exe - ok

21:01:58.0471 5396 [ A41AFF3F81DEE43BF380688A49E404E7 ] C:\PROGRA~1\MICROS~2\Office12\ADDINS\COLLEA~1.DLL

21:01:58.0472 5396 C:\PROGRA~1\MICROS~2\Office12\ADDINS\COLLEA~1.DLL - ok

21:01:58.0483 5396 [ 8B422B0E0056C3B793163B4C3490D4B3 ] C:\Program Files\Citrix\GoToMeeting\952\G2MOutlookAddin.dll

21:01:58.0483 5396 C:\Program Files\Citrix\GoToMeeting\952\G2MOutlookAddin.dll - ok

21:01:58.0494 5396 [ DB4C494406ECAA861C49E4BF2FE1352E ] C:\Program Files\AVG\AVG2012\avgadvisorx.dll

21:01:58.0494 5396 C:\Program Files\AVG\AVG2012\avgadvisorx.dll - ok

21:01:58.0511 5396 [ 99495E46CBF87F1C1FF3E57C069D0A8D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll

21:01:58.0512 5396 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll - ok

21:01:58.0522 5396 [ 58E90A91EB54A9D937297392D2F0D25C ] D:\PADGen\PADGen.exe

21:01:58.0522 5396 D:\PADGen\PADGen.exe - ok

21:01:58.0540 5396 [ 83D998F32411068C91DC41D01777ECFE ] C:\Program Files\Microsoft Office\Office12\GrooveTransceiver.dll

21:01:58.0540 5396 C:\Program Files\Microsoft Office\Office12\GrooveTransceiver.dll - ok

21:01:58.0550 5396 [ CF21B3B58EA269635E348591C8EF6FD3 ] C:\Windows\System32\SiSFunc.dll

21:01:58.0550 5396 C:\Windows\System32\SiSFunc.dll - ok

21:01:58.0560 5396 [ 690DDB0D08080AB1156EA94EDF6E51D1 ] C:\Windows\System32\SiSKrl.dll

21:01:58.0560 5396 C:\Windows\System32\SiSKrl.dll - ok

21:01:58.0578 5396 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll

21:01:58.0578 5396 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok

21:01:58.0596 5396 [ 83669AE0BB1BD96C444A736F1CA16A4F ] C:\PROGRA~1\MICROS~2\Office12\OMSMAIN.DLL

21:01:58.0596 5396 C:\PROGRA~1\MICROS~2\Office12\OMSMAIN.DLL - ok

21:01:58.0620 5396 [ BEDC500FE237D9066B72623C927CE18F ] C:\Program Files\Mindjet\MindManager 8\Mm8OutlookLinker.dll

21:01:58.0620 5396 C:\Program Files\Mindjet\MindManager 8\Mm8OutlookLinker.dll - ok

21:01:58.0639 5396 [ 2589FFE360BED8F824CBC6171CB5B874 ] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

21:01:58.0639 5396 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe - ok

21:01:58.0648 5396 [ 424D188859D466C2BEE443ACF6589139 ] C:\Program Files\Mindjet\MindManager 8\MmUtilities.dll

21:01:58.0648 5396 C:\Program Files\Mindjet\MindManager 8\MmUtilities.dll - ok

21:01:58.0669 5396 [ A3818BC2BD5B73F75F5B97CE4BDF452B ] C:\Program Files\Mindjet\MindManager 8\Vic32.dll

21:01:58.0669 5396 C:\Program Files\Mindjet\MindManager 8\Vic32.dll - ok

21:01:58.0677 5396 [ 6D86AA5725369AD5990D5D287CC1AFB5 ] C:\Program Files\Mindjet\MindManager 8\zlib.dll

21:01:58.0677 5396 C:\Program Files\Mindjet\MindManager 8\zlib.dll - ok

21:01:58.0687 5396 [ 13B6B653D43814EE772FD368B4DE1145 ] C:\Program Files\SiS VGA Utilities\SiS.exe

21:01:58.0687 5396 C:\Program Files\SiS VGA Utilities\SiS.exe - ok

21:01:58.0706 5396 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll

21:01:58.0707 5396 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok

21:01:58.0711 5396 [ C417374D487CC85593520A9C49C17F3A ] D:\Magic Submitter\MagicSubmitter.exe

21:01:58.0711 5396 D:\Magic Submitter\MagicSubmitter.exe - ok

21:01:58.0721 5396 [ 513398C7D3175DB118607E766051EF17 ] C:\Program Files\Mindjet\MindManager 8\BCGCBPRO955u.dll

21:01:58.0721 5396 C:\Program Files\Mindjet\MindManager 8\BCGCBPRO955u.dll - ok

21:01:58.0736 5396 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe

21:01:58.0737 5396 C:\Program Files\Windows Mail\wab.exe - ok

21:01:58.0748 5396 [ 0477C2F9171599CA5BC3307FDFBA8D89 ] D:\Spybot - Search & Destroy\SpybotSD.exe

21:01:58.0748 5396 D:\Spybot - Search & Destroy\SpybotSD.exe - ok

21:01:58.0758 5396 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll

21:01:58.0758 5396 C:\Windows\System32\odbc32.dll - ok

21:01:58.0773 5396 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll

21:01:58.0774 5396 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok

21:01:58.0784 5396 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll

21:01:58.0784 5396 C:\Windows\System32\odbcint.dll - ok

21:01:58.0794 5396 [ 80611FC36A3082184A99050B49827EB7 ] C:\Windows\Installer\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}\QuickCamDesktopSho_C0678C37AA5341A4BE4781BAF94DE0CC.exe

21:01:58.0794 5396 C:\Windows\Installer\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}\QuickCamDesktopSho_C0678C37AA5341A4BE4781BAF94DE0CC.exe - ok

21:01:58.0813 5396 [ ABE7470D20EF2CBC8A0D692CFEAC9167 ] C:\Program Files\Mindjet\MindManager 8\Mm8OutlookLinkerEnglish.dll

21:01:58.0813 5396 C:\Program Files\Mindjet\MindManager 8\Mm8OutlookLinkerEnglish.dll - ok

21:01:58.0835 5396 [ CBA7001B80C5E9207F7F4CF18FE0DB5D ] C:\Program Files\vixy.net\unins000.exe

21:01:58.0835 5396 C:\Program Files\vixy.net\unins000.exe - ok

21:01:58.0850 5396 [ A26D1AD4FEE877D1A66454AB7F505A13 ] C:\Program Files\vixy.net\vixy.exe

21:01:58.0851 5396 C:\Program Files\vixy.net\vixy.exe - ok

21:01:58.0866 5396 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe

21:01:58.0867 5396 C:\Program Files\Windows Defender\MSASCui.exe - ok

21:01:58.0884 5396 [ 395335431AD55C167CFDBBAB8420DA73 ] C:\Program Files\Movie Maker\DVDMaker.exe

21:01:58.0884 5396 C:\Program Files\Movie Maker\DVDMaker.exe - ok

21:01:58.0898 5396 [ 72A47494EEB5936657BED3B036391209 ] C:\Program Files\WinRAR\WinRAR.exe

21:01:58.0899 5396 C:\Program Files\WinRAR\WinRAR.exe - ok

21:01:58.0918 5396 [ ADE16097319E9D48CE0D1CC5C7481008 ] C:\Windows\Installer\{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}\NewShortcut211_101D6EE4E57B4043B07B8C1A8CCFB32D.exe

21:01:58.0918 5396 C:\Windows\Installer\{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}\NewShortcut211_101D6EE4E57B4043B07B8C1A8CCFB32D.exe - ok

21:01:58.0931 5396 [ B7ED332A57FC78CA29E40D3619550225 ] C:\Windows\ehome\ehshell.exe

21:01:58.0931 5396 C:\Windows\ehome\ehshell.exe - ok

21:01:58.0950 5396 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe

21:01:58.0950 5396 C:\Windows\System32\wuapp.exe - ok

21:01:58.0964 5396 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe

21:01:58.0964 5396 C:\Program Files\Windows Collaboration\WinCollab.exe - ok

21:01:58.0978 5396 [ 4D9FF3E13DDCE0EF52183BC1D22C5569 ] C:\Program Files\Mindjet\MindManager 8\Mm8OutlookMapMinderLinker.dll

21:01:58.0978 5396 C:\Program Files\Mindjet\MindManager 8\Mm8OutlookMapMinderLinker.dll - ok

21:01:58.0993 5396 [ 733A622FE625842621C69D2BF1A81F01 ] C:\Program Files\Mindjet\MindManager 8\MmServiceUtilities.dll

21:01:58.0993 5396 C:\Program Files\Mindjet\MindManager 8\MmServiceUtilities.dll - ok

21:01:59.0014 5396 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe

21:01:59.0014 5396 C:\Program Files\Movie Maker\MOVIEMK.exe - ok

21:01:59.0030 5396 [ B37845E5A3D772D20D55C20F53B20E0F ] C:\Program Files\Mindjet\MindManager 8\Mm8OutlookMapMinderLinkerEnglish.dll

21:01:59.0030 5396 C:\Program Files\Mindjet\MindManager 8\Mm8OutlookMapMinderLinkerEnglish.dll - ok

21:01:59.0060 5396 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe

21:01:59.0060 5396 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok

21:01:59.0098 5396 [ B501672394AE0E64584A26CC9073112C ] C:\Program Files\InstallShield Installation Information\{A899DA1F-D626-401C-8651-F2921E3B4CB3}\setup.exe

21:01:59.0098 5396 C:\Program Files\InstallShield Installation Information\{A899DA1F-D626-401C-8651-F2921E3B4CB3}\setup.exe - ok

21:01:59.0117 5396 [ D3C50535C26190FEAD7785A03499C0AC ] C:\Windows\System32\Macromed\Flash\Flash9e.ocx

21:01:59.0118 5396 C:\Windows\System32\Macromed\Flash\Flash9e.ocx - ok

21:01:59.0140 5396 [ 898ABECCD5F0B9A8E8F1318DDB234685 ] C:\Windows\System32\dot3api.dll

21:01:59.0141 5396 C:\Windows\System32\dot3api.dll - ok

21:01:59.0159 5396 [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295 ] C:\Windows\System32\wlanhlp.dll

21:01:59.0160 5396 C:\Windows\System32\wlanhlp.dll - ok

21:01:59.0180 5396 [ 338104E0E18307CD65604FE317B5FB8D ] C:\Windows\System32\mblctr.exe

21:01:59.0181 5396 C:\Windows\System32\mblctr.exe - ok

21:01:59.0222 5396 [ B1AFF0B6DED627A1D22A6817DD58AC0F ] C:\Windows\System32\NetProj.exe

21:01:59.0222 5396 C:\Windows\System32\NetProj.exe - ok

21:01:59.0229 5396 [ A577868F76CEE16D6A82625FD55F379A ] C:\Windows\System32\NetProjW.dll

21:01:59.0229 5396 C:\Windows\System32\NetProjW.dll - ok

21:01:59.0252 5396 [ 694AF8B27C9A0A99399E02CE977F986B ] C:\Windows\System32\mspaint.exe

21:01:59.0252 5396 C:\Windows\System32\mspaint.exe - ok

21:01:59.0277 5396 [ FAB16AC59A5C06AB4A012A873E521D45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\OutMMe32.dll

21:01:59.0277 5396 C:\Program Files\Common Files\Apple\Mobile Device Support\OutMMe32.dll - ok

21:01:59.0294 5396 [ 16FEE292E95EDC274385103E6B498019 ] C:\Windows\System32\mstsc.exe

21:01:59.0294 5396 C:\Windows\System32\mstsc.exe - ok

21:01:59.0313 5396 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe

21:01:59.0313 5396 C:\Program Files\Windows Sidebar\sidebar.exe - ok

21:01:59.0323 5396 [ 1E9EA3F56F529A292C0547681743E2C7 ] C:\Program Files\Common Files\Apple\Mobile Device Support\OutMMe32.resources\en.lproj\OutMMe32Localized.dll

21:01:59.0324 5396 C:\Program Files\Common Files\Apple\Mobile Device Support\OutMMe32.resources\en.lproj\OutMMe32Localized.dll - ok

21:01:59.0340 5396 [ F9B328F2C4031855E1413D8EDAAAC798 ] C:\PROGRA~1\MICROS~2\Office12\ONBttnOL.dll

21:01:59.0340 5396 C:\PROGRA~1\MICROS~2\Office12\ONBttnOL.dll - ok

21:01:59.0351 5396 [ E80DB295132C5EF0C623935422BD0FC7 ] C:\Windows\System32\SnippingTool.exe

21:01:59.0352 5396 C:\Windows\System32\SnippingTool.exe - ok

21:01:59.0362 5396 [ A9B495789CE9F5BF94CE529757053B24 ] C:\Program Files\Common Files\Apple\Mobile Device Support\OutlookChangeNotifierAddIn.dll

21:01:59.0363 5396 C:\Program Files\Common Files\Apple\Mobile Device Support\OutlookChangeNotifierAddIn.dll - ok

21:01:59.0382 5396 [ 248F33A6C2380757BC1E20E34D9E827B ] C:\Windows\System32\SoundRecorder.exe

21:01:59.0382 5396 C:\Windows\System32\SoundRecorder.exe - ok

21:01:59.0405 5396 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\Windows\System32\mobsync.exe

21:01:59.0405 5396 C:\Windows\System32\mobsync.exe - ok

21:01:59.0413 5396 [ 5E542EDAEFCDA1684463B58C0F86283A ] C:\Windows\System32\mssphtb.dll

21:01:59.0419 5396 C:\Windows\System32\mssphtb.dll - ok

21:01:59.0428 5396 [ 19D0FC69D4E68D5CE2E4B34940529727 ] C:\Program Files\Windows NT\Accessories\wordpad.exe

21:01:59.0428 5396 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok

21:01:59.0450 5396 [ 055A2EFBE9A33F13984388B544682780 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeServices.exe

21:01:59.0450 5396 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeServices.exe - ok

21:01:59.0463 5396 [ A623666C8A8EC9A57DCA07915A3F1EC6 ] C:\Windows\System32\sdclt.exe

21:01:59.0463 5396 C:\Windows\System32\sdclt.exe - ok

21:01:59.0482 5396 [ BB4910DE8B6C5E30DF39EC97308D44BA ] C:\Windows\System32\charmap.exe

21:01:59.0482 5396 C:\Windows\System32\charmap.exe - ok

21:01:59.0494 5396 [ 2327C11B043FCEB80BE00CC8D077E9AA ] C:\Windows\System32\dfrgui.exe

21:01:59.0494 5396 C:\Windows\System32\dfrgui.exe - ok

21:01:59.0520 5396 [ 86AB3F6C784197DC1D994A83AF4259CD ] C:\Windows\System32\cleanmgr.exe

21:01:59.0520 5396 C:\Windows\System32\cleanmgr.exe - ok

21:01:59.0537 5396 [ FBF628702A408977FEB0845D48F4F154 ] C:\Windows\System32\migwiz\migwiz.exe

21:01:59.0537 5396 C:\Windows\System32\migwiz\migwiz.exe - ok

21:01:59.0551 5396 [ D3D1CE8FF30786D50272DA3085149904 ] C:\Windows\System32\msinfo32.exe

21:01:59.0551 5396 C:\Windows\System32\msinfo32.exe - ok

21:01:59.0565 5396 [ DB3E2963721E98D3AE3E28F88C0965C6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeServices_main.dll

21:01:59.0565 5396 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeServices_main.dll - ok

21:01:59.0584 5396 [ 95D5AC5CCBE10E8B4B8A0DF41022568D ] C:\Windows\System32\rstrui.exe

21:01:59.0584 5396 C:\Windows\System32\rstrui.exe - ok

21:01:59.0599 5396 [ 9F6079A6F31C29AD90248097ACA650AE ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleISSupport.dll

21:01:59.0599 5396 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleISSupport.dll - ok

21:01:59.0618 5396 [ B13A8D6F708AA2034A9DE0979F81D890 ] C:\Windows\System32\miguiresource.dll

21:01:59.0618 5396 C:\Windows\System32\miguiresource.dll - ok

21:01:59.0628 5396 [ C9B520028498E5DA23651619F8A556D4 ] C:\Windows\System32\StikyNot.exe

21:01:59.0628 5396 C:\Windows\System32\StikyNot.exe - ok

21:01:59.0647 5396 [ 7122B0AA2212B07BBFC49BD22215BF3B ] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

21:01:59.0647 5396 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe - ok

21:01:59.0658 5396 [ 126F34AC5D9E681D06499EEC0DD6679E ] C:\Program Files\Common Files\Apple\Apple Application Support\Foundation.dll

21:01:59.0658 5396 C:\Program Files\Common Files\Apple\Apple Application Support\Foundation.dll - ok

21:01:59.0675 5396 [ C20436B4F0596ACD5569749206F99265 ] C:\Program Files\Windows Journal\Journal.exe

21:01:59.0675 5396 C:\Program Files\Windows Journal\Journal.exe - ok

21:01:59.0686 5396 [ 9B290E80E819BA56A8EC7B07249B7865 ] C:\Program Files\Common Files\Apple\Apple Application Support\libtidy.dll

21:01:59.0687 5396 C:\Program Files\Common Files\Apple\Apple Application Support\libtidy.dll - ok

21:01:59.0707 5396 [ 36B6F71B6D7D280302B348145DB05A9F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe

21:01:59.0707 5396 C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe - ok

21:01:59.0713 5396 [ DF4217DDB34A0B73DC7AAC7829371C0C ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

21:01:59.0714 5396 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok

21:01:59.0728 5396 [ 4CAAD229A00C0DEFFF51841AE2B93B46 ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll

21:01:59.0729 5396 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll - ok

21:01:59.0744 5396 [ 2CB350B72FEA6FB5A010099A4444B636 ] C:\Windows\System32\mycomput.dll

21:01:59.0744 5396 C:\Windows\System32\mycomput.dll - ok

21:01:59.0753 5396 [ 1C474C0C4CB5F15A555FE912CBF4549C ] C:\Windows\System32\odbcad32.exe

21:01:59.0753 5396 C:\Windows\System32\odbcad32.exe - ok

21:01:59.0773 5396 [ 1CB1B95D67BC380FBCCFAEA3CF2DDA80 ] C:\Windows\System32\iscsicpl.exe

21:01:59.0773 5396 C:\Windows\System32\iscsicpl.exe - ok

21:01:59.0779 5396 [ F84D0B1B90404D0A27E86F159FBDAC81 ] C:\Windows\System32\iscsicpl.dll

21:01:59.0779 5396 C:\Windows\System32\iscsicpl.dll - ok

21:01:59.0790 5396 [ 8D865A3E7E2C78317EDE4EAE8316284F ] C:\Windows\System32\MdSched.exe

21:01:59.0790 5396 C:\Windows\System32\MdSched.exe - ok

21:01:59.0807 5396 [ 1959E5AAEE0D988C10F19CEC7DFF2242 ] C:\Windows\System32\wdc.dll

21:01:59.0807 5396 C:\Windows\System32\wdc.dll - ok

21:01:59.0815 5396 [ 90438B514A5AC6A23602484A907E20A7 ] C:\Windows\System32\filemgmt.dll

21:01:59.0815 5396 C:\Windows\System32\filemgmt.dll - ok

21:01:59.0825 5396 [ 7629E9BB2FF06EACA62580A2C1D4FE6A ] C:\Windows\System32\msconfig.exe

21:01:59.0825 5396 C:\Windows\System32\msconfig.exe - ok

21:01:59.0841 5396 [ 0ADED25D371AE14665CE514E413988E7 ] C:\Windows\System32\AuthFWGP.dll

21:01:59.0841 5396 C:\Windows\System32\AuthFWGP.dll - ok

21:01:59.0851 5396 [ 1843E81FA7ACFFF4344A7DD4328D7DA0 ] C:\Program Files\Microsoft Office\Office12\1033\ONINTL.DLL

21:01:59.0851 5396 C:\Program Files\Microsoft Office\Office12\1033\ONINTL.DLL - ok

21:01:59.0863 5396 [ 53418E0A99058D827589A03AB735D90A ] C:\Program Files\Adolix\eCover Engineer\eCoverEngineer.exe

21:01:59.0872 5396 C:\Program Files\Adolix\eCover Engineer\eCoverEngineer.exe - ok

21:01:59.0881 5396 [ 9F6E699D3A2D8B3DF6CA48BE3268C521 ] C:\Program Files\Adolix\eCover Engineer\unins000.exe

21:01:59.0881 5396 C:\Program Files\Adolix\eCover Engineer\unins000.exe - ok

21:01:59.0907 5396 [ ADE16097319E9D48CE0D1CC5C7481008 ] C:\Windows\Installer\{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}\NewShortcut2_0D9F414113FB41AC8DAEBDFA71A42EE0.exe

21:01:59.0908 5396 C:\Windows\Installer\{A1A2073C-33FC-4890-86E2-FE7D2B8AFE0F}\NewShortcut2_0D9F414113FB41AC8DAEBDFA71A42EE0.exe - ok

21:01:59.0923 5396 [ E6E44876D9E6200CAA68E76D9A37E847 ] C:\Windows\Installer\{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}\IconEF5C48881.exe

21:01:59.0923 5396 C:\Windows\Installer\{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}\IconEF5C48881.exe - ok

21:01:59.0931 5396 [ 6E7DB0ACA773AD375695888F8334088D ] C:\Windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series\DelDrv.exe

21:01:59.0932 5396 C:\Windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series\DelDrv.exe - ok

21:01:59.0956 5396 [ 8F4DF04157DE5877402AFA9ABC446BA2 ] C:\Program Files\Canon\IJ Manual\CANON IP4700 SERIES\uninstall.exe

21:01:59.0956 5396 C:\Program Files\Canon\IJ Manual\CANON IP4700 SERIES\uninstall.exe - ok

21:01:59.0976 5396 [ F93069A884D970164B6D377B777C5C2C ] C:\Program Files\Canon\IJEREG\iP4700 series\UNINST.EXE

21:01:59.0976 5396 C:\Program Files\Canon\IJEREG\iP4700 series\UNINST.EXE - ok

21:01:59.0984 5396 [ DF2A05AE34820F591FDF743916403C85 ] C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe

21:01:59.0984 5396 C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe - ok

21:01:59.0995 5396 [ 3FBF238F17AF1A95FBD7EB6860D6DA26 ] C:\Program Files\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE

21:01:59.0995 5396 C:\Program Files\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE - ok

21:02:00.0011 5396 [ 75DBB3561B38B0CFA88EE5ADAD88C336 ] C:\Program Files\Microsoft Office\Office12\OUTLRPC.DLL

21:02:00.0011 5396 C:\Program Files\Microsoft Office\Office12\OUTLRPC.DLL - ok

21:02:00.0024 5396 [ 75B59A6CC4299BA430E2BE18B1504F9C ] C:\Program Files\Microsoft Office\Office12\EXSEC32.DLL

21:02:00.0024 5396 C:\Program Files\Microsoft Office\Office12\EXSEC32.DLL - ok

21:02:00.0040 5396 [ D5C54E35B2058726F68D29B42804B11A ] C:\Program Files\Canon\MyPrinter\uninst.exe

21:02:00.0040 5396 C:\Program Files\Canon\MyPrinter\uninst.exe - ok

21:02:00.0050 5396 [ 6ACE27CE7A7823F62EC69E99516FCD25 ] C:\Program Files\Canon\SolutionMenu\uninst.exe

21:02:00.0050 5396 C:\Program Files\Canon\SolutionMenu\uninst.exe - ok

21:02:00.0061 5396 [ BEF1EAD605CF791FDBB48ADD71075509 ] C:\Program Files\Microsoft Office\Office12\1033\WWINTL.DLL

21:02:00.0061 5396 C:\Program Files\Microsoft Office\Office12\1033\WWINTL.DLL - ok

21:02:00.0087 5396 [ 973567B98CDFC147DF4E60471D9DF072 ] C:\Program Files\CassetteMate\Unwise.exe

21:02:00.0087 5396 C:\Program Files\CassetteMate\Unwise.exe - ok

21:02:00.0112 5396 [ 089414D8B58EFE4285A2B5F0FD98F962 ] C:\Program Files\Canon\CD-LabelPrint\CDLabelPrint.exe

21:02:00.0112 5396 C:\Program Files\Canon\CD-LabelPrint\CDLabelPrint.exe - ok

21:02:00.0123 5396 [ 8FA9A16022A664F536B616130B2EA866 ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL

21:02:00.0123 5396 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL - ok

21:02:00.0140 5396 [ 54F8FE51E2F80A3C0F24BF9F447DE919 ] C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe

21:02:00.0140 5396 C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe - ok

21:02:00.0153 5396 [ F0C555E3C60767499FF55F780563EB07 ] C:\Windows\ColorPic Uninstaller.exe

21:02:00.0153 5396 C:\Windows\ColorPic Uninstaller.exe - ok

21:02:00.0163 5396 [ 94DEE389D98FF14EA9ED83C903009E20 ] C:\Program Files\Convert AVI to MP4\ConvertAVItoMP4.exe

21:02:00.0163 5396 C:\Program Files\Convert AVI to MP4\ConvertAVItoMP4.exe - ok

21:02:00.0179 5396 [ 1068023C75E7D935BBD2D2F556BB6E2E ] C:\Program Files\Convert AVI to MP4\unins000.exe

21:02:00.0179 5396 C:\Program Files\Convert AVI to MP4\unins000.exe - ok

21:02:00.0199 5396 [ A0F16CEF17666ADA3728544CCB7E72C3 ] C:\PROGRA~1\MICROS~2\Office12\OUTLACCT.DLL

21:02:00.0199 5396 C:\PROGRA~1\MICROS~2\Office12\OUTLACCT.DLL - ok

21:02:00.0214 5396 [ B30FC9A54453F82FB46BB01D72ADEBE9 ] C:\Program Files\Desktop Ticker\DesktopTicker.exe

21:02:00.0214 5396 C:\Program Files\Desktop Ticker\DesktopTicker.exe - ok

21:02:00.0224 5396 [ 17A987B488F47783CBBF6A9BE2BAAD09 ] C:\Windows\System32\msident.dll

21:02:00.0225 5396 C:\Windows\System32\msident.dll - ok

21:02:00.0246 5396 [ DAA1B96073C79C84F8D28FBF55580415 ] C:\Windows\System32\pstorec.dll

21:02:00.0246 5396 C:\Windows\System32\pstorec.dll - ok

21:02:00.0255 5396 [ 6D01259214D1E815613ECA3CD81679EC ] C:\Windows\System32\pstorsvc.dll

21:02:00.0255 5396 C:\Windows\System32\pstorsvc.dll - ok

21:02:00.0274 5396 [ D78DDD04BF0030E49C717866A1AAF178 ] C:\Windows\IsUninst.exe

21:02:00.0274 5396 C:\Windows\IsUninst.exe - ok

21:02:00.0286 5396 [ 626F198768F67A0FEB3AD909E638F551 ] C:\Windows\System32\WindowsAnytimeUpgrade.exe

21:02:00.0286 5396 C:\Windows\System32\WindowsAnytimeUpgrade.exe - ok

21:02:00.0296 5396 [ 554BF617B3BBE4F2F73BF201B05438DE ] C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll

21:02:00.0296 5396 C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll - ok

21:02:00.0319 5396 [ 50F3F4F6FCC8759A0139FC4F2844CFBD ] C:\Program Files\Microsoft Office\Office12\OUTLPH.DLL

21:02:00.0319 5396 C:\Program Files\Microsoft Office\Office12\OUTLPH.DLL - ok

21:02:00.0330 5396 [ A58374D1A487C3CF98355BA92C0188C0 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\CbsCore.dll

21:02:00.0330 5396 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\CbsCore.dll - ok

21:02:00.0347 5396 [ 1C72EB99C500BC527B009FFDCB7D5611 ] C:\Windows\System32\msoeacct.dll

21:02:00.0347 5396 C:\Windows\System32\msoeacct.dll - ok

21:02:00.0360 5396 [ 214460565D2AC0BC124D14B785ADAE06 ] C:\Windows\System32\msoert2.dll

21:02:00.0360 5396 C:\Windows\System32\msoert2.dll - ok

21:02:00.0391 5396 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wdscore.dll

21:02:00.0391 5396 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wdscore.dll - ok

21:02:00.0410 5396 [ 8FFDEB99EAC611D617016F2174D48FC6 ] C:\Windows\System32\inetcomm.dll

21:02:00.0410 5396 C:\Windows\System32\inetcomm.dll - ok

21:02:00.0420 5396 [ 4EBDD20AFC19AAECBA2893D128DD5ECD ] C:\Windows\System32\dpx.dll

21:02:00.0452 5396 C:\Windows\System32\dpx.dll - ok

21:02:00.0461 5396 [ 64B0D18454E65B61B39D3704A9C8EA4D ] C:\Windows\System32\INETRES.dll

21:02:00.0461 5396 C:\Windows\System32\INETRES.dll - ok

21:02:00.0476 5396 [ 58F57F2F2133A2A77607C8CCC9A30F73 ] C:\Windows\System32\ACCTRES.dll

21:02:00.0476 5396 C:\Windows\System32\ACCTRES.dll - ok

21:02:00.0487 5396 [ 971B711E37CF2CEDCE57B54384640E54 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wcp.dll

21:02:00.0487 5396 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wcp.dll - ok

21:02:00.0497 5396 [ E1DA5B14475439B2F9DAC5B4B76D78E4 ] C:\Program Files\FileZilla FTP Client\filezilla.exe

21:02:00.0497 5396 C:\Program Files\FileZilla FTP Client\filezilla.exe - ok

21:02:00.0509 5396 [ 47071DD42F703390B205B33B11DAB65C ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\DrUpdate.dll

21:02:00.0510 5396 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\DrUpdate.dll - ok

21:02:00.0521 5396 [ 380E6B396644EDCDFA07E52D7D95EF99 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wrpint.dll

21:02:00.0521 5396 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wrpint.dll - ok

21:02:00.0539 5396 [ 9F433F65D10043295F42DD015B189426 ] C:\Windows\System32\sxsstore.dll

21:02:00.0539 5396 C:\Windows\System32\sxsstore.dll - ok

21:02:00.0551 5396 [ F6DFDFD5BC950275DE3B285E108CB974 ] C:\Windows\servicing\CbsApi.dll

21:02:00.0551 5396 C:\Windows\servicing\CbsApi.dll - ok

21:02:00.0566 5396 [ 031DA76A5A7DC13F015DD3491394865E ] C:\Windows\System32\advpack.dll

21:02:00.0566 5396 C:\Windows\System32\advpack.dll - ok

21:02:00.0598 5396 [ 6B87B308094AC307FA2BD39379255900 ] C:\Program Files\FileZilla FTP Client\uninstall.exe

21:02:00.0599 5396 C:\Program Files\FileZilla FTP Client\uninstall.exe - ok

21:02:00.0638 5396 [ 9612126B6B2D70A935F1D33FDE6BC7CA ] C:\Program Files\FXCM MetaTrader 4\metaeditor.exe

21:02:00.0639 5396 C:\Program Files\FXCM MetaTrader 4\metaeditor.exe - ok

21:02:00.0655 5396 [ 2E6B508848070998992B84157837EEBF ] C:\Program Files\FXCM MetaTrader 4\Uninstall.exe

21:02:00.0655 5396 C:\Program Files\FXCM MetaTrader 4\Uninstall.exe - ok

21:02:00.0671 5396 [ 4304D04DFDAAE621171A2F955981016E ] C:\Program Files\Microsoft Games\Chess\Chess.exe

21:02:00.0671 5396 C:\Program Files\Microsoft Games\Chess\Chess.exe - ok

21:02:00.0696 5396 [ 21AD332BE723EFE40D9F32AD97BA8376 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe

21:02:00.0696 5396 C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok

21:02:00.0741 5396 [ 9A75518600FBA10980EE94267CA98489 ] C:\Windows\System32\gameux.dll

21:02:00.0741 5396 C:\Windows\System32\gameux.dll - ok

21:02:00.0756 5396 [ 6ED28075D6D9E0C0464048A30432A142 ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe

21:02:00.0756 5396 C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok

21:02:00.0785 5396 [ EFF7DBEE92519EB96F70E1E31FDE7098 ] C:\Program Files\Microsoft Games\inkball\inkball.exe

21:02:00.0785 5396 C:\Program Files\Microsoft Games\inkball\inkball.exe - ok

21:02:00.0799 5396 [ 7A88900F2F11882FFCE3BF3D4EAEFB4B ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe

21:02:00.0799 5396 C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok

21:02:00.0819 5396 [ C8C383E6AA546780B2AD3034D6F6ACEF ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe

21:02:00.0819 5396 C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok

21:02:00.0841 5396 [ 3F903BDD206EB3C688651048B5E304E1 ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe

21:02:00.0841 5396 C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok

21:02:00.0854 5396 [ 07302F014858D038CB93CC349505D0E6 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe

21:02:00.0855 5396 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok

21:02:00.0875 5396 [ 401A203AB058DEC44BD44AA81BF2CB64 ] C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe

21:02:00.0875 5396 C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe - ok

21:02:00.0890 5396 [ AA40751584F95E55F72E230EA1448D04 ] C:\Program Files\GIMP-2.0\setup\unins000.exe

21:02:00.0891 5396 C:\Program Files\GIMP-2.0\setup\unins000.exe - ok

21:02:00.0910 5396 [ DCB49CE8E0250A3038A16BF7200B0CEA ] C:\Program Files\Google\Chrome\Application\22.0.1229.79\Installer\setup.exe

21:02:00.0910 5396 C:\Program Files\Google\Chrome\Application\22.0.1229.79\Installer\setup.exe - ok

21:02:00.0924 5396 [ 07DFDC31179688D82462759C054453F1 ] C:\Program Files\iWisoft Flash SWF to Video Converter\swfdownload.exe

21:02:00.0924 5396 C:\Program Files\iWisoft Flash SWF to Video Converter\swfdownload.exe - ok

21:02:00.0941 5396 [ 89045A2556A1865D2C73355F3D7AABCF ] C:\Program Files\iWisoft Flash SWF to Video Converter\vi.exe

21:02:00.0942 5396 C:\Program Files\iWisoft Flash SWF to Video Converter\vi.exe - ok

21:02:00.0954 5396 [ 2269B2F07AB5B8C4EED0F85129E8CF22 ] C:\Program Files\iWisoft Flash SWF to Video Converter\unins000.exe

21:02:00.0954 5396 C:\Program Files\iWisoft Flash SWF to Video Converter\unins000.exe - ok

21:02:00.0973 5396 [ F835B8DDF04D4241326933C54FEA7469 ] C:\Program Files\Lexmark S300-S400 Series\Install\x86\instgui.exe

21:02:00.0974 5396 C:\Program Files\Lexmark S300-S400 Series\Install\x86\instgui.exe - ok

21:02:00.0995 5396 [ B96AEDC1100354055D313D29700E3DBC ] C:\Windows\Installer\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}\VidIcon.BA73B1B0_EF22_43B4_9B31_1EC3736CBBD6.exe

21:02:00.0995 5396 C:\Windows\Installer\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}\VidIcon.BA73B1B0_EF22_43B4_9B31_1EC3736CBBD6.exe - ok

21:02:01.0014 5396 [ 80611FC36A3082184A99050B49827EB7 ] C:\Windows\Installer\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}\QuickCamStartMenuS_65895B9BA1A04BCBAB7BF5673B44A0E4.exe

21:02:01.0014 5396 C:\Windows\Installer\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}\QuickCamStartMenuS_65895B9BA1A04BCBAB7BF5673B44A0E4.exe - ok

21:02:01.0023 5396 [ 3A938ED2427DF10E571041069E6980CB ] C:\Program Files\MagicISO\UNWISE.EXE

21:02:01.0023 5396 C:\Program Files\MagicISO\UNWISE.EXE - ok

21:02:01.0037 5396 [ A5CBDC87E694154F90DBA134733E7E8B ] C:\Windows\System32\brcpl.dll

21:02:01.0038 5396 C:\Windows\System32\brcpl.dll - ok

21:02:01.0053 5396 [ BF899F57858B8C6F162D9EEB2370641C ] C:\Windows\System32\wercon.exe

21:02:01.0053 5396 C:\Windows\System32\wercon.exe - ok

21:02:01.0064 5396 [ 3141224EEBA075BC085175E60CD14782 ] C:\Windows\System32\msra.exe

21:02:01.0064 5396 C:\Windows\System32\msra.exe - ok

21:02:01.0083 5396 [ 10DC2421BA82B3D7B9FF1A54732982F0 ] C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe

21:02:01.0084 5396 C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe - ok

21:02:01.0113 5396 [ F13981CD4FEE56EC10899AF902865353 ] C:\Program Files\MB Free Subliminal Message Software\Unwise.exe

21:02:01.0113 5396 C:\Program Files\MB Free Subliminal Message Software\Unwise.exe - ok

21:02:01.0124 5396 [ CBD13B2D31FB13BE8164BEB11056199C ] C:\Program Files\MetaTrader 4\MetaEditor.exe

21:02:01.0124 5396 C:\Program Files\MetaTrader 4\MetaEditor.exe - ok

21:02:01.0149 5396 [ 401CDD89DFD3F57A866F06979E98CB51 ] C:\Program Files\MetaTrader 4\Uninstall.exe

21:02:01.0149 5396 C:\Program Files\MetaTrader 4\Uninstall.exe - ok

21:02:01.0155 5396 [ 08457294C7E98C5D3E5EE8CDC25FA537 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

21:02:01.0156 5396 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - ok

21:02:01.0167 5396 [ 4616054B57EBDC3C885A67FA08F6967C ] C:\Windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\misc.exe

21:02:01.0168 5396 C:\Windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\misc.exe - ok

21:02:01.0190 5396 [ BFE69C991171F6527B5BF625ED048471 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe

21:02:01.0190 5396 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - ok

21:02:01.0202 5396 [ 7E2CF680C69680064D43F4FFE5831DD1 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe

21:02:01.0203 5396 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe - ok

21:02:01.0217 5396 [ BECEEE04AAB6388B66D1FCBD2A9F19A1 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe

21:02:01.0218 5396 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe - ok

21:02:01.0228 5396 [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

21:02:01.0228 5396 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - ok

21:02:01.0246 5396 [ 6CE25A4F4F2F70EBF004C9006C647F32 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

21:02:01.0246 5396 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - ok

21:02:01.0256 5396 [ 877E890AA84FB4C06075A11714B743C6 ] C:\Program Files\Microsoft Office\Office12\OUTLMIME.DLL

21:02:01.0256 5396 C:\Program Files\Microsoft Office\Office12\OUTLMIME.DLL - ok

21:02:01.0269 5396 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

21:02:01.0269 5396 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - ok

21:02:01.0280 5396 [ 014EDFD8F60BECFB5A6213EBF5CC2782 ] C:\Windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\cagicon.exe

21:02:01.0280 5396 C:\Windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\cagicon.exe - ok

21:02:01.0290 5396 [ DA79517783552B80229705D9720B8E8D ] C:\Program Files\Microsoft Office\Office12\msproof6.dll

21:02:01.0290 5396 C:\Program Files\Microsoft Office\Office12\msproof6.dll - ok

21:02:01.0306 5396 [ EA3706978F5083C27633FB73F57D49B3 ] C:\Windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\opwicon.exe

21:02:01.0306 5396 C:\Windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\opwicon.exe - ok

21:02:01.0318 5396 [ FF6669F7A1782D54E338F5C6EC806E1E ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

21:02:01.0319 5396 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - ok

21:02:01.0341 5396 [ 70F60DE5F06CDF8E0B8B48E3BCE82987 ] C:\Windows\System32\hlink.dll

21:02:01.0341 5396 C:\Windows\System32\hlink.dll - ok

21:02:01.0349 5396 [ 8F802CC720B8591A5A7FD9A93ABAE7C1 ] C:\Windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\oisicon.exe

21:02:01.0349 5396 C:\Windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\oisicon.exe - ok

21:02:01.0360 5396 [ 222EDB9234167E6793D488E1CD0E2CA1 ] C:\Program Files\Microsoft Silverlight\5.1.10411.0\Silverlight.Configuration.exe

21:02:01.0360 5396 C:\Program Files\Microsoft Silverlight\5.1.10411.0\Silverlight.Configuration.exe - ok

21:02:01.0378 5396 [ 051023B22D675856D49360356293A939 ] C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll

21:02:01.0378 5396 C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll - ok

21:02:01.0389 5396 [ 87BA0576429722DF5B92FD43F55FAD77 ] C:\PROGRA~1\MICROS~2\Office12\OUTLFLTR.DLL

21:02:01.0389 5396 C:\PROGRA~1\MICROS~2\Office12\OUTLFLTR.DLL - ok

21:02:01.0402 5396 [ 20B6B6946CBCD62C0035F12583E5156B ] C:\Windows\Installer\{D7FD752A-DDB9-4685-83FD-E20C7C59BD84}\ProgramGroup_MindMan_C4D150117314479F90CAEF8478756B79.exe

21:02:01.0402 5396 C:\Windows\Installer\{D7FD752A-DDB9-4685-83FD-E20C7C59BD84}\ProgramGroup_MindMan_C4D150117314479F90CAEF8478756B79.exe - ok

21:02:01.0417 5396 [ 9CF061B27A47271356E9E328C3A01191 ] C:\Program Files\OnlyWire\OnlyWireWindows.exe

21:02:01.0418 5396 C:\Program Files\OnlyWire\OnlyWireWindows.exe - ok

21:02:01.0428 5396 [ D1AA18D4C77734A04FF19C34CAD414B9 ] C:\Windows\System32\idndl.dll

21:02:01.0428 5396 C:\Windows\System32\idndl.dll - ok

21:02:01.0444 5396 [ 01E2CE8BF44A69B88C97D4F5ED22C733 ] D:\PADGen\unins000.exe

21:02:01.0444 5396 D:\PADGen\unins000.exe - ok

21:02:01.0454 5396 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll

21:02:01.0454 5396 C:\Program Files\Mozilla Firefox\msvcr100.dll - ok

21:02:01.0464 5396 [ 67289CCEF0A0D01000A470BDF5ADBFE4 ] C:\Program Files\Paint.NET\UninsHs.exe

21:02:01.0464 5396 C:\Program Files\Paint.NET\UninsHs.exe - ok

21:02:01.0481 5396 [ DFA3AE37DED09ED4572252E9900D04C1 ] C:\Programs\PartyGaming\PartyCasino\Uninstall.exe

21:02:01.0482 5396 C:\Programs\PartyGaming\PartyCasino\Uninstall.exe - ok

21:02:01.0493 5396 [ 730D87DF83F82967DA6EA893263E0D16 ] C:\Program Files\Mozilla Firefox\mozglue.dll

21:02:01.0493 5396 C:\Program Files\Mozilla Firefox\mozglue.dll - ok

21:02:01.0509 5396 [ 5C94FF7FABE1A23C9EF651D89C1FBDED ] C:\Program Files\Mozilla Firefox\nspr4.dll

21:02:01.0509 5396 C:\Program Files\Mozilla Firefox\nspr4.dll - ok

21:02:01.0520 5396 [ 5CE623110D45AF6A5BB0747B3A9DF18B ] D:\Poker\PartyPoker\Uninstall.exe

21:02:01.0520 5396 D:\Poker\PartyPoker\Uninstall.exe - ok

21:02:01.0526 5396 [ 21FA8728B0E6D2D00063987BBC7C33E9 ] C:\Program Files\Mozilla Firefox\plc4.dll

21:02:01.0526 5396 C:\Program Files\Mozilla Firefox\plc4.dll - ok

21:02:01.0542 5396 [ 4EE96E9788C2C74353315DB612253D03 ] C:\Program Files\Mozilla Firefox\plds4.dll

21:02:01.0543 5396 C:\Program Files\Mozilla Firefox\plds4.dll - ok

21:02:01.0553 5396 [ 32510F1FA8D3327BE3B29DBC4B01B3CB ] C:\Program Files\Mozilla Firefox\mozalloc.dll

21:02:01.0553 5396 C:\Program Files\Mozilla Firefox\mozalloc.dll - ok

21:02:01.0564 5396 [ E013596DCCEC82B05B166523B91265AD ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll

21:02:01.0564 5396 C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok

21:02:01.0590 5396 [ D15F16E311E3881B6F8F2930E6D59CCC ] C:\Program Files\phantomlinkcloaker\phantomlinkcloaker.exe

21:02:01.0590 5396 C:\Program Files\phantomlinkcloaker\phantomlinkcloaker.exe - ok

21:02:01.0598 5396 [ 8B0FAFC68CB2674CFAF7B9E70464FDBB ] C:\Program Files\Mozilla Firefox\nssutil3.dll

21:02:01.0598 5396 C:\Program Files\Mozilla Firefox\nssutil3.dll - ok

21:02:01.0615 5396 [ 84EAABD444291C9E6A845AF2A1CE1523 ] C:\Program Files\Mozilla Firefox\softokn3.dll

21:02:01.0615 5396 C:\Program Files\Mozilla Firefox\softokn3.dll - ok

21:02:01.0624 5396 [ 49AD92A2247654C4A2A95081ACE07B93 ] C:\Program Files\Mozilla Firefox\nss3.dll

21:02:01.0624 5396 C:\Program Files\Mozilla Firefox\nss3.dll - ok

21:02:01.0642 5396 [ 794CF24F8356A49F25D0A5C6DCC85114 ] C:\Program Files\phantomlinkcloaker\unins000.exe

21:02:01.0642 5396 C:\Program Files\phantomlinkcloaker\unins000.exe - ok

21:02:01.0653 5396 [ A586CAB4FB1DE3872C2D6E153E961D3B ] C:\Program Files\Mozilla Firefox\ssl3.dll

21:02:01.0653 5396 C:\Program Files\Mozilla Firefox\ssl3.dll - ok

21:02:01.0665 5396 [ D5E323543C0A1A9FEBC324519EFE2EC8 ] C:\Program Files\Mozilla Firefox\smime3.dll

21:02:01.0665 5396 C:\Program Files\Mozilla Firefox\smime3.dll - ok

21:02:01.0683 5396 [ 4B70B15F477972E0189BE25F4573DB80 ] C:\Program Files\Mozilla Firefox\mozjs.dll

21:02:01.0683 5396 C:\Program Files\Mozilla Firefox\mozjs.dll - ok

21:02:01.0702 5396 [ 7CCD11959808B70A17A440DC1F5DFC71 ] C:\Program Files\Microsoft Office\Office12\OUTLFLTR.DAT

21:02:01.0702 5396 C:\Program Files\Microsoft Office\Office12\OUTLFLTR.DAT - ok

21:02:01.0721 5396 [ E97DB95D515CD5D99F87397632EDC3B6 ] C:\Program Files\Placement Locator\unins000.exe

21:02:01.0721 5396 C:\Program Files\Placement Locator\unins000.exe - ok

21:02:01.0744 5396 [ 7027F35E3AA472EC230DBCF19E4165E6 ] D:\PowerISO\PWRISOVM.EXE

21:02:01.0744 5396 D:\PowerISO\PWRISOVM.EXE - ok

21:02:01.0755 5396 [ 9A28F2BF46E298713003787584887BBD ] D:\PowerISO\uninstall.exe

21:02:01.0755 5396 D:\PowerISO\uninstall.exe - ok

21:02:01.0766 5396 [ C559672F31ABE6BA7277DD73C4502238 ] C:\Windows\System32\msiexec.exe

21:02:01.0766 5396 C:\Windows\System32\msiexec.exe - ok

21:02:01.0778 5396 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll

21:02:01.0778 5396 C:\Program Files\Mozilla Firefox\msvcp100.dll - ok

21:02:01.0791 5396 [ 7D8DBB363C01CF98F27F25710E941FDF ] C:\Program Files\RALINK\Common\RaUI.exe

21:02:01.0791 5396 C:\Program Files\RALINK\Common\RaUI.exe - ok

21:02:01.0815 5396 [ F18042C3223D6AAAF30346506463516E ] C:\Program Files\Mozilla Firefox\xul.dll

21:02:01.0815 5396 C:\Program Files\Mozilla Firefox\xul.dll - ok

21:02:01.0831 5396 [ FBAB280D0CAC5E21C72F0A1A7B5B9608 ] C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe

21:02:01.0831 5396 C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe - ok

21:02:01.0846 5396 [ 428A8E9611DA261A9D225A73DB2D885C ] D:\realplayersp\realconverter.exe

21:02:01.0846 5396 D:\realplayersp\realconverter.exe - ok

21:02:01.0860 5396 [ 14AA72EBAA5C2BA0314DD5804509C7F7 ] C:\Program Files\Microsoft Office\Office12\RTFHTML.DLL

21:02:01.0860 5396 C:\Program Files\Microsoft Office\Office12\RTFHTML.DLL - ok

21:02:01.0924 5396 [ AF81C8367FAD718DD1AE68E00CB9E039 ] D:\realplayersp\realtrimmer.exe

21:02:01.0924 5396 D:\realplayersp\realtrimmer.exe - ok

21:02:01.0944 5396 [ 63960EF68D878D006D24603C5D4F176A ] C:\Program Files\AVG\AVG2012\avgscanx.dll

21:02:01.0944 5396 C:\Program Files\AVG\AVG2012\avgscanx.dll - ok

21:02:01.0956 5396 [ 49B3D2077199C44C1F3BBB16B4094AE6 ] C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe

21:02:01.0956 5396 C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe - ok

21:02:01.0974 5396 [ E654FC95F53588AE85E7D5200C5D4722 ] D:\SERPAttacks\unins000.exe

21:02:01.0974 5396 D:\SERPAttacks\unins000.exe - ok

21:02:01.0986 5396 [ 4AB72BB5D7FE5163D3AF85050351EDCB ] C:\Program Files\Mozilla Firefox\gkmedias.dll

21:02:01.0986 5396 C:\Program Files\Mozilla Firefox\gkmedias.dll - ok

21:02:02.0012 5396 [ BC5DB2B92FCDAA07140CC98DB9D364CF ] C:\Program Files\SiS VGA Utilities\setup.exe

21:02:02.0012 5396 C:\Program Files\SiS VGA Utilities\setup.exe - ok

21:02:02.0025 5396 [ 3745419BCB39E63C0CD5009E03BD76EE ] C:\Windows\Installer\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}\Icon0E6ED660.exe

21:02:02.0025 5396 C:\Windows\Installer\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}\Icon0E6ED660.exe - ok

21:02:02.0043 5396 [ CD4B4E5652377E441688377D300E62A8 ] C:\Program Files\Mozilla Firefox\xpcom.dll

21:02:02.0043 5396 C:\Program Files\Mozilla Firefox\xpcom.dll - ok

21:02:02.0051 5396 [ 664A192B904768A379609A5C414E0D33 ] C:\Program Files\SpeedFan\uninstall.exe

21:02:02.0051 5396 C:\Program Files\SpeedFan\uninstall.exe - ok

21:02:02.0109 5396 [ 4CD08EEAC08BA53A38E48AF4813E1968 ] D:\Spybot - Search & Destroy\SDShred.exe

21:02:02.0110 5396 D:\Spybot - Search & Destroy\SDShred.exe - ok

21:02:02.0121 5396 [ 0BA1ACFEE0532249412F53EE6374EE93 ] D:\Spybot - Search & Destroy\unins000.exe

21:02:02.0121 5396 D:\Spybot - Search & Destroy\unins000.exe - ok

21:02:02.0150 5396 [ 7C616AD7AE8F75278A069641ECFCDC06 ] D:\Spybot - Search & Destroy\SDUpdate.exe

21:02:02.0150 5396 D:\Spybot - Search & Destroy\SDUpdate.exe - ok

21:02:02.0164 5396 [ E6349AE0786CF02676D037FF93AB4953 ] C:\Program Files\Subliminal Power\Subliminal.exe

21:02:02.0164 5396 C:\Program Files\Subliminal Power\Subliminal.exe - ok

21:02:02.0183 5396 [ 48044CE5D04D7B7815A9F398398EAD35 ] C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE

21:02:02.0183 5396 C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE - ok

21:02:02.0209 5396 [ 8782D9D277E2ABA59D48C819385D92AA ] C:\Windows\Installer\{7AB01508-C2B2-43C8-8B44-514801E7CCC9}\IconA17C9A58.exe

21:02:02.0210 5396 C:\Windows\Installer\{7AB01508-C2B2-43C8-8B44-514801E7CCC9}\IconA17C9A58.exe - ok

21:02:02.0229 5396 [ F06D5A0CE579B43F8C15B3FE0B4C7783 ] C:\Program Files\TheGenerator\unins000.exe

21:02:02.0229 5396 C:\Program Files\TheGenerator\unins000.exe - ok

21:02:02.0242 5396 [ FCFCADA2B35D0599DC485F06DED21788 ] C:\Program Files\Mozilla Firefox\components\browsercomps.dll

21:02:02.0242 5396 C:\Program Files\Mozilla Firefox\components\browsercomps.dll - ok

21:02:02.0261 5396 [ 131C98A0E2774F0D3B6DA3DC70787262 ] C:\Program Files\Ulead Systems\Ulead CD & DVD PictureShow 3 SE Basic\DiscDup.exe

21:02:02.0261 5396 C:\Program Files\Ulead Systems\Ulead CD & DVD PictureShow 3 SE Basic\DiscDup.exe - ok

21:02:02.0279 5396 [ CAA71374014DA23AF7E10F15EA975BDF ] C:\Program Files\Common Files\Ulead Systems\Autodetector\Monitor.exe

21:02:02.0279 5396 C:\Program Files\Common Files\Ulead Systems\Autodetector\Monitor.exe - ok

21:02:02.0290 5396 [ 1F4D2B8C3DAFF1DEFFF5FAD2A0930DFE ] D:\Internet Marketing\BlogBlueprint\Web2Mayhem\uninst.exe

21:02:02.0290 5396 D:\Internet Marketing\BlogBlueprint\Web2Mayhem\uninst.exe - ok

21:02:02.0302 5396 [ 6831E53C1F7AAA8F5F0104E0E0CD6A9E ] C:\Program Files\WebSiteZip Packer 1.3\unins000.exe

21:02:02.0302 5396 C:\Program Files\WebSiteZip Packer 1.3\unins000.exe - ok

21:02:02.0321 5396 [ 7E8FF1BB029DCDD7ADE8C342AB4B763F ] C:\Program Files\WebSiteZip Packer 1.3\WSZView.exe

21:02:02.0321 5396 C:\Program Files\WebSiteZip Packer 1.3\WSZView.exe - ok

21:02:02.0331 5396 [ CDD6F9FB9608E877359F92238222D322 ] C:\Program Files\Windows Live\Writer\WindowsLiveWriter.exe

21:02:02.0331 5396 C:\Program Files\Windows Live\Writer\WindowsLiveWriter.exe - ok

21:02:02.0350 5396 [ 04DA441BBF1BE78FF4E6D65245BB56CF ] C:\Program Files\Windows Media Components\Encoder\wmenc.exe

21:02:02.0351 5396 C:\Program Files\Windows Media Components\Encoder\wmenc.exe - ok

21:02:02.0364 5396 [ 04DA441BBF1BE78FF4E6D65245BB56CF ] C:\Windows\Installer\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}\ARPIcon

21:02:02.0364 5396 C:\Windows\Installer\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}\ARPIcon - ok

21:02:02.0382 5396 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\System32\dxtrans.dll

21:02:02.0382 5396 C:\Windows\System32\dxtrans.dll - ok

21:02:02.0393 5396 [ 734DAA4FEAC6905BCFB30410D6C7E003 ] C:\Windows\System32\ddrawex.dll

21:02:02.0393 5396 C:\Windows\System32\ddrawex.dll - ok

21:02:02.0411 5396 [ A65F84B50317427C58A14C1C3ACD8AA2 ] C:\Program Files\Windows Media Components\Encoder\wmeditor.exe

21:02:02.0412 5396 C:\Program Files\Windows Media Components\Encoder\wmeditor.exe - ok

21:02:02.0426 5396 [ 4EA314A1B26257B0A8724E2BF65B53C7 ] C:\Program Files\Windows Media Components\Encoder\WMProEdt.exe

21:02:02.0426 5396 C:\Program Files\Windows Media Components\Encoder\WMProEdt.exe - ok

21:02:02.0455 5396 [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\System32\dxtmsft.dll

21:02:02.0455 5396 C:\Windows\System32\dxtmsft.dll - ok

21:02:02.0464 5396 [ BAE963F318A4E269799C1E04CF9E4056 ] C:\Program Files\Windows Media Components\Encoder\wmstreamedt.exe

21:02:02.0464 5396 C:\Program Files\Windows Media Components\Encoder\wmstreamedt.exe - ok

21:02:02.0485 5396 [ 95CAEF9DA6E9AEE1ECD627527CFA0F38 ] D:\Xvid\OGMCalc.exe

21:02:02.0485 5396 D:\Xvid\OGMCalc.exe - ok

21:02:02.0497 5396 [ C39AD6299E0E1F7AA3F5B51AC9B5CD0E ] D:\Xvid\AviC.exe

21:02:02.0497 5396 D:\Xvid\AviC.exe - ok

21:02:02.0515 5396 [ 7CE40A557359849EA374E0E4DDE52E26 ] D:\Xvid\MiniCalc.exe

21:02:02.0515 5396 D:\Xvid\MiniCalc.exe - ok

21:02:02.0528 5396 [ 487AF46145B81C5BC54873E764F93636 ] D:\Xvid\StatsReader.exe

21:02:02.0528 5396 D:\Xvid\StatsReader.exe - ok

21:02:02.0549 5396 [ 4BFD4F1E61C5C1A7D4158952AE2A2AD6 ] D:\Xvid\unins000.exe

21:02:02.0549 5396 D:\Xvid\unins000.exe - ok

21:02:02.0580 5396 [ 6B5E418A9C02AB0C3F3DD50B0E3CD3A6 ] D:\Xvid\vidccleaner.exe

21:02:02.0580 5396 D:\Xvid\vidccleaner.exe - ok

21:02:02.0590 5396 [ 11913501760C633AC044A56FFD6A9A2E ] C:\Program Files\Common Files\System\ado\msadox.dll

21:02:02.0590 5396 C:\Program Files\Common Files\System\ado\msadox.dll - ok

21:02:02.0601 5396 ============================================================

21:02:02.0601 5396 Scan finished

21:02:02.0601 5396 ============================================================

21:02:02.0632 5144 Detected object count: 7

21:02:02.0632 5144 Actual detected object count: 7

21:03:20.0419 5144 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

21:03:20.0420 5144 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:03:20.0428 5144 giveio ( UnsignedFile.Multi.Generic ) - skipped by user

21:03:20.0429 5144 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:03:20.0433 5144 RapportBuka ( UnsignedFile.Multi.Generic ) - skipped by user

21:03:20.0434 5144 RapportBuka ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:03:20.0438 5144 RSDBServerService ( UnsignedFile.Multi.Generic ) - skipped by user

21:03:20.0438 5144 RSDBServerService ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:03:20.0446 5144 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user

21:03:20.0446 5144 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:03:20.0451 5144 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user

21:03:20.0451 5144 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:03:24.0897 5144 \Device\Harddisk0\DR0\# - copied to quarantine

21:03:24.0907 5144 \Device\Harddisk0\DR0 - copied to quarantine

21:03:24.0942 5144 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - will be cured on reboot

21:03:25.0054 5144 \Device\Harddisk0\DR0 - ok

21:03:25.0054 5144 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure

21:03:49.0130 3828 Deinitialize success

Link to post
Share on other sites

Another TDSS log (not sure why there were 3)

21:09:30.0186 3304 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24

21:09:30.0748 3304 ============================================================

21:09:30.0748 3304 Current date / time: 2012/10/07 21:09:30.0748

21:09:30.0748 3304 SystemInfo:

21:09:30.0748 3304

21:09:30.0748 3304 OS Version: 6.0.6002 ServicePack: 2.0

21:09:30.0748 3304 Product type: Workstation

21:09:30.0748 3304 ComputerName: ANDY-LAPTOP

21:09:30.0748 3304 UserName: Andy

21:09:30.0748 3304 Windows directory: C:\Windows

21:09:30.0748 3304 System windows directory: C:\Windows

21:09:30.0748 3304 Processor architecture: Intel x86

21:09:30.0748 3304 Number of processors: 2

21:09:30.0748 3304 Page size: 0x1000

21:09:30.0748 3304 Boot type: Normal boot

21:09:30.0748 3304 ============================================================

21:09:33.0718 3304 BG loaded

21:09:35.0547 3304 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

21:09:35.0594 3304 ============================================================

21:09:35.0594 3304 \Device\Harddisk0\DR0:

21:09:35.0703 3304 MBR partitions:

21:09:35.0703 3304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xABE800, BlocksNum 0x2EE000

21:09:35.0703 3304 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xDAC800, BlocksNum 0x7A0C800

21:09:35.0735 3304 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x87B9800, BlocksNum 0x3A98000

21:09:35.0766 3304 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xC252000, BlocksNum 0x1D42000

21:09:35.0766 3304 ============================================================

21:09:36.0000 3304 C: <-> \Device\Harddisk0\DR0\Partition2

21:09:36.0141 3304 S: <-> \Device\Harddisk0\DR0\Partition1

21:09:36.0313 3304 D: <-> \Device\Harddisk0\DR0\Partition3

21:09:36.0625 3304 G: <-> \Device\Harddisk0\DR0\Partition4

21:09:36.0625 3304 ============================================================

21:09:36.0625 3304 Initialize success

21:09:36.0625 3304 ============================================================

21:09:49.0985 3888 Deinitialize success

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.65.0.1400

www.malwarebytes.org

Database version: v2012.10.07.04

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Andy :: ANDY-LAPTOP [administrator]

07/10/2012 21:49:23

mbam-log-2012-10-07 (21-49-23).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 227280

Time elapsed: 14 minute(s), 24 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Users\Andy\Documents\Downloads\Money Beyond Belief By Dr. Joe Vitale And Brad Yates. -Another FoFF Crack.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2

Run by Andy at 22:15:04 on 2012-10-07

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.1916.864 [GMT 1:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Program Files\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Windows\system32\lxeacoms.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

D:\RoboSoft4\RSDBServer.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\SiS VGA Utilities\SiSTray.exe

C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

D:\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\wuauclt.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = Preserve

uStart Page = hxxp://www.thetechguys.com/welcome

uDefault_Page_URL = hxxp://www.thetechguys.com/welcome

mDefault_Page_URL = hxxp://www.thetechguys.com/welcome

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = 0.0.0.0:80

uURLSearchHooks: H - No File

mURLSearchHooks: H - No File

BHO: s - No File

BHO: SlimBho2.dll' - No File

BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 10\SnagitBHO.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll

BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\spybot - search & destroy\SDHelper.dll

BHO: CmjBrowserHelperObject Object: {6fe6a929-59d1-4763-91ad-29b61cffb35b} - c:\program files\mindjet\mindmanager 8\Mm8InternetExplorer.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll

BHO: OrbiscomROTBho2 Class: {d81ab57b-7327-4347-b7c7-9ef7ca87ce09} - c:\windows\system32\SlimBho2.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll

TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 10\SnagitIEAddin.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

TB: {58ae4526-9474-4a80-a0ca-45beff07cec9} - No File

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

TB: {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File

EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

EB: {58ae4526-9474-4a80-a0ca-45beff07cec9} - No File

uRun: [spybotSD TeaTimer] d:\spybot - search & destroy\TeaTimer.exe

mRun: [siSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11e_ActiveX.exe -update activex

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\programs\partygaming\partycasino\RunApp.exe

IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\poker\partypoker\RunApp.exe

IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {2F72393D-2472-4F82-B600-ED77F354B7FF} - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - c:\program files\mindjet\mindmanager 8\Mm8InternetExplorer.dll

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\spybot - search & destroy\SDHelper.dll

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{4231FEBA-47F7-40B8-AD24-C4DDEE06B8EA} : DhcpNameServer = 198.41.0.4

TCP: Interfaces\{96328590-9B20-4478-B30C-47798DD37270} : DhcpNameServer = 192.168.1.254

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\andy\appdata\roaming\mozilla\firefox\profiles\eurdbb1x.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: keyword.URL - hxxp://uk.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_uk&p=

FF - prefs.js: network.proxy.type - 4

FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll

FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll

FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll

FF - component: c:\users\andy\appdata\roaming\mozilla\firefox\profiles\eurdbb1x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: c:\users\andy\appdata\roaming\mozilla\firefox\profiles\eurdbb1x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll

FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npmidas.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll

FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - plugin: d:\realplayersp\netscape6\nppl3260.dll

FF - plugin: d:\realplayersp\netscape6\nppl3260.dll

FF - plugin: d:\realplayersp\netscape6\nprjplug.dll

FF - plugin: d:\realplayersp\netscape6\nprjplug.dll

FF - plugin: d:\realplayersp\netscape6\nprpjplug.dll

FF - plugin: d:\realplayersp\netscape6\nprpplugin.dll

FF - plugin: g:\itunes\mozilla plugins\npitunes.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-7-26 237408]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-8-24 301920]

R1 RapportBuka;RapportBuka;c:\windows\system32\drivers\RapportBuka.sys [2010-3-7 390528]

R1 RapportCerberus_43926;RapportCerberus_43926;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\43926\RapportCerberus32_43926.sys [2012-10-4 272216]

R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2012-9-22 71480]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]

R2 BecHelperService;BecHelperService;c:\program files\3 mobile broadband\3connect\BecHelperService.exe [2010-9-4 1737464]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-17 21504]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-12-29 47640]

R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?]

R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2012-9-22 976728]

R2 RSDBServerService;RoboSoft Database Server;d:\robosoft4\RSDBServer.exe [2012-5-8 1794048]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-8-13 3064000]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]

R3 RapportIaso;RapportIaso;c:\programdata\trusteer\rapport\store\exts\rapportms\39624\RapportIaso.sys [2012-5-30 21520]

R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2010-3-31 350720]

R3 SiS6350;SiS6350;c:\windows\system32\drivers\SISGRKMD.sys [2007-8-31 452096]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2007-8-31 46592]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-8-15 133104]

S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [2010-5-16 193192]

S2 SBSDWSCService;SBSD Security Center Service;d:\spybot - search & destroy\SDWinSec.exe [2012-10-7 1153368]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-15 133104]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2010-9-4 101120]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-27 114144]

S3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr73.sys [2007-8-31 351232]

S3 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2012-9-22 65848]

S3 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2012-9-22 166840]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-10-07 20:03:20 -------- d-----w- C:\TDSSKiller_Quarantine

2012-10-07 12:28:51 388096 ----a-r- c:\users\andy\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2012-10-07 12:28:50 -------- d-----w- c:\program files\Trend Micro

2012-10-07 10:58:57 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-09-25 20:44:28 -------- d-----w- c:\users\andy\appdata\roaming\MetaQuotes

2012-09-22 15:34:42 65848 ----a-w- c:\windows\system32\drivers\RapportKELL.sys

2012-09-17 13:18:32 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

.

==================== Find3M ====================

.

2012-09-17 13:17:29 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-09-17 13:17:29 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-07 16:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-24 14:43:18 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-07-26 02:21:30 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys

.

============= FINISH: 22:19:03.74 ===============

Link to post
Share on other sites

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 14/09/2007 03:04:59

System Uptime: 07/10/2012 22:06:46 (0 hours ago)

.

Motherboard: DIXONSXP | | N/A

Processor: Intel® Core2 Duo CPU T5250 @ 1.50GHz | uPGA 479M | 1500/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 61 GiB total, 3.095 GiB free.

D: is FIXED (NTFS) - 29 GiB total, 7.085 GiB free.

E: is CDROM ()

F: is Removable

G: is FIXED (NTFS) - 15 GiB total, 1.888 GiB free.

S: is FIXED (NTFS) - 1 GiB total, 1.399 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

.

Update for Microsoft Office 2007 (KB2508958)

1.3.0.1

3 USB Modem

3Connect

Adobe AIR

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Default Language CS3

Adobe Device Central CS3

Adobe Dreamweaver CS3

Adobe ExtendScript Toolkit 2

Adobe Extension Manager CS3

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Help Viewer CS3

Adobe PDF Library Files

Adobe Reader 8.2.0

Adobe Setup

Adobe Shockwave Player 11.5

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audacity 1.2.6

AVG 2012

Bonjour

Buckaroo Watchboard

cahoot webcard

CamStudio Lossless Codec

Camtasia Studio 7

Canon Easy-WebPrint EX

Canon Inkjet Printer/Scanner/Fax Extended Survey Program

Canon iP4700 series Printer Driver

Canon iP4700 series User Registration

Canon Utilities My Printer

Canon Utilities Solution Menu

CassetteMate

CCleaner

CD-LabelPrint

ColorPic

CommissionMultiplier

Content Spinner

Convert AVI to MP4 1.3

DataFilter

Desktop Ticker 1.4.0

Digi Traffic Accelerator

Domain Match Pro

eCover Engineer 5.5

FileZilla Client 3.5.3

FXCM MetaTrader 4

GIMP 2.6.10

Google Chrome

Google Gears

Google Update Helper

GoToMeeting 5.2.0.952

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Huawei modem

Instant Content Curator Pro

iTunes

iWisoft Flash SWF to Video Converter 3.4

Java 7 Update 7

Java Auto Updater

Jing

Keyword Corral PRO

KeywordVariationTool

king.com (remove only)

Lexmark Printable Web

Lexmark S300-S400 Series

Lexmark Toolbar

Lexmark Tools for Office

Logitech Vid

Logitech Webcam Software

Magic ISO Maker v5.4 (build 0239)

Magic Submitter version 2.76

Malwarebytes Anti-Malware version 1.65.0.1400

Market Samurai

Micro Niche Finder 5.0

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office FrontPage 2003

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft XML Parser

Mindjet MindManager 8

MobileMe Control Panel

Motorola SM56 Data Fax Modem

Mozilla Firefox 15.0 (x86 en-US)

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

neroxml

Norton 360

OnlyWire

OSDInstall

PADGen 3.1.1.50

Paint.NET 3.8

phantomlinkcloaker

Photo Viewer 2.23

Pinterest - Buckaroo Watchboard

Placement Locator 1.0

Pocket Penguinator 1.0.0.0

Power2Go 5.0

PowerISO

QuickTime

Ralink Wireless LAN

Rank Tracker

Rapport

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

REALTEK RTL8187B Wireless LAN Driver

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

RoboSoft 4.0

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Security Update for Windows Media Encoder (KB979332)

SEO Link Robot - Fast Indexer 2.0.1.0

SERPAttacks

Setup-ExitPopup

SiS VGA Utilities

Skype Click to Call

Skype™ 5.10

Smash & Grab SEO Site Organizer

Snagit 10

SpeedFan (remove only)

Spybot - Search & Destroy

Subliminal Power

SUPERAntiSpyware

The Generator version 1.0

TimeLeft

Traffic Launch Pad

Ulead CD & DVD PictureShow 3 SE Basic

Ulead Photo Express 5 SE

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VCRedistSetup

vixy converter uninstall

Web 2.0 Mayhem 1.0.6.9

Web Page Analyzer

WebEx

Windows Live Essentials

Windows Live Sign-in Assistant

Windows Live Upload Tool

Windows Live Writer

Windows Media Encoder 9 Series

Windows Media Player Firefox Plugin

WinRAR archiver

Word Wizard

Xvid 1.1.3 final uninstall

.

==== Event Viewer Messages From Past Week ========

.

07/10/2012 22:09:40, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aybesy

07/10/2012 22:09:35, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

07/10/2012 22:09:35, Error: Service Control Manager [7001] - The SBSD Security Center Service service depends on the Security Center service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/10/2012 22:09:35, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/10/2012 22:09:35, Error: Service Control Manager [7000] - The lxeaCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

07/10/2012 22:09:35, Error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.

07/10/2012 21:11:13, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

07/10/2012 21:11:13, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

07/10/2012 14:26:20, Error: EventLog [6008] - The previous system shutdown at 14:22:32 on 07/10/2012 was unexpected.

07/10/2012 13:53:54, Error: EventLog [6008] - The previous system shutdown at 13:48:51 on 07/10/2012 was unexpected.

07/10/2012 12:51:52, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

07/10/2012 11:11:32, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

07/10/2012 09:38:36, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the stisvc service.

.

==== End Of File ===========================

Link to post
Share on other sites

For example can I find a way to still keep my data?

You could use external memory like USB hard disc, flash drive or something.

Step 1

I see you are running Teatimer.

I suggest you to disable it because it can interfere with the changes you'll make on your system.

When everything is done and your log is clean again, you can enable it again.

If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.

How to disable TeaTimer <== click me for instructions.

After you disabled Teatimer, download ResetTeaTimer.exe to your desktop.

Then run ResetTeaTimer.exe.

This will only take a few seconds.

Step 2

Note: Please do not run this tool without special supervision and instruction of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

Cheers Maniac,

Here is the log. It says I am running AVG but I disabled it beforehand so not sure there

ComboFix 12-10-08.03 - Andy 08/10/2012 23:12:54.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.1916.757 [GMT 1:00]

Running from: c:\users\Andy\Downloads\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\Subliminal Power\Subliminal.exe

c:\programdata\SPLAAE4.tmp

c:\users\Andy\AppData\Local\assembly\tmp

c:\users\Andy\AppData\Roaming\.#

c:\users\Andy\AppData\Roaming\Microsoft\Windows\Recent\Kindle Cash Machine Publish and Make Money with the Amazon Kindle.url

c:\users\Andy\AppData\Roaming\ubot

c:\users\Andy\Documents\~WRL0003.tmp

c:\users\Andy\Documents\~WRL0004.tmp

c:\users\Andy\Documents\~WRL0005.tmp

c:\users\Andy\Documents\~WRL0006.tmp

c:\users\Andy\g2mdlhlpx.exe

c:\windows\system32\drivers\etc\hosts.ics

c:\windows\system32\gotomon.log

c:\windows\system32\spool\prtprocs\w32x86\GoToPrintProcessor.dll

c:\windows\system64

c:\windows\system64\atl100.dll

c:\windows\system64\mfc100.dll

c:\windows\system64\mfc100chs.dll

c:\windows\system64\mfc100cht.dll

c:\windows\system64\mfc100deu.dll

c:\windows\system64\mfc100enu.dll

c:\windows\system64\mfc100esn.dll

c:\windows\system64\mfc100fra.dll

c:\windows\system64\mfc100ita.dll

c:\windows\system64\mfc100jpn.dll

c:\windows\system64\mfc100kor.dll

c:\windows\system64\mfc100rus.dll

c:\windows\system64\mfc100u.dll

c:\windows\system64\mfcm100.dll

c:\windows\system64\mfcm100u.dll

c:\windows\system64\msvcp100.dll

c:\windows\system64\msvcr100.dll

c:\windows\system64\vcomp100.dll

.

.

((((((((((((((((((((((((( Files Created from 2012-09-08 to 2012-10-08 )))))))))))))))))))))))))))))))

.

.

2012-10-08 22:31 . 2012-10-08 22:31 -------- d-----w- c:\users\Andy\AppData\Local\temp

2012-10-08 22:31 . 2012-10-08 22:31 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-08 22:31 . 2012-10-08 22:31 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2012-10-07 20:03 . 2012-10-07 20:03 -------- d-----w- C:\TDSSKiller_Quarantine

2012-10-07 12:28 . 2012-10-07 12:28 388096 ----a-r- c:\users\Andy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-10-07 12:28 . 2012-10-07 12:28 -------- d-----w- c:\program files\Trend Micro

2012-10-07 10:58 . 2012-10-08 21:51 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-09-25 20:44 . 2012-09-25 20:44 -------- d-----w- c:\users\Andy\AppData\Roaming\MetaQuotes

2012-09-22 15:34 . 2012-09-22 15:34 65848 ----a-w- c:\windows\system32\drivers\RapportKELL.sys

2012-09-17 13:20 . 2012-09-17 13:20 -------- d-----w- c:\program files\Common Files\Java

2012-09-17 13:18 . 2012-09-17 13:17 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-17 13:17 . 2012-05-23 22:23 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-09-17 13:17 . 2010-08-27 20:38 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-07 16:04 . 2010-04-18 13:13 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-24 14:43 . 2012-08-24 14:43 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2012-07-26 02:21 . 2012-07-26 02:21 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2012-09-07 12:10 . 2012-09-07 12:09 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2007-11-09 16:25 . 2012-09-07 12:09 57344 ----a-w- c:\program files\mozilla firefox\components\MGSHelper.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SiSTray"="c:\program files\SiS VGA Utilities\SiSTray.exe" [2007-08-24 552960]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-09-07 981656]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe" [2012-03-03 247968]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux4"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OnlyWire.LNK]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\OnlyWire.LNK

backup=c:\windows\pss\OnlyWire.LNK.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk

backup=c:\windows\pss\Ralink Wireless Utility.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 10.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk

backup=c:\windows\pss\Snagit 10.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Andy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]

path=c:\users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk

backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Andy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]

path=c:\users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk

backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Andy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TimeLeft.lnk]

path=c:\users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk

backup=c:\windows\pss\TimeLeft.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-12-18 07:58 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

2011-04-20 11:48 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2011-11-01 23:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

2009-07-27 02:10 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]

2009-03-18 01:40 767312 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

2009-04-27 19:13 139944 ----a-w- c:\program files\Lexmark S300-S400 Series\ezprint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoToMeeting]

2012-07-03 19:59 39816 ----a-w- c:\program files\Citrix\GoToMeeting\952\g2mstart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2009-02-26 18:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

2004-08-09 06:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

2004-08-09 06:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2012-01-16 17:22 421736 ----a-w- g:\itunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing]

2012-02-01 14:18 2918224 ----a-w- c:\program files\TechSmith\Jing\Jing.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]

2009-07-16 14:35 5458704 ----a-w- c:\program files\Logitech\Logitech Vid\Vid.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]

2009-10-14 12:36 2793304 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxeamon.exe]

2009-04-27 19:13 766632 ----a-w- c:\program files\Lexmark S300-S400 Series\lxeamon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]

2008-11-14 02:35 37656 ----a-w- c:\program files\Mindjet\MindManager 8\MmReminderService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OSD]

2007-08-28 13:36 671801 ----a-w- c:\program files\C&E\OSD\osd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

2007-08-07 00:05 200704 ----a-w- d:\poweriso\PWRISOVM.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-10-24 14:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2007-08-09 18:26 4702208 ----a-w- c:\windows\RtHDVCpl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2012-07-13 12:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]

2007-08-03 12:22 1826816 ----a-w- c:\windows\SkyTel.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]

2007-01-02 01:43 630784 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-07-03 08:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

2012-04-20 00:56 3905920 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2012-05-24 10:50 296056 ----a-w- d:\realplayersp\Update\realsched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector v2]

2004-11-26 10:43 90112 ------w- c:\program files\Common Files\Ulead Systems\Autodetector\Monitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GShortCut]

2007-07-26 21:07 202024 ----a-w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2589518989-727022852-2468593643-1000]

"EnableNotificationsRef"=dword:00000001

.

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - RAPPORTIASO

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contents of the 'Scheduled Tasks' folder

.

2012-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-15 16:55]

.

2012-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-15 16:55]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.thetechguys.com/welcome

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = 0.0.0.0:80

IE: {{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\programs\PartyGaming\PartyCasino\RunApp.exe

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\eurdbb1x.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: keyword.URL - hxxp://uk.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_uk&p=

FF - prefs.js: network.proxy.type - 4

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

Toolbar-{58ae4526-9474-4a80-a0ca-45beff07cec9} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)

SafeBoot-26428617.sys

SafeBoot-71926639.sys

MSConfigStartUp-BitTorrent DNA - c:\users\Andy\Program Files\DNA\btdna.exe

MSConfigStartUp-CahootWebcard - c:\program files\cahoot webcard\CahootWebcard.exe

MSConfigStartUp-DivXUpdate - c:\program files\DivX\DivX Update\DivXUpdate.exe

MSConfigStartUp-Freecorder FLV Service - c:\program files\Freecorder\FLVSrvc.exe

MSConfigStartUp-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

MSConfigStartUp-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe

MSConfigStartUp-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Nero\Lib\NeroCheck.exe

MSConfigStartUp-Subliminal Power - c:\program files\Subliminal Power\Subliminal.exe

MSConfigStartUp-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

MSConfigStartUp-Ulead Photo Express Calendar Checker - c:\program files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-10-08 23:31

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

.

c:\users\Andy\AppData\Local\Temp\catchme.dll 53248 bytes executable

.

scan completed successfully

hidden files: 1

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}"=hex:51,66,7a,6c,4c,1d,38,12,ed,e2,e6,

8b,ec,e5,85,03,cf,88,91,ea,bc,02,ef,f7

"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}"=hex:51,66,7a,6c,4c,1d,38,12,62,ab,04,

14,3b,21,26,00,d7,5b,ae,96,a9,cb,61,e4

"{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}"=hex:51,66,7a,6c,4c,1d,38,12,e8,9b,8e,

71,5d,42,f6,01,c5,a0,09,1f,42,98,83,3b

"{21347690-EC41-4F9A-8887-1F4AEE672439}"=hex:51,66,7a,6c,4c,1d,38,12,fe,75,27,

25,73,a2,f4,0a,f7,91,5c,0a,eb,39,60,2d

"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,

2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

"{00C6482D-C502-44C8-8409-FCE54AD9C208}"=hex:51,66,7a,6c,4c,1d,38,12,43,4b,d5,

04,30,8b,a6,01,fb,1f,bf,a5,4f,87,86,1c

"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,9d,97,

02,e5,86,37,08,c7,6b,3b,0b,78,35,a4,a7

"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,

34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de

"{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}"=hex:51,66,7a,6c,4c,1d,38,12,c3,d3,96,

33,cd,f1,98,02,c0,4d,e6,c7,c4,3c,ba,cd

"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,

38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4

"{6FE6A929-59D1-4763-91AD-29B61CFFB35B}"=hex:51,66,7a,6c,4c,1d,38,12,47,aa,f5,

6b,e3,17,0d,02,ee,bb,6a,f6,19,a1,f7,4f

"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,

76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,

aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83

"{D2C5E510-BE6D-42CC-9F61-E4F939078474}"=hex:51,66,7a,6c,4c,1d,38,12,7e,e6,d6,

d6,5f,f0,a2,07,e0,77,a7,b9,3c,59,c0,60

"{D81AB57B-7327-4347-B7C7-9EF7CA87CE09}"=hex:51,66,7a,6c,4c,1d,38,12,15,b6,09,

dc,15,3d,29,06,c8,d1,dd,b7,cf,d9,8a,1d

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}"=hex:51,66,7a,6c,4c,1d,38,12,2e,fd,ed,

e4,cb,b5,c0,07,c5,4e,3a,0c,a2,bd,bf,47

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:16,54,61,52,83,ef,cc,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5b,19,f7,20,c5,75,79,4d,a2,5f,86,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5b,19,f7,20,c5,75,79,4d,a2,5f,86,\

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-2589518989-727022852-2468593643-1000\Software\SecuROM\License information*]

"datasecu"=hex:71,48,37,03,cb,06,3b,8d,56,c8,a8,c1,c3,9e,34,f5,db,6d,66,f7,b6,

70,d0,ca,82,7c,ab,ff,da,8e,25,91,a5,58,f2,0e,49,80,20,0f,88,c1,ea,34,f1,25,\

"rkeysecu"=hex:c4,7a,a8,e0,e3,09,76,3c,b4,1d,e2,47,ee,a6,e8,97

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2012-10-08 23:35:31

ComboFix-quarantined-files.txt 2012-10-08 22:35

.

Pre-Run: 3,065,556,992 bytes free

Post-Run: 2,889,793,536 bytes free

.

- - End Of File - - 0D3F91F0E561679E428BD8E0395D76C5

Link to post
Share on other sites

Good! :)

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites

Cool I've done that

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=826a61d2d53df646ae685a2d89dcf8ce

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-10-09 11:42:57

# local_time=2012-10-10 12:42:57 (+0000, GMT Daylight Time)

# country="United Kingdom"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=1024 16777215 100 0 31214369 31214369 0 0

# compatibility_mode=5892 16776574 100 100 92023826 187347250 0 0

# compatibility_mode=8192 67108863 100 0 201 201 0 0

# scanned=380508

# found=7

# cleaned=7

# scan_time=11653

C:\Users\Andy\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

D:\Internet Marketing\Bought\videositecreator\Default\func.php PHP/Obfuscated.F application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

G:\CasinoShare.exe Win32/PrimeCasino application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

G:\jackpotcity(2).exe a variant of Win32/PrimeCasino application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

G:\jackpotcity.exe a variant of Win32/PrimeCasino application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

G:\SpinPalace.exe Win32/PrimeCasino application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

G:\nvsbcore\Default\func.php PHP/Obfuscated.F application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Am I a geek as I'm enjoying this clean up!

Link to post
Share on other sites

Thank you very much! :)

Where would someone go to learn what you know?

We have starting guidance here:

http://forums.malwarebytes.org/index.php?showtopic=12264

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Next, uninstall ESET Online Scanner and then manually delete ResetTeaTimer.

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.