joddle Posted August 13, 2012 Posted August 13, 2012 I have a Acer windows 7 laptop which has become infected with a redirect virus - anyway thats what I think it is. Run Malwarebytes and cleared a whole list of malware ("fun" something or other) - checked with avira scan but no virus reported but IE is still redirecting my searches to strange sites or nothing at all. Looking around the web I think the pc has a redirect virus but I can't seem to find a way of getting shot of it. It seemed to have come from a payment system for "google wallet" for something I was trying to buy on line. Any help please!!!! Quote
etavares Posted August 14, 2012 Posted August 14, 2012 Hi joddle, My name is etavares and I'll be helping you with this issue. Please do reply within 48 hours so the information I provide isn't outdated. Please only follow my instructions now that we are working together. Please don't do anything on your own or on other sites...we'll end up working against each other and make the problem worse. Please follow these instructions: Before posting for Malware Removal help. And post the requested logs in your reply. I'll look through them and post instructions. -etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
joddle Posted August 14, 2012 Author Posted August 14, 2012 Ok here are the files - two posts needed as they are two long I did four malwarebytes runs before your email so all those results are all here: The other two reports are in the next postbelow these. Thanks Joddle Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.13.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Mike Wood :: HOME-LAPTOP [administrator] 13/08/2012 09:58:59 mbam-log-2012-08-13 (09-58-59).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 125076 Time elapsed: 25 minute(s), 18 second(s) [aborted] Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 30 HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> No action taken. HKCR\funmoods.funmoodsHlpr.1 (PUP.Funmoods) -> No action taken. HKCR\funmoods.funmoodsHlpr (PUP.Funmoods) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\escort.escortIEPane.1 (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\escort.escortIEPane (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\funmoods.dskBnd.1 (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\funmoods.dskBnd (PUP.Funmoods) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\f (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43} (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\funmoods (PUP.FunMoods) -> Quarantined and deleted successfully. Registry Values Detected: 2 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: Funmoods Toolbar -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 6 C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll (PUP.Funmoods) -> No action taken. C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodssrv.exe (PUP.Funmoods) -> Quarantined and deleted successfully. C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll (PUP.Funmoods) -> Quarantined and deleted successfully. C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsApp.dll (PUP.Funmoods) -> Quarantined and deleted successfully. C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsEng.dll (PUP.Funmoods) -> Quarantined and deleted successfully. C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\uninstall.exe (PUP.FunMoods) -> Quarantined and deleted successfully. (end) Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.13.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Mike Wood :: HOME-LAPTOP [administrator] 13/08/2012 10:29:42 mbam-log-2012-08-13 (10-29-42).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 32389 Time elapsed: 1 minute(s), [aborted] Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 2 HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully. HKCR\funmoods.funmoodsHlpr.1 (PUP.FunMoods) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll (PUP.FunMoods) -> Quarantined and deleted successfully. (end) Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.13.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Mike Wood :: HOME-LAPTOP [administrator] 13/08/2012 10:34:32 mbam-log-2012-08-13 (10-34-32).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 459401 Time elapsed: 1 hour(s), 8 minute(s), 44 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 2 C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16 (PUP.Funmoods) -> Quarantined and deleted successfully. C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh (PUP.Funmoods) -> Quarantined and deleted successfully. Files Detected: 1 C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx (PUP.Funmoods) -> Quarantined and deleted successfully. (end) Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.13.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Mike Wood :: HOME-LAPTOP [administrator] 13/08/2012 14:54:18 mbam-log-2012-08-13 (14-54-18).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 305303 Time elapsed: 12 minute(s), 35 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Quote
joddle Posted August 14, 2012 Author Posted August 14, 2012 Here is the QTL file OTL logfile created on: 14/08/2012 09:51:45 - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Mike Wood\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.68 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 59.63% Memory free 7.36 Gb Paging File | 5.68 Gb Available in Paging File | 77.23% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 219.79 Gb Total Space | 155.20 Gb Free Space | 70.61% Space Free | Partition Type: NTFS Drive E: | 983.70 Mb Total Space | 983.11 Mb Free Space | 99.94% Space Free | Partition Type: FAT Computer Name: HOME-LAPTOP | User Name: Mike Wood | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Mike Wood\Desktop\OTL.scr (OldTimer Tools) PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE (Microsoft Corporation.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Group) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\701baa4d78031ac5130eadea085bbebf\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF () MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll () MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll () MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Group) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (McAfee SiteAdvisor Service) -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE (Microsoft Corporation.) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (synusb64) -- C:\Windows\SysNative\drivers\synusb64.sys (Steinberg Media Technologies GmbH) DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l485l0454z105v57821402 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l485l0454z105v57821402 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l485l0454z105v57821402 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l485l0454z105v57821402 IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm016YYgb&ptnrS=XPxdm016YYgb&si=CNnNz_7Upa4CFcEntAodDiF7RA&ptb=51DFA483-8EF0-45B0-8874-2E01098349ED&psa=&ind=2012021713&st=sb&n=77ed03d1&searchfor={searchTerms} IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2549263 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=OIE9HP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\..\URLSearchHook: {a060276a-53be-45ec-8ebe-b94b1e803179} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_enGB412 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_enGB412 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/15 21:11:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/07/25 16:38:40 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/15 21:11:05 | 000,000,000 | ---D | M] [2012/03/11 22:30:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.com/ CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.78\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.78\gears.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.78\gcswf32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: SiteAdvisor = C:\Users\Mike Wood\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.30.153.1_0\ CHR - Extension: SiteAdvisor = C:\Users\Mike Wood\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\ O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Mike Wood\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen) O2:64bit: - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll File not found O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Mike Wood\AppData\Roaming\Complitly\Complitly.dll (SimplyGen) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [suiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E326E7C-04EE-4007-AE11-82738896FEA4}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/08/14 09:30:01 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Mike Wood\Desktop\OTL.scr [2012/08/13 14:47:11 | 057,442,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2012/08/13 09:53:27 | 000,000,000 | ---D | C] -- C:\Users\Mike Wood\AppData\Roaming\Malwarebytes [2012/08/13 09:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/08/13 09:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/08/13 09:53:17 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/08/13 09:53:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/08/09 12:39:52 | 000,000,000 | ---D | C] -- C:\Users\Mike Wood\Documents\google_carminat_updates [2012/08/03 18:04:26 | 000,000,000 | ---D | C] -- C:\Users\Mike Wood\Desktop\files from silver HD August 3rd 2012A [2012/07/21 14:19:33 | 000,000,000 | ---D | C] -- C:\Users\Mike Wood\Documents\Steinberg [2012/07/21 12:50:56 | 000,000,000 | ---D | C] -- C:\Users\Mike Wood\Documents\Cubase Projects [2012/07/21 12:48:42 | 000,000,000 | ---D | C] -- C:\Users\Mike Wood\Documents\VST3 Presets [2012/07/21 12:46:21 | 000,000,000 | ---D | C] -- C:\Users\Mike Wood\AppData\Local\eLicenser [2012/07/20 12:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steinberg [2012/07/20 12:46:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Steinberg [2012/07/20 12:46:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steinberg [2012/07/20 12:43:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VST3 [2012/07/20 12:43:37 | 000,000,000 | ---D | C] -- C:\Users\Mike Wood\AppData\Roaming\VST3 Presets [2012/07/20 12:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Syncrosoft [2012/07/20 12:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Propellerhead Software [2012/07/20 12:42:45 | 000,000,000 | ---D | C] -- C:\Users\Mike Wood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 6 64bit [2012/07/20 12:42:45 | 000,000,000 | ---D | C] -- C:\Users\Mike Wood\AppData\Roaming\Steinberg [2012/07/20 12:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\Steinberg [2012/07/20 12:38:21 | 001,711,104 | ---- | C] (Steinberg Media Technologies GmbH) -- C:\Windows\SysNative\synsoacc.dll [2012/07/20 12:38:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Syncrosoft [2012/07/20 12:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser [2012/07/20 12:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\eLicenser [2012/07/20 12:38:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eLicenser [2012/07/20 12:38:19 | 000,030,352 | ---- | C] (Steinberg Media Technologies GmbH) -- C:\Windows\SysNative\drivers\synusb64.sys [2012/07/20 12:38:07 | 001,277,952 | ---- | C] (Steinberg Media Technologies GmbH) -- C:\Windows\SysWow64\SYNSOACC.dll [2012/07/17 20:15:17 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/07/17 20:15:17 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/07/17 20:15:15 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/07/17 20:15:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/07/17 20:15:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/07/17 20:15:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/07/17 20:15:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/07/17 20:15:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/07/17 20:15:11 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/07/17 20:15:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/07/17 20:15:10 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/07/17 20:15:10 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/07/17 20:15:10 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/07/15 18:19:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012/07/15 18:19:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012/07/15 18:19:06 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012/07/15 18:19:00 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012/07/15 18:18:59 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [13 C:\Users\Mike Wood\Desktop\*.tmp files -> C:\Users\Mike Wood\Desktop\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/08/14 09:35:12 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/14 09:35:12 | 000,628,874 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/14 09:35:12 | 000,111,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/14 09:33:06 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/14 09:33:06 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/14 09:29:06 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Mike Wood\Desktop\OTL.scr [2012/08/14 09:26:28 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/08/14 09:25:43 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\Huhtlrugu.job [2012/08/14 09:25:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/08/14 09:25:33 | 2962,259,968 | -HS- | M] () -- C:\hiberfil.sys [2012/08/13 19:36:29 | 000,416,048 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/08/13 15:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/08/13 15:19:56 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/08/13 09:56:44 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/08/09 12:38:30 | 000,114,688 | RHS- | M] () -- C:\Windows\SysWow64\netprof0.dll [2012/08/07 15:14:08 | 000,000,040 | ---- | M] () -- C:\Users\Mike Wood\jagex_cl_runescape_LIVE.dat [2012/08/03 14:11:41 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/08/03 14:11:41 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/08/02 11:45:34 | 006,685,474 | ---- | M] () -- C:\Users\Mike Wood\Desktop\Clavinova User Guide.pdf [2012/07/24 15:44:47 | 000,000,198 | ---- | M] () -- C:\Users\Mike Wood\Desktop\Steinberg Cubase 6 Quick-Start Video Tutorials 1 - YouTube.url [2012/07/20 12:43:36 | 000,002,892 | ---- | M] () -- C:\Windows\SysWow64\audcon.sys [2012/07/20 12:43:26 | 000,002,096 | ---- | M] () -- C:\Users\Mike Wood\Desktop\Cubase 6 64bit.lnk [2012/07/20 12:38:22 | 000,000,051 | ---- | M] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg [13 C:\Users\Mike Wood\Desktop\*.tmp files -> C:\Users\Mike Wood\Desktop\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/08/13 09:53:19 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/08/09 12:38:30 | 000,114,688 | RHS- | C] () -- C:\Windows\SysWow64\netprof0.dll [2012/08/09 12:38:30 | 000,000,324 | ---- | C] () -- C:\Windows\tasks\Huhtlrugu.job [2012/08/02 11:45:34 | 006,685,474 | ---- | C] () -- C:\Users\Mike Wood\Desktop\Clavinova User Guide.pdf [2012/07/24 15:44:47 | 000,000,198 | ---- | C] () -- C:\Users\Mike Wood\Desktop\Steinberg Cubase 6 Quick-Start Video Tutorials 1 - YouTube.url [2012/07/20 12:43:36 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys [2012/07/20 12:43:26 | 000,002,096 | ---- | C] () -- C:\Users\Mike Wood\Desktop\Cubase 6 64bit.lnk [2012/07/20 12:38:21 | 000,147,425 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC-Aide.chm [2012/07/20 12:38:21 | 000,147,425 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC-Aide.chm [2012/07/20 12:38:21 | 000,120,468 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC-Hilfe.chm [2012/07/20 12:38:21 | 000,114,279 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC-Help.chm [2012/07/20 12:38:21 | 000,114,279 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC-Help.chm [2012/07/20 12:38:20 | 000,120,468 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC-Hilfe.chm [2012/07/20 12:38:07 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe [2012/07/20 12:38:07 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg [2011/10/30 18:52:44 | 000,000,040 | ---- | C] () -- C:\Users\Mike Wood\jagex_cl_runescape_LIVE.dat [2011/01/15 20:59:09 | 000,208,829 | ---- | C] () -- C:\Windows\hpoins41.dat [2010/12/29 21:06:42 | 000,000,632 | RHS- | C] () -- C:\Users\Mike Wood\ntuser.pol [2010/08/25 20:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010/08/25 20:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010/07/13 12:45:37 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== LOP Check ========== [2012/03/11 22:30:27 | 000,000,000 | ---D | M] -- C:\Users\Mike Wood\AppData\Roaming\Complitly [2012/03/11 22:41:00 | 000,000,000 | ---D | M] -- C:\Users\Mike Wood\AppData\Roaming\EasyBurner [2012/07/21 12:49:22 | 000,000,000 | ---D | M] -- C:\Users\Mike Wood\AppData\Roaming\Steinberg [2012/07/20 12:43:37 | 000,000,000 | ---D | M] -- C:\Users\Mike Wood\AppData\Roaming\VST3 Presets [2012/08/14 09:25:43 | 000,000,324 | ---- | M] () -- C:\Windows\Tasks\Huhtlrugu.job [2012/01/14 20:44:44 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/07/13 13:09:39 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012/08/14 09:25:33 | 2962,259,968 | -HS- | M] () -- C:\hiberfil.sys [2012/08/14 09:25:37 | 3949,682,688 | -HS- | M] () -- C:\pagefile.sys [2010/09/26 16:06:16 | 000,003,161 | ---- | M] () -- C:\RHDSetup.log [2012/03/11 22:30:33 | 000,000,050 | ---- | M] () -- C:\user.js < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2012/08/09 12:38:30 | 000,114,688 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\system32\netprof0.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\System32\config\*.sav > < %PROGRAMFILES%\* > [2009/07/14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini < %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/07 07:43:41 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/07 07:43:41 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/07 07:43:41 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/08/07 07:43:41 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/08/11 12:31:34 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/08/11 12:31:34 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/08/11 12:31:34 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/02 10:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/06/02 10:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/08/07 07:43:41 | 001,229,848 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/08/07 07:43:41 | 001,229,848 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/08/07 07:43:41 | 001,229,848 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/08/07 07:43:41 | 001,229,848 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/08/11 12:31:30 | 000,089,088 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/08/11 12:31:30 | 000,089,088 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/08/11 12:31:30 | 000,089,088 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/02 10:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/06/02 10:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) < End of report > Quote
joddle Posted August 14, 2012 Author Posted August 14, 2012 ANd here is the extras file OTL Extras logfile created on: 14/08/2012 09:51:45 - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Mike Wood\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.68 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 59.63% Memory free 7.36 Gb Paging File | 5.68 Gb Available in Paging File | 77.23% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 219.79 Gb Total Space | 155.20 Gb Free Space | 70.61% Space Free | Partition Type: NTFS Drive E: | 983.70 Mb Total Space | 983.11 Mb Free Space | 99.94% Space Free | Partition Type: FAT Computer Name: HOME-LAPTOP | User Name: Mike Wood | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{12AD68FC-C239-4C68-B3F9-D1D4014EB844}" = rport=139 | protocol=6 | dir=out | app=system | "{1593CA17-3794-48D5-AA2E-92CBFC6A583A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1A596D34-4229-48EB-BFE0-4405977CAA80}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{1D8FA4C8-A857-4600-859C-0708A450F700}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2C9E0D8D-03D8-4577-BAFD-81280A9F9BCB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{383A0105-3D7C-4154-9F9D-D55BA3C44DD8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{3E4E6491-2F20-4F5B-928C-BE855B717669}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{43CA8DC9-487D-42BC-9B48-BB6DDA857DAA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{51521D6D-883E-4031-99BA-35B87FEB9C56}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5FF01DF1-3553-438C-B8A0-31D96B263C86}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{644D1D57-9D99-4ED5-9850-BF92289A13D1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{64E975CC-F5AF-4FF3-9936-E9AE3EE49208}" = lport=445 | protocol=6 | dir=in | app=system | "{65E7BE7B-4F76-468E-B721-1A50C1504DD6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6924F056-37CD-487F-8633-299E8360B75E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{822794FF-1085-47D0-BD7F-A75265E6B2D1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{83BCA523-9AFC-45A8-9501-B04F54A4E99E}" = lport=2869 | protocol=6 | dir=in | app=system | "{85D9C55F-3CEC-48CC-B715-468908AB928C}" = rport=10243 | protocol=6 | dir=out | app=system | "{974B3227-EE77-4227-939C-172C267CB2C2}" = lport=2869 | protocol=6 | dir=in | app=system | "{9B35A80F-71DB-41A1-90B4-43EB83A079C5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{A4A690FD-38E2-4FC7-B723-6118F9519F89}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{A900DBE7-2A45-4390-829F-110997B31AFF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{A9BD7F2A-994D-4AF7-A4BD-75173ED76031}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{AEB86580-167C-45C7-856C-60225E954F2A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{AF16A267-4E78-43B1-99B9-FA303E6A81B4}" = lport=10243 | protocol=6 | dir=in | app=system | "{B0F7615A-CA1B-4E7A-A354-5ED85676E444}" = lport=138 | protocol=17 | dir=in | app=system | "{B5CEE13D-65DA-4B97-8E8C-0E9883B671FC}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{B9C7F091-38DA-41E1-825A-C34C9C4F6DCE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{BE660D6D-E2A1-4672-A0EE-CCCFE5B3D5B5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BECC7CFC-0969-4B8E-884B-DC6C03025F15}" = rport=445 | protocol=6 | dir=out | app=system | "{C4C6F4B4-1021-464F-B516-0E543D009F35}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{C58BA4E6-F2DE-41C5-98C6-BF1A34B3034D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{C644984A-BC79-46DB-AA8F-ED4E865932DC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C8955FA4-2500-4A0A-971F-E52E6D0C2389}" = rport=137 | protocol=17 | dir=out | app=system | "{CC1A733D-0E90-4687-99A3-5794235F071C}" = lport=139 | protocol=6 | dir=in | app=system | "{DF08294B-4AF0-4E63-AC8A-C2830534AA08}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{EA8C9D98-7227-4F18-BD10-D29DAC71BC54}" = rport=138 | protocol=17 | dir=out | app=system | "{F2FB2709-A44B-41D9-89CF-0BB270F27D99}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FE60F98D-70FA-4976-B398-2A7DA690EAAA}" = lport=137 | protocol=17 | dir=in | app=system | "{FEAC2B00-488D-43F1-AF05-A89BBEAC48A7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{039E2907-6B10-4BEE-9C84-C0DC03AAA147}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{0CAE2134-23B5-4135-B3C0-1EDBDFD6014F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{1BC7F4B0-4ACC-4657-924A-F36F688B026F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{1C607DD3-688D-4F2D-8DDE-CAFD1B401798}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{294F90DF-1BBB-4798-9577-350ACC1E6DE0}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | "{3450A8AF-45E5-4C94-9402-DA4C737DB011}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{3542E4C6-1F5B-47A6-B0F0-25A2C23C8A81}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{36D0F44B-BB40-4425-95F4-1F9FB7B50531}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{3B474143-6203-4521-9B6F-0A5BB04DAA13}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{3B763C61-5337-43A8-B7D7-F4F7EBC3974F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{405D53A2-CB71-410E-8541-60622686AA21}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{4126F3AA-B198-4E7C-BCEE-CB23AC613C83}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{413A3693-D062-49C4-9FB0-45C5830ECCBA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4E4B4569-E49F-495C-B86C-EE29BD9962CF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{5290A38E-20F4-4BA6-AF7E-6A7D83DC9369}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{5C28C9DE-94A0-4FD7-A229-2CB364AF5025}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{5FB53FA7-E3FE-43D7-A6CF-B0C76EDE7663}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{65676DF7-B20B-4A79-93B6-ACDF32EDFE13}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{77DE4B81-7B47-4382-BC46-B15115C1D62F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{84D12D74-39B2-4BB8-A658-650375D41232}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{90D4E7C5-A944-4D72-8A5B-44099622B62D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9197A694-6131-44E9-B9D9-99C8C3A3E538}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{94510B40-6600-48F1-99F2-010F1711D072}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{95A200E6-EA82-4625-AA16-748E1CCA1574}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{995E663A-29DF-4AB3-8631-5370C1212551}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A5A587FA-4718-4405-A78D-98B4F1F22F52}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A6AAA6BB-B87A-4713-B983-46E15715EDFD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{B3567642-7156-4393-A089-170BE3124481}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{B3B4F011-32BE-4F1D-A3C8-95919920D2A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B7F1A6D8-61C4-4E62-8E1B-5B4CC461E356}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BC3BB13D-27AB-40A9-9CBF-2CA8E13568B2}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{C30087A6-50F1-44A1-8A0D-0B90F196DE24}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{C78E05E4-0863-4B9D-8F51-8C78BF0E2836}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{C91DBCF4-3A17-422D-A024-ECD282B9ED29}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CC94DEA6-EFF9-4EE9-B0C4-B331CEFB4262}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{CE3EE879-F999-4C0C-8CC7-94D9BED51B98}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{DA2212ED-C9CE-4B04-B6E0-C21D181C5B44}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DB442640-FC3A-4A24-92FC-D5E1EBDD55EB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{DCE7982A-97B4-462C-ADD7-FFFA74C537DA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{DCF1DC93-E89C-45D4-84A8-0C132B4D214F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E5B7A7F0-A909-438A-B613-12D38705D137}" = protocol=6 | dir=out | app=system | "{E83F7151-3FFF-4237-AAEC-5356A98A08B3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E925F18E-893F-4E71-A7E5-DEBC1D505EC0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{EA5D67B4-7B03-448A-A2BA-80E064AEFF94}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{EA67090F-9A3F-4B13-B148-6F3D3D6B53FB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{EC0E9A7A-F0BB-4469-8486-39DD329EB9F1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F271A49B-138F-4E0C-A946-B32E8EE75847}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{F2C298B7-A06B-4D7E-B761-E2E1A08FBDFE}" = dir=in | app=d:\setup\hpznui40.exe | "{F6F562F9-1AEB-4083-AB53-6660799B1834}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{F831512F-9A08-4E5D-8C12-24B020AACA0C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{FA191B48-668F-4C5D-8F24-D71BE2C9C348}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{FBE11C42-B6A8-431B-BDCA-DD19DFA7BA58}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "TCP Query User{4D64F1A5-4898-4083-8666-D8BAEFA9EF14}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{54C7959A-D523-47BF-A98B-EECCC3E0BF48}C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe" = protocol=6 | dir=in | app=c:\program files\steinberg\cubase 6\components\vstbridgeapp.exe | "TCP Query User{7189B68F-34AB-4018-BC1B-CC7E1E20DCC0}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{D1931537-C9C2-4BC9-A354-71A51ABC7203}C:\program files\steinberg\cubase 6\cubase6.exe" = protocol=6 | dir=in | app=c:\program files\steinberg\cubase 6\cubase6.exe | "UDP Query User{16B9988A-1516-4088-A2BC-BDFDD8132309}C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe" = protocol=17 | dir=in | app=c:\program files\steinberg\cubase 6\components\vstbridgeapp.exe | "UDP Query User{22264057-F33B-4A66-8544-BC91C2CE5D44}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{6B9453DD-2B10-4E4B-AB37-39CFA4DD1A1D}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{BF5292AC-628D-422A-BB13-06CA0AC71B09}C:\program files\steinberg\cubase 6\cubase6.exe" = protocol=17 | dir=in | app=c:\program files\steinberg\cubase 6\cubase6.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64 "{4D65ECE6-131D-4B5F-8470-2750D3161619}" = Steinberg Retrologue 64bit "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{75F15019-C0C2-4047-AA45-97B4BD313719}" = Steinberg Padshop 64bit "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support "{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes "{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller "{B99C316B-C135-43B5-8E77-2BC5E241F964}" = Steinberg HALion Sonic SE 64bit "{C6651CD0-4892-4465-96AC-C9864A695FF9}" = Steinberg Cubase 6 64bit "{CCD42CCF-9AFF-4BC5-862A-38CCD3C8E8F8}" = HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6 "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer "Elantech" = ETDWare PS/2-x64 7.0.6.5_WHQL "HP Imaging Device Functions" = HP Imaging Device Functions 14.0 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0 "HPExtendedCapabilities" = HP Customer Participation Program 14.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Shop for HP Supplies" = Shop for HP Supplies [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker "{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery "{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{16793295-2366-40F7-A045-A3E42A81365E}" = Bing Bar "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java 6 Update 29 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion "{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam "{520C2939-555B-40BF-A91B-8B671AB560EB}" = Easy Burner "{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01 "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}" = Steinberg Upload Manager "{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}" = Steinberg LoopMash Content 2 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CBA7E47-48DA-47DC-8E98-6984BA830295}" = Steinberg VST Amp Rack Content 01 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PUBLISHERR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PUBLISHERR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PUBLISHERR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PUBLISHERR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_PUBLISHERR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_PUBLISHERR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_PUBLISHERR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_PUBLISHERR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_PUBLISHERR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 "{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 "{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-0019-0000-0000-0000000FF1CE}" = Microsoft Office Publisher 2007 "{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}" = Steinberg HALion Sonic SE Content "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3) "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2 "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch "{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DBF4BC99-53F1-4C97-84C3-7557D103E182}" = Steinberg Groove Agent ONE Vintage Beatboxes "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer "{E6319C60-D4DF-4D4D-A077-9F46D656E4FB}" = C309g-m "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EE177519-70E3-4A94-B8DB-FD0B78D1A47E}" = PS_AIO_06_C309g-m_SW_Min "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe Acrobat 4.0" = Adobe Acrobat 4.0 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows "eLicenser Control" = eLicenser Control "Google Chrome" = Google Chrome "HP Photo Creations" = HP Photo Creations "Identity Card" = Identity Card "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager "InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300 "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "PUBLISHERR" = Microsoft Office Publisher 2007 "WinLiveSuite" = Windows Live Essentials "YTdetect" = Yahoo! Detect ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 02/08/2012 23:01:41 | Computer Name = Home-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 2012 Error - 02/08/2012 23:01:42 | Computer Name = Home-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 02/08/2012 23:01:42 | Computer Name = Home-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 3011 Error - 02/08/2012 23:01:42 | Computer Name = Home-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 3011 Error - 02/08/2012 23:01:43 | Computer Name = Home-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 02/08/2012 23:01:43 | Computer Name = Home-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 4040 Error - 02/08/2012 23:01:43 | Computer Name = Home-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 4040 Error - 02/08/2012 23:01:44 | Computer Name = Home-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 02/08/2012 23:01:44 | Computer Name = Home-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 5054 Error - 02/08/2012 23:01:44 | Computer Name = Home-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 5054 [ System Events ] Error - 31/12/2011 07:22:25 | Computer Name = Home-Laptop | Source = BROWSER | ID = 8032 Description = Error - 31/12/2011 10:31:55 | Computer Name = Home-Laptop | Source = BROWSER | ID = 8032 Description = Error - 31/12/2011 11:12:54 | Computer Name = Home-Laptop | Source = BROWSER | ID = 8032 Description = Error - 31/12/2011 11:22:33 | Computer Name = Home-Laptop | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk1\DR1. Error - 31/12/2011 11:22:33 | Computer Name = Home-Laptop | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk1\DR1. Error - 31/12/2011 11:22:34 | Computer Name = Home-Laptop | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk1\DR1. Error - 31/12/2011 11:22:34 | Computer Name = Home-Laptop | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk1\DR1. Error - 31/12/2011 11:22:35 | Computer Name = Home-Laptop | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk1\DR1. Error - 31/12/2011 11:47:10 | Computer Name = Home-Laptop | Source = bowser | ID = 8003 Description = Error - 31/12/2011 14:12:38 | Computer Name = Home-Laptop | Source = BROWSER | ID = 8032 Description = < End of report > Quote
joddle Posted August 14, 2012 Author Posted August 14, 2012 Just realised that I had run the last Malwarebytes scan on quick scan so have redone it as a full scan - nothing reported. Quote
etavares Posted August 15, 2012 Posted August 15, 2012 Hello, joddle. Quick Scan does a pretty good job usually. There's still some questionable items on there and indications of malware. We'll start with Combofix. Next, please download ComboFix from one of these locations: Bleepingcomputer InfoSpyware * IMPORTANT !!! Save ComboFix.exe to your Desktop as etavaresCF.exe Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.) Double click on etavaresCF.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: http://img.photobucket.com/albums/v706/ried7/whatnext.png Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply, along with any symptoms that are present after it runs. Note: After running Combofix, you may receive an error about "illegal operation on a registry key that has been marked for deletion." If you receive this error, please reboot and it should disappear. etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
joddle Posted August 15, 2012 Author Posted August 15, 2012 Thanks Etavares - this help is much appreciated I have followed instruction but disabling the Avira did not seem to work properly - I disabled it as suggested in the notes and got the closed umbrella but when I ran your programme it reported i was still active and I could not find a way around that. Here is the report: ComboFix 12-08-14.05 - Mike Wood 15/08/2012 9:10.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3767.2155 [GMT 1:00] Running from: c:\users\Mike Wood\Desktop\etavaresCF.exe AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Complitly c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx c:\program files (x86)\Complitly\FireFoxExtensionWithFF8Fix.exe c:\program files (x86)\Complitly\FireFoxUninstaller.exe c:\program files (x86)\Complitly\InstTracker.exe c:\program files (x86)\Complitly\support@Complitly.com\chrome.manifest c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\appIcon.png c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.js c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.xul c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\utils.js c:\program files (x86)\Complitly\support@Complitly.com\defaults\preferences\predictad.js c:\program files (x86)\Complitly\support@Complitly.com\install.rdf c:\program files (x86)\Complitly\System.Data.SQLite.dll c:\program files (x86)\Complitly\unins000.dat c:\program files (x86)\Complitly\unins000.exe c:\programdata\FullRemove.exe c:\users\Mike Wood\AppData\Roaming\Microsoft\Windows\Recent\'dripping water' - Sounddogs.com Downloads.url c:\users\Mike Wood\AppData\Roaming\Microsoft\Windows\Recent\'large explosion' - Sounddogs.com Downloads.url c:\users\Mike Wood\AppData\Roaming\Microsoft\Windows\Recent\'laser' - Sounddogs.com Downloads.url c:\users\Mike Wood\AppData\Roaming\Microsoft\Windows\Recent\'low rumbling' - Sounddogs.com Downloads.url c:\users\Mike Wood\AppData\Roaming\Microsoft\Windows\Recent\'radio interference' - Sounddogs.com Downloads.url c:\users\Mike Wood\AppData\Roaming\Microsoft\Windows\Recent\'ripping' - Sounddogs.com Downloads.url c:\users\Mike Wood\AppData\Roaming\Microsoft\Windows\Recent\'science fiction sirens' - Sounddogs.com Downloads.url c:\users\Tom Wood\Documents\~WRL0890.tmp . . ((((((((((((((((((((((((( Files Created from 2012-07-15 to 2012-08-15 ))))))))))))))))))))))))))))))) . . 2012-08-15 08:16 . 2012-08-15 08:16 -------- d-----w- c:\users\Tom Wood\AppData\Local\temp 2012-08-15 08:16 . 2012-08-15 08:16 -------- d-----w- c:\users\Steffi Wood\AppData\Local\temp 2012-08-14 20:00 . 2012-08-14 20:00 -------- d-----w- c:\programdata\boost_interprocess 2012-08-13 08:53 . 2012-08-13 08:53 -------- d-----w- c:\users\Mike Wood\AppData\Roaming\Malwarebytes 2012-08-13 08:53 . 2012-08-13 08:53 -------- d-----w- c:\programdata\Malwarebytes 2012-08-13 08:53 . 2012-08-13 08:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-08-13 08:53 . 2012-07-03 12:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-09 11:38 . 2012-08-09 11:38 114688 --sha-r- c:\windows\SysWow64\netprof0.dll 2012-08-07 07:31 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{91102E68-D0D8-40B7-B77D-4769C4AA1D41}\mpengine.dll 2012-07-20 11:38 . 2012-07-20 11:42 -------- d-----w- c:\program files (x86)\eLicenser 2012-07-20 11:38 . 2012-07-20 11:38 -------- d-----w- c:\program files (x86)\Syncrosoft 2012-07-20 11:38 . 2011-12-14 18:12 30352 ----a-w- c:\windows\system32\drivers\synusb64.sys 2012-07-20 11:38 . 2011-12-14 18:12 1277952 ----a-w- c:\windows\SysWow64\SYNSOACC.dll 2012-07-20 11:38 . 2011-12-14 18:12 86016 ----a-w- c:\windows\SysWow64\SYNSOPOS.exe 2012-07-17 19:21 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-03 13:11 . 2012-04-10 09:56 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-03 13:11 . 2011-08-11 09:39 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-17 19:16 . 2011-01-08 22:53 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-06-09 05:43 . 2012-07-15 17:19 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 06:06 . 2012-07-15 17:19 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-15 17:19 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-15 17:18 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-15 17:19 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-15 17:19 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-15 17:19 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-06-24 12:30 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-24 12:31 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-24 12:31 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-24 12:31 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-24 12:30 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-24 12:31 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-24 12:30 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 14:19 . 2012-06-24 12:30 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 14:15 . 2012-06-24 12:30 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 05:50 . 2012-07-15 17:19 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-15 17:19 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:48 . 2012-07-15 17:19 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:45 . 2012-07-15 17:19 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-15 17:19 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-15 17:19 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-15 17:19 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-15 17:19 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-15 17:19 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2012-05-31 11:25 . 2010-12-29 21:19 279656 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-13 39408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-29 135664] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056] R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-29 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376] R3 synusb64;eLicenser;c:\windows\system32\DRIVERS\synusb64.sys [2011-12-14 30352] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-31 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360] S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-06-15 103472] S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 13:11] . 2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-29 20:04] . 2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-29 20:04] . 2012-08-15 c:\windows\Tasks\Huhtlrugu.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.co.uk/ uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l485l0454z105v57821402 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{a060276a-53be-45ec-8ebe-b94b1e803179} - (no file) Toolbar-Locked - (no file) BHO-{3706EE7C-3CAD-445D-8A43-03EBC3B75908} - c:\program files (x86)\Expat Shield\HssIE\ExpatIE_64.dll Toolbar-Locked - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files (x86)\Complitly\unins000.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\SysWOW64\rundll32.exe c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\windows\SysWOW64\rundll32.exe . ************************************************************************** . Completion time: 2012-08-15 09:23:08 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-15 08:23 . Pre-Run: 166,137,851,904 bytes free Post-Run: 167,980,531,712 bytes free . - - End Of File - - 35EA935D0CD1F55BEA2A5DF3EDB04965 Quote
joddle Posted August 15, 2012 Author Posted August 15, 2012 Sorry - forgot to mention the redirect problem still persists. Quote
etavares Posted August 16, 2012 Posted August 16, 2012 Hello, joddle. THe antivirus didn't get in the way, so no worries. Step 1 Download TDSSKiller.exe and save it to your desktop. Double-click TDSSKiller.exe to run it. Under "Objects to scan" ensure both "Services and Drivers" and "Boot Sectors" are checked. Click Start scan and allow it to scan for Malicious objects. If malicious objects are found, the default action will be Cure, ensure Cure is selected then click Continue. If suspicious objects are detected, the default action will be Skip, ensure Skip is selected then click Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot. A log will be created on your root (usually C:) drive. The log is like UtilityName.Version_Date_Time_log.txt. for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt If no reboot is required, click on Report. A log file should appear. Please post the contents of the logfile in your next reply Step 2 1. Close any open browsers. 2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. 3. Open Notepad and copy/paste the text in the codebox below into Notepad: File:: c:\windows\Tasks\Huhtlrugu.job Save this as CFScript.txt, in the same location as ComboFix.exe http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif Refering to the picture above, drag CFScript into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. Note: After running Combofix, you may receive an error about "illegal operation on a registry key that has been marked for deletion." If you receive this error, please reboot and it should disappear. etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
joddle Posted August 16, 2012 Author Posted August 16, 2012 Hi again - You may have done it as I don't seem to be getting redirects any more - at least for the moment!!! Logs over next few post as too long to include on one Joddle 09:18:10.0623 3716 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05 09:18:10.0638 3716 ============================================================ 09:18:10.0638 3716 Current date / time: 2012/08/16 09:18:10.0638 09:18:10.0638 3716 SystemInfo: 09:18:10.0638 3716 09:18:10.0638 3716 OS Version: 6.1.7601 ServicePack: 1.0 09:18:10.0638 3716 Product type: Workstation 09:18:10.0638 3716 ComputerName: HOME-LAPTOP 09:18:10.0638 3716 UserName: Mike Wood 09:18:10.0638 3716 Windows directory: C:\Windows 09:18:10.0638 3716 System windows directory: C:\Windows 09:18:10.0638 3716 Running under WOW64 09:18:10.0638 3716 Processor architecture: Intel x64 09:18:10.0638 3716 Number of processors: 4 09:18:10.0638 3716 Page size: 0x1000 09:18:10.0638 3716 Boot type: Normal boot 09:18:10.0638 3716 ============================================================ 09:18:10.0701 3716 BG loaded 09:18:11.0262 3716 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 09:18:11.0293 3716 Drive \Device\Harddisk1\DR1 - Size: 0x3D7FFE00 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 09:18:11.0293 3716 ============================================================ 09:18:11.0293 3716 \Device\Harddisk0\DR0: 09:18:11.0293 3716 MBR partitions: 09:18:11.0293 3716 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000 09:18:11.0293 3716 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x1B792800 09:18:11.0293 3716 \Device\Harddisk1\DR1: 09:18:11.0293 3716 MBR partitions: 09:18:11.0293 3716 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x1EBFC0 09:18:11.0293 3716 ============================================================ 09:18:11.0309 3716 C: <-> \Device\Harddisk0\DR0\Partition2 09:18:11.0309 3716 ============================================================ 09:18:11.0309 3716 Initialize success 09:18:11.0309 3716 ============================================================ 09:18:30.0593 4696 ============================================================ 09:18:30.0593 4696 Scan started 09:18:30.0593 4696 Mode: Manual; 09:18:30.0593 4696 ============================================================ 09:18:41.0292 4696 ================ Scan services ============================= 09:18:44.0089 4696 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 09:18:44.0796 4696 1394ohci - ok 09:18:44.0857 4696 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 09:18:44.0869 4696 ACPI - ok 09:18:44.0936 4696 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 09:18:44.0967 4696 AcpiPmi - ok 09:18:45.0204 4696 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 09:18:45.0516 4696 AdobeARMservice - ok 09:18:45.0920 4696 [ f19c98ad81d2c0e1bbfd8153d2c80ee8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 09:18:46.0024 4696 AdobeFlashPlayerUpdateSvc - ok 09:18:46.0130 4696 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 09:18:46.0239 4696 adp94xx - ok 09:18:46.0317 4696 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 09:18:46.0333 4696 adpahci - ok 09:18:46.0395 4696 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 09:18:46.0427 4696 adpu320 - ok 09:18:46.0489 4696 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 09:18:46.0817 4696 AeLookupSvc - ok 09:18:47.0035 4696 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys 09:18:47.0051 4696 AFD - ok 09:18:47.0129 4696 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 09:18:47.0144 4696 agp440 - ok 09:18:47.0207 4696 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe 09:18:47.0269 4696 ALG - ok 09:18:47.0363 4696 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys 09:18:47.0456 4696 aliide - ok 09:18:47.0503 4696 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys 09:18:47.0550 4696 amdide - ok 09:18:47.0597 4696 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 09:18:47.0612 4696 AmdK8 - ok 09:18:47.0659 4696 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 09:18:47.0706 4696 AmdPPM - ok 09:18:47.0753 4696 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 09:18:47.0846 4696 amdsata - ok 09:18:47.0893 4696 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 09:18:47.0940 4696 amdsbs - ok 09:18:48.0065 4696 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 09:18:48.0127 4696 amdxata - ok 09:18:48.0548 4696 [ 0a1cc583e8147004e4ad4625d7fbf88c ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 09:18:48.0564 4696 AntiVirSchedulerService - ok 09:18:48.0642 4696 [ c9a36ef935aced86aedf93e97e606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 09:18:48.0673 4696 AntiVirService - ok 09:18:48.0751 4696 [ e38ba9fab3981a2115c53260b930fd3c ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE 09:18:48.0767 4696 AntiVirWebService - ok 09:18:48.0860 4696 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys 09:18:48.0876 4696 AppID - ok 09:18:48.0907 4696 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 09:18:48.0938 4696 AppIDSvc - ok 09:18:49.0047 4696 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll 09:18:49.0063 4696 Appinfo - ok 09:18:49.0344 4696 [ d8e18021f91ad79ca8491cb5a5da22d4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 09:18:49.0391 4696 Apple Mobile Device - ok 09:18:49.0500 4696 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys 09:18:49.0531 4696 arc - ok 09:18:49.0531 4696 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 09:18:49.0547 4696 arcsas - ok 09:18:49.0609 4696 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 09:18:49.0609 4696 AsyncMac - ok 09:18:49.0656 4696 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys 09:18:49.0687 4696 atapi - ok 09:18:49.0827 4696 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 09:18:49.0874 4696 AudioEndpointBuilder - ok 09:18:50.0046 4696 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 09:18:50.0046 4696 AudioSrv - ok 09:18:50.0155 4696 [ 26e38b5a58c6c55fafbc563eeddb0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 09:18:50.0155 4696 avgntflt - ok 09:18:50.0186 4696 [ 9d1f00beff84cbbf46d7f052bc7e0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 09:18:50.0202 4696 avipbb - ok 09:18:50.0249 4696 [ 248db59fc86de44d2779f4c7fb1a567d ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 09:18:50.0249 4696 avkmgr - ok 09:18:50.0405 4696 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll 09:18:50.0436 4696 AxInstSV - ok 09:18:50.0763 4696 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 09:18:50.0873 4696 b06bdrv - ok 09:18:50.0966 4696 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 09:18:51.0075 4696 b57nd60a - ok 09:18:51.0247 4696 [ 47480f4260dae9aa589bcaf924b3767a ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe 09:18:51.0263 4696 BBSvc - ok 09:18:51.0528 4696 [ 6bf743cbf3bcd09dab79245e60e1ae62 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe 09:18:51.0871 4696 BBUpdate - ok 09:18:52.0557 4696 [ 2d659b569a76cdb83b815675a80d7096 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 09:18:52.0589 4696 BCM43XX - ok 09:18:52.0667 4696 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll 09:18:53.0181 4696 BDESVC - ok 09:18:53.0259 4696 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 09:18:53.0291 4696 Beep - ok 09:18:53.0556 4696 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll 09:18:53.0712 4696 BFE - ok 09:18:54.0086 4696 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\system32\qmgr.dll 09:18:54.0102 4696 BITS - ok 09:18:54.0133 4696 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 09:18:54.0164 4696 blbdrive - ok 09:18:54.0289 4696 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 09:18:54.0289 4696 Bonjour Service - ok 09:18:54.0367 4696 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 09:18:54.0414 4696 bowser - ok 09:18:54.0445 4696 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 09:18:54.0476 4696 BrFiltLo - ok 09:18:54.0507 4696 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 09:18:54.0523 4696 BrFiltUp - ok 09:18:54.0585 4696 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 09:18:54.0585 4696 BridgeMP - ok 09:18:54.0632 4696 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll 09:18:54.0648 4696 Browser - ok 09:18:54.0679 4696 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys 09:18:54.0726 4696 Brserid - ok 09:18:54.0757 4696 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 09:18:54.0757 4696 BrSerWdm - ok 09:18:54.0804 4696 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 09:18:54.0804 4696 BrUsbMdm - ok 09:18:54.0819 4696 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 09:18:54.0819 4696 BrUsbSer - ok 09:18:54.0835 4696 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 09:18:54.0851 4696 BTHMODEM - ok 09:18:54.0882 4696 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll 09:18:54.0897 4696 bthserv - ok 09:18:54.0897 4696 catchme - ok 09:18:54.0952 4696 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 09:18:54.0970 4696 cdfs - ok 09:18:55.0015 4696 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 09:18:55.0034 4696 cdrom - ok 09:18:55.0085 4696 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll 09:18:55.0096 4696 CertPropSvc - ok 09:18:55.0128 4696 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys 09:18:55.0136 4696 circlass - ok 09:18:55.0209 4696 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys 09:18:55.0318 4696 CLFS - ok 09:18:55.0534 4696 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:18:55.0574 4696 clr_optimization_v2.0.50727_32 - ok 09:18:55.0643 4696 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 09:18:55.0760 4696 clr_optimization_v2.0.50727_64 - ok 09:18:55.0916 4696 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:18:55.0949 4696 clr_optimization_v4.0.30319_32 - ok 09:18:56.0050 4696 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 09:18:56.0079 4696 clr_optimization_v4.0.30319_64 - ok 09:18:56.0149 4696 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 09:18:56.0153 4696 CmBatt - ok 09:18:56.0168 4696 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys 09:18:56.0187 4696 cmdide - ok 09:18:56.0283 4696 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys 09:18:56.0335 4696 CNG - ok 09:18:56.0372 4696 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 09:18:56.0389 4696 Compbatt - ok 09:18:56.0457 4696 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 09:18:56.0462 4696 CompositeBus - ok 09:18:56.0476 4696 COMSysApp - ok 09:18:56.0517 4696 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 09:18:56.0526 4696 crcdisk - ok 09:18:56.0633 4696 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 09:18:56.0650 4696 CryptSvc - ok 09:18:56.0748 4696 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll 09:18:56.0752 4696 DcomLaunch - ok 09:18:56.0807 4696 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll 09:18:56.0846 4696 defragsvc - ok 09:18:56.0883 4696 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 09:18:56.0889 4696 DfsC - ok 09:18:56.0958 4696 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll 09:18:56.0968 4696 Dhcp - ok 09:18:56.0998 4696 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys 09:18:57.0009 4696 discache - ok 09:18:57.0069 4696 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys 09:18:57.0086 4696 Disk - ok 09:18:57.0166 4696 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 09:18:57.0183 4696 Dnscache - ok 09:18:57.0238 4696 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll 09:18:57.0271 4696 dot3svc - ok 09:18:57.0311 4696 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll 09:18:57.0312 4696 DPS - ok 09:18:57.0351 4696 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 09:18:57.0389 4696 drmkaud - ok 09:18:57.0541 4696 [ 1fca854cedfc2ccd0c22e46ea4ea18f1 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe 09:18:57.0555 4696 DsiWMIService - ok 09:18:57.0655 4696 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 09:18:57.0667 4696 DXGKrnl - ok 09:18:57.0713 4696 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll 09:18:57.0719 4696 EapHost - ok 09:18:58.0014 4696 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 09:18:58.0157 4696 ebdrv - ok 09:18:58.0206 4696 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe 09:18:58.0212 4696 EFS - ok 09:18:58.0374 4696 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 09:18:58.0396 4696 ehRecvr - ok 09:18:58.0438 4696 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe 09:18:58.0449 4696 ehSched - ok 09:18:58.0509 4696 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 09:18:58.0522 4696 elxstor - ok 09:18:58.0682 4696 [ 3ea2c4f68a782839d97b3c83595575b6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe 09:18:58.0696 4696 ePowerSvc - ok 09:18:58.0750 4696 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys 09:18:58.0762 4696 ErrDev - ok 09:18:58.0812 4696 [ 0975bf32399a24117e317b5bf1d5d0aa ] ETD C:\Windows\system32\DRIVERS\ETD.sys 09:18:58.0817 4696 ETD - ok 09:18:58.0876 4696 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll 09:18:58.0889 4696 EventSystem - ok 09:18:58.0933 4696 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys 09:18:58.0941 4696 exfat - ok 09:18:58.0967 4696 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys 09:18:58.0973 4696 fastfat - ok 09:18:59.0033 4696 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe 09:18:59.0038 4696 Fax - ok 09:18:59.0051 4696 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys 09:18:59.0066 4696 fdc - ok 09:18:59.0103 4696 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll 09:18:59.0107 4696 fdPHost - ok 09:18:59.0125 4696 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 09:18:59.0131 4696 FDResPub - ok 09:18:59.0174 4696 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 09:18:59.0189 4696 FileInfo - ok 09:18:59.0205 4696 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 09:18:59.0220 4696 Filetrace - ok 09:18:59.0361 4696 [ bb0667b0171b632b97ea759515476f07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 09:18:59.0392 4696 FLEXnet Licensing Service - ok 09:18:59.0423 4696 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 09:18:59.0423 4696 flpydisk - ok 09:18:59.0470 4696 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 09:18:59.0485 4696 FltMgr - ok 09:18:59.0563 4696 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll 09:18:59.0579 4696 FontCache - ok 09:18:59.0704 4696 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 09:18:59.0719 4696 FontCache3.0.0.0 - ok 09:18:59.0797 4696 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 09:18:59.0813 4696 FsDepends - ok 09:18:59.0891 4696 [ 6c06701bf1db05405804d7eb610991ce ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 09:18:59.0907 4696 fssfltr - ok 09:19:00.0016 4696 [ 4ce9dac1518ff7e77bd213e6394b9d77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 09:19:00.0063 4696 fsssvc - ok 09:19:00.0125 4696 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 09:19:00.0141 4696 Fs_Rec - ok 09:19:00.0219 4696 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 09:19:00.0234 4696 fvevol - ok 09:19:00.0281 4696 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 09:19:00.0281 4696 gagp30kx - ok 09:19:00.0343 4696 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 09:19:00.0359 4696 GEARAspiWDM - ok 09:19:00.0468 4696 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll 09:19:00.0499 4696 gpsvc - ok 09:19:00.0577 4696 [ 0191dee9b9eb7902af2cf4f67301095d ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe 09:19:00.0577 4696 GREGService - ok 09:19:00.0733 4696 [ 8f0de4fef8201e306f9938b0905ac96a ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:19:00.0749 4696 gupdate - ok 09:19:00.0765 4696 [ 8f0de4fef8201e306f9938b0905ac96a ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:19:00.0765 4696 gupdatem - ok 09:19:00.0811 4696 [ 5d4bc124faae6730ac002cdb67bf1a1c ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 09:19:00.0811 4696 gusvc - ok 09:19:00.0858 4696 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 09:19:00.0858 4696 hcw85cir - ok 09:19:00.0921 4696 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 09:19:00.0936 4696 HdAudAddService - ok 09:19:00.0967 4696 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 09:19:00.0967 4696 HDAudBus - ok 09:19:01.0014 4696 [ b6ac71aaa2b10848f57fc49d55a651af ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 09:19:01.0014 4696 HECIx64 - ok 09:19:01.0030 4696 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 09:19:01.0045 4696 HidBatt - ok 09:19:01.0061 4696 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 09:19:01.0077 4696 HidBth - ok 09:19:01.0092 4696 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 09:19:01.0108 4696 HidIr - ok 09:19:01.0155 4696 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll 09:19:01.0170 4696 hidserv - ok 09:19:01.0248 4696 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys 09:19:01.0248 4696 HidUsb - ok 09:19:01.0295 4696 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll 09:19:01.0311 4696 hkmsvc - ok 09:19:01.0342 4696 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll 09:19:01.0357 4696 HomeGroupListener - ok 09:19:01.0404 4696 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 09:19:01.0404 4696 HomeGroupProvider - ok 09:19:01.0513 4696 [ 5da42d24712e00728cea2342a65009b2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 09:19:01.0513 4696 hpqcxs08 - ok 09:19:01.0560 4696 [ d86a39bf100069444d026d22d9a6e555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 09:19:01.0560 4696 hpqddsvc - ok 09:19:01.0607 4696 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 09:19:01.0607 4696 HpSAMD - ok 09:19:01.0701 4696 [ f37882f128efacefe353e0bae2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 09:19:01.0701 4696 HPSLPSVC - ok 09:19:01.0794 4696 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 09:19:01.0810 4696 HTTP - ok 09:19:01.0872 4696 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 09:19:01.0888 4696 hwpolicy - ok 09:19:01.0919 4696 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 09:19:01.0935 4696 i8042prt - ok 09:19:02.0013 4696 [ 1384872112e8e7fd5786eceb8bddf4c9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 09:19:02.0013 4696 iaStor - ok 09:19:02.0075 4696 [ 6b24d1c3096de796d15571079ea5e98c ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 09:19:02.0091 4696 IAStorDataMgrSvc - ok 09:19:02.0137 4696 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 09:19:02.0137 4696 iaStorV - ok 09:19:02.0309 4696 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 09:19:02.0387 4696 idsvc - ok 09:19:03.0120 4696 [ 677aa5991026a65ada128c4b59cf2bad ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 09:19:03.0183 4696 igfx - ok 09:19:03.0229 4696 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 09:19:03.0229 4696 iirsp - ok 09:19:03.0323 4696 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll 09:19:03.0339 4696 IKEEXT - ok 09:19:03.0417 4696 [ dd587a55390ed2295bce6d36ad567da9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 09:19:03.0417 4696 Impcd - ok 09:19:03.0541 4696 [ 235362d403d9d677514649d88db31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 09:19:03.0573 4696 IntcAzAudAddService - ok 09:19:03.0619 4696 [ 58cf58dee26c909bd6f977b61d246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 09:19:03.0619 4696 IntcDAud - ok 09:19:03.0682 4696 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys 09:19:03.0697 4696 intelide - ok 09:19:03.0729 4696 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 09:19:03.0729 4696 intelppm - ok 09:19:03.0760 4696 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll 09:19:03.0775 4696 IPBusEnum - ok 09:19:03.0807 4696 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:19:03.0822 4696 IpFilterDriver - ok 09:19:03.0869 4696 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 09:19:03.0885 4696 iphlpsvc - ok 09:19:03.0931 4696 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 09:19:03.0947 4696 IPMIDRV - ok 09:19:03.0978 4696 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 09:19:03.0978 4696 IPNAT - ok 09:19:04.0025 4696 [ 3c0d4b3e80fc4854ca325dd123cc4ded ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 09:19:04.0041 4696 iPod Service - ok 09:19:04.0072 4696 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 09:19:04.0072 4696 IRENUM - ok 09:19:04.0119 4696 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 09:19:04.0119 4696 isapnp - ok 09:19:04.0165 4696 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 09:19:04.0165 4696 iScsiPrt - ok 09:19:04.0228 4696 [ 37e053a2cf8f0082b689ed74106e0cec ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys 09:19:04.0228 4696 k57nd60a - ok 09:19:04.0243 4696 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 09:19:04.0259 4696 kbdclass - ok 09:19:04.0290 4696 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 09:19:04.0290 4696 kbdhid - ok 09:19:04.0306 4696 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe 09:19:04.0306 4696 KeyIso - ok 09:19:04.0353 4696 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 09:19:04.0384 4696 KSecDD - ok 09:19:04.0415 4696 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 09:19:04.0431 4696 KSecPkg - ok 09:19:04.0462 4696 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 09:19:04.0462 4696 ksthunk - ok 09:19:04.0509 4696 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll 09:19:04.0509 4696 KtmRm - ok 09:19:04.0571 4696 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll 09:19:04.0571 4696 LanmanServer - ok 09:19:04.0618 4696 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 09:19:04.0618 4696 LanmanWorkstation - ok 09:19:04.0680 4696 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 09:19:04.0680 4696 lltdio - ok 09:19:04.0727 4696 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll 09:19:04.0727 4696 lltdsvc - ok 09:19:04.0743 4696 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll 09:19:04.0758 4696 lmhosts - ok 09:19:04.0821 4696 [ dbc1136a62bd4decc3632df650284c2e ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 09:19:04.0836 4696 LMS - ok 09:19:04.0867 4696 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 09:19:04.0883 4696 LSI_FC - ok 09:19:04.0914 4696 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 09:19:04.0914 4696 LSI_SAS - ok 09:19:04.0945 4696 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 09:19:04.0945 4696 LSI_SAS2 - ok 09:19:04.0945 4696 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 09:19:04.0961 4696 LSI_SCSI - ok 09:19:04.0992 4696 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys 09:19:04.0992 4696 luafv - ok 09:19:05.0055 4696 [ b891e3920f24ff1a3bead6cd2b42ed99 ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe 09:19:05.0070 4696 McAfee SiteAdvisor Service - ok 09:19:05.0101 4696 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 09:19:05.0101 4696 Mcx2Svc - ok 09:19:05.0133 4696 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 09:19:05.0164 4696 megasas - ok 09:19:05.0195 4696 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 09:19:05.0195 4696 MegaSR - ok 09:19:05.0273 4696 Microsoft SharePoint Workspace Audit Service - ok 09:19:05.0320 4696 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll 09:19:05.0320 4696 MMCSS - ok 09:19:05.0351 4696 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys 09:19:05.0367 4696 Modem - ok 09:19:05.0382 4696 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys 09:19:05.0382 4696 monitor - ok 09:19:05.0413 4696 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\drivers\mouclass.sys 09:19:05.0413 4696 mouclass - ok 09:19:05.0460 4696 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 09:19:05.0460 4696 mouhid - ok 09:19:05.0523 4696 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 09:19:05.0523 4696 mountmgr - ok 09:19:05.0554 4696 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys 09:19:05.0554 4696 mpio - ok 09:19:05.0601 4696 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 09:19:05.0616 4696 mpsdrv - ok 09:19:05.0663 4696 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll 09:19:05.0679 4696 MpsSvc - ok 09:19:05.0757 4696 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 09:19:05.0757 4696 MRxDAV - ok 09:19:05.0803 4696 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 09:19:05.0803 4696 mrxsmb - ok 09:19:05.0850 4696 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:19:05.0866 4696 mrxsmb10 - ok 09:19:05.0897 4696 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:19:05.0897 4696 mrxsmb20 - ok 09:19:05.0975 4696 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys 09:19:05.0975 4696 msahci - ok 09:19:06.0006 4696 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 09:19:06.0022 4696 msdsm - ok 09:19:06.0053 4696 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe 09:19:06.0069 4696 MSDTC - ok 09:19:06.0147 4696 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 09:19:06.0147 4696 Msfs - ok 09:19:06.0209 4696 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 09:19:06.0209 4696 mshidkmdf - ok 09:19:06.0240 4696 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 09:19:06.0240 4696 msisadrv - ok 09:19:06.0287 4696 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 09:19:06.0287 4696 MSiSCSI - ok 09:19:06.0303 4696 msiserver - ok 09:19:06.0318 4696 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 09:19:06.0334 4696 MSKSSRV - ok 09:19:06.0349 4696 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 09:19:06.0365 4696 MSPCLOCK - ok 09:19:06.0381 4696 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 09:19:06.0381 4696 MSPQM - ok 09:19:06.0412 4696 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 09:19:06.0427 4696 MsRPC - ok 09:19:06.0459 4696 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 09:19:06.0459 4696 mssmbios - ok 09:19:06.0490 4696 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 09:19:06.0490 4696 MSTEE - ok 09:19:06.0505 4696 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 09:19:06.0521 4696 MTConfig - ok 09:19:06.0537 4696 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys 09:19:06.0537 4696 Mup - ok 09:19:06.0568 4696 [ 6ffecc25b39dc7652a0cec0ada9db589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 09:19:06.0568 4696 mwlPSDFilter - ok 09:19:06.0583 4696 [ 0befe32ca56d6ee89d58175725596a85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 09:19:06.0583 4696 mwlPSDNServ - ok 09:19:06.0599 4696 [ d43bc633b8660463e446e28e14a51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 09:19:06.0615 4696 mwlPSDVDisk - ok 09:19:06.0677 4696 [ 3e5e20817259f7328c8f3be5421f35b9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe 09:19:06.0693 4696 MWLService - ok 09:19:06.0755 4696 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll 09:19:06.0771 4696 napagent - ok 09:19:06.0786 4696 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 09:19:06.0802 4696 NativeWifiP - ok 09:19:06.0849 4696 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys 09:19:06.0849 4696 NDIS - ok 09:19:06.0895 4696 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 09:19:06.0895 4696 NdisCap - ok 09:19:06.0927 4696 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 09:19:06.0927 4696 NdisTapi - ok 09:19:06.0973 4696 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 09:19:06.0989 4696 Ndisuio - ok 09:19:07.0036 4696 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 09:19:07.0036 4696 NdisWan - ok 09:19:07.0098 4696 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 09:19:07.0098 4696 NDProxy - ok 09:19:07.0129 4696 [ 2334dc48997ba203b794df3ee70521db ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 09:19:07.0145 4696 Net Driver HPZ12 - ok 09:19:07.0207 4696 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 09:19:07.0207 4696 NetBIOS - ok 09:19:07.0270 4696 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 09:19:07.0270 4696 NetBT - ok 09:19:07.0301 4696 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe 09:19:07.0301 4696 Netlogon - ok 09:19:07.0504 4696 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll 09:19:07.0535 4696 Netman - ok 09:19:07.0551 4696 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll 09:19:07.0582 4696 netprofm - ok 09:19:07.0613 4696 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 09:19:07.0629 4696 NetTcpPortSharing - ok 09:19:07.0675 4696 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 09:19:07.0691 4696 nfrd960 - ok 09:19:07.0753 4696 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 09:19:07.0769 4696 NlaSvc - ok 09:19:07.0785 4696 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 09:19:07.0785 4696 Npfs - ok 09:19:07.0816 4696 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll 09:19:07.0816 4696 nsi - ok 09:19:07.0847 4696 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 09:19:07.0847 4696 nsiproxy - ok 09:19:07.0941 4696 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 09:19:07.0972 4696 Ntfs - ok 09:19:08.0050 4696 [ 9a308fcdcca98a15b6f62d36a272160e ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe 09:19:08.0050 4696 NTI IScheduleSvc - ok 09:19:08.0112 4696 [ ee3ba1024594d5d09e314f206b94069e ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys 09:19:08.0112 4696 NTIDrvr - ok 09:19:08.0159 4696 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys 09:19:08.0159 4696 Null - ok 09:19:08.0206 4696 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys 09:19:08.0221 4696 nvraid - ok 09:19:08.0237 4696 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys 09:19:08.0253 4696 nvstor - ok 09:19:08.0284 4696 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 09:19:08.0299 4696 nv_agp - ok 09:19:08.0424 4696 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 09:19:08.0440 4696 odserv - ok 09:19:08.0487 4696 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 09:19:08.0502 4696 ohci1394 - ok 09:19:08.0580 4696 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:19:08.0580 4696 ose - ok 09:19:08.0752 4696 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 09:19:09.0220 4696 osppsvc - ok 09:19:09.0267 4696 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 09:19:09.0282 4696 p2pimsvc - ok 09:19:09.0313 4696 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll 09:19:09.0313 4696 p2psvc - ok 09:19:09.0345 4696 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 09:19:09.0360 4696 Parport - ok 09:19:09.0391 4696 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys 09:19:09.0407 4696 partmgr - ok 09:19:09.0438 4696 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 09:19:09.0438 4696 PcaSvc - ok 09:19:09.0501 4696 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys 09:19:09.0501 4696 pci - ok 09:19:09.0516 4696 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys 09:19:09.0532 4696 pciide - ok 09:19:09.0563 4696 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 09:19:09.0594 4696 pcmcia - ok 09:19:09.0735 4696 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys 09:19:09.0766 4696 pcw - ok 09:19:09.0891 4696 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys 09:19:09.0906 4696 PEAUTH - ok 09:19:10.0031 4696 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe 09:19:10.0031 4696 PerfHost - ok 09:19:10.0125 4696 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll 09:19:10.0156 4696 pla - ok 09:19:10.0218 4696 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 09:19:10.0234 4696 PlugPlay - ok 09:19:10.0281 4696 [ ac78df349f0e4cfb8b667c0cfff83cce ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 09:19:10.0296 4696 Pml Driver HPZ12 - ok 09:19:10.0327 4696 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 09:19:10.0343 4696 PNRPAutoReg - ok 09:19:10.0390 4696 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 09:19:10.0390 4696 PNRPsvc - ok 09:19:10.0468 4696 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 09:19:10.0483 4696 PolicyAgent - ok 09:19:10.0515 4696 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll 09:19:10.0530 4696 Power - ok 09:19:10.0577 4696 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 09:19:10.0577 4696 PptpMiniport - ok 09:19:10.0639 4696 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys 09:19:10.0639 4696 Processor - ok 09:19:10.0686 4696 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll 09:19:10.0702 4696 ProfSvc - ok 09:19:10.0717 4696 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe 09:19:10.0717 4696 ProtectedStorage - ok 09:19:10.0780 4696 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys 09:19:10.0780 4696 Psched - ok 09:19:10.0858 4696 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 09:19:10.0889 4696 ql2300 - ok 09:19:10.0905 4696 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 09:19:10.0905 4696 ql40xx - ok 09:19:10.0936 4696 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll 09:19:10.0951 4696 QWAVE - ok 09:19:10.0983 4696 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 09:19:10.0998 4696 QWAVEdrv - ok 09:19:11.0014 4696 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 09:19:11.0014 4696 RasAcd - ok 09:19:11.0061 4696 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 09:19:11.0061 4696 RasAgileVpn - ok 09:19:11.0092 4696 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll 09:19:11.0092 4696 RasAuto - ok 09:19:11.0139 4696 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 09:19:11.0139 4696 Rasl2tp - ok 09:19:11.0185 4696 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll 09:19:11.0185 4696 RasMan - ok 09:19:11.0217 4696 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 09:19:11.0232 4696 RasPppoe - ok 09:19:11.0263 4696 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 09:19:11.0263 4696 RasSstp - ok 09:19:11.0310 4696 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 09:19:11.0326 4696 rdbss - ok 09:19:11.0357 4696 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 09:19:11.0373 4696 rdpbus - ok 09:19:11.0388 4696 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 09:19:11.0388 4696 RDPCDD - ok 09:19:11.0419 4696 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 09:19:11.0419 4696 RDPENCDD - ok 09:19:11.0451 4696 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 09:19:11.0466 4696 RDPREFMP - ok 09:19:11.0513 4696 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 09:19:11.0513 4696 RDPWD - ok 09:19:11.0591 4696 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 09:19:11.0591 4696 rdyboost - ok 09:19:11.0638 4696 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll 09:19:11.0653 4696 RemoteAccess - ok 09:19:11.0685 4696 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 09:19:11.0700 4696 RemoteRegistry - ok 09:19:11.0731 4696 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 09:19:11.0731 4696 RpcEptMapper - ok 09:19:11.0763 4696 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe 09:19:11.0763 4696 RpcLocator - ok 09:19:11.0825 4696 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\System32\rpcss.dll 09:19:11.0825 4696 RpcSs - ok 09:19:11.0856 4696 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 09:19:11.0872 4696 rspndr - ok 09:19:11.0903 4696 [ 763ae0c6d9df4c24b7e2c26036a8188a ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 09:19:11.0919 4696 RSUSBSTOR - ok 09:19:11.0934 4696 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe 09:19:11.0934 4696 SamSs - ok 09:19:11.0965 4696 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 09:19:11.0981 4696 sbp2port - ok 09:19:12.0028 4696 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll 09:19:12.0043 4696 SCardSvr - ok 09:19:12.0075 4696 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 09:19:12.0075 4696 scfilter - ok 09:19:12.0168 4696 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll 09:19:12.0184 4696 Schedule - ok 09:19:12.0215 4696 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll 09:19:12.0231 4696 SCPolicySvc - ok 09:19:12.0246 4696 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 09:19:12.0262 4696 SDRSVC - ok 09:19:12.0293 4696 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 09:19:12.0309 4696 secdrv - ok 09:19:12.0340 4696 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll 09:19:12.0355 4696 seclogon - ok 09:19:12.0402 4696 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll 09:19:12.0402 4696 SENS - ok 09:19:12.0589 4696 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 09:19:12.0636 4696 SensrSvc - ok 09:19:12.0652 4696 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 09:19:12.0699 4696 Serenum - ok 09:19:12.0745 4696 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 09:19:12.0745 4696 Serial - ok 09:19:12.0808 4696 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 09:19:12.0808 4696 sermouse - ok 09:19:12.0855 4696 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll 09:19:12.0870 4696 SessionEnv - ok 09:19:12.0917 4696 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 09:19:12.0917 4696 sffdisk - ok 09:19:12.0964 4696 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 09:19:12.0964 4696 sffp_mmc - ok 09:19:12.0964 4696 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 09:19:12.0979 4696 sffp_sd - ok 09:19:12.0995 4696 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 09:19:13.0011 4696 sfloppy - ok 09:19:13.0073 4696 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll 09:19:13.0089 4696 SharedAccess - ok 09:19:13.0120 4696 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll 09:19:13.0135 4696 ShellHWDetection - ok 09:19:13.0151 4696 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 09:19:13.0167 4696 SiSRaid2 - ok 09:19:13.0182 4696 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 09:19:13.0182 4696 SiSRaid4 - ok 09:19:13.0385 4696 [ 0f97e7a47a52f4a36969f0fc319654c2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 09:19:13.0416 4696 Skype C2C Service - ok 09:19:13.0510 4696 [ ea396139541706b4b433641d62ea53ce ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 09:19:13.0510 4696 SkypeUpdate - ok 09:19:13.0557 4696 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 09:19:13.0572 4696 Smb - ok 09:19:13.0619 4696 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe 09:19:13.0635 4696 SNMPTRAP - ok 09:19:13.0650 4696 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys 09:19:13.0666 4696 spldr - ok 09:19:13.0728 4696 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe 09:19:13.0728 4696 Spooler - ok 09:19:13.0837 4696 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe 09:19:13.0962 4696 sppsvc - ok 09:19:13.0978 4696 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 09:19:13.0993 4696 sppuinotify - ok 09:19:14.0040 4696 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys 09:19:14.0056 4696 srv - ok 09:19:14.0103 4696 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 09:19:14.0118 4696 srv2 - ok 09:19:14.0165 4696 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 09:19:14.0165 4696 srvnet - ok 09:19:14.0212 4696 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 09:19:14.0227 4696 SSDPSRV - ok 09:19:14.0243 4696 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll 09:19:14.0259 4696 SstpSvc - ok 09:19:14.0290 4696 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 09:19:14.0305 4696 stexstor - ok 09:19:14.0383 4696 [ decacb6921ded1a38642642685d77dac ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 09:19:14.0383 4696 StillCam - ok 09:19:14.0446 4696 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll 09:19:14.0461 4696 stisvc - ok 09:19:14.0508 4696 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys 09:19:14.0508 4696 swenum - ok 09:19:14.0539 4696 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll 09:19:14.0555 4696 swprv - ok 09:19:14.0586 4696 [ bcb6aa197267d3506be2535342fc40e0 ] synusb64 C:\Windows\system32\DRIVERS\synusb64.sys 09:19:14.0586 4696 synusb64 - ok 09:19:14.0664 4696 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll 09:19:14.0664 4696 SysMain - ok 09:19:14.0695 4696 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 09:19:14.0711 4696 TabletInputService - ok 09:19:14.0727 4696 [ f33fdc72298df4bf9813a55d21f4eb31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys 09:19:14.0742 4696 taphss - ok 09:19:14.0758 4696 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 09:19:14.0773 4696 TapiSrv - ok 09:19:14.0789 4696 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll 09:19:14.0805 4696 TBS - ok 09:19:14.0867 4696 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 09:19:14.0914 4696 Tcpip - ok 09:19:14.0929 4696 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 09:19:14.0945 4696 TCPIP6 - ok 09:19:14.0992 4696 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 09:19:14.0992 4696 tcpipreg - ok 09:19:15.0023 4696 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 09:19:15.0023 4696 TDPIPE - ok 09:19:15.0070 4696 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 09:19:15.0070 4696 TDTCP - ok 09:19:15.0117 4696 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 09:19:15.0117 4696 tdx - ok 09:19:15.0132 4696 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys 09:19:15.0148 4696 TermDD - ok 09:19:15.0163 4696 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll 09:19:15.0195 4696 TermService - ok 09:19:15.0226 4696 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll 09:19:15.0241 4696 Themes - ok 09:19:15.0257 4696 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll 09:19:15.0257 4696 THREADORDER - ok 09:19:15.0273 4696 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll 09:19:15.0273 4696 TrkWks - ok 09:19:15.0335 4696 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 09:19:15.0351 4696 TrustedInstaller - ok 09:19:15.0397 4696 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 09:19:15.0397 4696 tssecsrv - ok 09:19:15.0460 4696 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 09:19:15.0460 4696 TsUsbFlt - ok 09:19:15.0538 4696 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 09:19:15.0538 4696 tunnel - ok 09:19:15.0585 4696 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 09:19:15.0600 4696 uagp35 - ok 09:19:15.0631 4696 [ a17d5e1a6df4eab0a480f2c490de4c9d ] UBHelper C:\Windows\system32\drivers\UBHelper.sys 09:19:15.0631 4696 UBHelper - ok 09:19:15.0678 4696 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 09:19:15.0694 4696 udfs - ok 09:19:15.0741 4696 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 09:19:15.0741 4696 UI0Detect - ok 09:19:15.0772 4696 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 09:19:15.0787 4696 uliagpkx - ok 09:19:15.0834 4696 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys 09:19:15.0850 4696 umbus - ok 09:19:15.0865 4696 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 09:19:15.0865 4696 UmPass - ok 09:19:15.0959 4696 [ 7466809e6da561d60c2f1ce8ede3c73f ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 09:19:16.0084 4696 UNS - ok 09:19:16.0146 4696 [ f9ec9acd504d823d9b9ca98a4f8d3ca2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe 09:19:16.0162 4696 Updater Service - ok 09:19:16.0193 4696 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll 09:19:16.0209 4696 upnphost - ok 09:19:16.0255 4696 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 09:19:16.0255 4696 usbaudio - ok 09:19:16.0287 4696 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 09:19:16.0287 4696 usbccgp - ok 09:19:16.0333 4696 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 09:19:16.0349 4696 usbcir - ok 09:19:16.0365 4696 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\drivers\usbehci.sys 09:19:16.0365 4696 usbehci - ok 09:19:16.0396 4696 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 09:19:16.0411 4696 usbhub - ok 09:19:16.0411 4696 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 09:19:16.0427 4696 usbohci - ok 09:19:16.0458 4696 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 09:19:16.0458 4696 usbprint - ok 09:19:16.0474 4696 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:19:16.0474 4696 USBSTOR - ok 09:19:16.0489 4696 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 09:19:16.0505 4696 usbuhci - ok 09:19:16.0567 4696 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 09:19:16.0567 4696 usbvideo - ok 09:19:16.0599 4696 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll 09:19:16.0599 4696 UxSms - ok 09:19:16.0614 4696 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe 09:19:16.0614 4696 VaultSvc - ok 09:19:16.0630 4696 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 09:19:16.0645 4696 vdrvroot - ok 09:19:16.0692 4696 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe 09:19:16.0708 4696 vds - ok 09:19:16.0739 4696 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 09:19:16.0739 4696 vga - ok 09:19:16.0755 4696 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys 09:19:16.0755 4696 VgaSave - ok 09:19:16.0786 4696 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 09:19:16.0801 4696 vhdmp - ok 09:19:16.0848 4696 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys 09:19:16.0848 4696 viaide - ok 09:19:16.0864 4696 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 09:19:16.0879 4696 volmgr - ok 09:19:16.0926 4696 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 09:19:16.0942 4696 volmgrx - ok 09:19:16.0957 4696 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 09:19:16.0973 4696 volsnap - ok 09:19:17.0004 4696 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 09:19:17.0004 4696 vsmraid - ok 09:19:17.0082 4696 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe 09:19:17.0113 4696 VSS - ok 09:19:17.0113 4696 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 09:19:17.0129 4696 vwifibus - ok 09:19:17.0160 4696 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 09:19:17.0160 4696 vwififlt - ok 09:19:17.0176 4696 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 09:19:17.0176 4696 vwifimp - ok 09:19:17.0223 4696 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll 09:19:17.0238 4696 W32Time - ok 09:19:17.0254 4696 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 09:19:17.0269 4696 WacomPen - ok 09:19:17.0316 4696 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 09:19:17.0332 4696 WANARP - ok 09:19:17.0332 4696 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 09:19:17.0332 4696 Wanarpv6 - ok 09:19:17.0410 4696 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 09:19:17.0441 4696 WatAdminSvc - ok 09:19:17.0503 4696 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe 09:19:17.0535 4696 wbengine - ok 09:19:17.0566 4696 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 09:19:17.0581 4696 WbioSrvc - ok 09:19:17.0613 4696 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll 09:19:17.0628 4696 wcncsvc - ok 09:19:17.0644 4696 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 09:19:17.0644 4696 WcsPlugInService - ok 09:19:17.0675 4696 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys 09:19:17.0675 4696 Wd - ok 09:19:17.0706 4696 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 09:19:17.0722 4696 Wdf01000 - ok 09:19:17.0737 4696 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll 09:19:17.0753 4696 WdiServiceHost - ok 09:19:17.0753 4696 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll 09:19:17.0753 4696 WdiSystemHost - ok 09:19:17.0800 4696 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll 09:19:17.0815 4696 WebClient - ok 09:19:17.0847 4696 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll 09:19:17.0862 4696 Wecsvc - ok 09:19:17.0862 4696 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 09:19:17.0878 4696 wercplsupport - ok 09:19:17.0893 4696 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll 09:19:17.0909 4696 WerSvc - ok 09:19:17.0956 4696 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 09:19:17.0956 4696 WfpLwf - ok 09:19:17.0971 4696 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys 09:19:17.0971 4696 WIMMount - ok 09:19:17.0987 4696 WinDefend - ok 09:19:18.0003 4696 WinHttpAutoProxySvc - ok 09:19:18.0049 4696 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 09:19:18.0065 4696 Winmgmt - ok 09:19:18.0127 4696 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll 09:19:18.0159 4696 WinRM - ok 09:19:18.0205 4696 [ fe88b288356e7b47b74b13372add906d ] winusb C:\Windows\system32\drivers\WinUSB.SYS 09:19:18.0221 4696 winusb - ok 09:19:18.0268 4696 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll 09:19:18.0268 4696 Wlansvc - ok 09:19:18.0346 4696 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 09:19:18.0346 4696 wlcrasvc - ok 09:19:18.0455 4696 [ 7e47c328fc4768cb8beafbcfafa70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 09:19:18.0471 4696 wlidsvc - ok 09:19:18.0533 4696 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 09:19:18.0533 4696 WmiAcpi - ok 09:19:18.0564 4696 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 09:19:18.0580 4696 wmiApSrv - ok 09:19:18.0642 4696 WMPNetworkSvc - ok 09:19:18.0658 4696 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll 09:19:18.0658 4696 WPCSvc - ok 09:19:18.0689 4696 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 09:19:18.0705 4696 WPDBusEnum - ok 09:19:18.0720 4696 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 09:19:18.0736 4696 ws2ifsl - ok 09:19:18.0751 4696 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\system32\wscsvc.dll 09:19:18.0767 4696 wscsvc - ok 09:19:18.0767 4696 WSearch - ok 09:19:18.0829 4696 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll 09:19:18.0876 4696 wuauserv - ok 09:19:18.0907 4696 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 09:19:18.0907 4696 WudfPf - ok 09:19:18.0939 4696 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 09:19:18.0954 4696 WUDFRd - ok 09:19:18.0985 4696 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 09:19:18.0985 4696 wudfsvc - ok 09:19:19.0017 4696 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll 09:19:19.0032 4696 WwanSvc - ok Quote
joddle Posted August 16, 2012 Author Posted August 16, 2012 09:19:19.0048 4696 ================ Scan global =============================== 09:19:19.0063 4696 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll 09:19:19.0110 4696 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll 09:19:19.0126 4696 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll 09:19:19.0157 4696 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll 09:19:19.0188 4696 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe 09:19:19.0204 4696 [Global] - ok 09:19:19.0204 4696 ================ Scan MBR ================================== 09:19:19.0219 4696 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 09:19:19.0391 4696 \Device\Harddisk0\DR0 - ok 09:19:19.0407 4696 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1 09:19:23.0104 4696 \Device\Harddisk1\DR1 - ok 09:19:23.0104 4696 ================ Scan VBR ================================== 09:19:23.0104 4696 Boot (0x1200) (504016a1c24821e1a6b1ad634dcfab4e) \Device\Harddisk0\DR0\Partition1 09:19:23.0120 4696 \Device\Harddisk0\DR0\Partition1 - ok 09:19:23.0135 4696 Boot (0x1200) (da08c974901ce205c9315bbdbe81e254) \Device\Harddisk0\DR0\Partition2 09:19:23.0135 4696 \Device\Harddisk0\DR0\Partition2 - ok 09:19:23.0151 4696 Boot (0x1200) (566fc411fecfaeddacef93f3206f5c3b) \Device\Harddisk1\DR1\Partition1 09:19:23.0151 4696 \Device\Harddisk1\DR1\Partition1 - ok 09:19:23.0151 4696 ================ Scan active images ======================== 09:19:23.0151 4696 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys 09:19:23.0151 4696 C:\Windows\System32\drivers\crashdmp.sys - ok 09:19:23.0166 4696 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys 09:19:23.0166 4696 C:\Windows\System32\drivers\dumpfve.sys - ok 09:19:23.0166 4696 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] C:\Windows\System32\drivers\iaStor.sys 09:19:23.0166 4696 C:\Windows\System32\drivers\iaStor.sys - ok 09:19:23.0182 4696 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys 09:19:23.0182 4696 C:\Windows\System32\drivers\beep.sys - ok 09:19:23.0182 4696 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys 09:19:23.0182 4696 C:\Windows\System32\drivers\cdrom.sys - ok 09:19:23.0198 4696 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] C:\Windows\System32\drivers\mwlPSDFilter.sys 09:19:23.0198 4696 C:\Windows\System32\drivers\mwlPSDFilter.sys - ok 09:19:23.0198 4696 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys 09:19:23.0198 4696 C:\Windows\System32\drivers\null.sys - ok 09:19:23.0198 4696 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys 09:19:23.0198 4696 C:\Windows\System32\drivers\vga.sys - ok 09:19:23.0198 4696 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys 09:19:23.0198 4696 C:\Windows\System32\drivers\videoprt.sys - ok 09:19:23.0213 4696 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys 09:19:23.0213 4696 C:\Windows\System32\drivers\watchdog.sys - ok 09:19:23.0213 4696 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys 09:19:23.0213 4696 C:\Windows\System32\drivers\RDPCDD.sys - ok 09:19:23.0213 4696 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys 09:19:23.0213 4696 C:\Windows\System32\drivers\RDPENCDD.sys - ok 09:19:23.0213 4696 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys 09:19:23.0213 4696 C:\Windows\System32\drivers\RDPREFMP.sys - ok 09:19:23.0229 4696 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys 09:19:23.0229 4696 C:\Windows\System32\drivers\afd.sys - ok 09:19:23.0229 4696 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys 09:19:23.0229 4696 C:\Windows\System32\drivers\msfs.sys - ok 09:19:23.0229 4696 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys 09:19:23.0229 4696 C:\Windows\System32\drivers\netbt.sys - ok 09:19:23.0229 4696 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys 09:19:23.0229 4696 C:\Windows\System32\drivers\npfs.sys - ok 09:19:23.0244 4696 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys 09:19:23.0244 4696 C:\Windows\System32\drivers\tdi.sys - ok 09:19:23.0244 4696 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys 09:19:23.0244 4696 C:\Windows\System32\drivers\tdx.sys - ok 09:19:23.0244 4696 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys 09:19:23.0244 4696 C:\Windows\System32\drivers\pacer.sys - ok 09:19:23.0244 4696 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys 09:19:23.0244 4696 C:\Windows\System32\drivers\vwififlt.sys - ok 09:19:23.0260 4696 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys 09:19:23.0260 4696 C:\Windows\System32\drivers\wfplwf.sys - ok 09:19:23.0260 4696 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys 09:19:23.0260 4696 C:\Windows\System32\drivers\ws2ifsl.sys - ok 09:19:23.0260 4696 [ 0BEFE32CA56D6EE89D58175725596A85 ] C:\Windows\System32\drivers\mwlPSDNserv.sys 09:19:23.0260 4696 C:\Windows\System32\drivers\mwlPSDNserv.sys - ok 09:19:23.0260 4696 [ D43BC633B8660463E446E28E14A51262 ] C:\Windows\System32\drivers\mwlPSDVDisk.sys 09:19:23.0260 4696 C:\Windows\System32\drivers\mwlPSDVDisk.sys - ok 09:19:23.0260 4696 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys 09:19:23.0260 4696 C:\Windows\System32\drivers\netbios.sys - ok 09:19:23.0276 4696 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys 09:19:23.0276 4696 C:\Windows\System32\drivers\nsiproxy.sys - ok 09:19:23.0276 4696 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys 09:19:23.0276 4696 C:\Windows\System32\drivers\rdbss.sys - ok 09:19:23.0276 4696 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys 09:19:23.0276 4696 C:\Windows\System32\drivers\termdd.sys - ok 09:19:23.0276 4696 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys 09:19:23.0276 4696 C:\Windows\System32\drivers\wanarp.sys - ok 09:19:23.0291 4696 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] C:\Windows\System32\drivers\avipbb.sys 09:19:23.0291 4696 C:\Windows\System32\drivers\avipbb.sys - ok 09:19:23.0291 4696 [ 248DB59FC86DE44D2779F4C7FB1A567D ] C:\Windows\System32\drivers\avkmgr.sys 09:19:23.0291 4696 C:\Windows\System32\drivers\avkmgr.sys - ok 09:19:23.0291 4696 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys 09:19:23.0291 4696 C:\Windows\System32\drivers\blbdrive.sys - ok 09:19:23.0291 4696 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys 09:19:23.0291 4696 C:\Windows\System32\drivers\dfsc.sys - ok 09:19:23.0307 4696 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys 09:19:23.0307 4696 C:\Windows\System32\drivers\discache.sys - ok 09:19:23.0307 4696 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys 09:19:23.0307 4696 C:\Windows\System32\drivers\mssmbios.sys - ok 09:19:23.0307 4696 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys 09:19:23.0307 4696 C:\Windows\System32\drivers\tunnel.sys - ok 09:19:23.0307 4696 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll 09:19:23.0307 4696 C:\Windows\System32\ntdll.dll - ok 09:19:23.0322 4696 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe 09:19:23.0322 4696 C:\Windows\System32\smss.exe - ok 09:19:23.0322 4696 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe 09:19:23.0322 4696 C:\Windows\System32\autochk.exe - ok 09:19:23.0322 4696 [ 677AA5991026A65ADA128C4B59CF2BAD ] C:\Windows\System32\drivers\igdkmd64.sys 09:19:23.0322 4696 C:\Windows\System32\drivers\igdkmd64.sys - ok 09:19:23.0322 4696 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys 09:19:23.0322 4696 C:\Windows\System32\drivers\dxgkrnl.sys - ok 09:19:23.0338 4696 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys 09:19:23.0338 4696 C:\Windows\System32\drivers\dxgmms1.sys - ok 09:19:23.0338 4696 [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys 09:19:23.0338 4696 C:\Windows\System32\drivers\HECIx64.sys - ok 09:19:23.0338 4696 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys 09:19:23.0338 4696 C:\Windows\System32\drivers\usbport.sys - ok 09:19:23.0338 4696 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys 09:19:23.0338 4696 C:\Windows\System32\drivers\hdaudbus.sys - ok 09:19:23.0338 4696 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys 09:19:23.0354 4696 C:\Windows\System32\drivers\usbehci.sys - ok 09:19:23.0354 4696 [ 37E053A2CF8F0082B689ED74106E0CEC ] C:\Windows\System32\drivers\k57nd60a.sys 09:19:23.0354 4696 C:\Windows\System32\drivers\k57nd60a.sys - ok 09:19:23.0354 4696 [ 2D659B569A76CDB83B815675A80D7096 ] C:\Windows\System32\drivers\BCMWL664.SYS 09:19:23.0354 4696 C:\Windows\System32\drivers\BCMWL664.SYS - ok 09:19:23.0354 4696 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys 09:19:23.0354 4696 C:\Windows\System32\drivers\vwifibus.sys - ok 09:19:23.0369 4696 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys 09:19:23.0369 4696 C:\Windows\System32\drivers\CmBatt.sys - ok 09:19:23.0369 4696 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys 09:19:23.0369 4696 C:\Windows\System32\drivers\i8042prt.sys - ok 09:19:23.0369 4696 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys 09:19:23.0369 4696 C:\Windows\System32\drivers\kbdclass.sys - ok 09:19:23.0369 4696 [ 0975BF32399A24117E317B5BF1D5D0AA ] C:\Windows\System32\drivers\ETD.sys 09:19:23.0369 4696 C:\Windows\System32\drivers\ETD.sys - ok 09:19:23.0385 4696 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys 09:19:23.0385 4696 C:\Windows\System32\drivers\mouclass.sys - ok 09:19:23.0385 4696 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] C:\Windows\System32\drivers\UBHelper.sys 09:19:23.0385 4696 C:\Windows\System32\drivers\UBHelper.sys - ok 09:19:23.0385 4696 [ EE3BA1024594D5D09E314F206B94069E ] C:\Windows\System32\drivers\NTIDrvr.sys 09:19:23.0385 4696 C:\Windows\System32\drivers\NTIDrvr.sys - ok 09:19:23.0385 4696 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys 09:19:23.0385 4696 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok 09:19:23.0385 4696 [ DD587A55390ED2295BCE6D36AD567DA9 ] C:\Windows\System32\drivers\Impcd.sys 09:19:23.0385 4696 C:\Windows\System32\drivers\Impcd.sys - ok 09:19:23.0400 4696 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys 09:19:23.0400 4696 C:\Windows\System32\drivers\wmiacpi.sys - ok 09:19:23.0400 4696 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys 09:19:23.0400 4696 C:\Windows\System32\drivers\CompositeBus.sys - ok 09:19:23.0400 4696 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys 09:19:23.0400 4696 C:\Windows\System32\drivers\intelppm.sys - ok 09:19:23.0400 4696 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys 09:19:23.0400 4696 C:\Windows\System32\drivers\agilevpn.sys - ok 09:19:23.0416 4696 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys 09:19:23.0416 4696 C:\Windows\System32\drivers\ndistapi.sys - ok 09:19:23.0416 4696 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys 09:19:23.0416 4696 C:\Windows\System32\drivers\rasl2tp.sys - ok 09:19:23.0416 4696 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys 09:19:23.0416 4696 C:\Windows\System32\drivers\ndiswan.sys - ok 09:19:23.0416 4696 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys 09:19:23.0416 4696 C:\Windows\System32\drivers\raspppoe.sys - ok 09:19:23.0432 4696 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys 09:19:23.0432 4696 C:\Windows\System32\drivers\raspptp.sys - ok 09:19:23.0432 4696 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys 09:19:23.0432 4696 C:\Windows\System32\drivers\rassstp.sys - ok 09:19:23.0432 4696 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys 09:19:23.0432 4696 C:\Windows\System32\drivers\ks.sys - ok 09:19:23.0432 4696 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys 09:19:23.0432 4696 C:\Windows\System32\drivers\swenum.sys - ok 09:19:23.0447 4696 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys 09:19:23.0447 4696 C:\Windows\System32\drivers\umbus.sys - ok 09:19:23.0447 4696 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys 09:19:23.0447 4696 C:\Windows\System32\drivers\usbhub.sys - ok 09:19:23.0447 4696 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll 09:19:23.0447 4696 C:\Windows\System32\sechost.dll - ok 09:19:23.0447 4696 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll 09:19:23.0447 4696 C:\Windows\System32\ws2_32.dll - ok 09:19:23.0463 4696 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll 09:19:23.0463 4696 C:\Windows\System32\kernel32.dll - ok 09:19:23.0463 4696 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll 09:19:23.0463 4696 C:\Windows\System32\psapi.dll - ok 09:19:23.0463 4696 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll 09:19:23.0463 4696 C:\Windows\System32\setupapi.dll - ok 09:19:23.0463 4696 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys 09:19:23.0463 4696 C:\Windows\System32\drivers\ndproxy.sys - ok 09:19:23.0463 4696 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll 09:19:23.0463 4696 C:\Windows\System32\rpcrt4.dll - ok 09:19:23.0478 4696 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll 09:19:23.0478 4696 C:\Windows\System32\usp10.dll - ok 09:19:23.0478 4696 [ 5A45FA344F4AD99D903F4B20E43B89EC ] C:\Windows\System32\wininet.dll 09:19:23.0478 4696 C:\Windows\System32\wininet.dll - ok 09:19:23.0478 4696 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys 09:19:23.0478 4696 C:\Windows\System32\drivers\drmk.sys - ok 09:19:23.0478 4696 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys 09:19:23.0478 4696 C:\Windows\System32\drivers\portcls.sys - ok 09:19:23.0494 4696 [ 235362D403D9D677514649D88DB31914 ] C:\Windows\System32\drivers\RTKVHD64.sys 09:19:23.0494 4696 C:\Windows\System32\drivers\RTKVHD64.sys - ok 09:19:23.0494 4696 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys 09:19:23.0494 4696 C:\Windows\System32\drivers\ksthunk.sys - ok 09:19:23.0494 4696 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll 09:19:23.0494 4696 C:\Windows\System32\clbcatq.dll - ok 09:19:23.0494 4696 [ 58CF58DEE26C909BD6F977B61D246295 ] C:\Windows\System32\drivers\IntcDAud.sys 09:19:23.0494 4696 C:\Windows\System32\drivers\IntcDAud.sys - ok 09:19:23.0510 4696 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll 09:19:23.0510 4696 C:\Windows\System32\shlwapi.dll - ok 09:19:23.0510 4696 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll 09:19:23.0510 4696 C:\Windows\System32\imm32.dll - ok 09:19:23.0510 4696 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll 09:19:23.0510 4696 C:\Windows\System32\lpk.dll - ok 09:19:23.0510 4696 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll 09:19:23.0510 4696 C:\Windows\System32\msctf.dll - ok 09:19:23.0510 4696 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll 09:19:23.0510 4696 C:\Windows\System32\msvcrt.dll - ok 09:19:23.0525 4696 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll 09:19:23.0525 4696 C:\Windows\System32\normaliz.dll - ok 09:19:23.0525 4696 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll 09:19:23.0525 4696 C:\Windows\System32\user32.dll - ok 09:19:23.0525 4696 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll 09:19:23.0525 4696 C:\Windows\System32\ole32.dll - ok 09:19:23.0525 4696 [ 78CA24E3B51C624007C1B8A7B8D6C9AF ] C:\Windows\System32\iertutil.dll 09:19:23.0525 4696 C:\Windows\System32\iertutil.dll - ok 09:19:23.0541 4696 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll 09:19:23.0541 4696 C:\Windows\System32\gdi32.dll - ok 09:19:23.0541 4696 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll 09:19:23.0541 4696 C:\Windows\System32\Wldap32.dll - ok 09:19:23.0541 4696 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll 09:19:23.0541 4696 C:\Windows\System32\nsi.dll - ok 09:19:23.0541 4696 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll 09:19:23.0541 4696 C:\Windows\System32\oleaut32.dll - ok 09:19:23.0541 4696 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll 09:19:23.0541 4696 C:\Windows\System32\difxapi.dll - ok 09:19:23.0556 4696 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll 09:19:23.0556 4696 C:\Windows\System32\advapi32.dll - ok 09:19:23.0556 4696 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll 09:19:23.0556 4696 C:\Windows\System32\shell32.dll - ok 09:19:23.0556 4696 [ E8FD953D416772794408A68CC20B247D ] C:\Windows\System32\urlmon.dll 09:19:23.0556 4696 C:\Windows\System32\urlmon.dll - ok 09:19:23.0572 4696 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll 09:19:23.0572 4696 C:\Windows\System32\comdlg32.dll - ok 09:19:23.0572 4696 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll 09:19:23.0572 4696 C:\Windows\System32\comctl32.dll - ok 09:19:23.0572 4696 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll 09:19:23.0572 4696 C:\Windows\System32\devobj.dll - ok 09:19:23.0572 4696 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll 09:19:23.0572 4696 C:\Windows\System32\imagehlp.dll - ok 09:19:23.0572 4696 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll 09:19:23.0572 4696 C:\Windows\System32\cfgmgr32.dll - ok 09:19:23.0588 4696 [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll 09:19:23.0588 4696 C:\Windows\System32\crypt32.dll - ok 09:19:23.0588 4696 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll 09:19:23.0588 4696 C:\Windows\System32\KernelBase.dll - ok 09:19:23.0588 4696 [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll 09:19:23.0588 4696 C:\Windows\System32\wintrust.dll - ok 09:19:23.0588 4696 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll 09:19:23.0588 4696 C:\Windows\System32\msasn1.dll - ok 09:19:23.0603 4696 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll 09:19:23.0603 4696 C:\Windows\SysWOW64\normaliz.dll - ok 09:19:23.0603 4696 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys 09:19:23.0603 4696 C:\Windows\System32\drivers\dxapi.sys - ok 09:19:23.0603 4696 [ 511166D3F5D7EBA36DE48C4F5E195886 ] C:\Windows\System32\win32k.sys 09:19:23.0603 4696 C:\Windows\System32\win32k.sys - ok 09:19:23.0603 4696 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys 09:19:23.0603 4696 C:\Windows\System32\drivers\usbd.sys - ok 09:19:23.0619 4696 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll 09:19:23.0619 4696 C:\Windows\System32\basesrv.dll - ok 09:19:23.0619 4696 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll 09:19:23.0619 4696 C:\Windows\System32\csrsrv.dll - ok 09:19:23.0619 4696 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe 09:19:23.0619 4696 C:\Windows\System32\csrss.exe - ok 09:19:23.0619 4696 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys 09:19:23.0619 4696 C:\Windows\System32\drivers\usbccgp.sys - ok 09:19:23.0619 4696 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll 09:19:23.0619 4696 C:\Windows\System32\winsrv.dll - ok 09:19:23.0634 4696 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys 09:19:23.0634 4696 C:\Windows\System32\drivers\usbvideo.sys - ok 09:19:23.0634 4696 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys 09:19:23.0634 4696 C:\Windows\System32\drivers\hidparse.sys - ok 09:19:23.0634 4696 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys 09:19:23.0634 4696 C:\Windows\System32\drivers\hidclass.sys - ok 09:19:23.0634 4696 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys 09:19:23.0634 4696 C:\Windows\System32\drivers\hidusb.sys - ok 09:19:23.0650 4696 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys 09:19:23.0650 4696 C:\Windows\System32\drivers\mouhid.sys - ok 09:19:23.0650 4696 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS 09:19:23.0650 4696 C:\Windows\System32\drivers\USBSTOR.SYS - ok 09:19:23.0650 4696 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys 09:19:23.0650 4696 C:\Windows\System32\drivers\monitor.sys - ok 09:19:23.0666 4696 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll 09:19:23.0666 4696 C:\Windows\System32\tsddd.dll - ok 09:19:23.0666 4696 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll 09:19:23.0666 4696 C:\Windows\System32\sxssrv.dll - ok 09:19:23.0666 4696 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe 09:19:23.0666 4696 C:\Windows\System32\wininit.exe - ok 09:19:23.0666 4696 [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL 09:19:23.0666 4696 C:\Windows\System32\KBDUK.DLL - ok 09:19:23.0666 4696 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll 09:19:23.0666 4696 C:\Windows\System32\profapi.dll - ok 09:19:23.0681 4696 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll 09:19:23.0681 4696 C:\Windows\System32\RpcRtRemote.dll - ok 09:19:23.0681 4696 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll 09:19:23.0681 4696 C:\Windows\System32\cdd.dll - ok 09:19:23.0681 4696 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll 09:19:23.0681 4696 C:\Windows\System32\sxs.dll - ok 09:19:23.0681 4696 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll 09:19:23.0681 4696 C:\Windows\System32\WlS0WndH.dll - ok 09:19:23.0697 4696 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll 09:19:23.0697 4696 C:\Windows\System32\cryptbase.dll - ok 09:19:23.0697 4696 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll 09:19:23.0697 4696 C:\Windows\System32\apphelp.dll - ok 09:19:23.0697 4696 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll 09:19:23.0697 4696 C:\Windows\System32\lsasrv.dll - ok 09:19:23.0697 4696 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe 09:19:23.0697 4696 C:\Windows\System32\lsass.exe - ok 09:19:23.0697 4696 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe 09:19:23.0697 4696 C:\Windows\System32\lsm.exe - ok 09:19:23.0712 4696 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll 09:19:23.0712 4696 C:\Windows\System32\scext.dll - ok 09:19:23.0712 4696 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe 09:19:23.0712 4696 C:\Windows\System32\services.exe - ok 09:19:23.0712 4696 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll 09:19:23.0712 4696 C:\Windows\System32\sspicli.dll - ok 09:19:23.0712 4696 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll 09:19:23.0712 4696 C:\Windows\System32\sspisrv.dll - ok 09:19:23.0728 4696 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll 09:19:23.0728 4696 C:\Windows\System32\sysntfy.dll - ok 09:19:23.0728 4696 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll 09:19:23.0728 4696 C:\Windows\System32\wmsgapi.dll - ok 09:19:23.0728 4696 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll 09:19:23.0728 4696 C:\Windows\System32\scesrv.dll - ok 09:19:23.0728 4696 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll 09:19:23.0728 4696 C:\Windows\System32\secur32.dll - ok 09:19:23.0744 4696 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll 09:19:23.0744 4696 C:\Windows\System32\samsrv.dll - ok 09:19:23.0744 4696 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll 09:19:23.0744 4696 C:\Windows\System32\srvcli.dll - ok 09:19:23.0744 4696 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll 09:19:23.0744 4696 C:\Windows\System32\cryptdll.dll - ok 09:19:23.0744 4696 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll 09:19:23.0744 4696 C:\Windows\System32\wevtapi.dll - ok 09:19:23.0744 4696 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll 09:19:23.0744 4696 C:\Windows\System32\authz.dll - ok 09:19:23.0759 4696 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll 09:19:23.0759 4696 C:\Windows\System32\bcrypt.dll - ok 09:19:23.0759 4696 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll 09:19:23.0759 4696 C:\Windows\System32\cngaudit.dll - ok 09:19:23.0759 4696 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll 09:19:23.0759 4696 C:\Windows\System32\ncrypt.dll - ok 09:19:23.0759 4696 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll 09:19:23.0759 4696 C:\Windows\System32\kerberos.dll - ok 09:19:23.0775 4696 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll 09:19:23.0775 4696 C:\Windows\System32\msprivs.dll - ok 09:19:23.0775 4696 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll 09:19:23.0775 4696 C:\Windows\System32\negoexts.dll - ok 09:19:23.0775 4696 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll 09:19:23.0775 4696 C:\Windows\System32\netjoin.dll - ok 09:19:23.0775 4696 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll 09:19:23.0775 4696 C:\Windows\System32\cryptsp.dll - ok 09:19:23.0790 4696 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll 09:19:23.0790 4696 C:\Windows\System32\mswsock.dll - ok 09:19:23.0790 4696 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll 09:19:23.0790 4696 C:\Windows\System32\msv1_0.dll - ok 09:19:23.0790 4696 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll 09:19:23.0790 4696 C:\Windows\System32\wship6.dll - ok 09:19:23.0790 4696 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll 09:19:23.0790 4696 C:\Windows\System32\netlogon.dll - ok 09:19:23.0806 4696 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll 09:19:23.0806 4696 C:\Windows\System32\dnsapi.dll - ok 09:19:23.0806 4696 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll 09:19:23.0806 4696 C:\Windows\System32\logoncli.dll - ok 09:19:23.0806 4696 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll 09:19:23.0806 4696 C:\Windows\System32\schannel.dll - ok 09:19:23.0806 4696 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll 09:19:23.0806 4696 C:\Windows\System32\wdigest.dll - ok 09:19:23.0822 4696 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll 09:19:23.0822 4696 C:\Windows\System32\rsaenh.dll - ok 09:19:23.0822 4696 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll 09:19:23.0822 4696 C:\Windows\System32\TSpkg.dll - ok 09:19:23.0822 4696 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll 09:19:23.0822 4696 C:\Windows\System32\pku2u.dll - ok 09:19:23.0822 4696 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll 09:19:23.0822 4696 C:\Windows\System32\bcryptprimitives.dll - ok 09:19:23.0837 4696 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL 09:19:23.0837 4696 C:\Windows\System32\LIVESSP.DLL - ok 09:19:23.0837 4696 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll 09:19:23.0837 4696 C:\Windows\System32\efslsaext.dll - ok 09:19:23.0837 4696 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll 09:19:23.0837 4696 C:\Windows\System32\credssp.dll - ok 09:19:23.0837 4696 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll 09:19:23.0837 4696 C:\Windows\System32\scecli.dll - ok 09:19:23.0837 4696 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll 09:19:23.0837 4696 C:\Windows\System32\ubpm.dll - ok 09:19:23.0853 4696 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe 09:19:23.0853 4696 C:\Windows\System32\svchost.exe - ok 09:19:23.0853 4696 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll 09:19:23.0853 4696 C:\Windows\System32\winsta.dll - ok 09:19:23.0853 4696 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll 09:19:23.0853 4696 C:\Windows\System32\umpnpmgr.dll - ok 09:19:23.0853 4696 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll 09:19:23.0853 4696 C:\Windows\System32\SPInf.dll - ok 09:19:23.0868 4696 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll 09:19:23.0868 4696 C:\Windows\System32\devrtl.dll - ok 09:19:23.0868 4696 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll 09:19:23.0868 4696 C:\Windows\System32\gpapi.dll - ok 09:19:23.0868 4696 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll 09:19:23.0868 4696 C:\Windows\System32\umpo.dll - ok 09:19:23.0868 4696 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll 09:19:23.0868 4696 C:\Windows\System32\userenv.dll - ok 09:19:23.0868 4696 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll 09:19:23.0868 4696 C:\Windows\System32\pcwum.dll - ok 09:19:23.0884 4696 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll 09:19:23.0884 4696 C:\Windows\System32\powrprof.dll - ok 09:19:23.0884 4696 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] C:\Windows\System32\drivers\avgntflt.sys 09:19:23.0884 4696 C:\Windows\System32\drivers\avgntflt.sys - ok 09:19:23.0884 4696 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys 09:19:23.0884 4696 C:\Windows\System32\drivers\luafv.sys - ok 09:19:23.0884 4696 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys 09:19:23.0900 4696 C:\Windows\System32\drivers\WUDFPf.sys - ok 09:19:23.0900 4696 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll 09:19:23.0900 4696 C:\Windows\System32\RpcEpMap.dll - ok 09:19:23.0900 4696 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll 09:19:23.0900 4696 C:\Windows\System32\rpcss.dll - ok 09:19:23.0900 4696 [ BEA4A21BEE5D2F175A0BBD7640F89F84 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll 09:19:23.0900 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll - ok 09:19:23.0900 4696 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL 09:19:23.0900 4696 C:\Windows\System32\IPHLPAPI.DLL - ok 09:19:23.0915 4696 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe 09:19:23.0915 4696 C:\Windows\System32\winlogon.exe - ok 09:19:23.0915 4696 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll 09:19:23.0915 4696 C:\Windows\System32\winnsi.dll - ok 09:19:23.0915 4696 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll 09:19:23.0915 4696 C:\Windows\System32\wshqos.dll - ok 09:19:23.0915 4696 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL 09:19:23.0915 4696 C:\Windows\System32\WSHTCPIP.DLL - ok 09:19:23.0931 4696 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll 09:19:23.0931 4696 C:\Windows\System32\FirewallAPI.dll - ok 09:19:23.0931 4696 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll 09:19:23.0931 4696 C:\Windows\System32\version.dll - ok 09:19:23.0931 4696 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll 09:19:23.0931 4696 C:\Windows\System32\wevtsvc.dll - ok 09:19:23.0931 4696 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll 09:19:23.0931 4696 C:\Windows\System32\audiosrv.dll - ok 09:19:23.0946 4696 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll 09:19:23.0946 4696 C:\Windows\System32\ntmarta.dll - ok 09:19:23.0946 4696 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll 09:19:23.0946 4696 C:\Windows\System32\avrt.dll - ok 09:19:23.0946 4696 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll 09:19:23.0946 4696 C:\Windows\System32\mmcss.dll - ok 09:19:23.0946 4696 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll 09:19:23.0946 4696 C:\Windows\System32\wlansvc.dll - ok 09:19:23.0946 4696 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe 09:19:23.0946 4696 C:\Windows\System32\LogonUI.exe - ok 09:19:23.0962 4696 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll 09:19:23.0962 4696 C:\Windows\System32\authui.dll - ok 09:19:23.0962 4696 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll 09:19:23.0962 4696 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok 09:19:23.0962 4696 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll 09:19:23.0962 4696 C:\Windows\System32\MMDevAPI.dll - ok 09:19:23.0978 4696 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll 09:19:23.0978 4696 C:\Windows\System32\WUDFPlatform.dll - ok 09:19:23.0978 4696 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll 09:19:23.0978 4696 C:\Windows\System32\propsys.dll - ok 09:19:23.0978 4696 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys 09:19:23.0978 4696 C:\Windows\System32\drivers\fltMgr.sys - ok 09:19:23.0978 4696 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL 09:19:23.0978 4696 C:\Windows\System32\PSHED.DLL - ok 09:19:23.0993 4696 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll 09:19:23.0993 4696 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok 09:19:23.0993 4696 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll 09:19:23.0993 4696 C:\Windows\System32\cryptui.dll - ok 09:19:23.0993 4696 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll 09:19:23.0993 4696 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok 09:19:23.0993 4696 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll 09:19:23.0993 4696 C:\Windows\System32\samlib.dll - ok 09:19:24.0009 4696 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll 09:19:24.0009 4696 C:\Windows\System32\shacct.dll - ok 09:19:24.0009 4696 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe 09:19:24.0009 4696 C:\Windows\System32\audiodg.exe - ok 09:19:24.0009 4696 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll 09:19:24.0009 4696 C:\Windows\System32\uxtheme.dll - ok 09:19:24.0009 4696 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll 09:19:24.0009 4696 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok 09:19:24.0024 4696 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll 09:19:24.0024 4696 C:\Windows\System32\gpsvc.dll - ok 09:19:24.0024 4696 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll 09:19:24.0024 4696 C:\Windows\System32\dui70.dll - ok 09:19:24.0024 4696 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll 09:19:24.0024 4696 C:\Windows\System32\nlaapi.dll - ok 09:19:24.0024 4696 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll 09:19:24.0024 4696 C:\Windows\System32\profsvc.dll - ok 09:19:24.0040 4696 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll 09:19:24.0040 4696 C:\Windows\System32\themeservice.dll - ok 09:19:24.0040 4696 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll 09:19:24.0040 4696 C:\Windows\System32\atl.dll - ok 09:19:24.0040 4696 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll 09:19:24.0040 4696 C:\Windows\System32\dsrole.dll - ok 09:19:24.0040 4696 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll 09:19:24.0040 4696 C:\Windows\System32\es.dll - ok 09:19:24.0056 4696 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll 09:19:24.0056 4696 C:\Windows\System32\slc.dll - ok 09:19:24.0056 4696 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll 09:19:24.0056 4696 C:\Windows\System32\duser.dll - ok 09:19:24.0056 4696 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll 09:19:24.0056 4696 C:\Windows\System32\comres.dll - ok 09:19:24.0056 4696 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll 09:19:24.0056 4696 C:\Windows\System32\Sens.dll - ok 09:19:24.0056 4696 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll 09:19:24.0056 4696 C:\Windows\System32\SndVolSSO.dll - ok 09:19:24.0071 4696 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll 09:19:24.0071 4696 C:\Windows\System32\winmm.dll - ok 09:19:24.0071 4696 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll 09:19:24.0071 4696 C:\Windows\System32\uxsms.dll - ok 09:19:24.0071 4696 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll 09:19:24.0071 4696 C:\Windows\System32\wtsapi32.dll - ok 09:19:24.0071 4696 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll 09:19:24.0071 4696 C:\Windows\System32\WUDFSvc.dll - ok 09:19:24.0087 4696 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll 09:19:24.0087 4696 C:\Windows\System32\hid.dll - ok 09:19:24.0087 4696 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv 09:19:24.0087 4696 C:\Windows\System32\wdmaud.drv - ok 09:19:24.0087 4696 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll 09:19:24.0087 4696 C:\Windows\System32\ksuser.dll - ok 09:19:24.0087 4696 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys 09:19:24.0087 4696 C:\Windows\System32\drivers\lltdio.sys - ok 09:19:24.0087 4696 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll 09:19:24.0087 4696 C:\Windows\System32\dwmapi.dll - ok 09:19:24.0102 4696 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll 09:19:24.0102 4696 C:\Windows\System32\xmllite.dll - ok 09:19:24.0102 4696 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys 09:19:24.0102 4696 C:\Windows\System32\drivers\ndisuio.sys - ok 09:19:24.0102 4696 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys 09:19:24.0102 4696 C:\Windows\System32\drivers\nwifi.sys - ok 09:19:24.0102 4696 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll 09:19:24.0102 4696 C:\Windows\System32\AudioSes.dll - ok 09:19:24.0118 4696 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll 09:19:24.0118 4696 C:\Windows\System32\dhcpcore.dll - ok 09:19:24.0118 4696 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys 09:19:24.0118 4696 C:\Windows\System32\drivers\rspndr.sys - ok 09:19:24.0118 4696 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll 09:19:24.0118 4696 C:\Windows\System32\lmhsvc.dll - ok 09:19:24.0118 4696 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll 09:19:24.0118 4696 C:\Windows\System32\nrpsrv.dll - ok 09:19:24.0134 4696 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll 09:19:24.0134 4696 C:\Windows\System32\nsisvc.dll - ok 09:19:24.0134 4696 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll 09:19:24.0134 4696 C:\Windows\System32\dnsrslvr.dll - ok 09:19:24.0134 4696 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll 09:19:24.0134 4696 C:\Windows\System32\eapphost.dll - ok 09:19:24.0134 4696 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll 09:19:24.0134 4696 C:\Windows\System32\eapsvc.dll - ok 09:19:24.0134 4696 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll 09:19:24.0134 4696 C:\Windows\System32\keyiso.dll - ok 09:19:24.0149 4696 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll 09:19:24.0149 4696 C:\Windows\System32\dhcpcore6.dll - ok 09:19:24.0149 4696 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL 09:19:24.0149 4696 C:\Windows\System32\FWPUCLNT.DLL - ok 09:19:24.0149 4696 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll 09:19:24.0149 4696 C:\Windows\System32\umb.dll - ok 09:19:24.0149 4696 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll 09:19:24.0149 4696 C:\Windows\System32\wlanmsm.dll - ok 09:19:24.0165 4696 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll 09:19:24.0165 4696 C:\Windows\System32\dnsext.dll - ok 09:19:24.0165 4696 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll 09:19:24.0165 4696 C:\Windows\System32\msacm32.dll - ok 09:19:24.0165 4696 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv 09:19:24.0165 4696 C:\Windows\System32\msacm32.drv - ok 09:19:24.0165 4696 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll 09:19:24.0165 4696 C:\Windows\System32\wlansec.dll - ok 09:19:24.0180 4696 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll 09:19:24.0180 4696 C:\Windows\System32\dhcpcsvc.dll - ok 09:19:24.0180 4696 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll 09:19:24.0180 4696 C:\Windows\System32\dhcpcsvc6.dll - ok 09:19:24.0180 4696 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll 09:19:24.0180 4696 C:\Windows\System32\midimap.dll - ok 09:19:24.0180 4696 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll 09:19:24.0180 4696 C:\Windows\System32\AudioEng.dll - ok 09:19:24.0196 4696 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll 09:19:24.0196 4696 C:\Windows\System32\onex.dll - ok 09:19:24.0196 4696 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll 09:19:24.0196 4696 C:\Windows\System32\WindowsCodecs.dll - ok 09:19:24.0196 4696 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll 09:19:24.0196 4696 C:\Windows\System32\eappcfg.dll - ok 09:19:24.0196 4696 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll 09:19:24.0196 4696 C:\Windows\System32\eappprxy.dll - ok 09:19:24.0196 4696 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll 09:19:24.0196 4696 C:\Windows\System32\AUDIOKSE.dll - ok 09:19:24.0212 4696 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll 09:19:24.0212 4696 C:\Windows\System32\l2gpstore.dll - ok 09:19:24.0212 4696 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll 09:19:24.0212 4696 C:\Windows\System32\WinSCard.dll - ok 09:19:24.0212 4696 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll 09:19:24.0212 4696 C:\Windows\System32\wlanutil.dll - ok 09:19:24.0212 4696 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll 09:19:24.0212 4696 C:\Windows\System32\wlgpclnt.dll - ok 09:19:24.0227 4696 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll 09:19:24.0227 4696 C:\Windows\System32\msxml6.dll - ok 09:19:24.0227 4696 [ EBB3AF12156D523A0581A143B546143F ] C:\Windows\System32\RtkAPO64.dll 09:19:24.0227 4696 C:\Windows\System32\RtkAPO64.dll - ok 09:19:24.0227 4696 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll 09:19:24.0227 4696 C:\Windows\System32\VaultCredProvider.dll - ok 09:19:24.0227 4696 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll 09:19:24.0227 4696 C:\Windows\System32\winbrand.dll - ok 09:19:24.0243 4696 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll 09:19:24.0243 4696 C:\Windows\System32\SmartcardCredentialProvider.dll - ok 09:19:24.0243 4696 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll 09:19:24.0243 4696 C:\Windows\System32\BioCredProv.dll - ok 09:19:24.0243 4696 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll 09:19:24.0243 4696 C:\Windows\System32\winbio.dll - ok 09:19:24.0243 4696 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll 09:19:24.0243 4696 C:\Windows\System32\credui.dll - ok 09:19:24.0258 4696 [ 764908FE1FA96F93C95B1B67A0FCED29 ] C:\Windows\System32\netapi32.dll 09:19:24.0258 4696 C:\Windows\System32\netapi32.dll - ok 09:19:24.0258 4696 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll 09:19:24.0258 4696 C:\Windows\System32\netutils.dll - ok 09:19:24.0258 4696 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll 09:19:24.0258 4696 C:\Windows\System32\samcli.dll - ok 09:19:24.0258 4696 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll 09:19:24.0258 4696 C:\Windows\System32\vaultcli.dll - ok 09:19:24.0258 4696 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll 09:19:24.0258 4696 C:\Windows\System32\wkscli.dll - ok 09:19:24.0274 4696 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll 09:19:24.0274 4696 C:\Windows\System32\certCredProvider.dll - ok 09:19:24.0274 4696 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe 09:19:24.0274 4696 C:\Windows\System32\conhost.exe - ok 09:19:24.0274 4696 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll 09:19:24.0274 4696 C:\Windows\System32\shsvcs.dll - ok 09:19:24.0274 4696 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe 09:19:24.0274 4696 C:\Windows\System32\wlanext.exe - ok 09:19:24.0290 4696 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL 09:19:24.0290 4696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok 09:19:24.0290 4696 [ 6562232C88FA8E900D9FECFD2F7D8699 ] C:\Windows\System32\bcmihvsrv64.dll 09:19:24.0290 4696 C:\Windows\System32\bcmihvsrv64.dll - ok 09:19:24.0290 4696 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll 09:19:24.0290 4696 C:\Windows\System32\WMALFXGFXDSP.dll - ok 09:19:24.0290 4696 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll 09:19:24.0290 4696 C:\Windows\System32\schedsvc.dll - ok 09:19:24.0305 4696 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll 09:19:24.0305 4696 C:\Windows\System32\rasplap.dll - ok 09:19:24.0305 4696 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll 09:19:24.0305 4696 C:\Windows\System32\adtschema.dll - ok 09:19:24.0305 4696 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll 09:19:24.0305 4696 C:\Windows\System32\rasapi32.dll - ok 09:19:24.0305 4696 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll 09:19:24.0305 4696 C:\Windows\System32\rasman.dll - ok 09:19:24.0305 4696 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll 09:19:24.0305 4696 C:\Windows\System32\ktmw32.dll - ok 09:19:24.0321 4696 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll 09:19:24.0321 4696 C:\Windows\System32\rtutils.dll - ok 09:19:24.0321 4696 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll 09:19:24.0321 4696 C:\Windows\System32\mfplat.dll - ok 09:19:24.0321 4696 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll 09:19:24.0321 4696 C:\Windows\System32\oleacc.dll - ok 09:19:24.0321 4696 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll 09:19:24.0321 4696 C:\Windows\System32\UXInit.dll - ok 09:19:24.0336 4696 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll 09:19:24.0336 4696 C:\Windows\System32\UIAutomationCore.dll - ok 09:19:24.0336 4696 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll 09:19:24.0336 4696 C:\Windows\System32\taskcomp.dll - ok 09:19:24.0336 4696 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys 09:19:24.0336 4696 C:\Windows\System32\drivers\fastfat.sys - ok 09:19:24.0336 4696 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll 09:19:24.0336 4696 C:\Windows\System32\wlanapi.dll - ok 09:19:24.0336 4696 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys 09:19:24.0336 4696 C:\Windows\System32\drivers\http.sys - ok 09:19:24.0352 4696 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll 09:19:24.0352 4696 C:\Windows\System32\fveapi.dll - ok 09:19:24.0352 4696 [ B96C17B5DC1424D56EEA3A99E97428CD ] C:\Windows\System32\spoolsv.exe 09:19:24.0352 4696 C:\Windows\System32\spoolsv.exe - ok 09:19:24.0352 4696 [ 0A1CC583E8147004E4AD4625D7FBF88C ] C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 09:19:24.0352 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe - ok 09:19:24.0352 4696 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll 09:19:24.0352 4696 C:\Windows\SysWOW64\ntdll.dll - ok 09:19:24.0368 4696 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll 09:19:24.0368 4696 C:\Windows\System32\imageres.dll - ok 09:19:24.0368 4696 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll 09:19:24.0368 4696 C:\Windows\System32\netcfgx.dll - ok 09:19:24.0368 4696 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys 09:19:24.0368 4696 C:\Windows\System32\drivers\vwifimp.sys - ok 09:19:24.0368 4696 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll 09:19:24.0368 4696 C:\Windows\System32\fvecerts.dll - ok 09:19:24.0383 4696 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll 09:19:24.0383 4696 C:\Windows\System32\tbs.dll - ok 09:19:24.0383 4696 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll 09:19:24.0383 4696 C:\Windows\System32\wow64.dll - ok 09:19:24.0383 4696 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe 09:19:24.0383 4696 C:\Windows\System32\taskeng.exe - ok 09:19:24.0383 4696 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll 09:19:24.0383 4696 C:\Windows\System32\wow64cpu.dll - ok 09:19:24.0399 4696 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll 09:19:24.0399 4696 C:\Windows\System32\wow64win.dll - ok 09:19:24.0399 4696 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll 09:19:24.0399 4696 C:\Windows\SysWOW64\kernel32.dll - ok 09:19:24.0399 4696 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll 09:19:24.0399 4696 C:\Windows\System32\wiarpc.dll - ok 09:19:24.0399 4696 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll 09:19:24.0399 4696 C:\Windows\SysWOW64\KernelBase.dll - ok Quote
joddle Posted August 16, 2012 Author Posted August 16, 2012 09:19:24.0399 4696 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll 09:19:24.0414 4696 C:\Windows\SysWOW64\user32.dll - ok 09:19:24.0414 4696 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll 09:19:24.0414 4696 C:\Windows\SysWOW64\gdi32.dll - ok 09:19:24.0414 4696 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll 09:19:24.0414 4696 C:\Windows\SysWOW64\lpk.dll - ok 09:19:24.0414 4696 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll 09:19:24.0414 4696 C:\Windows\SysWOW64\usp10.dll - ok 09:19:24.0414 4696 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll 09:19:24.0414 4696 C:\Windows\SysWOW64\msvcrt.dll - ok 09:19:24.0430 4696 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe 09:19:24.0430 4696 C:\Windows\System32\rundll32.exe - ok 09:19:24.0430 4696 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll 09:19:24.0430 4696 C:\Windows\System32\TSChannel.dll - ok 09:19:24.0430 4696 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll 09:19:24.0430 4696 C:\Windows\SysWOW64\advapi32.dll - ok 09:19:24.0430 4696 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe 09:19:24.0430 4696 C:\Windows\SysWOW64\rundll32.exe - ok 09:19:24.0446 4696 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll 09:19:24.0446 4696 C:\Windows\SysWOW64\rpcrt4.dll - ok 09:19:24.0446 4696 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll 09:19:24.0446 4696 C:\Windows\SysWOW64\sechost.dll - ok 09:19:24.0446 4696 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll 09:19:24.0446 4696 C:\Windows\SysWOW64\cryptbase.dll - ok 09:19:24.0446 4696 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll 09:19:24.0446 4696 C:\Windows\SysWOW64\imagehlp.dll - ok 09:19:24.0446 4696 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll 09:19:24.0446 4696 C:\Windows\SysWOW64\sspicli.dll - ok 09:19:24.0461 4696 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\SysWOW64\msvcp100.dll 09:19:24.0461 4696 C:\Windows\SysWOW64\msvcp100.dll - ok 09:19:24.0461 4696 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll 09:19:24.0461 4696 C:\Windows\SysWOW64\apphelp.dll - ok 09:19:24.0461 4696 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll 09:19:24.0461 4696 C:\Windows\AppPatch\AcLayers.dll - ok 09:19:24.0461 4696 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll 09:19:24.0461 4696 C:\Windows\SysWOW64\msvcr100.dll - ok 09:19:24.0477 4696 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll 09:19:24.0477 4696 C:\Windows\SysWOW64\imm32.dll - ok 09:19:24.0477 4696 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll 09:19:24.0477 4696 C:\Windows\SysWOW64\msctf.dll - ok 09:19:24.0477 4696 [ 3EF34FFAB47A2ECF4CE395EDB6D15334 ] C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll 09:19:24.0477 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll - ok 09:19:24.0477 4696 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll 09:19:24.0477 4696 C:\Windows\SysWOW64\shell32.dll - ok 09:19:24.0492 4696 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll 09:19:24.0492 4696 C:\Windows\SysWOW64\shlwapi.dll - ok 09:19:24.0492 4696 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll 09:19:24.0492 4696 C:\Windows\SysWOW64\ole32.dll - ok 09:19:24.0492 4696 [ 6EBF590F58CB13F34E4BD702CC1286B3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll 09:19:24.0492 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll - ok 09:19:24.0492 4696 [ 13B7445DAAD8EA6774D65FD9DEF5D199 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll 09:19:24.0492 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll - ok 09:19:24.0508 4696 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll 09:19:24.0508 4696 C:\Windows\SysWOW64\oleaut32.dll - ok 09:19:24.0508 4696 [ 80126BC6148CAD0FDB4EFF948232DC34 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll 09:19:24.0508 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll - ok 09:19:24.0508 4696 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll 09:19:24.0508 4696 C:\Windows\SysWOW64\mpr.dll - ok 09:19:24.0508 4696 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll 09:19:24.0508 4696 C:\Windows\SysWOW64\profapi.dll - ok 09:19:24.0524 4696 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll 09:19:24.0524 4696 C:\Windows\SysWOW64\userenv.dll - ok 09:19:24.0524 4696 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv 09:19:24.0524 4696 C:\Windows\SysWOW64\winspool.drv - ok 09:19:24.0524 4696 [ 0D99E1210ECBC560E53FD759CFA4EAB5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll 09:19:24.0524 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll - ok 09:19:24.0524 4696 [ 6D7DE520D8AA80A243347BECD401EB54 ] C:\Windows\AppPatch\acwow64.dll 09:19:24.0524 4696 C:\Windows\AppPatch\acwow64.dll - ok 09:19:24.0524 4696 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL 09:19:24.0524 4696 C:\Windows\System32\BFE.DLL - ok 09:19:24.0539 4696 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll 09:19:24.0539 4696 C:\Windows\SysWOW64\version.dll - ok 09:19:24.0539 4696 [ C48E0D43530060CAD4A0B231B10EB5BA ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll 09:19:24.0539 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll - ok 09:19:24.0539 4696 [ E94EA3F802062AD4AD2495DB656D319A ] C:\Windows\SysWOW64\netprof0.dll 09:19:24.0539 4696 C:\Windows\SysWOW64\netprof0.dll - ok 09:19:24.0539 4696 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL 09:19:24.0539 4696 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok 09:19:24.0555 4696 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll 09:19:24.0555 4696 C:\Windows\SysWOW64\nsi.dll - ok 09:19:24.0570 4696 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll 09:19:24.0570 4696 C:\Windows\SysWOW64\winnsi.dll - ok 09:19:24.0586 4696 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll 09:19:24.0586 4696 C:\Windows\SysWOW64\wtsapi32.dll - ok 09:19:24.0586 4696 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll 09:19:24.0586 4696 C:\Windows\SysWOW64\rasapi32.dll - ok 09:19:24.0586 4696 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll 09:19:24.0586 4696 C:\Windows\SysWOW64\rasman.dll - ok 09:19:24.0586 4696 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll 09:19:24.0586 4696 C:\Windows\SysWOW64\ws2_32.dll - ok 09:19:24.0602 4696 [ 434D3AFF60EE877A2D1CADE7016AF4C3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll 09:19:24.0602 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll - ok 09:19:24.0602 4696 [ 453A81F0537D7619BDC677E9A733C3FA ] C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll 09:19:24.0602 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll - ok 09:19:24.0602 4696 [ 503FE48BC3B68F40018520AEAE3BEAC1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll 09:19:24.0602 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll - ok 09:19:24.0617 4696 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll 09:19:24.0617 4696 C:\Windows\SysWOW64\cfgmgr32.dll - ok 09:19:24.0617 4696 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys 09:19:24.0617 4696 C:\Windows\System32\drivers\bowser.sys - ok 09:19:24.0617 4696 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys 09:19:24.0617 4696 C:\Windows\System32\drivers\mpsdrv.sys - ok 09:19:24.0617 4696 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys 09:19:24.0617 4696 C:\Windows\System32\drivers\mrxsmb.sys - ok 09:19:24.0633 4696 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys 09:19:24.0633 4696 C:\Windows\System32\drivers\mrxsmb10.sys - ok 09:19:24.0633 4696 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys 09:19:24.0633 4696 C:\Windows\System32\drivers\mrxsmb20.sys - ok 09:19:24.0633 4696 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll 09:19:24.0633 4696 C:\Windows\System32\MPSSVC.dll - ok 09:19:24.0633 4696 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll 09:19:24.0633 4696 C:\Windows\System32\wkssvc.dll - ok 09:19:24.0648 4696 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 09:19:24.0648 4696 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok 09:19:24.0648 4696 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll 09:19:24.0648 4696 C:\Windows\System32\wfapigp.dll - ok 09:19:24.0648 4696 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll 09:19:24.0648 4696 C:\Windows\SysWOW64\crypt32.dll - ok 09:19:24.0664 4696 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll 09:19:24.0664 4696 C:\Windows\SysWOW64\msasn1.dll - ok 09:19:24.0664 4696 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll 09:19:24.0664 4696 C:\Windows\SysWOW64\wintrust.dll - ok 09:19:24.0664 4696 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll 09:19:24.0664 4696 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok 09:19:24.0664 4696 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll 09:19:24.0664 4696 C:\Windows\System32\mscms.dll - ok 09:19:24.0680 4696 [ C9A36EF935ACED86AEDF93E97E606911 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 09:19:24.0680 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe - ok 09:19:24.0680 4696 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll 09:19:24.0680 4696 C:\Windows\System32\pcasvc.dll - ok 09:19:24.0680 4696 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe 09:19:24.0680 4696 C:\Windows\System32\snmptrap.exe - ok 09:19:24.0680 4696 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll 09:19:24.0695 4696 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok 09:19:24.0695 4696 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll 09:19:24.0695 4696 C:\Windows\System32\provsvc.dll - ok 09:19:24.0695 4696 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 09:19:24.0695 4696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok 09:19:24.0695 4696 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll 09:19:24.0695 4696 C:\Windows\System32\sstpsvc.dll - ok 09:19:24.0711 4696 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll 09:19:24.0711 4696 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok 09:19:24.0711 4696 [ 991F2C676B636E475CB9C8C30ED8E570 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll 09:19:24.0711 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll - ok 09:19:24.0711 4696 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll 09:19:24.0711 4696 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok 09:19:24.0726 4696 [ 670690FD78D7A14FF6B2579502C7FFFB ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll 09:19:24.0726 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll - ok 09:19:24.0726 4696 [ C2C2335E62DA083E06BD99A70DFA8785 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll 09:19:24.0726 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll - ok 09:19:24.0726 4696 [ 2EC0D1737C05ADB6156C65BD4A2613F6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll 09:19:24.0726 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll - ok 09:19:24.0726 4696 [ CB0248A426835FE0A77F1B468E1825E1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll 09:19:24.0726 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll - ok 09:19:24.0742 4696 [ 8F9F50F3810672AC36503B72A0B1808A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll 09:19:24.0742 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll - ok 09:19:24.0742 4696 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll 09:19:24.0742 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok 09:19:24.0742 4696 [ 8B22CF51B907E3A221267CF1E502993A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll 09:19:24.0742 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok 09:19:24.0742 4696 [ 054B87C872292A960B9B8A834B34DFA7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll 09:19:24.0742 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok 09:19:24.0758 4696 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 09:19:24.0758 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok 09:19:24.0758 4696 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll 09:19:24.0758 4696 C:\Windows\SysWOW64\wsock32.dll - ok 09:19:24.0758 4696 [ 729F4D9EC5E17A5588DD187D0F5F2738 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll 09:19:24.0758 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll - ok 09:19:24.0773 4696 [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll 09:19:24.0773 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok 09:19:24.0773 4696 [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll 09:19:24.0773 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok 09:19:24.0773 4696 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll 09:19:24.0773 4696 C:\Windows\SysWOW64\winmm.dll - ok 09:19:24.0773 4696 [ 31222A7F19EF7013FD43E47168E4400A ] C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll 09:19:24.0773 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll - ok 09:19:24.0789 4696 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll 09:19:24.0789 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok 09:19:24.0789 4696 [ EA196C9873949A3D2050C86B7AE95FDD ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll 09:19:24.0789 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll - ok 09:19:24.0789 4696 [ 4200272EE793C5E139365E0AFE9AAB5B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll 09:19:24.0789 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll - ok 09:19:24.0804 4696 [ 1AE773142781013F32AE19D0404879FA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll 09:19:24.0804 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll - ok 09:19:24.0804 4696 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll 09:19:24.0804 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok 09:19:24.0804 4696 [ 0798951AE42D1161CF1E6CF4280CC8EB ] C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll 09:19:24.0804 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll - ok 09:19:24.0804 4696 [ A04DD0E3C71FE7AC602B573B1B03758F ] C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll 09:19:24.0804 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll - ok 09:19:24.0820 4696 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll 09:19:24.0820 4696 C:\Windows\SysWOW64\fltLib.dll - ok 09:19:24.0820 4696 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll 09:19:24.0820 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok 09:19:24.0836 4696 [ 4F692F24DDB7DDB8C04DBFF1653C93C8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll 09:19:24.0836 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll - ok 09:19:24.0836 4696 [ E75A782A8C218D03A0AF54325132BC70 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll 09:19:24.0836 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll - ok 09:19:24.0836 4696 [ 011C74CF75EA6E0B5AB816E2D94F8257 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll 09:19:24.0836 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll - ok 09:19:24.0836 4696 [ 64605B72B605DEDE66D38E3D7094E73B ] C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll 09:19:24.0836 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll - ok 09:19:24.0851 4696 [ CF28139A8AECBF3BEC26CA1A16FD69CF ] C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll 09:19:24.0851 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll - ok 09:19:24.0851 4696 [ 2DAF9C7866BE61D7917BC2225F2A6AAD ] C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll 09:19:24.0851 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll - ok 09:19:24.0851 4696 [ DCEED5ABB513F50F58F3E5AC412B60B6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll 09:19:24.0851 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll - ok 09:19:24.0851 4696 [ F8FF82A2751E98B756DC6AFCD9F8DD61 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll 09:19:24.0851 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll - ok 09:19:24.0867 4696 [ 0109C5101DD4520719F912A32DED5946 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll 09:19:24.0867 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll - ok 09:19:24.0867 4696 [ F8DED983A6EDB8175ECAEAB71D1846F7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll 09:19:24.0867 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll - ok 09:19:24.0867 4696 [ F7416E44BE6DAA5DBDD75CAB939DB76D ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll 09:19:24.0867 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll - ok 09:19:24.0867 4696 [ 7E3D9E781E7D2E099BD424B188FBC9AA ] C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll 09:19:24.0867 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll - ok 09:19:24.0882 4696 [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll 09:19:24.0882 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll - ok 09:19:24.0882 4696 [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll 09:19:24.0882 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok 09:19:24.0882 4696 [ 500BBC336E6273A3035CED554ACB1EF6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll 09:19:24.0882 4696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok 09:19:24.0898 4696 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll 09:19:24.0898 4696 C:\Windows\SysWOW64\setupapi.dll - ok 09:19:24.0898 4696 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll 09:19:24.0898 4696 C:\Windows\SysWOW64\devobj.dll - ok 09:19:24.0898 4696 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll 09:19:24.0898 4696 C:\Windows\SysWOW64\dnssd.dll - ok 09:19:24.0898 4696 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll 09:19:24.0898 4696 C:\Windows\SysWOW64\ntmarta.dll - ok 09:19:24.0914 4696 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll 09:19:24.0914 4696 C:\Windows\SysWOW64\Wldap32.dll - ok 09:19:24.0914 4696 [ 8D5BF6B9CBF9D8FC24CFAB9CEB0B9722 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll 09:19:24.0914 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll - ok 09:19:24.0914 4696 [ 47480F4260DAE9AA589BCAF924B3767A ] C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE 09:19:24.0914 4696 C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE - ok 09:19:24.0914 4696 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll 09:19:24.0914 4696 C:\Windows\SysWOW64\mswsock.dll - ok 09:19:24.0929 4696 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll 09:19:24.0929 4696 C:\Windows\SysWOW64\wship6.dll - ok 09:19:24.0929 4696 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll 09:19:24.0929 4696 C:\Windows\SysWOW64\wshqos.dll - ok 09:19:24.0929 4696 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL 09:19:24.0929 4696 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok 09:19:24.0945 4696 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll 09:19:24.0945 4696 C:\Windows\SysWOW64\msi.dll - ok 09:19:24.0945 4696 [ C440345A38FDA337AFB7333863CC8533 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll 09:19:24.0945 4696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok 09:19:24.0945 4696 [ 8E87270C4704CF2951E1E7820D6C8A2B ] C:\Windows\SysWOW64\wininet.dll 09:19:24.0945 4696 C:\Windows\SysWOW64\wininet.dll - ok 09:19:24.0960 4696 [ C516284DE6DB833E77CC0E5217CDC6AA ] C:\Windows\SysWOW64\iertutil.dll 09:19:24.0960 4696 C:\Windows\SysWOW64\iertutil.dll - ok 09:19:24.0960 4696 [ 1408CF9B0DD2AAA80D8E7087C8A2E3BC ] C:\Windows\SysWOW64\urlmon.dll 09:19:24.0960 4696 C:\Windows\SysWOW64\urlmon.dll - ok 09:19:24.0960 4696 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 09:19:24.0960 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok 09:19:24.0960 4696 [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll 09:19:24.0960 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok 09:19:24.0976 4696 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe 09:19:24.0976 4696 C:\Program Files\Bonjour\mDNSResponder.exe - ok 09:19:24.0976 4696 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll 09:19:24.0976 4696 C:\Windows\SysWOW64\clbcatq.dll - ok 09:19:24.0976 4696 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll 09:19:24.0976 4696 C:\Windows\SysWOW64\SensApi.dll - ok 09:19:24.0976 4696 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1 ] C:\Program Files (x86)\Launch Manager\dsiwmis.exe 09:19:24.0976 4696 C:\Program Files (x86)\Launch Manager\dsiwmis.exe - ok 09:19:24.0992 4696 [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll 09:19:24.0992 4696 C:\Windows\System32\cryptsvc.dll - ok 09:19:24.0992 4696 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll 09:19:24.0992 4696 C:\Windows\System32\dps.dll - ok 09:19:25.0007 4696 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll 09:19:25.0007 4696 C:\Windows\System32\taskschd.dll - ok 09:19:25.0007 4696 [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll 09:19:25.0007 4696 C:\Windows\System32\cryptnet.dll - ok 09:19:25.0007 4696 [ 3EA2C4F68A782839D97B3C83595575B6 ] C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe 09:19:25.0007 4696 C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe - ok 09:19:25.0023 4696 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll 09:19:25.0023 4696 C:\Windows\System32\vssapi.dll - ok 09:19:25.0023 4696 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll 09:19:25.0023 4696 C:\Windows\System32\dbghelp.dll - ok 09:19:25.0023 4696 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll 09:19:25.0023 4696 C:\Windows\SysWOW64\cryptsp.dll - ok 09:19:25.0023 4696 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll 09:19:25.0023 4696 C:\Windows\SysWOW64\RpcRtRemote.dll - ok 09:19:25.0038 4696 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll 09:19:25.0038 4696 C:\Windows\SysWOW64\rsaenh.dll - ok 09:19:25.0038 4696 [ 35F59EB9D0B09E6A8387337AC3133290 ] C:\Program Files\Acer\Acer ePower Management\PowerSettingControl.dll 09:19:25.0038 4696 C:\Program Files\Acer\Acer ePower Management\PowerSettingControl.dll - ok 09:19:25.0038 4696 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv 09:19:25.0038 4696 C:\Windows\System32\winspool.drv - ok 09:19:25.0038 4696 [ 0191DEE9B9EB7902AF2CF4F67301095D ] C:\Program Files (x86)\Acer\Registration\GREGsvc.exe 09:19:25.0038 4696 C:\Program Files (x86)\Acer\Registration\GREGsvc.exe - ok 09:19:25.0054 4696 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll 09:19:25.0054 4696 C:\Windows\System32\FDResPub.dll - ok 09:19:25.0054 4696 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll 09:19:25.0054 4696 C:\Windows\System32\vsstrace.dll - ok 09:19:25.0054 4696 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll 09:19:25.0054 4696 C:\Windows\System32\WSDApi.dll - ok 09:19:25.0070 4696 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll 09:19:25.0070 4696 C:\Windows\System32\webservices.dll - ok 09:19:25.0070 4696 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe 09:19:25.0070 4696 C:\Windows\SysWOW64\svchost.exe - ok 09:19:25.0070 4696 [ D86A39BF100069444D026D22D9A6E555 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 09:19:25.0070 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - ok 09:19:25.0070 4696 [ DBC1136A62BD4DECC3632DF650284C2E ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 09:19:25.0070 4696 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok 09:19:25.0085 4696 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL 09:19:25.0085 4696 C:\Windows\System32\IKEEXT.DLL - ok 09:19:25.0085 4696 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll 09:19:25.0085 4696 C:\Windows\SysWOW64\dnsapi.dll - ok 09:19:25.0085 4696 [ 2A6B16AAD88A449B9E124FBF2D308E07 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll 09:19:25.0085 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll - ok 09:19:25.0085 4696 [ B891E3920F24FF1A3BEAD6CD2B42ED99 ] C:\PROGRA~2\McAfee\SITEAD~1\mcsacore.exe 09:19:25.0085 4696 C:\PROGRA~2\McAfee\SITEAD~1\mcsacore.exe - ok 09:19:25.0101 4696 [ 3E5E20817259F7328C8F3BE5421F35B9 ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe 09:19:25.0101 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe - ok 09:19:25.0101 4696 [ 64ECE532B8ABD7E035803515E9C11DC9 ] C:\PROGRA~2\McAfee\SITEAD~1\sasshmod.dll 09:19:25.0101 4696 C:\PROGRA~2\McAfee\SITEAD~1\sasshmod.dll - ok 09:19:25.0101 4696 [ 10EAD2ED056736087D2CA6133F16374D ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\sysenv.dll 09:19:25.0101 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\sysenv.dll - ok 09:19:25.0116 4696 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll 09:19:25.0116 4696 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok 09:19:25.0116 4696 [ 2F22E4F40CBEBB980F923D64A78FEA2B ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\xmllite.dll 09:19:25.0116 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\xmllite.dll - ok 09:19:25.0116 4696 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll 09:19:25.0116 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok 09:19:25.0116 4696 [ EAADA2DE0277476BF7B26A0945830DE9 ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlOP.dll 09:19:25.0116 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlOP.dll - ok 09:19:25.0132 4696 [ 8CE1A6D16B9077E91E192499EB611C5F ] C:\Windows\SysWOW64\netapi32.dll 09:19:25.0132 4696 C:\Windows\SysWOW64\netapi32.dll - ok 09:19:25.0132 4696 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll 09:19:25.0132 4696 C:\Windows\SysWOW64\netutils.dll - ok 09:19:25.0132 4696 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll 09:19:25.0132 4696 C:\Windows\SysWOW64\samcli.dll - ok 09:19:25.0132 4696 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll 09:19:25.0132 4696 C:\Windows\SysWOW64\srvcli.dll - ok 09:19:25.0148 4696 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll 09:19:25.0148 4696 C:\Windows\SysWOW64\wkscli.dll - ok 09:19:25.0148 4696 [ 251B550383CBBF89DE1C4C905003C87D ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\CryptoAPI.dll 09:19:25.0148 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\CryptoAPI.dll - ok 09:19:25.0148 4696 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 09:19:25.0148 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok 09:19:25.0148 4696 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll 09:19:25.0148 4696 C:\Windows\System32\fundisc.dll - ok 09:19:25.0163 4696 [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll 09:19:25.0163 4696 C:\Windows\System32\HPZinw12.dll - ok 09:19:25.0163 4696 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll 09:19:25.0163 4696 C:\Windows\System32\ncsi.dll - ok 09:19:25.0163 4696 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll 09:19:25.0163 4696 C:\Windows\System32\netman.dll - ok 09:19:25.0163 4696 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll 09:19:25.0163 4696 C:\Windows\System32\nlasvc.dll - ok 09:19:25.0179 4696 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll 09:19:25.0179 4696 C:\Windows\System32\wsock32.dll - ok 09:19:25.0179 4696 [ 9A308FCDCCA98A15B6F62D36A272160E ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe 09:19:25.0179 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe - ok 09:19:25.0179 4696 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll 09:19:25.0179 4696 C:\Windows\System32\vpnikeapi.dll - ok 09:19:25.0194 4696 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll 09:19:25.0194 4696 C:\Windows\System32\winhttp.dll - ok 09:19:25.0194 4696 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll 09:19:25.0194 4696 C:\Windows\SysWOW64\oleacc.dll - ok 09:19:25.0194 4696 [ 8B7CD1332CDD3B544288A9DA8BD71CF0 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\Pehook.dll 09:19:25.0194 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\Pehook.dll - ok 09:19:25.0194 4696 [ C4A00A0C27A6DDC7A7BAFF95C30D420D ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ISchedule.dll 09:19:25.0194 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ISchedule.dll - ok 09:19:25.0210 4696 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll 09:19:25.0210 4696 C:\Windows\System32\webio.dll - ok 09:19:25.0210 4696 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll 09:19:25.0210 4696 C:\Windows\SysWOW64\psapi.dll - ok 09:19:25.0210 4696 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll 09:19:25.0210 4696 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok 09:19:25.0226 4696 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll 09:19:25.0226 4696 C:\Windows\System32\aepic.dll - ok 09:19:25.0226 4696 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys 09:19:25.0226 4696 C:\Windows\System32\drivers\PEAuth.sys - ok 09:19:25.0226 4696 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll 09:19:25.0226 4696 C:\Windows\System32\sfc.dll - ok 09:19:25.0226 4696 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll 09:19:25.0226 4696 C:\Windows\System32\sfc_os.dll - ok 09:19:25.0241 4696 [ 5A18A6B8131444BD4C86164E61984479 ] C:\PROGRA~2\McAfee\SITEAD~1\saupkeep.dll 09:19:25.0241 4696 C:\PROGRA~2\McAfee\SITEAD~1\saupkeep.dll - ok 09:19:25.0241 4696 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll 09:19:25.0241 4696 C:\Windows\System32\httpapi.dll - ok 09:19:25.0241 4696 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll 09:19:25.0241 4696 C:\Windows\System32\ssdpapi.dll - ok 09:19:25.0241 4696 [ B8F9C7DBA4DF81E9B47A5DD638C187E0 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\SyncDll.dll 09:19:25.0241 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\SyncDll.dll - ok 09:19:25.0257 4696 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys 09:19:25.0257 4696 C:\Windows\System32\drivers\secdrv.sys - ok 09:19:25.0257 4696 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll 09:19:25.0257 4696 C:\Windows\System32\HPZipm12.dll - ok 09:19:25.0257 4696 [ FE971397C742FAEEDC5D159D15C0338C ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll 09:19:25.0257 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll - ok 09:19:25.0257 4696 [ 0F97E7A47A52F4A36969F0FC319654C2 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 09:19:25.0257 4696 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok 09:19:25.0272 4696 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll 09:19:25.0272 4696 C:\Windows\System32\seclogon.dll - ok 09:19:25.0272 4696 [ 17807DE3402F8B5A3440FEBA1ABF0BC7 ] C:\PROGRA~2\McAfee\SITEAD~1\x64\saHook.dll 09:19:25.0272 4696 C:\PROGRA~2\McAfee\SITEAD~1\x64\saHook.dll - ok 09:19:25.0272 4696 [ 9648B5A60D82ACE76963BDCAFE40855B ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\agent_stub.dll 09:19:25.0272 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\agent_stub.dll - ok 09:19:25.0272 4696 [ 26BEC2843E317B32C24BB4083FE35024 ] C:\PROGRA~2\McAfee\SITEAD~1\sahook.dll 09:19:25.0272 4696 C:\PROGRA~2\McAfee\SITEAD~1\sahook.dll - ok 09:19:25.0288 4696 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll 09:19:25.0288 4696 C:\Windows\SysWOW64\uxtheme.dll - ok 09:19:25.0288 4696 [ 20CF2EDDB3F3E059D1CE651221CB320F ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll 09:19:25.0288 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll - ok 09:19:25.0288 4696 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll 09:19:25.0288 4696 C:\Windows\SysWOW64\dwmapi.dll - ok 09:19:25.0288 4696 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll 09:19:25.0288 4696 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok 09:19:25.0304 4696 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll 09:19:25.0304 4696 C:\Windows\SysWOW64\winhttp.dll - ok 09:19:25.0304 4696 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll 09:19:25.0304 4696 C:\Windows\SysWOW64\webio.dll - ok 09:19:25.0304 4696 [ EA396139541706B4B433641D62EA53CE ] C:\Program Files (x86)\Skype\Updater\Updater.exe 09:19:25.0304 4696 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok 09:19:25.0304 4696 [ 7BFB290E8CD380FD474BF869478D000B ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\VssAgent.dll 09:19:25.0304 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\VssAgent.dll - ok 09:19:25.0319 4696 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll 09:19:25.0319 4696 C:\Windows\SysWOW64\msimg32.dll - ok 09:19:25.0319 4696 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys 09:19:25.0319 4696 C:\Windows\System32\drivers\srvnet.sys - ok 09:19:25.0319 4696 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll 09:19:25.0319 4696 C:\Windows\SysWOW64\vssapi.dll - ok 09:19:25.0319 4696 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys 09:19:25.0319 4696 C:\Windows\System32\drivers\tcpipreg.sys - ok 09:19:25.0319 4696 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll 09:19:25.0319 4696 C:\Windows\System32\sysmain.dll - ok 09:19:25.0335 4696 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll 09:19:25.0335 4696 C:\Windows\System32\tapisrv.dll - ok 09:19:25.0335 4696 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll 09:19:25.0335 4696 C:\Windows\System32\wiaservc.dll - ok 09:19:25.0335 4696 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll 09:19:25.0335 4696 C:\Windows\System32\wiatrace.dll - ok 09:19:25.0335 4696 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll 09:19:25.0335 4696 C:\Windows\SysWOW64\atl.dll - ok 09:19:25.0350 4696 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll 09:19:25.0350 4696 C:\Windows\SysWOW64\vsstrace.dll - ok 09:19:25.0350 4696 [ 326B01EDC880977E8599269F4274333F ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IShadowS3.dll 09:19:25.0350 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IShadowS3.dll - ok 09:19:25.0350 4696 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL 09:19:25.0350 4696 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok 09:19:25.0350 4696 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] C:\Program Files\Acer\Acer Updater\UpdaterService.exe 09:19:25.0350 4696 C:\Program Files\Acer\Acer Updater\UpdaterService.exe - ok 09:19:25.0366 4696 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll 09:19:25.0366 4696 C:\Windows\System32\trkwks.dll - ok 09:19:25.0366 4696 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 09:19:25.0366 4696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok 09:19:25.0366 4696 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll 09:19:25.0366 4696 C:\Windows\System32\wbem\WMIsvc.dll - ok 09:19:25.0366 4696 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll 09:19:25.0366 4696 C:\Windows\System32\wbemcomn.dll - ok 09:19:25.0382 4696 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll 09:19:25.0382 4696 C:\Windows\System32\SensApi.dll - ok 09:19:25.0382 4696 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL 09:19:25.0382 4696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok 09:19:25.0382 4696 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll 09:19:25.0382 4696 C:\Windows\System32\wbem\WinMgmtR.dll - ok 09:19:25.0382 4696 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll 09:19:25.0382 4696 C:\Windows\System32\wbem\WmiDcPrv.dll - ok 09:19:25.0382 4696 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll 09:19:25.0382 4696 C:\Windows\System32\wbem\fastprox.dll - ok 09:19:25.0397 4696 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll 09:19:25.0397 4696 C:\Windows\System32\wer.dll - ok 09:19:25.0397 4696 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll 09:19:25.0397 4696 C:\Windows\System32\ntdsapi.dll - ok 09:19:25.0397 4696 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll 09:19:25.0397 4696 C:\Windows\System32\wbem\wbemprox.dll - ok 09:19:25.0413 4696 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys 09:19:25.0413 4696 C:\Windows\System32\drivers\srv2.sys - ok 09:19:25.0413 4696 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll 09:19:25.0413 4696 C:\Windows\System32\iphlpsvc.dll - ok 09:19:25.0413 4696 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys 09:19:25.0413 4696 C:\Windows\System32\drivers\srv.sys - ok 09:19:25.0413 4696 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll 09:19:25.0413 4696 C:\Windows\System32\sqmapi.dll - ok 09:19:25.0428 4696 [ 63DCDFFCBB7E41540F4D64CCED66536B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 09:19:25.0428 4696 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok 09:19:25.0428 4696 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll 09:19:25.0428 4696 C:\Windows\System32\msxml3.dll - ok 09:19:25.0428 4696 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll 09:19:25.0428 4696 C:\Windows\System32\wdscore.dll - ok 09:19:25.0428 4696 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll 09:19:25.0428 4696 C:\Windows\System32\rasmans.dll - ok 09:19:25.0428 4696 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll 09:19:25.0428 4696 C:\Windows\System32\rastapi.dll - ok 09:19:25.0444 4696 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll 09:19:25.0444 4696 C:\Windows\System32\tapi32.dll - ok 09:19:25.0444 4696 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll 09:19:25.0444 4696 C:\Windows\System32\srvsvc.dll - ok 09:19:25.0444 4696 [ 8EF0D5C41EC907751B8429162B1239ED ] C:\Windows\System32\browser.dll 09:19:25.0444 4696 C:\Windows\System32\browser.dll - ok 09:19:25.0444 4696 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll 09:19:25.0444 4696 C:\Windows\System32\clusapi.dll - ok 09:19:25.0460 4696 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll 09:19:25.0460 4696 C:\Windows\System32\netmsg.dll - ok 09:19:25.0460 4696 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll 09:19:25.0460 4696 C:\Windows\System32\sscore.dll - ok 09:19:25.0460 4696 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 09:19:25.0460 4696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok 09:19:25.0460 4696 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll 09:19:25.0460 4696 C:\Windows\System32\resutils.dll - ok 09:19:25.0475 4696 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll 09:19:25.0475 4696 C:\Windows\System32\nci.dll - ok 09:19:25.0475 4696 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp 09:19:25.0475 4696 C:\Windows\System32\unimdm.tsp - ok 09:19:25.0475 4696 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll 09:19:25.0475 4696 C:\Windows\System32\hnetcfg.dll - ok 09:19:25.0475 4696 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll 09:19:25.0475 4696 C:\Windows\System32\netprofm.dll - ok 09:19:25.0475 4696 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll 09:19:25.0475 4696 C:\Windows\System32\uniplat.dll - ok 09:19:25.0491 4696 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp 09:19:25.0491 4696 C:\Windows\System32\hidphone.tsp - ok 09:19:25.0491 4696 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp 09:19:25.0491 4696 C:\Windows\System32\kmddsp.tsp - ok 09:19:25.0491 4696 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp 09:19:25.0491 4696 C:\Windows\System32\ndptsp.tsp - ok 09:19:25.0491 4696 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll 09:19:25.0491 4696 C:\Windows\System32\rasppp.dll - ok 09:19:25.0506 4696 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll 09:19:25.0506 4696 C:\Windows\System32\wbem\wbemcore.dll - ok 09:19:25.0506 4696 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll 09:19:25.0506 4696 C:\Windows\System32\wbem\esscli.dll - ok 09:19:25.0506 4696 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll 09:19:25.0506 4696 C:\Windows\System32\vpnike.dll - ok 09:19:25.0506 4696 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll 09:19:25.0506 4696 C:\Windows\System32\wbem\wbemsvc.dll - ok 09:19:25.0522 4696 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll 09:19:25.0522 4696 C:\Windows\System32\raschap.dll - ok 09:19:25.0522 4696 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll 09:19:25.0522 4696 C:\Windows\System32\wbem\wmiutils.dll - ok 09:19:25.0522 4696 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll 09:19:25.0522 4696 C:\Windows\System32\wbem\repdrvfs.dll - ok 09:19:25.0522 4696 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll 09:19:25.0522 4696 C:\Windows\System32\ipnathlp.dll - ok 09:19:25.0538 4696 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll 09:19:25.0538 4696 C:\Windows\System32\mprapi.dll - ok 09:19:25.0538 4696 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll 09:19:25.0538 4696 C:\Windows\System32\netshell.dll - ok 09:19:25.0538 4696 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 09:19:25.0538 4696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok 09:19:25.0538 4696 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll 09:19:25.0538 4696 C:\Program Files\Bonjour\mdnsNSP.dll - ok 09:19:25.0553 4696 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll 09:19:25.0553 4696 C:\Windows\System32\rasadhlp.dll - ok 09:19:25.0553 4696 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll 09:19:25.0553 4696 C:\Windows\System32\aeevts.dll - ok 09:19:25.0553 4696 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe 09:19:25.0553 4696 C:\Windows\System32\dllhost.exe - ok 09:19:25.0553 4696 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll 09:19:25.0553 4696 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok 09:19:25.0569 4696 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll 09:19:25.0569 4696 C:\Windows\System32\IDStore.dll - ok 09:19:25.0569 4696 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe 09:19:25.0569 4696 C:\Windows\System32\taskhost.exe - ok 09:19:25.0569 4696 [ FB52007B5A701C0622E0F3B58D36D8EE ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\PSDUtil.dll 09:19:25.0569 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\PSDUtil.dll - ok 09:19:25.0569 4696 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll 09:19:25.0569 4696 C:\Windows\SysWOW64\winsta.dll - ok 09:19:25.0569 4696 [ 89B89AE23491F5D4E338499A3D568269 ] C:\Windows\System32\localspl.dll 09:19:25.0569 4696 C:\Windows\System32\localspl.dll - ok 09:19:25.0584 4696 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:19:25.0584 4696 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok 09:19:25.0584 4696 [ 39C5FCF8AA3B83D79A0E853ECB38BF25 ] C:\Program Files (x86)\Google\Update\1.3.21.115\goopdate.dll 09:19:25.0584 4696 C:\Program Files (x86)\Google\Update\1.3.21.115\goopdate.dll - ok 09:19:25.0584 4696 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll 09:19:25.0584 4696 C:\Windows\System32\spoolss.dll - ok 09:19:25.0584 4696 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll 09:19:25.0584 4696 C:\Windows\System32\dssenh.dll - ok 09:19:25.0600 4696 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll 09:19:25.0600 4696 C:\Windows\System32\PrintIsolationProxy.dll - ok 09:19:25.0600 4696 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll 09:19:25.0600 4696 C:\Windows\System32\FXSMON.dll - ok 09:19:25.0600 4696 [ 4951621EA68012CEBB8C7E41B3F4D42F ] C:\Windows\System32\hpf3l101.dll 09:19:25.0600 4696 C:\Windows\System32\hpf3l101.dll - ok 09:19:25.0600 4696 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 09:19:25.0600 4696 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok 09:19:25.0616 4696 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll 09:19:25.0616 4696 C:\Windows\System32\tcpmon.dll - ok 09:19:25.0616 4696 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll 09:19:25.0616 4696 C:\Windows\System32\snmpapi.dll - ok 09:19:25.0616 4696 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll 09:19:25.0616 4696 C:\Windows\System32\wsnmp32.dll - ok 09:19:25.0616 4696 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll 09:19:25.0616 4696 C:\Windows\System32\usbmon.dll - ok 09:19:25.0631 4696 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll 09:19:25.0631 4696 C:\Windows\System32\WSDMon.dll - ok 09:19:25.0631 4696 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll 09:19:25.0631 4696 C:\Windows\System32\fdPnp.dll - ok 09:19:25.0631 4696 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll 09:19:25.0631 4696 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok 09:19:25.0631 4696 [ 492758A4B6BA0571BEEC2F2F619C2F87 ] C:\Windows\System32\spool\prtprocs\x64\hpfpp101.dll 09:19:25.0631 4696 C:\Windows\System32\spool\prtprocs\x64\hpfpp101.dll - ok 09:19:25.0647 4696 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll 09:19:25.0647 4696 C:\Windows\SysWOW64\cscapi.dll - ok 09:19:25.0647 4696 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll 09:19:25.0647 4696 C:\Windows\SysWOW64\dbghelp.dll - ok 09:19:25.0647 4696 [ 2AC11BE0F5D9A01433732AAB8BA21774 ] C:\Windows\System32\win32spl.dll 09:19:25.0647 4696 C:\Windows\System32\win32spl.dll - ok 09:19:25.0647 4696 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll 09:19:25.0647 4696 C:\Windows\System32\inetpp.dll - ok 09:19:25.0662 4696 [ 93F29E6964BAEF31E53D203992B0AFD4 ] C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe 09:19:25.0662 4696 C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe - ok 09:19:25.0662 4696 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll 09:19:25.0662 4696 C:\Windows\System32\cscapi.dll - ok 09:19:25.0662 4696 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll 09:19:25.0662 4696 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok 09:19:25.0662 4696 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll 09:19:25.0662 4696 C:\Windows\System32\mgmtapi.dll - ok 09:19:25.0662 4696 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe 09:19:25.0662 4696 C:\Windows\System32\PrintIsolationHost.exe - ok 09:19:25.0678 4696 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll 09:19:25.0678 4696 C:\Windows\System32\tcpmib.dll - ok 09:19:25.0678 4696 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\unidrv.dll 09:19:25.0678 4696 C:\Windows\System32\spool\drivers\x64\3\unidrv.dll - ok 09:19:25.0678 4696 [ DBF7BEFB6BD83C4CFF6C7A688FAEF3EF ] C:\Windows\System32\spool\drivers\x64\3\hpfui101.dll 09:19:25.0678 4696 C:\Windows\System32\spool\drivers\x64\3\hpfui101.dll - ok 09:19:25.0678 4696 [ C282F4A84FDA6EF4376996542F7A1249 ] C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe 09:19:25.0678 4696 C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe - ok 09:19:25.0694 4696 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll 09:19:25.0694 4696 C:\Windows\SysWOW64\mstask.dll - ok 09:19:25.0694 4696 [ ECFB0F3923CAC0DB0172F3CEF6BA718C ] C:\Windows\System32\spool\drivers\x64\3\hpfst101.dll 09:19:25.0694 4696 C:\Windows\System32\spool\drivers\x64\3\hpfst101.dll - ok 09:19:25.0694 4696 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe 09:19:25.0694 4696 C:\Windows\System32\AtBroker.exe - ok 09:19:25.0694 4696 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll 09:19:25.0694 4696 C:\Windows\System32\mpr.dll - ok 09:19:25.0709 4696 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe 09:19:25.0709 4696 C:\Windows\System32\userinit.exe - ok 09:19:25.0709 4696 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll 09:19:25.0709 4696 C:\Windows\System32\PlaySndSrv.dll - ok 09:19:25.0709 4696 [ B1CBA5FADDC583414100FA21AF673C1E ] C:\Windows\System32\spool\drivers\x64\3\hpfvu101.dll 09:19:25.0709 4696 C:\Windows\System32\spool\drivers\x64\3\hpfvu101.dll - ok 09:19:25.0709 4696 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe 09:19:25.0709 4696 C:\Windows\System32\dwm.exe - ok 09:19:25.0725 4696 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll 09:19:25.0725 4696 C:\Windows\System32\MsCtfMonitor.dll - ok 09:19:25.0725 4696 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll 09:19:25.0725 4696 C:\Windows\System32\msutb.dll - ok 09:19:25.0725 4696 [ 0E8AE347A744B80529FC07F66541ED84 ] C:\Windows\System32\spool\drivers\x64\3\hpoc30g3.dll 09:19:25.0725 4696 C:\Windows\System32\spool\drivers\x64\3\hpoc30g3.dll - ok 09:19:25.0725 4696 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll 09:19:25.0725 4696 C:\Windows\System32\dwmredir.dll - ok 09:19:25.0740 4696 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll 09:19:25.0740 4696 C:\Windows\System32\HotStartUserAgent.dll - ok 09:19:25.0740 4696 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll 09:19:25.0740 4696 C:\Windows\System32\dwmcore.dll - ok 09:19:25.0740 4696 [ 50109F5C72B1BB12590017ED6DD5CC12 ] C:\Windows\System32\spool\drivers\x64\3\hpfev101.dll 09:19:25.0740 4696 C:\Windows\System32\spool\drivers\x64\3\hpfev101.dll - ok 09:19:25.0740 4696 [ AC9F25E4A889B584BAB8E1F0CAC3CF29 ] C:\Windows\System32\spool\drivers\x64\3\hpf3r101.dll 09:19:25.0740 4696 C:\Windows\System32\spool\drivers\x64\3\hpf3r101.dll - ok 09:19:25.0756 4696 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe 09:19:25.0756 4696 C:\Windows\explorer.exe - ok 09:19:25.0756 4696 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll 09:19:25.0756 4696 C:\Windows\System32\d3d10_1.dll - ok 09:19:25.0756 4696 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll 09:19:25.0756 4696 C:\Windows\System32\d3d10_1core.dll - ok 09:19:25.0756 4696 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll 09:19:25.0756 4696 C:\Windows\System32\dxgi.dll - ok 09:19:25.0772 4696 [ 13DAACA26818567F7A868703AB0E5274 ] C:\Windows\System32\spool\drivers\x64\3\hpfrs101.dll 09:19:25.0772 4696 C:\Windows\System32\spool\drivers\x64\3\hpfrs101.dll - ok 09:19:25.0772 4696 [ D8F0E941B1E35DEEE3EDF6DF45517607 ] C:\Windows\System32\igd10umd64.dll 09:19:25.0772 4696 C:\Windows\System32\igd10umd64.dll - ok 09:19:25.0772 4696 [ BB77858B20C9402256C6C46BB7B09601 ] C:\Windows\System32\spool\drivers\x64\3\hpfie101.dll 09:19:25.0772 4696 C:\Windows\System32\spool\drivers\x64\3\hpfie101.dll - ok 09:19:25.0772 4696 [ B73E1570D7BD1B02C8DA8F3B0A9D5CFF ] C:\Windows\System32\wpcumi.dll 09:19:25.0772 4696 C:\Windows\System32\wpcumi.dll - ok 09:19:25.0772 4696 [ A6189F9CBE3D0CCF546CFCF1238533A1 ] C:\Windows\System32\spool\drivers\x64\3\unires.dll 09:19:25.0772 4696 C:\Windows\System32\spool\drivers\x64\3\unires.dll - ok 09:19:25.0787 4696 [ C3D545F4646303A864C8DFA85B33F476 ] C:\Windows\System32\TaskSchdPS.dll 09:19:25.0787 4696 C:\Windows\System32\TaskSchdPS.dll - ok 09:19:25.0787 4696 [ 88781403D232AF2BE781AC12856BC533 ] C:\Windows\System32\Wpc.dll 09:19:25.0787 4696 C:\Windows\System32\Wpc.dll - ok 09:19:25.0787 4696 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll 09:19:25.0787 4696 C:\Windows\System32\ExplorerFrame.dll - ok 09:19:25.0787 4696 [ C4B861055CD45B75A6888FA8ED86EE07 ] C:\Windows\System32\spool\drivers\x64\3\hpfpr101.dll 09:19:25.0787 4696 C:\Windows\System32\spool\drivers\x64\3\hpfpr101.dll - ok 09:19:25.0803 4696 [ 513505892E55B392B3E5B7C9A5E9F5DE ] C:\Program Files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll 09:19:25.0803 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll - ok 09:19:25.0803 4696 [ CB0B52D8854BED5F67781D52A8723922 ] C:\Program Files (x86)\EgisTec MyWinLocker\x64\sysenv.dll 09:19:25.0803 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x64\sysenv.dll - ok 09:19:25.0803 4696 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll 09:19:25.0803 4696 C:\Windows\System32\EhStorShell.dll - ok 09:19:25.0803 4696 [ 68D8AC3F047D3E105C1674FD4EF08913 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL 09:19:25.0803 4696 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok 09:19:25.0818 4696 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll 09:19:25.0818 4696 C:\Windows\System32\uDWM.dll - ok 09:19:25.0818 4696 [ 0D7BE936A44E6B70F822D272A5CEBC22 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll 09:19:25.0818 4696 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok 09:19:25.0818 4696 [ BE165318E0052A91F7EA36F515B5F2B1 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll 09:19:25.0818 4696 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok 09:19:25.0818 4696 [ 18E756E0FE2FFCD5DE35F6B9F91244A6 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll 09:19:25.0818 4696 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll - ok 09:19:25.0834 4696 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF 09:19:25.0834 4696 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok 09:19:25.0834 4696 [ 66E3C667D853DF349E310568F60B9B6A ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll 09:19:25.0834 4696 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok 09:19:25.0834 4696 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll 09:19:25.0834 4696 C:\Windows\System32\IconCodecService.dll - ok 09:19:25.0850 4696 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll 09:19:25.0850 4696 C:\Windows\System32\ntshrui.dll - ok 09:19:25.0850 4696 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll 09:19:25.0850 4696 C:\Windows\System32\wbem\WmiPrvSD.dll - ok 09:19:25.0850 4696 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll 09:19:25.0850 4696 C:\Windows\System32\ncobjapi.dll - ok 09:19:25.0850 4696 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll 09:19:25.0850 4696 C:\Windows\System32\wbem\wbemess.dll - ok 09:19:25.0865 4696 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe 09:19:25.0865 4696 C:\Windows\System32\wbem\WmiPrvSE.exe - ok Quote
joddle Posted August 16, 2012 Author Posted August 16, 2012 09:19:25.0865 4696 [ 022A2974F0F6EF0D9F8781E6C6EE2FB6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll 09:19:25.0865 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll - ok 09:19:25.0865 4696 [ 01BDDCB32F78945604B3A67FED497DB3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll 09:19:25.0865 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll - ok 09:19:25.0865 4696 [ C05E10AC65CE218EA116A9AF5B250E00 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll 09:19:25.0865 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll - ok 09:19:25.0881 4696 [ BD4AB0FD9BD228FE0EC5EA83625D8FEC ] C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe 09:19:25.0881 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe - ok 09:19:25.0881 4696 [ D534EC47C6D7410495A51448C243E4C8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll 09:19:25.0881 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll - ok 09:19:25.0881 4696 [ B497555DF18157A3B2AED130EA57B74C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll 09:19:25.0881 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll - ok 09:19:25.0881 4696 [ E38BA9FAB3981A2115C53260B930FD3C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe 09:19:25.0881 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe - ok 09:19:25.0896 4696 [ 8FBE15001ACA2E67EE9FE3A103469DAC ] C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll 09:19:25.0896 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll - ok 09:19:25.0896 4696 [ 0928862DB6AF0152DC75CD85E35A9BC8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrc.dll 09:19:25.0896 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrc.dll - ok 09:19:25.0896 4696 [ 5DA42D24712E00728CEA2342A65009B2 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 09:19:25.0896 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - ok 09:19:25.0896 4696 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll 09:19:25.0896 4696 C:\Windows\System32\appinfo.dll - ok 09:19:25.0912 4696 [ 5336C3171A5B80BB58220FE4ED795E47 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll 09:19:25.0912 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll - ok 09:19:25.0912 4696 [ 0915EF55171347230E465C98FA44DDED ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll 09:19:25.0912 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll - ok 09:19:25.0912 4696 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll 09:19:25.0912 4696 C:\Windows\SysWOW64\logoncli.dll - ok 09:19:25.0912 4696 [ 45760EECC8B74B251171BE4F247F17CB ] C:\Windows\SysWOW64\browcli.dll 09:19:25.0912 4696 C:\Windows\SysWOW64\browcli.dll - ok 09:19:25.0912 4696 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll 09:19:25.0912 4696 C:\Windows\SysWOW64\activeds.dll - ok 09:19:25.0928 4696 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll 09:19:25.0928 4696 C:\Windows\SysWOW64\adsldpc.dll - ok 09:19:25.0928 4696 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll 09:19:25.0928 4696 C:\Windows\System32\qmgr.dll - ok 09:19:25.0928 4696 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll 09:19:25.0928 4696 C:\Windows\System32\bitsperf.dll - ok 09:19:25.0928 4696 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll 09:19:25.0928 4696 C:\Windows\SysWOW64\shfolder.dll - ok 09:19:25.0943 4696 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll 09:19:25.0943 4696 C:\Windows\System32\hidserv.dll - ok 09:19:25.0943 4696 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll 09:19:25.0943 4696 C:\Windows\System32\wdi.dll - ok 09:19:25.0943 4696 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll 09:19:25.0943 4696 C:\Windows\System32\aelupsvc.dll - ok 09:19:25.0943 4696 [ F37882F128EFACEFE353E0BAE2766909 ] C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 09:19:25.0943 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - ok 09:19:25.0959 4696 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll 09:19:25.0959 4696 C:\Windows\System32\bitsigd.dll - ok 09:19:25.0959 4696 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll 09:19:25.0959 4696 C:\Windows\SysWOW64\sxs.dll - ok 09:19:25.0959 4696 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll 09:19:25.0959 4696 C:\Windows\System32\ndiscapCfg.dll - ok 09:19:25.0959 4696 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll 09:19:25.0959 4696 C:\Windows\System32\rascfg.dll - ok 09:19:25.0959 4696 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll 09:19:25.0959 4696 C:\Windows\System32\wpdbusenum.dll - ok 09:19:25.0974 4696 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll 09:19:25.0974 4696 C:\Windows\System32\diagperf.dll - ok 09:19:25.0974 4696 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll 09:19:25.0974 4696 C:\Windows\System32\perftrack.dll - ok 09:19:25.0974 4696 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll 09:19:25.0974 4696 C:\Windows\System32\mprmsg.dll - ok 09:19:25.0974 4696 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll 09:19:25.0974 4696 C:\Windows\System32\PortableDeviceApi.dll - ok 09:19:25.0990 4696 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll 09:19:25.0990 4696 C:\Windows\System32\upnp.dll - ok 09:19:25.0990 4696 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll 09:19:25.0990 4696 C:\Windows\System32\ssdpsrv.dll - ok 09:19:25.0990 4696 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll 09:19:25.0990 4696 C:\Windows\System32\tcpipcfg.dll - ok 09:19:25.0990 4696 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll 09:19:25.0990 4696 C:\Windows\System32\PortableDeviceConnectApi.dll - ok 09:19:26.0006 4696 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll 09:19:26.0006 4696 C:\Windows\System32\pnpts.dll - ok 09:19:26.0006 4696 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll 09:19:26.0006 4696 C:\Windows\System32\wdiasqmmodule.dll - ok 09:19:26.0006 4696 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll 09:19:26.0006 4696 C:\Windows\System32\Apphlpdm.dll - ok 09:19:26.0021 4696 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll 09:19:26.0021 4696 C:\Windows\System32\radardt.dll - ok 09:19:26.0021 4696 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll 09:19:26.0021 4696 C:\Windows\System32\FXSRESM.dll - ok 09:19:26.0021 4696 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll 09:19:26.0021 4696 C:\Windows\System32\npmproxy.dll - ok 09:19:26.0037 4696 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe 09:19:26.0037 4696 C:\Windows\System32\runonce.exe - ok 09:19:26.0037 4696 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll 09:19:26.0037 4696 C:\Windows\System32\qmgrprxy.dll - ok 09:19:26.0037 4696 [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys 09:19:26.0037 4696 C:\Windows\System32\drivers\WUDFRd.sys - ok 09:19:26.0037 4696 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll 09:19:26.0037 4696 C:\Windows\SysWOW64\qmgrprxy.dll - ok 09:19:26.0037 4696 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe 09:19:26.0037 4696 C:\Windows\SysWOW64\runonce.exe - ok 09:19:26.0052 4696 [ A1E716FB1D1B04901B8AE85C05F4881B ] C:\Program Files (x86)\Google\Update\1.3.21.115\goopdateres_en-GB.dll 09:19:26.0052 4696 C:\Program Files (x86)\Google\Update\1.3.21.115\goopdateres_en-GB.dll - ok 09:19:26.0052 4696 [ B8D7FC13BA781104E67923B7A0A5719C ] C:\Program Files (x86)\Google\Update\1.3.21.115\psmachine.dll 09:19:26.0052 4696 C:\Program Files (x86)\Google\Update\1.3.21.115\psmachine.dll - ok 09:19:26.0052 4696 [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe 09:19:26.0052 4696 C:\Windows\System32\WUDFHost.exe - ok 09:19:26.0052 4696 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll 09:19:26.0052 4696 C:\Windows\SysWOW64\credssp.dll - ok 09:19:26.0068 4696 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll 09:19:26.0068 4696 C:\Windows\SysWOW64\msxml3.dll - ok 09:19:26.0068 4696 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll 09:19:26.0068 4696 C:\Windows\SysWOW64\dhcpcsvc.dll - ok 09:19:26.0068 4696 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll 09:19:26.0068 4696 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok 09:19:26.0068 4696 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL 09:19:26.0068 4696 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok 09:19:26.0084 4696 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll 09:19:26.0084 4696 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok 09:19:26.0084 4696 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll 09:19:26.0084 4696 C:\Windows\SysWOW64\rasadhlp.dll - ok 09:19:26.0084 4696 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll 09:19:26.0084 4696 C:\Windows\System32\NapiNSP.dll - ok 09:19:26.0084 4696 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll 09:19:26.0084 4696 C:\Windows\System32\pnrpnsp.dll - ok 09:19:26.0099 4696 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll 09:19:26.0099 4696 C:\Windows\System32\winrnr.dll - ok 09:19:26.0099 4696 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll 09:19:26.0099 4696 C:\Windows\System32\wlaninst.dll - ok 09:19:26.0099 4696 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll 09:19:26.0099 4696 C:\Windows\System32\wwaninst.dll - ok 09:19:26.0099 4696 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll 09:19:26.0099 4696 C:\Windows\SysWOW64\propsys.dll - ok 09:19:26.0115 4696 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL 09:19:26.0115 4696 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL - ok 09:19:26.0115 4696 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll 09:19:26.0115 4696 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok 09:19:26.0115 4696 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 09:19:26.0115 4696 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF - ok 09:19:26.0115 4696 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll 09:19:26.0115 4696 C:\Windows\SysWOW64\secur32.dll - ok 09:19:26.0130 4696 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe 09:19:26.0130 4696 C:\Windows\SysWOW64\cmd.exe - ok 09:19:26.0130 4696 [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll 09:19:26.0130 4696 C:\Windows\System32\WUDFx.dll - ok 09:19:26.0130 4696 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll 09:19:26.0130 4696 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok 09:19:26.0130 4696 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL 09:19:26.0130 4696 C:\Windows\System32\WMVCORE.DLL - ok 09:19:26.0146 4696 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll 09:19:26.0146 4696 C:\Windows\SysWOW64\winbrand.dll - ok 09:19:26.0146 4696 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL 09:19:26.0146 4696 C:\Windows\System32\WMASF.DLL - ok 09:19:26.0146 4696 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll 09:19:26.0146 4696 C:\Windows\System32\PortableDeviceClassExtension.dll - ok 09:19:26.0146 4696 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll 09:19:26.0146 4696 C:\Windows\System32\PortableDeviceTypes.dll - ok 09:19:26.0146 4696 [ 8DCDD0B5939043A1EC98C6F168A56B16 ] C:\Windows\SysWOW64\ieframe.dll 09:19:26.0146 4696 C:\Windows\SysWOW64\ieframe.dll - ok 09:19:26.0162 4696 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll 09:19:26.0162 4696 C:\Windows\SysWOW64\shdocvw.dll - ok 09:19:26.0162 4696 [ 3BE18EEB1A93CC5F70F5A9C977B71A75 ] C:\Users\Mike Wood\AppData\Local\Temp\5EB55DBF-CAEA-4969-9E11-F6C9EA01E237.exe 09:19:26.0162 4696 C:\Users\Mike Wood\AppData\Local\Temp\5EB55DBF-CAEA-4969-9E11-F6C9EA01E237.exe - ok 09:19:26.0162 4696 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll 09:19:26.0162 4696 C:\Windows\SysWOW64\sfc.dll - ok 09:19:26.0162 4696 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll 09:19:26.0162 4696 C:\Windows\SysWOW64\sfc_os.dll - ok 09:19:26.0177 4696 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll 09:19:26.0177 4696 C:\Windows\SysWOW64\devrtl.dll - ok 09:19:26.0177 4696 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe 09:19:26.0177 4696 C:\Windows\System32\ie4uinit.exe - ok 09:19:26.0177 4696 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl 09:19:26.0177 4696 C:\Windows\System32\timedate.cpl - ok 09:19:26.0177 4696 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll 09:19:26.0177 4696 C:\Windows\System32\actxprxy.dll - ok 09:19:26.0193 4696 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\40173151.sys 09:19:26.0193 4696 C:\Windows\System32\drivers\40173151.sys - ok 09:19:26.0193 4696 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll 09:19:26.0193 4696 C:\Windows\System32\shdocvw.dll - ok 09:19:26.0193 4696 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll 09:19:26.0193 4696 C:\Windows\System32\msiltcfg.dll - ok 09:19:26.0193 4696 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll 09:19:26.0193 4696 C:\Windows\System32\msi.dll - ok 09:19:26.0193 4696 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll 09:19:26.0193 4696 C:\Windows\System32\linkinfo.dll - ok 09:19:26.0208 4696 [ 75101CED16391761E1962A4BC1EF255C ] C:\Program Files (x86)\Common Files\CyberLink\PowerDVD9\deskband64.dll 09:19:26.0208 4696 C:\Program Files (x86)\Common Files\CyberLink\PowerDVD9\deskband64.dll - ok 09:19:26.0208 4696 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll 09:19:26.0208 4696 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok 09:19:26.0208 4696 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll 09:19:26.0208 4696 C:\Windows\SysWOW64\riched20.dll - ok 09:19:26.0208 4696 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll 09:19:26.0208 4696 C:\Windows\System32\msftedit.dll - ok 09:19:26.0224 4696 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll 09:19:26.0224 4696 C:\Windows\System32\gameux.dll - ok 09:19:26.0224 4696 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll 09:19:26.0224 4696 C:\Windows\SysWOW64\ExplorerFrame.dll - ok 09:19:26.0224 4696 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll 09:19:26.0224 4696 C:\Windows\System32\msls31.dll - ok 09:19:26.0224 4696 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll 09:19:26.0224 4696 C:\Windows\SysWOW64\duser.dll - ok 09:19:26.0240 4696 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll 09:19:26.0240 4696 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok 09:19:26.0240 4696 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll 09:19:26.0240 4696 C:\Windows\SysWOW64\dui70.dll - ok 09:19:26.0240 4696 [ 0D6972A795995F07B6D78CA7724744FB ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe 09:19:26.0240 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe - ok 09:19:26.0240 4696 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll 09:19:26.0240 4696 C:\Windows\System32\DeviceCenter.dll - ok 09:19:26.0255 4696 [ 07774A975E7CC122D6B555500D537527 ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\ADMIN_CLASS_LIB.dll 09:19:26.0255 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\ADMIN_CLASS_LIB.dll - ok 09:19:26.0255 4696 [ AE3E9D5BA8D2FAB8B28537984D2A9D19 ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\keyManager.dll 09:19:26.0255 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\keyManager.dll - ok 09:19:26.0255 4696 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll 09:19:26.0255 4696 C:\Windows\System32\networkexplorer.dll - ok 09:19:26.0255 4696 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll 09:19:26.0255 4696 C:\Windows\System32\drprov.dll - ok 09:19:26.0271 4696 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll 09:19:26.0271 4696 C:\Windows\System32\ntlanman.dll - ok 09:19:26.0271 4696 [ 2EE8C62526F5BFC2CA5833CD6F2DB2DE ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\ShowErrMsg.dll 09:19:26.0271 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\ShowErrMsg.dll - ok 09:19:26.0271 4696 [ FC3A5E13D26C131E6BB39094D9ACD1F6 ] C:\Windows\System32\ieframe.dll 09:19:26.0271 4696 C:\Windows\System32\ieframe.dll - ok 09:19:26.0271 4696 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll 09:19:26.0271 4696 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok 09:19:26.0286 4696 [ 8CB8E0C93C5459B45BE1FA628FB0D761 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 09:19:26.0286 4696 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok 09:19:26.0286 4696 [ 4688F9DDD27131D913FD98B7A3DA4C2A ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlRecordUI.dll 09:19:26.0286 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlRecordUI.dll - ok 09:19:26.0286 4696 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll 09:19:26.0286 4696 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok 09:19:26.0286 4696 [ E9FCD22D634EF13BA5B1428E082744E8 ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlUI.dll 09:19:26.0286 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlUI.dll - ok 09:19:26.0302 4696 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll 09:19:26.0302 4696 C:\Windows\System32\davclnt.dll - ok 09:19:26.0302 4696 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll 09:19:26.0302 4696 C:\Windows\System32\dsound.dll - ok 09:19:26.0302 4696 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll 09:19:26.0302 4696 C:\Windows\System32\davhlpr.dll - ok 09:19:26.0302 4696 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll 09:19:26.0302 4696 C:\Windows\System32\UIAnimation.dll - ok 09:19:26.0318 4696 [ 387A0280F64336E1DD8BD194D9D9782D ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\GDIExtendCtrl.dll 09:19:26.0318 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\GDIExtendCtrl.dll - ok 09:19:26.0318 4696 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll 09:19:26.0318 4696 C:\Windows\System32\opengl32.dll - ok 09:19:26.0318 4696 [ 557BABFC012189D8853A55D7AD02C2A5 ] C:\Program Files\Elantech\ETDCtrl.exe 09:19:26.0318 4696 C:\Program Files\Elantech\ETDCtrl.exe - ok 09:19:26.0318 4696 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll 09:19:26.0318 4696 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok 09:19:26.0333 4696 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll 09:19:26.0333 4696 C:\Windows\System32\glu32.dll - ok 09:19:26.0333 4696 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll 09:19:26.0333 4696 C:\Windows\System32\oledlg.dll - ok 09:19:26.0333 4696 [ 147B96A5AEA8CEF3A34D8E378EAAA9B2 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe 09:19:26.0333 4696 C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe - ok 09:19:26.0333 4696 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll 09:19:26.0333 4696 C:\Windows\System32\thumbcache.dll - ok 09:19:26.0349 4696 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll 09:19:26.0349 4696 C:\Windows\System32\ddraw.dll - ok 09:19:26.0349 4696 [ 0BBFE08ECCE8A209D07C3B68D63FC293 ] C:\Windows\System32\igfxtray.exe 09:19:26.0349 4696 C:\Windows\System32\igfxtray.exe - ok 09:19:26.0349 4696 [ 4D49C8A249975C07CD84B1470CCC3F07 ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\SYSTrayUI.dll 09:19:26.0349 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\SYSTrayUI.dll - ok 09:19:26.0349 4696 [ E98138F7F31E477D30091B8F6ECAD350 ] C:\Program Files\Acer\Acer ePower Management\BrightnessControl.dll 09:19:26.0349 4696 C:\Program Files\Acer\Acer ePower Management\BrightnessControl.dll - ok 09:19:26.0364 4696 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll 09:19:26.0364 4696 C:\Windows\System32\dciman32.dll - ok 09:19:26.0364 4696 [ 2F16207A65B62001FC73E6798D0B8F2A ] C:\Windows\System32\hkcmd.exe 09:19:26.0364 4696 C:\Windows\System32\hkcmd.exe - ok 09:19:26.0364 4696 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll 09:19:26.0364 4696 C:\Windows\System32\msimg32.dll - ok 09:19:26.0364 4696 [ 05EA520BFB1D3085CB12A4355598081D ] C:\Windows\System32\hccutils.dll 09:19:26.0364 4696 C:\Windows\System32\hccutils.dll - ok 09:19:26.0364 4696 [ B69A01794D44C769C2575AE75E2EB31F ] C:\Windows\System32\igfxpers.exe 09:19:26.0364 4696 C:\Windows\System32\igfxpers.exe - ok 09:19:26.0380 4696 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 09:19:26.0380 4696 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok 09:19:26.0380 4696 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe 09:19:26.0380 4696 C:\Program Files\Windows Sidebar\sidebar.exe - ok 09:19:26.0380 4696 [ BE56D0547E24644DEEB19397521B1EAA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll 09:19:26.0380 4696 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll - ok 09:19:26.0380 4696 [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll 09:19:26.0380 4696 C:\Windows\System32\dxva2.dll - ok 09:19:26.0396 4696 [ D890EDDD0528E04049C9D524FBA1C506 ] C:\Windows\System32\igfxsrvc.exe 09:19:26.0396 4696 C:\Windows\System32\igfxsrvc.exe - ok 09:19:26.0396 4696 [ 645F0DEC75EB9B16C11C0D6D5A514878 ] C:\Program Files\Elantech\ETDFavorite.dll 09:19:26.0396 4696 C:\Program Files\Elantech\ETDFavorite.dll - ok 09:19:26.0396 4696 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll 09:19:26.0396 4696 C:\Windows\SysWOW64\rtutils.dll - ok 09:19:26.0396 4696 [ E5C8F2AB30864C5BA0333E3046AF2784 ] C:\Program Files\Acer\Acer ePower Management\NetAdapterControl.dll 09:19:26.0396 4696 C:\Program Files\Acer\Acer ePower Management\NetAdapterControl.dll - ok 09:19:26.0411 4696 [ DA0A59FAA480EE4B7D4BD5CFDB703962 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE 09:19:26.0411 4696 C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE - ok 09:19:26.0411 4696 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe 09:19:26.0411 4696 C:\Windows\System32\SearchIndexer.exe - ok 09:19:26.0411 4696 [ EF9F69074FF0A48DD30FEF5A33518D86 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll 09:19:26.0411 4696 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll - ok 09:19:26.0427 4696 [ 4664ABADE37F75551CAB943EA6077946 ] C:\Program Files (x86)\Microsoft Office\Office14\1033\ospintl.dll 09:19:26.0427 4696 C:\Program Files (x86)\Microsoft Office\Office14\1033\ospintl.dll - ok 09:19:26.0427 4696 [ 34B01BBD8F00B6B9C9248DC4F1E3CD01 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe 09:19:26.0427 4696 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok 09:19:26.0427 4696 [ F115967EFA00B5BD0F86A8E97D75EF95 ] C:\Program Files\Acer\Acer ePower Management\CommonControl.dll 09:19:26.0427 4696 C:\Program Files\Acer\Acer ePower Management\CommonControl.dll - ok 09:19:26.0427 4696 [ F51059EE3C543CB364A069CAFB252031 ] C:\Windows\System32\igfxdev.dll 09:19:26.0427 4696 C:\Windows\System32\igfxdev.dll - ok 09:19:26.0427 4696 [ 31A6D4B8803CCBA44271F05E08C4955A ] C:\Windows\System32\igfxsrvc.dll 09:19:26.0427 4696 C:\Windows\System32\igfxsrvc.dll - ok 09:19:26.0442 4696 [ 4C0DA2B69F8DE16E97FCEC0E19312923 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RICHED20.DLL 09:19:26.0442 4696 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RICHED20.DLL - ok 09:19:26.0442 4696 [ 372A32D98022E2323D21C95900329A43 ] C:\Program Files\Elantech\ETDApix.dll 09:19:26.0442 4696 C:\Program Files\Elantech\ETDApix.dll - ok 09:19:26.0442 4696 [ 352C7C2470C03AFD41889236D849D75C ] C:\Windows\System32\igfxrenu.lrc 09:19:26.0442 4696 C:\Windows\System32\igfxrenu.lrc - ok 09:19:26.0442 4696 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll 09:19:26.0442 4696 C:\Windows\SysWOW64\ncrypt.dll - ok 09:19:26.0458 4696 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll 09:19:26.0458 4696 C:\Windows\SysWOW64\bcrypt.dll - ok 09:19:26.0458 4696 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll 09:19:26.0458 4696 C:\Windows\SysWOW64\bcryptprimitives.dll - ok 09:19:26.0458 4696 [ AB8BC10A5A307D0CA172D801763561A8 ] C:\Program Files\Elantech\ETDCmds.dll 09:19:26.0458 4696 C:\Program Files\Elantech\ETDCmds.dll - ok 09:19:26.0458 4696 [ CBEC06E32D0AC9C3D0A9199EDC1FB959 ] C:\Program Files (x86)\Skype\Phone\Skype.exe 09:19:26.0458 4696 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok 09:19:26.0474 4696 [ A1CFDEF143B1B4047E0FD3510F85DE97 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSPTLS.DLL 09:19:26.0474 4696 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSPTLS.DLL - ok 09:19:26.0474 4696 [ 9ECF375A6E4E74D056F4B54E76D58721 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 09:19:26.0474 4696 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok 09:19:26.0474 4696 [ F255E48EA981E943A14CF16269F3F3AF ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe 09:19:26.0474 4696 C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe - ok 09:19:26.0474 4696 [ 0ADF079D36B2C25E6E9BECE1BD937ACE ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe 09:19:26.0474 4696 C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe - ok 09:19:26.0489 4696 [ AF7DE2922E01EFA48BF5F2A8511CF896 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe 09:19:26.0489 4696 C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe - ok 09:19:26.0489 4696 [ EAA666E9DD8DCDA6E075087091CB85EE ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe 09:19:26.0489 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe - ok 09:19:26.0489 4696 [ 94F80155B91B8DF7A0EAD527C853D377 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe 09:19:26.0489 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe - ok 09:19:26.0489 4696 [ 5A5BF95C7410E96E04C57B06232E9965 ] C:\Program Files (x86)\Launch Manager\LManager.exe 09:19:26.0489 4696 C:\Program Files (x86)\Launch Manager\LManager.exe - ok 09:19:26.0505 4696 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe 09:19:26.0505 4696 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok 09:19:26.0505 4696 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll 09:19:26.0505 4696 C:\Windows\SysWOW64\mscoree.dll - ok 09:19:26.0505 4696 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 09:19:26.0505 4696 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok 09:19:26.0505 4696 [ B8E421C0890356CD4A793D8A346D9096 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 09:19:26.0505 4696 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok 09:19:26.0520 4696 [ 7B5A2D0C6607DCF6ACF34185BD40BAD1 ] C:\Program Files (x86)\EgisTec IPS\KernelController.dll 09:19:26.0520 4696 C:\Program Files (x86)\EgisTec IPS\KernelController.dll - ok 09:19:26.0520 4696 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll 09:19:26.0520 4696 C:\Windows\SysWOW64\comdlg32.dll - ok 09:19:26.0520 4696 [ 6E3245DF783E58375B3465F03274743E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 09:19:26.0520 4696 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok 09:19:26.0520 4696 [ 0D5CC53EAA50F56AB171F91E7E995176 ] C:\Program Files (x86)\EgisTec IPS\LiveUpdateUI.dll 09:19:26.0520 4696 C:\Program Files (x86)\EgisTec IPS\LiveUpdateUI.dll - ok 09:19:26.0536 4696 [ F7DD2D785280DB73DC9060F80361BEFB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 09:19:26.0536 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok 09:19:26.0536 4696 [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL 09:19:26.0536 4696 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL - ok 09:19:26.0536 4696 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll 09:19:26.0536 4696 C:\Windows\SysWOW64\msiltcfg.dll - ok 09:19:26.0536 4696 [ C0A9D2F9B548C7DC3750D513566A31FE ] C:\Program Files (x86)\EgisTec IPS\LicenseCenter.dll 09:19:26.0536 4696 C:\Program Files (x86)\EgisTec IPS\LicenseCenter.dll - ok 09:19:26.0552 4696 [ 89C4B3BF66D3C2F3D83F9DEDF1B218D6 ] C:\Windows\System32\mshtml.dll 09:19:26.0552 4696 C:\Windows\System32\mshtml.dll - ok 09:19:26.0552 4696 [ 8A5BCAA97D2ADA3E11E5D5B13A870982 ] C:\Program Files (x86)\EgisTec IPS\UpdateModel.dll 09:19:26.0552 4696 C:\Program Files (x86)\EgisTec IPS\UpdateModel.dll - ok 09:19:26.0552 4696 [ 6CD92194F84F6F0CE0D0088DBFC97262 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll 09:19:26.0552 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll - ok 09:19:26.0552 4696 [ C66376234C25D1FB4F5F376CE2923DBF ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc 09:19:26.0552 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc - ok 09:19:26.0567 4696 [ 11AAEC8BB512262F07C191ACCEE205D8 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll 09:19:26.0567 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll - ok 09:19:26.0567 4696 [ AF43C4F7F3C8BC95DAD95024F96CDC4A ] C:\Program Files (x86)\QuickTime\QTTask.exe 09:19:26.0567 4696 C:\Program Files (x86)\QuickTime\QTTask.exe - ok 09:19:26.0567 4696 [ D743372A621ED03A274539A88EEB3450 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe 09:19:26.0567 4696 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok 09:19:26.0567 4696 [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe 09:19:26.0567 4696 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok 09:19:26.0583 4696 [ 1AD33A0319062260064E1A36F8327922 ] C:\Windows\System32\RtkCfg64.dll 09:19:26.0583 4696 C:\Windows\System32\RtkCfg64.dll - ok 09:19:26.0583 4696 [ 7001ED498AFE9921DB7231878DE1CE12 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll 09:19:26.0583 4696 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok 09:19:26.0583 4696 [ C67173388E6E7F11EC0E8729CD484223 ] C:\Program Files (x86)\Ask.com\Updater\Updater.exe 09:19:26.0583 4696 C:\Program Files (x86)\Ask.com\Updater\Updater.exe - ok 09:19:26.0598 4696 [ 5963633010616B25503EE126F55E8DE4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll 09:19:26.0598 4696 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll - ok 09:19:26.0598 4696 [ F4202F68BB3B9A08822238D9017EC638 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 09:19:26.0598 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe - ok 09:19:26.0598 4696 [ F32077DF74EFD435A1DCDF415E189DF1 ] C:\Windows\SysWOW64\mfc100u.dll 09:19:26.0598 4696 C:\Windows\SysWOW64\mfc100u.dll - ok 09:19:26.0598 4696 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll 09:19:26.0598 4696 C:\Windows\System32\wbem\cimwin32.dll - ok 09:19:26.0614 4696 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll 09:19:26.0614 4696 C:\Windows\System32\framedynos.dll - ok 09:19:26.0614 4696 [ 9C94183A22256C35B025A900AF4B5372 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll 09:19:26.0614 4696 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok 09:19:26.0614 4696 [ 3AF147EDC68CB34CB91B606DB6304F11 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll 09:19:26.0614 4696 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok 09:19:26.0614 4696 [ E75963624A3F55C90AC8A7C2E65072FF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll 09:19:26.0614 4696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok 09:19:26.0630 4696 [ C373124A5CA723B53C0948B6343E4C87 ] C:\Windows\System32\igfxext.exe 09:19:26.0630 4696 C:\Windows\System32\igfxext.exe - ok 09:19:26.0630 4696 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll 09:19:26.0630 4696 C:\Windows\System32\msimtf.dll - ok 09:19:26.0630 4696 [ 0C35A42D35B5655A503EE5EC05E28881 ] C:\Windows\System32\igfxexps.dll 09:19:26.0630 4696 C:\Windows\System32\igfxexps.dll - ok 09:19:26.0630 4696 [ 1CBAB9DB246B8B910419B74392989A48 ] C:\Windows\System32\jscript9.dll 09:19:26.0630 4696 C:\Windows\System32\jscript9.dll - ok 09:19:26.0645 4696 [ 4552F8F61A7975C2359D19673483604D ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 09:19:26.0645 4696 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok 09:19:26.0645 4696 [ 84B3C0476D17C9A44DB4C9256A7E2844 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe 09:19:26.0645 4696 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok 09:19:26.0645 4696 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll 09:19:26.0645 4696 C:\Windows\System32\d2d1.dll - ok 09:19:26.0645 4696 [ C2335D714EFAFFFB4C7A3C164F2024B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll 09:19:26.0645 4696 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll - ok 09:19:26.0661 4696 [ 07CDD5732A8A084BA8EC10287CADDD36 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe 09:19:26.0661 4696 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok 09:19:26.0661 4696 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll 09:19:26.0661 4696 C:\Windows\System32\DWrite.dll - ok 09:19:26.0661 4696 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 09:19:26.0661 4696 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok 09:19:26.0661 4696 [ E2953C9D7D1962422212863DD5CBC977 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll 09:19:26.0661 4696 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok 09:19:26.0676 4696 [ 26A68554F95A344B62E5771AF598E0E8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll 09:19:26.0676 4696 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll - ok 09:19:26.0676 4696 [ 632A6D75FEEABC846EE9AEC33345EF34 ] C:\Program Files (x86)\Launch Manager\CDROMUTL.DLL 09:19:26.0676 4696 C:\Program Files (x86)\Launch Manager\CDROMUTL.DLL - ok 09:19:26.0676 4696 [ A07F12FA297F3F074D496B333C259AFA ] C:\Program Files (x86)\Launch Manager\COMFNUTL.DLL 09:19:26.0676 4696 C:\Program Files (x86)\Launch Manager\COMFNUTL.DLL - ok 09:19:26.0676 4696 [ 69259DD752862F5665413AFCFB4C0B0E ] C:\Program Files (x86)\Launch Manager\MIXERUTL.DLL 09:19:26.0676 4696 C:\Program Files (x86)\Launch Manager\MIXERUTL.DLL - ok 09:19:26.0692 4696 [ 20D30D8717E9DFF90224B5AB37410D9D ] C:\Program Files (x86)\Launch Manager\OSDUTL2.DLL 09:19:26.0692 4696 C:\Program Files (x86)\Launch Manager\OSDUTL2.DLL - ok 09:19:26.0692 4696 [ 71FC112959B07D686E71541BD9D4F237 ] C:\Program Files (x86)\Launch Manager\PowerUtl.dll 09:19:26.0692 4696 C:\Program Files (x86)\Launch Manager\PowerUtl.dll - ok 09:19:26.0692 4696 [ A53F59BC46766CE79E407AB6F451100D ] C:\Program Files (x86)\Launch Manager\WND2FILE.DLL 09:19:26.0692 4696 C:\Program Files (x86)\Launch Manager\WND2FILE.DLL - ok 09:19:26.0692 4696 [ 3DCC84D1F63E5F7CB56F229D2149AB5D ] C:\Windows\System32\wshom.ocx 09:19:26.0692 4696 C:\Windows\System32\wshom.ocx - ok 09:19:26.0708 4696 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll 09:19:26.0708 4696 C:\Windows\SysWOW64\powrprof.dll - ok 09:19:26.0708 4696 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll 09:19:26.0708 4696 C:\Windows\SysWOW64\wlanapi.dll - ok 09:19:26.0708 4696 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll 09:19:26.0708 4696 C:\Windows\SysWOW64\wlanutil.dll - ok 09:19:26.0708 4696 [ 8771BEDEAD950014EEDF6EEFE4A68066 ] C:\Windows\System32\scrrun.dll 09:19:26.0708 4696 C:\Windows\System32\scrrun.dll - ok 09:19:26.0708 4696 [ 7F9F3DCBEF217715307E3A8CC28FA768 ] C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll 09:19:26.0708 4696 C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll - ok 09:19:26.0723 4696 [ FD5A0A28AAEA0421039242A9D592212B ] C:\Program Files (x86)\Launch Manager\SZUPFUTL.DLL 09:19:26.0723 4696 C:\Program Files (x86)\Launch Manager\SZUPFUTL.DLL - ok 09:19:26.0723 4696 [ 18C15258F1F013FA341B2C56E3805D5B ] C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe 09:19:26.0723 4696 C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe - ok 09:19:26.0723 4696 [ 8378EE82F8D600E9AAD3075CBE2C7479 ] C:\Program Files (x86)\Launch Manager\aipflib.dll 09:19:26.0723 4696 C:\Program Files (x86)\Launch Manager\aipflib.dll - ok 09:19:26.0723 4696 [ 111997F1E896F274CF090D2A052B69AA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\701baa4d78031ac5130eadea085bbebf\IAStorUtil.ni.dll 09:19:26.0723 4696 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\701baa4d78031ac5130eadea085bbebf\IAStorUtil.ni.dll - ok 09:19:26.0739 4696 [ 42FBF671F8E3A5D3968D60301A66D389 ] C:\Program Files (x86)\Launch Manager\MMDUtl.dll 09:19:26.0739 4696 C:\Program Files (x86)\Launch Manager\MMDUtl.dll - ok 09:19:26.0739 4696 [ 3B919CBDDE7AE3376ED296839846C3DD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll 09:19:26.0739 4696 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll - ok 09:19:26.0739 4696 [ BD23077CBAD092A5EA5F77ED874F32A2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll 09:19:26.0739 4696 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll - ok 09:19:26.0754 4696 [ 4879B16C91F56DCA20DDC598A96D476D ] C:\Program Files (x86)\Launch Manager\LmSmbKel.dll 09:19:26.0754 4696 C:\Program Files (x86)\Launch Manager\LmSmbKel.dll - ok 09:19:26.0754 4696 [ 422150F24F148708C9D3A57DF9C7FDD5 ] C:\Program Files (x86)\Launch Manager\LMworker.exe 09:19:26.0754 4696 C:\Program Files (x86)\Launch Manager\LMworker.exe - ok 09:19:26.0754 4696 [ DDC0B23D7EB77356E8D32FFE05718C6E ] C:\Windows\System32\vbscript.dll 09:19:26.0754 4696 C:\Windows\System32\vbscript.dll - ok 09:19:26.0754 4696 [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe 09:19:26.0754 4696 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok 09:19:26.0770 4696 [ F7950E8FBB9B26E1A347F00E11EA42B5 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll 09:19:26.0770 4696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok 09:19:26.0770 4696 [ 07BDE9690FDC796705E8BB811F61237B ] C:\Program Files (x86)\Launch Manager\NTKCUtl.dll 09:19:26.0770 4696 C:\Program Files (x86)\Launch Manager\NTKCUtl.dll - ok 09:19:26.0770 4696 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll 09:19:26.0770 4696 C:\Windows\SysWOW64\WindowsCodecs.dll - ok 09:19:26.0770 4696 [ A027A414E637637C81EBC928D9F4025D ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll 09:19:26.0770 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll - ok 09:19:26.0786 4696 [ 063F592B4C0AE7F786BC1A1460FB380E ] C:\Program Files (x86)\Launch Manager\VistaVol.dll 09:19:26.0786 4696 C:\Program Files (x86)\Launch Manager\VistaVol.dll - ok 09:19:26.0786 4696 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll 09:19:26.0786 4696 C:\Windows\SysWOW64\MMDevAPI.dll - ok 09:19:26.0786 4696 [ C7F22545C0C424265E57AA1D220090C6 ] C:\Windows\System32\igfxress.dll 09:19:26.0786 4696 C:\Windows\System32\igfxress.dll - ok 09:19:26.0786 4696 [ 4860790FA0F039A2C094BE4BF0CC5858 ] C:\Program Files (x86)\Launch Manager\CdDirIo.dll 09:19:26.0786 4696 C:\Program Files (x86)\Launch Manager\CdDirIo.dll - ok 09:19:26.0786 4696 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll 09:19:26.0786 4696 C:\Windows\SysWOW64\AudioSes.dll - ok 09:19:26.0801 4696 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll 09:19:26.0801 4696 C:\Windows\SysWOW64\wbemcomn.dll - ok 09:19:26.0801 4696 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll 09:19:26.0801 4696 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok 09:19:26.0801 4696 [ 10307046E19C8EC964C792A798B32BB3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll 09:19:26.0801 4696 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll - ok 09:19:26.0801 4696 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll 09:19:26.0801 4696 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok 09:19:26.0817 4696 [ 2291D1FABC087E43D4122CACE1CA30F9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll 09:19:26.0817 4696 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll - ok 09:19:26.0817 4696 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll 09:19:26.0817 4696 C:\Windows\SysWOW64\wbem\fastprox.dll - ok 09:19:26.0817 4696 [ AC80AF09C7131FBC518BD8069096CA85 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll 09:19:26.0817 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll - ok 09:19:26.0832 4696 [ 3F19743028903021F19B8BEDA154DFEA ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc 09:19:26.0832 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc - ok 09:19:26.0832 4696 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll 09:19:26.0832 4696 C:\Windows\SysWOW64\ntdsapi.dll - ok 09:19:26.0832 4696 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll 09:19:26.0832 4696 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok 09:19:26.0832 4696 [ 75838AB28CC1318345DA62B6C339068C ] C:\Windows\System32\GfxUI.exe 09:19:26.0832 4696 C:\Windows\System32\GfxUI.exe - ok 09:19:26.0848 4696 [ B3ABED774AD943368FE513666413CACE ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll 09:19:26.0848 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll - ok 09:19:26.0848 4696 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe 09:19:26.0848 4696 C:\Windows\System32\wbem\unsecapp.exe - ok 09:19:26.0848 4696 [ 7CDFC5DEB2D68AA412D5DF540D6E77C8 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll 09:19:26.0848 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll - ok 09:19:26.0848 4696 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll 09:19:26.0848 4696 C:\Windows\System32\wbem\NCProv.dll - ok 09:19:26.0864 4696 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll 09:19:26.0864 4696 C:\Windows\System32\wbem\wmiprov.dll - ok 09:19:26.0864 4696 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe 09:19:26.0864 4696 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok 09:19:26.0864 4696 [ D955933A983C6E50275EDE2EADBD8EF7 ] C:\Program Files\Elantech\ETDCtrlHelper.exe 09:19:26.0864 4696 C:\Program Files\Elantech\ETDCtrlHelper.exe - ok 09:19:26.0864 4696 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll 09:19:26.0864 4696 C:\Windows\SysWOW64\d3d9.dll - ok 09:19:26.0879 4696 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll 09:19:26.0879 4696 C:\Windows\SysWOW64\d3d8thk.dll - ok 09:19:26.0879 4696 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll 09:19:26.0879 4696 C:\Windows\SysWOW64\msacm32.dll - ok 09:19:26.0879 4696 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll 09:19:26.0879 4696 C:\Windows\SysWOW64\olepro32.dll - ok 09:19:26.0879 4696 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll 09:19:26.0879 4696 C:\Windows\SysWOW64\avrt.dll - ok 09:19:26.0895 4696 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll 09:19:26.0895 4696 C:\Windows\SysWOW64\cryptui.dll - ok 09:19:26.0895 4696 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll 09:19:26.0895 4696 C:\Windows\SysWOW64\mapi32.dll - ok 09:19:26.0895 4696 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll 09:19:26.0895 4696 C:\Windows\System32\mscoree.dll - ok 09:19:26.0895 4696 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll 09:19:26.0895 4696 C:\Windows\System32\tquery.dll - ok 09:19:26.0895 4696 [ AD844CB51BEAE104D17ACCE79F53B0A4 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll 09:19:26.0895 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll - ok 09:19:26.0910 4696 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe 09:19:26.0910 4696 C:\Windows\System32\consent.exe - ok 09:19:26.0910 4696 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll 09:19:26.0910 4696 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok 09:19:26.0910 4696 [ 24BB4B3F7F639B41CA1B694BC9357097 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll 09:19:26.0910 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll - ok 09:19:26.0910 4696 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll 09:19:26.0910 4696 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok 09:19:26.0926 4696 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll 09:19:26.0926 4696 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok 09:19:26.0926 4696 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll 09:19:26.0926 4696 C:\Windows\System32\mssrch.dll - ok 09:19:26.0926 4696 [ F908FE45F8FE9E0D4CBE65F9FF5DF6DA ] C:\Windows\SysWOW64\mfc100enu.dll 09:19:26.0926 4696 C:\Windows\SysWOW64\mfc100enu.dll - ok 09:19:26.0926 4696 [ 844918E629C70EEF9C1D4CB08D630696 ] C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe 09:19:26.0926 4696 C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe - ok 09:19:26.0942 4696 [ EED9D3DDD65B76120EC81B670D15BB51 ] C:\Program Files\Acer\Acer ePower Management\SetAPM.exe 09:19:26.0942 4696 C:\Program Files\Acer\Acer ePower Management\SetAPM.exe - ok 09:19:26.0942 4696 [ AEAA1918C8603ED6E263A6646D6E9316 ] C:\Program Files\Acer\Acer ePower Management\SysHook.dll 09:19:26.0942 4696 C:\Program Files\Acer\Acer ePower Management\SysHook.dll - ok 09:19:26.0942 4696 [ 3B31850FFF112BE58294896EB9F684F1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll 09:19:26.0942 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll - ok 09:19:26.0942 4696 [ 126B2F509341C36D99BD15188592123A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll 09:19:26.0942 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll - ok 09:19:26.0957 4696 [ DB7F445E3A62F96B8E5B4B61BCFFD22E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll 09:19:26.0957 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll - ok 09:19:26.0957 4696 [ 17220E5B51A033453142E0B4052E9551 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll 09:19:26.0957 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll - ok 09:19:26.0957 4696 [ 7E6BA46E48A45DBAD5AADE3510598BDD ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll 09:19:26.0957 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll - ok 09:19:26.0957 4696 [ F2F22C0C217E953497B443389B457AAA ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll 09:19:26.0973 4696 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll - ok 09:19:26.0973 4696 [ 8E95EEECC7EC8624A360D4EE73E8E140 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll 09:19:26.0973 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll - ok 09:19:26.0973 4696 [ C0537786F8D494A0686D64D8E278DC65 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll 09:19:26.0973 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll - ok 09:19:26.0973 4696 [ 692DDF02F2C3F53AE670CFAF55D2DBB3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll 09:19:26.0973 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll - ok 09:19:26.0988 4696 [ 6820A9E91AFF7CB3A510360D8CCD9BDD ] C:\Windows\SysWOW64\mshtml.dll 09:19:26.0988 4696 C:\Windows\SysWOW64\mshtml.dll - ok 09:19:26.0988 4696 [ EC760C14BC3F80399012CEC9E08A8A82 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\MUI\0409\Lang.dll 09:19:26.0988 4696 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\MUI\0409\Lang.dll - ok 09:19:26.0988 4696 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll 09:19:26.0988 4696 C:\Windows\System32\esent.dll - ok 09:19:26.0988 4696 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll 09:19:26.0988 4696 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok 09:19:26.0988 4696 [ 19439B245C71A5C0C62AF5671ED078E8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll 09:19:27.0004 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll - ok 09:19:27.0004 4696 [ 0A0F3612A73619A755C596A4441F25D9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll 09:19:27.0004 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll - ok 09:19:27.0004 4696 [ 06F93DA727D348689707611448470C9E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll 09:19:27.0004 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll - ok 09:19:27.0004 4696 [ 0800FF435A29DCD07D275798CFEB6EF2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll 09:19:27.0004 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll - ok 09:19:27.0020 4696 [ 795D4835CE714F4A0C601766134F344B ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll 09:19:27.0020 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll - ok 09:19:27.0020 4696 [ 5AC47E3AC56E5E8827C9C593CB86881E ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll 09:19:27.0020 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll - ok 09:19:27.0020 4696 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll 09:19:27.0035 4696 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok 09:19:27.0035 4696 [ 388129C269DB1DB1E36D89C8D27C330F ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll 09:19:27.0035 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll - ok 09:19:27.0035 4696 [ 9D1C5D971235A5E84B1C25E7CEFC52E4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll 09:19:27.0035 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll - ok 09:19:27.0035 4696 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll 09:19:27.0035 4696 C:\Windows\System32\stobject.dll - ok 09:19:27.0035 4696 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll 09:19:27.0035 4696 C:\Windows\System32\batmeter.dll - ok 09:19:27.0051 4696 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe 09:19:27.0051 4696 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok 09:19:27.0051 4696 [ 4DB8C3E9A5D6EB99F21B199C28EDE8D1 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe 09:19:27.0051 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe - ok 09:19:27.0051 4696 [ 82464461ACDFBA6B876BF9F74A66BCBB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll 09:19:27.0051 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll - ok 09:19:27.0051 4696 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll 09:19:27.0051 4696 C:\Windows\System32\msidle.dll - ok 09:19:27.0066 4696 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll 09:19:27.0066 4696 C:\Windows\System32\mssprxy.dll - ok 09:19:27.0066 4696 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll 09:19:27.0066 4696 C:\Windows\System32\wersvc.dll - ok 09:19:27.0066 4696 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui 09:19:27.0066 4696 C:\Windows\System32\en-US\tquery.dll.mui - ok 09:19:27.0066 4696 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll 09:19:27.0066 4696 C:\Windows\SysWOW64\mssprxy.dll - ok 09:19:27.0082 4696 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll 09:19:27.0082 4696 C:\Windows\System32\FntCache.dll - ok 09:19:27.0082 4696 [ 8456DD7497F34F8BE5E3332C62788F5A ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll 09:19:27.0082 4696 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok 09:19:27.0082 4696 [ 3C0D4B3E80FC4854CA325DD123CC4DED ] C:\Program Files\iPod\bin\iPodService.exe 09:19:27.0082 4696 C:\Program Files\iPod\bin\iPodService.exe - ok 09:19:27.0082 4696 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll 09:19:27.0082 4696 C:\Windows\System32\prnfldr.dll - ok 09:19:27.0098 4696 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll 09:19:27.0098 4696 C:\Windows\SysWOW64\netprofm.dll - ok 09:19:27.0098 4696 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll 09:19:27.0098 4696 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok 09:19:27.0098 4696 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll 09:19:27.0098 4696 C:\Windows\System32\fdProxy.dll - ok 09:19:27.0098 4696 [ 27842D4232D61826286929257E499765 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll 09:19:27.0098 4696 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok 09:19:27.0113 4696 [ 1C143CC22D9ADED2B64653AC878F29DA ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll 09:19:27.0113 4696 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok 09:19:27.0113 4696 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll 09:19:27.0113 4696 C:\Windows\SysWOW64\nlaapi.dll - ok 09:19:27.0113 4696 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll 09:19:27.0113 4696 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok 09:19:27.0113 4696 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll 09:19:27.0113 4696 C:\Windows\SysWOW64\npmproxy.dll - ok 09:19:27.0129 4696 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll 09:19:27.0129 4696 C:\Windows\System32\DXP.dll - ok 09:19:27.0129 4696 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll 09:19:27.0129 4696 C:\Windows\System32\Syncreg.dll - ok 09:19:27.0129 4696 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll 09:19:27.0129 4696 C:\Windows\System32\AltTab.dll - ok 09:19:27.0129 4696 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll 09:19:27.0129 4696 C:\Windows\System32\d3d10warp.dll - ok 09:19:27.0144 4696 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll 09:19:27.0144 4696 C:\Windows\ehome\ehSSO.dll - ok 09:19:27.0144 4696 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll 09:19:27.0144 4696 C:\Windows\System32\pnidui.dll - ok 09:19:27.0144 4696 [ 469533CC7F16566BE9D3436860E12013 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe 09:19:27.0144 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe - ok 09:19:27.0144 4696 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL 09:19:27.0144 4696 C:\Windows\System32\QUTIL.DLL - ok 09:19:27.0144 4696 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll 09:19:27.0144 4696 C:\Windows\SysWOW64\gameux.dll - ok 09:19:27.0160 4696 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll 09:19:27.0160 4696 C:\Windows\System32\WPDShServiceObj.dll - ok 09:19:27.0160 4696 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl 09:19:27.0160 4696 C:\Windows\System32\bthprops.cpl - ok 09:19:27.0160 4696 [ 5A871FEAFC697198C8961C792EBF6B48 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll 09:19:27.0160 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll - ok 09:19:27.0160 4696 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll 09:19:27.0160 4696 C:\Windows\System32\ActionCenter.dll - ok 09:19:27.0176 4696 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll 09:19:27.0176 4696 C:\Windows\SysWOW64\xmllite.dll - ok 09:19:27.0176 4696 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll 09:19:27.0176 4696 C:\Windows\SysWOW64\wer.dll - ok 09:19:27.0176 4696 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll 09:19:27.0176 4696 C:\Windows\System32\srchadmin.dll - ok 09:19:27.0176 4696 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll 09:19:27.0176 4696 C:\Windows\System32\webcheck.dll - ok 09:19:27.0191 4696 [ D38E9160EFA8C0ACA39F3F3A7F4E9A6E ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll 09:19:27.0191 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll - ok 09:19:27.0191 4696 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll 09:19:27.0191 4696 C:\Windows\System32\mlang.dll - ok 09:19:27.0191 4696 [ 9C253164E7016B42591F08BEB90FB494 ] C:\Windows\System32\igdumd64.dll 09:19:27.0191 4696 C:\Windows\System32\igdumd64.dll - ok 09:19:27.0191 4696 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll 09:19:27.0191 4696 C:\Windows\SysWOW64\linkinfo.dll - ok 09:19:27.0207 4696 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll 09:19:27.0207 4696 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok 09:19:27.0207 4696 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll 09:19:27.0207 4696 C:\Windows\System32\rasdlg.dll - ok 09:19:27.0207 4696 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll 09:19:27.0207 4696 C:\Windows\System32\SyncCenter.dll - ok 09:19:27.0207 4696 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll 09:19:27.0207 4696 C:\Windows\SysWOW64\ntshrui.dll - ok 09:19:27.0222 4696 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll 09:19:27.0222 4696 C:\Windows\SysWOW64\slc.dll - ok 09:19:27.0222 4696 [ 1CD5C2DFD2A5BF6DA720386679F3C449 ] C:\Windows\SysWOW64\HPZipr12.dll 09:19:27.0222 4696 C:\Windows\SysWOW64\HPZipr12.dll - ok 09:19:27.0222 4696 [ C36923084822C017F69396418A999D39 ] C:\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe 09:19:27.0222 4696 C:\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe - ok 09:19:27.0222 4696 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll 09:19:27.0222 4696 C:\Windows\System32\dot3api.dll - ok 09:19:27.0238 4696 [ 38D2DAE3D63914239C28982D8BB0CD94 ] C:\Windows\System32\hpzisn12.dll 09:19:27.0238 4696 C:\Windows\System32\hpzisn12.dll - ok 09:19:27.0238 4696 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll 09:19:27.0238 4696 C:\Windows\System32\wlanhlp.dll - ok 09:19:27.0238 4696 [ 92CBA4EBF1EAC5329662A967C079F660 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll 09:19:27.0238 4696 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll - ok 09:19:27.0238 4696 [ A490B22BD077D42E385581047801B6B2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll 09:19:27.0238 4696 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll - ok 09:19:27.0254 4696 [ BFB58920F1EEA290AE511EDFA94FA2EF ] C:\Windows\System32\hpzipt12.dll 09:19:27.0254 4696 C:\Windows\System32\hpzipt12.dll - ok 09:19:27.0254 4696 [ 383661D710295D2DA3FDFBA0C3ED4BCF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll 09:19:27.0254 4696 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll - ok 09:19:27.0254 4696 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll 09:19:27.0254 4696 C:\Windows\System32\FXSST.dll - ok 09:19:27.0254 4696 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll 09:19:27.0254 4696 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok 09:19:27.0269 4696 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll 09:19:27.0269 4696 C:\Windows\System32\FXSAPI.dll - ok 09:19:27.0269 4696 [ 44A08596C5E4274C1565180BDA0B19A2 ] C:\Windows\System32\tzres.dll 09:19:27.0269 4696 C:\Windows\System32\tzres.dll - ok 09:19:27.0269 4696 [ BA38C50F523DC053488AC3F9EF99AA0B ] C:\Windows\SysWOW64\igdumdx32.dll 09:19:27.0269 4696 C:\Windows\SysWOW64\igdumdx32.dll - ok 09:19:27.0269 4696 [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll 09:19:27.0269 4696 C:\Windows\System32\d3d10.dll - ok 09:19:27.0269 4696 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll 09:19:27.0269 4696 C:\Windows\System32\imapi2.dll - ok 09:19:27.0285 4696 [ 10AB9C9ADB89816BEFB077E72659D029 ] C:\Windows\SysWOW64\igdumd32.dll 09:19:27.0285 4696 C:\Windows\SysWOW64\igdumd32.dll - ok 09:19:27.0285 4696 [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll 09:19:27.0285 4696 C:\Windows\System32\d3d10core.dll - ok 09:19:27.0285 4696 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll 09:19:27.0285 4696 C:\Windows\System32\WWanAPI.dll - ok 09:19:27.0285 4696 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe 09:19:27.0285 4696 C:\Windows\System32\FXSSVC.exe - ok 09:19:27.0300 4696 [ 73A08D01DB0687364E08FB1B2EC4661C ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll 09:19:27.0300 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll - ok 09:19:27.0300 4696 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll 09:19:27.0300 4696 C:\Windows\System32\wwapi.dll - ok 09:19:27.0300 4696 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll 09:19:27.0300 4696 C:\Windows\System32\hgcpl.dll - ok 09:19:27.0300 4696 [ 24541D94E1ADEF0CB953046F482EA49E ] C:\Users\Mike Wood\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x64\HpqGps01.dll 09:19:27.0300 4696 C:\Users\Mike Wood\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x64\HpqGps01.dll - ok 09:19:27.0316 4696 [ 0B601EEB05F9DEF5A8A101C1CD8A69EE ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll 09:19:27.0316 4696 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll - ok 09:19:27.0316 4696 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL 09:19:27.0316 4696 C:\Windows\System32\QAGENT.DLL - ok 09:19:27.0316 4696 [ 95EE6D5B08EE906EFDB3B370F2FADBE2 ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll 09:19:27.0316 4696 C:\Program Files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll - ok 09:19:27.0316 4696 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll 09:19:27.0316 4696 C:\Windows\SysWOW64\EhStorShell.dll - ok 09:19:27.0332 4696 ============================================================ 09:19:27.0332 4696 Scan finished 09:19:27.0332 4696 ============================================================ 09:19:27.0332 4124 Detected object count: 0 09:19:27.0332 4124 Actual detected object count: 0 09:19:35.0490 3680 Deinitialize success Quote
joddle Posted August 16, 2012 Author Posted August 16, 2012 ComboFix 12-08-14.05 - Mike Wood 16/08/2012 9:28.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3767.2309 [GMT 1:00] Running from: c:\users\Mike Wood\Desktop\etavaresCF.exe Command switches used :: c:\users\Mike Wood\Desktop\CFScript.txt.txt AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . FILE :: "c:\windows\Tasks\Huhtlrugu.job" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\Tasks\Huhtlrugu.job . . ((((((((((((((((((((((((( Files Created from 2012-07-16 to 2012-08-16 ))))))))))))))))))))))))))))))) . . 2012-08-16 08:37 . 2012-08-16 08:37 -------- d-----w- c:\users\Tom Wood\AppData\Local\temp 2012-08-16 08:37 . 2012-08-16 08:37 -------- d-----w- c:\users\Steffi Wood\AppData\Local\temp 2012-08-16 08:37 . 2012-08-16 08:37 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-16 08:37 . 2012-08-16 08:37 -------- d-----w- c:\users\Anita Wood\AppData\Local\temp 2012-08-15 19:47 . 2012-08-15 19:47 -------- d-----w- c:\users\Public\CyberLink 2012-08-15 19:47 . 2012-08-15 19:47 -------- d-----w- c:\users\Mike Wood\AppData\Local\Cyberlink 2012-08-15 19:47 . 2012-08-15 19:47 -------- d-----w- c:\programdata\CyberLink 2012-08-15 19:47 . 2012-08-15 19:47 -------- d-----w- c:\users\Mike Wood\AppData\Roaming\CyberLink 2012-08-15 10:17 . 2012-08-15 10:17 -------- d-----w- c:\users\Mike Wood\AppData\Roaming\Avira 2012-08-15 10:12 . 2012-08-15 10:12 -------- d-----w- c:\program files (x86)\Ask.com 2012-08-15 10:12 . 2012-07-18 17:05 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-08-15 10:12 . 2012-07-18 17:05 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2012-08-15 10:12 . 2012-07-18 17:05 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-08-15 10:12 . 2012-08-15 10:12 -------- d-----w- c:\programdata\Avira 2012-08-15 10:12 . 2012-08-15 10:12 -------- d-----w- c:\program files (x86)\Avira 2012-08-14 20:00 . 2012-08-16 08:10 -------- d-----w- c:\programdata\boost_interprocess 2012-08-13 08:53 . 2012-08-13 08:53 -------- d-----w- c:\users\Mike Wood\AppData\Roaming\Malwarebytes 2012-08-13 08:53 . 2012-08-13 08:53 -------- d-----w- c:\programdata\Malwarebytes 2012-08-13 08:53 . 2012-08-13 08:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-08-13 08:53 . 2012-07-03 12:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-09 11:38 . 2012-08-09 11:38 114688 --sha-r- c:\windows\SysWow64\netprof0.dll 2012-08-07 07:31 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{91102E68-D0D8-40B7-B77D-4769C4AA1D41}\mpengine.dll 2012-07-20 11:38 . 2012-07-20 11:42 -------- d-----w- c:\program files (x86)\eLicenser 2012-07-20 11:38 . 2012-07-20 11:38 -------- d-----w- c:\program files (x86)\Syncrosoft 2012-07-20 11:38 . 2011-12-14 18:12 30352 ----a-w- c:\windows\system32\drivers\synusb64.sys 2012-07-20 11:38 . 2011-12-14 18:12 1277952 ----a-w- c:\windows\SysWow64\SYNSOACC.dll 2012-07-20 11:38 . 2011-12-14 18:12 86016 ----a-w- c:\windows\SysWow64\SYNSOPOS.exe 2012-07-17 19:21 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-03 13:11 . 2012-04-10 09:56 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-03 13:11 . 2011-08-11 09:39 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-17 19:16 . 2011-01-08 22:53 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-06-09 05:43 . 2012-07-15 17:19 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 06:06 . 2012-07-15 17:19 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-15 17:19 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-15 17:18 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-15 17:19 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-15 17:19 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-15 17:19 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-06-24 12:30 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-24 12:31 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-24 12:31 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-24 12:31 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-24 12:30 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-24 12:31 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-24 12:30 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 14:19 . 2012-06-24 12:30 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 14:15 . 2012-06-24 12:30 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 05:50 . 2012-07-15 17:19 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-15 17:19 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:48 . 2012-07-15 17:19 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:45 . 2012-07-15 17:19 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-15 17:19 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-15 17:19 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-15 17:19 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-15 17:19 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-15 17:19 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2012-05-31 11:25 . 2010-12-29 21:19 279656 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((( SnapShot@2012-08-15_08.17.38 ))))))))))))))))))))))))))))))))))))))))) . + 2011-02-19 22:03 . 2011-02-19 22:03 51024 c:\windows\SysWOW64\vcomp100.dll + 2011-02-19 22:03 . 2011-02-19 22:03 81744 c:\windows\SysWOW64\mfcm100u.dll + 2011-02-19 22:03 . 2011-02-19 22:03 81744 c:\windows\SysWOW64\mfcm100.dll + 2011-02-19 22:03 . 2011-02-19 22:03 60752 c:\windows\SysWOW64\mfc100rus.dll + 2011-02-19 22:03 . 2011-02-19 22:03 43344 c:\windows\SysWOW64\mfc100kor.dll + 2011-02-19 22:03 . 2011-02-19 22:03 43856 c:\windows\SysWOW64\mfc100jpn.dll + 2011-02-19 22:03 . 2011-02-19 22:03 62288 c:\windows\SysWOW64\mfc100ita.dll + 2011-02-19 22:03 . 2011-02-19 22:03 64336 c:\windows\SysWOW64\mfc100fra.dll + 2011-02-19 22:03 . 2011-02-19 22:03 63824 c:\windows\SysWOW64\mfc100esn.dll + 2011-02-19 22:03 . 2011-02-19 22:03 55120 c:\windows\SysWOW64\mfc100enu.dll + 2011-02-19 22:03 . 2011-02-19 22:03 64336 c:\windows\SysWOW64\mfc100deu.dll + 2011-02-19 22:03 . 2011-02-19 22:03 36176 c:\windows\SysWOW64\mfc100cht.dll + 2011-02-19 22:03 . 2011-02-19 22:03 36176 c:\windows\SysWOW64\mfc100chs.dll + 2009-07-14 04:54 . 2012-08-15 10:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-08-14 16:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-08-15 10:09 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-08-14 16:47 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-15 10:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-08-14 16:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-07-13 11:21 . 2012-08-16 08:19 67970 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-08-16 08:19 33164 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-12-29 20:24 . 2012-08-16 08:19 11444 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-910665653-1988570951-16756008-1001_UserData.bin + 2010-09-26 15:43 . 2012-08-15 10:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-09-26 15:43 . 2012-08-10 18:08 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-09-26 15:43 . 2012-08-10 18:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-09-26 15:43 . 2012-08-15 10:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-15 10:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-08-10 18:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-08-15 10:12 . 2012-08-15 10:12 7168 c:\windows\SysWOW64\config\systemprofile\AppData\LocalLow\AskToolbar\cache.dat + 2010-12-29 23:16 . 2012-08-15 10:04 1588 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-910665653-1988570951-16756008-1004_UserData.bin - 2012-08-15 08:16 . 2012-08-15 08:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-16 08:17 . 2012-08-16 08:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-16 08:17 . 2012-08-16 08:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-08-15 08:16 . 2012-08-15 08:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-02-18 23:40 . 2011-02-18 23:40 773968 c:\windows\SysWOW64\msvcr100.dll + 2011-02-19 22:03 . 2011-02-19 22:03 421200 c:\windows\SysWOW64\msvcp100.dll + 2011-02-19 22:03 . 2011-02-19 22:03 138056 c:\windows\SysWOW64\atl100.dll + 2010-12-29 20:02 . 2012-08-15 11:02 273072 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin - 2009-07-14 02:36 . 2012-08-15 08:02 628874 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-08-16 08:13 628874 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-08-16 08:13 111026 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-08-15 08:02 111026 c:\windows\system32\perfc009.dat - 2009-07-14 05:01 . 2012-08-15 08:16 386020 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-08-16 08:16 386020 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-08-11 12:17 . 2012-08-16 08:16 640016 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-910665653-1988570951-16756008-1001-8192.dat + 2011-02-19 22:08 . 2011-02-19 22:08 163840 c:\windows\Installer\421e5.msi + 2012-08-15 10:12 . 2012-08-15 10:12 102400 c:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe + 2011-02-19 22:03 . 2011-02-19 22:03 4422992 c:\windows\SysWOW64\mfc100u.dll + 2011-02-19 22:03 . 2011-02-19 22:03 4397384 c:\windows\SysWOW64\mfc100.dll + 2011-08-11 12:59 . 2012-08-15 08:34 1026900 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-910665653-1988570951-16756008-1001-4096.dat - 2011-08-11 12:59 . 2012-08-15 08:16 1026900 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-910665653-1988570951-16756008-1001-4096.dat + 2012-08-15 10:12 . 2012-08-15 10:12 3788800 c:\windows\Installer\2b243.msi . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2012-01-04 19:20 1514152 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-04 1514152] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-13 39408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-01-04 1391272] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-29 135664] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-29 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376] R3 synusb64;eLicenser;c:\windows\system32\DRIVERS\synusb64.sys [2011-12-14 30352] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-31 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224] S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-07-18 465360] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-06-15 103472] S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 94797141 *NewlyCreated* - 95520712 *Deregistered* - 94797141 *Deregistered* - 95520712 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-08-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 13:11] . 2012-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-29 20:04] . 2012-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-29 20:04] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] c:\program files (x86)\Expat Shield\HssIE\ExpatIE_64.dll [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.co.uk/ uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5742&r=27361210l485l0454z105v57821402 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) SafeBoot-94797141.sys WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-08-16 09:54:53 ComboFix-quarantined-files.txt 2012-08-16 08:54 ComboFix2.txt 2012-08-15 08:23 . Pre-Run: 167,318,196,224 bytes free Post-Run: 166,890,987,520 bytes free . - - End Of File - - 2E3AAF1DB25CBA775D636CF4268E92E0 Quote
etavares Posted August 17, 2012 Posted August 17, 2012 Have the redirects stopped now? Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
joddle Posted August 17, 2012 Author Posted August 17, 2012 Yes they do seems to have stopped - Many thanks indeed - what was causing them? Quote
etavares Posted August 18, 2012 Posted August 18, 2012 Hello, joddle. There was a malware task scheduled that ran malware that caused the redirects. I'd like us to scan your machine with ESET OnlineScan Hold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop. Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop. [*]Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png [*]Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button. [*]Accept any security warnings from your browser. [*]Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png [*]Push the Start button. [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. [*]When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png [*]Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. [*]Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button. [*]Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
joddle Posted August 18, 2012 Author Posted August 18, 2012 HI - have run programme as instructed - irt reported no threats but there was no option to save a log file afterwards! ALso I am getting more redirects - these appear in the main to go to VAICEO .com - never heard of it but if I input a goodle request then click on one of the options offered - I end up at this VAICEO .com site - Am I back to the beginnig or is this something esle??? Anyways its really getting annoying so any help appreciated.... Quote
etavares Posted August 21, 2012 Posted August 21, 2012 Do you have a blank USB flash drive handy? A small one (512MB or greater) will suffice. Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
joddle Posted August 21, 2012 Author Posted August 21, 2012 Do you have a blank USB flash drive handy? A small one (512MB or greater) will suffice. Yes I have a USB 512 flash drive available I may have confused earlier because now most links from google go to where they should but a few still got to this other VAICEO .COM site - is this still redirection or something else? Quote
joddle Posted August 21, 2012 Author Posted August 21, 2012 Adding to previous post - more links are getting redirected but seemginly almost always to this site - and sometimes to a games site. Seems the redirect has reactivated!! Quote
etavares Posted August 22, 2012 Posted August 22, 2012 Hello, joddle. By 'almost always to this site', do you mean to Extreme Tech Support - Free PC Help???? Or to the VAICEO website you mentioned in the post before? Let's look at your MBR. Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of your clean computer Insert your USB drive Press Start > My Computer > right click your USB drive > choose Format > Quick format Double click the unetbootin-xpud-windows-387.exe that you just downloaded Press Run then OK Select the DiskImage option then click the browse button located on the right side of the textbox field. Browse to and select the xpud-0.9.2.iso file you downloaded Verify the correct drive letter is selected for your USB device then click OK It will install a little bootable OS on your USB device Once the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interface After it has completed do not choose to reboot the clean computer simply close the installer Remove the USB and insert it in the sick computer Boot the Sick computer Press F12 and choose to boot from the USB Follow the prompts A Welcome to xPUD screen will appear Press File Expand mnt sda1,2...usually corresponds to your HDD sdb1 is likely your USB Click on the folder that represents your USB drive (sdb1 ?) Press Tool at the top Choose Open Terminal Copy/paste the following command and press enter: dd if=/dev/sda of=mbr.txt bs=512 count=1 When done a file, mbr.txt, will be created on your USB drive. Please attach that file to your reply. Please note - all text entries are case sensitive etavares Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
joddle Posted August 23, 2012 Author Posted August 23, 2012 Hi thanks for response - I did not mean it redirects to this site (Extreme Tech Support - Free PC Help) - but just to to the VAICEO one named - sorry to confuse - Have downloaded files and created usb stick but not had time to run it as have been away all day - will post results tomorrow or over the weekend. THANKS Quote
etavares Posted August 24, 2012 Posted August 24, 2012 OK, thanks for the clarification. I'll keep an eye out for your response in the next day or two. Quote etavares is a member of:Alliance of Security Analysis ProfessionalsUnified Network of Instructors and Trained Eliminators
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.