Inactive [A] C:\WINDOWS\assembly\GAC_64\Desktop.ini virus, please help

Status
Not open for further replies.
P

Premachu

Posts: 15   +0
Hello. AVG's Residential Shield has detected:
C:\WINDOWS\assembly\GAC_64\Desktop.ini
C:\WINDOWS\assembly\GAC_32\Desktop.ini
. Trying to get rid of it through AVG has my computer go into system restore the next time I boot and I restore to only find the virus come up in the next scan. Other than this,I haven't seen any actual signs the virus doign anything yet, but I'd rather get rid of it before it manages to let other viruses in.

Thanks in advance
Logs below, let me know if anything else is required:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.14.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sergio :: SERGE-PC [administrator]

10/15/2012 4:37:21 PM
mbam-log-2012-10-15 (16-37-21).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 287067
Time elapsed: 5 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
__________________________

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-10-16 06:55:16
Windows 6.1.7601 Service Pack 1
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6E438F35-BE4C-D895-3C7E-F2F5EE484E1A}
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\UDK\\x30a2\x30eb\x30d5\x30fc\x30eb 1

---- EOF - GMER 1.0.15 ----
__________________________
DDS (Ver_2012-10-14.05) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Sergio at 0:35:06 on 2012-10-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3070.1260 [GMT -4:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\iolo\System Mechanic\SystemGuardAlerter.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Deluge\deluge.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = astroburn-search.com
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Presario&pf=cndt
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - <orphaned>
BHO: ATLAS Toolbar: {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: ATLAS Toolbar: {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
EB: {B964D79B-D625-408F-B2AB-B308806EA2DD} - <orphaned>
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
mRun: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDriveAutoRun = dword:0
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: &Translate with ATLAS - C:\Program Files (x86)\ATLAS V14\Atlscript.html
IE: ATLAS Translation &Editor - C:\Program Files (x86)\ATLAS V14\AtlscriptEdit.html
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - G:\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - G:\MICROS~1\Office14\ONBttnIE.dll/105
IE: {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - <orphaned>
IE: {B7707A72-4355-11D4-82BD-00000EBBEF8D} - C:\Program Files (x86)\ATLAS V14\Atlscript.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://clients.futuremark.com/openapi/receivers/FMSI.cab
TCP: Interfaces\{65D058B7-6742-44CD-B071-8F9AC846D243} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Presario&pf=cndt
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - <orphaned>
x64-Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\Windows\System32\rundll32.exe C:\Windows\System32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-9-15 55856]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2011-5-23 48992]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-7-26 291680]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-8-24 384352]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 31080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-12-30 279616]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-5-4 31432]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-5 236544]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-6-13 2321560]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-10-4 1028464]
R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-7-26 82160]
R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-9-4 722528]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2012-4-6 11174400]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2012-4-5 343040]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2011-12-23 124496]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-22 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-6 250808]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-12-28 46136]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-1-6 131912]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-26 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-22 135584]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-22 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 115168]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-7 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem --> C:\Windows\System32\xsherlock.xem [?]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-6-27 2369960]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
S4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-10-15 20:17:00 -------- d-sh--w- C:\$RECYCLE.BIN
2012-10-15 11:25:20 -------- d-s---w- C:\ComboFix
2012-10-15 02:19:33 -------- d-----w- C:\Users\Sergio\AppData\Roaming\RetroCityRampage
2012-10-15 02:17:30 -------- d-----w- C:\Program Files (x86)\Retro City Rampage
2012-10-14 05:32:24 58880 --sh--w- C:\Trainer.dll
2012-10-11 00:31:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-11 00:31:11 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-05 02:14:05 2155248 ----a-w- C:\Windows\System32\Incinerator64.dll
2012-10-04 23:11:52 -------- d-----w- C:\Users\Sergio\AppData\Local\FLT
2012-10-04 23:03:44 -------- d-----w- C:\Program Files (x86)\Castle Crashers
2012-09-30 18:25:21 -------- d-----w- C:\Program Files (x86)\Winamp Detect
2012-09-26 20:38:03 -------- d-----w- C:\Users\Sergio\AppData\Local\ArmA 2 OA DEMO
2012-09-25 22:00:09 -------- d-----w- C:\Users\Sergio\AppData\Roaming\xu4
2012-09-25 21:59:25 -------- d-----w- C:\Program Files (x86)\xu4
2012-09-23 04:31:11 -------- d-----w- C:\Program Files\Sega
2012-09-23 04:31:11 -------- d-----w- C:\Program Files (x86)\SONICADVENTUREDX
2012-09-23 02:47:37 -------- d-----w- C:\Users\Sergio\AppData\Local\VBS2
2012-09-22 14:50:25 -------- d-----w- C:\CyberStep
2012-09-21 21:07:21 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-09-21 21:07:21 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2012-09-21 21:07:17 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-21 21:07:17 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-21 21:07:00 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-09-21 21:07:00 67072 ----a-w- C:\Windows\splwow64.exe
2012-09-21 21:07:00 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-09-21 21:07:00 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-09-21 21:06:58 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-21 21:06:58 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-20 21:07:08 -------- d-----w- C:\Users\Sergio\AppData\Local\SKIDROW
2012-09-17 22:00:35 251392 ------r- C:\Windows\20120917_180035.TMP
2012-09-17 20:29:44 251392 ----a-r- C:\Windows\eiunin21.exe
.
==================== Find3M ====================
.
2012-10-09 18:39:07 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 18:39:07 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-03 19:52:08 57144 ----a-w- C:\Windows\System32\iolobtdfg.exe
2012-10-03 19:52:00 25744 ----a-w- C:\Windows\System32\smrgdf.exe
2012-10-03 19:35:44 2097032 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
2012-09-23 16:26:20 298280 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-09-23 16:26:20 298280 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-09-23 16:24:30 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-09-23 16:24:08 298280 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-09-23 15:53:20 3360624 ----a-w- C:\Windows\SysWow64\pbsvc.exe
2012-09-07 21:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-04 04:36:32 31080 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 19:43:16 384352 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-08-24 19:14:19 57344 ----a-w- C:\Windows\UNINSTCP.EXE
2012-08-24 18:15:15 256 ---ha-w- C:\Windows\SysWow64\LTAW14FN.BIN
2012-08-24 18:15:15 256 ---ha-w- C:\Windows\SysWow64\FJLTAFOU.BIN
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-07-28 20:08:09 1174979 ----a-w- C:\Windows\apppatch\unins000.exe
2012-07-26 22:57:37 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat
2012-07-26 07:21:28 291680 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2012-07-24 14:52:16 82160 ----a-w- C:\Windows\System32\drivers\PDFsFilter.sys
.
============= FINISH: 0:35:26.21 ===============
____________________________
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-14.05)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/9/2009 11:45:31 PM
System Uptime: 10/16/2012 4:20:39 PM (8 hours ago)
.
Motherboard: PEGATRON CORPORATION | | NARRA5
Processor: AMD Athlon(tm) II X2 215 Processor | Socket AM2 | 2700/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 455 GiB total, 112.345 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.783 GiB free.
E: is CDROM (CDFS)
F: is Removable
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: AODDriver4.01
Device ID: ROOT\LEGACY_AODDRIVER4.01\0000
Manufacturer:
Name: AODDriver4.01
PNP Device ID: ROOT\LEGACY_AODDRIVER4.01\0000
Service: AODDriver4.01
.
==== System Restore Points ===================
.
RP824: 10/12/2012 6:06:47 PM - Removed Stranglehold Demo
RP825: 10/12/2012 6:08:05 PM - Removed Prey
RP826: 10/12/2012 6:10:12 PM - Removed Mirror's Edge™
RP827: 10/14/2012 11:48:08 PM - Installed DirectX
.
==== Installed Programs ======================
.
????????
?????????????
????????????? Append01
????????????? Append02
????????????? Ver2.00 Update
µTorrent
3D??????
7-Zip 4.65 (x64 edition)
Activate Norton Online Backup
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2
Adobe Shockwave Player 11.6
AGEIA GAME System Software 2.8.0
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
AMD Steady Video Plug-In
Any Audio Converter 3.3.8
Any Video Converter 3.5.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arcanum Of Steamworks and Magick Obscura
ATI AVIVO64 Codecs
ATLAS Translation Standard V14.0 Trial Version
Audacity 1.2.6
AutoHotkey 1.1.06.02
AVG 2012
BabylonObjectInstaller
Bandisoft MPEG-1 Decoder
Berserker Quest VI version 0.55
Beyond Good and Evil
biohazard 4
Blockland
Bonjour
Bootfighter Windom XP sp-2.NET v1.031
BOSS
Bullet Train
CamStudio
Castle Crashers
Catalyst Control Center InstallProxy
CCleaner
CDisplay 1.8
Compatibility Pack for the 2007 Office system
CPUID CPU-Z 1.61.3
Crawler Toolbar with Web Security Guard
Creative ALchemy Universal
CyberLink DVD Suite Deluxe
CyberLink PowerDirector
D3DX10
DAEMON Tools Lite
Daggerfall (DaggerfallSetup 2.4a)
Dark Mysteries
Dark Souls Prepare to Die Edition
Dawn
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Deluge 1.3.5
Desura
Desura:
Deus Ex: Game of the Year Edition
DirectX for Managed Code Update (Summer 2004)
DivX Setup
DragonNest
Dual-Core Optimizer
Dusk 5900
Dusk With Help
FaceGen Exchange v0.3b
FaceGen Modeller 3.4
Fallout
Fallout 2
Fallout 3
Fallout Mod Manager 0.13.21
Far Cry Demo
Fast File Saw & Joiner V3.2
Faster Than Light
Façade
ffdshow [rev 3154] [2009-12-09]
FO2 Restoration Project 2.1.2b
Freddy's Texture Patch BETA
Futuremark SystemInfo
Game Booster 3
GetAmped2_US
gImageReader
GIMP 2.6.11
Google Gears
Google Update Helper
Gothic
Gothic III
GTA San Andreas
GUILTY GEAR GOLD, ?????? 1.0
Hardware Diagnostic Tools
Hewlett-Packard ACLM.NET v1.1.2.0
HF pAppLoc version 1.0
Hi-Rez Studios Authenticate and Update Service
High-Res Skins Addon for Tribes2
HP Customer Experience Enhancements
HP Odometer
HP Remote Solution
HP Setup
HP Support Information
HP Update
ILLUSION ????????
ILLUSION ???????? ??????
ImgBurn
iolo technologies' System Mechanic
IrfanView (remove only)
ISODisk 1.1
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 30
Java(TM) 6 Update 30 (64-bit)
Java(TM) 7 Update 5
JavaFX 2.1.1
JDownloader 0.9
Junk Mail filter update
K-Lite Codec Pack 8.1.0 (Basic)
Killing Floor
La-Mulana
Left 4 Dead 2 Add-On Installer
Legacy of Kain: Blood Omen
Legacy of Kain: Blood Omen 2
Legacy of Kain: Defiance
Legacy of Kain: Soul Reaver 2
LightScribe System Software
Lightworks
Livestream Procaster
LogMeIn Hamachi
Loren The Amazon Princess version 1.0b
LOST PLANET 2 Benchmark Version
Luna
Magical Diary - Horse Hall
Magical Diary 1.09
magicJack
Malwarebytes Anti-Malware version 1.65.0.1400
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Game Studios Common Redistributables Pack 1
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft IntelliPoint 8.2
Microsoft IntelliType Pro 8.2
Microsoft Live Search Toolbar
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Windows Application Compatibility Database
Microsoft Works
Microsoft Xbox 360 Accessories 1.2
Microsoft XML Parser
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0 Refresh
MKVToolNix 5.7.0
Morrowind
Morrowind Script Extender 0.9.4.1
Mozilla Firefox 16.0.1 (x86 en-US)
Mozilla Maintenance Service
MP3 to WAV Decoder
Mplayer.com
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MTX
MUSHclient (remove only)
Nalu
Nexon Game Manager
Nexus Mod Manager
NVIDIA A New Dawn demo
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA PhysX
Oblivion
Oblivion - Horse Armor Pack
Oblivion - Knights of the Nine
Oblivion - Mehrunes Razor
Oblivion - Orrery
Oblivion - Thieves Den
Oblivion - Vile Lair
Oblivion - Wizard's Tower
Oblivion mod manager 1.1.12
Oni
OpenAL
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
Operation Flashpoint – Game of the Year Edition
Operation Optimization v1.1.1
Paint.NET v3.5.10
PeerBlock 1.1 (r518)
PHANTASY STAR ONLINE 2 ??????????????
piaip AppLocale
Pinta 1.1
Power2Go
PowerRecover
Prevent Restore 3.37
PunkBuster Services
Quick Media Converter
QuickTime
RAD Video Tools
RaiderZ
Ratio Faker
Ray Adams ATI Tray Tools
Rayman Forever
Realtek High Definition Audio Driver
Recuva
ResidualVM
RGSS-RTP Standard
RPG Maker VX RTP
San Andreas Mod Installer
Sanny Builder 3.04
SCHTHACK PSOBB Compatibility Database
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Severance: Blade of Darkness
ShiftWindow 1.02
Shogo – Mobile Armor Division
Silent Hill
SILENT HILL 3
SlimDX Redistributable (June 2010)
SmartSound Quicktracks Plugin
SoM Editing Tools
Sonic the Hedgehog 4 - Episode II (c) SEGA version 1
SonicStage 4.3
Source SDK Base 2006
Source SDK Base 2007
Stalker Complete 2009 v1.4.4
Starsiege
Starsiege TRIBES 1.8
Steam
StuffIt Expander 2011
Subtitle Edit 3.2.4
SUPER STREET FIGHTER IV: ARCADE EDITION
SUPERAntiSpyware
swMSM
Sword of Moonlight
System Shock2
TES Construction Set
The KMPlayer (remove only)
Torrent Ratio Keeper
TortoiseSVN 1.7.9.23248 (64 bit)
Tribes Ascend Closed Beta
True Remembrance 1.04E
Tweaking.com - Windows Repair (All in One)
UMod Browser 1.4
UnInstall Project Eden
Unity Web Player
Unofficial Oblivion Patch v3.2.0
Unofficial Official Mods Patch v17.1
Unofficial Shivering Isles Patch v1.5.1
Unreal Development Kit
Unreal Tournament 2004
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
UT99 Registry Fix 1.0
Vampire - The Masquerade Bloodlines
VC80CRTRedist - 8.0.50727.6195
Vegas Pro 11.0 (64-bit)
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
VLC media player 2.0.1
VTFEdit 1.2.5
Wakfu
Winamp
Winamp Detector Plug-in
Windows Installer Clean Up
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Windows Movie Maker 2.6
WinRAR archiver
Worlds of Ultima - Martian Dreams
Worlds of Ultima - The Savage Empire
X-Blades
x2 Server Query
xu4 SVN
YsF
Yume Nikki 0.10 English v3
.
==== Event Viewer Messages From Past Week ========
.
10/16/2012 7:27:28 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
10/16/2012 7:27:28 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
10/16/2012 7:27:28 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
10/16/2012 4:23:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: hwinterface ISODisk
10/16/2012 4:23:19 PM, Error: Service Control Manager [7022] - The AVGIDSAgent service hung on starting.
10/16/2012 4:21:34 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\tandpl.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
10/16/2012 4:21:33 PM, Error: Service Control Manager [7023] - The UxTuneUp service terminated with the following error: The specified module could not be found.
10/16/2012 4:21:32 PM, Error: Service Control Manager [7023] - The Wap3gx service terminated with the following error: The specified module could not be found.
10/16/2012 4:21:32 PM, Error: Service Control Manager [7023] - The Outpostfirewall service terminated with the following error: The specified module could not be found.
10/16/2012 4:21:26 PM, Error: Service Control Manager [7023] - The I2omgmt service terminated with the following error: The specified module could not be found.
10/16/2012 4:21:19 PM, Error: Service Control Manager [7023] - The Lxcccustomerconnect service terminated with the following error: The specified module could not be found.
10/16/2012 4:21:19 PM, Error: Service Control Manager [7000] - The AODDriver4.01 service failed to start due to the following error: The system cannot find the path specified.
10/16/2012 4:20:44 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\ISODisk.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
10/16/2012 4:20:44 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\hwinterface.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
10/15/2012 3:22:14 AM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service has not been started.
10/14/2012 4:04:08 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer TAINA-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{65D058B7-6742-44CD-B071-8F9AC846D243}. The master browser is stopping or an election is being forced.
10/12/2012 4:35:32 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
10/11/2012 4:29:58 PM, Error: Service Control Manager [7022] - The HP Support Assistant Service service hung on starting.
.
==== End Of File ===========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===============================

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Next...

Re-run FRST again.
Type the following in the edit box after "Search:".

services.exe

Click Search button and post the log (Search.txt) it makes in your reply.

I'll expect two logs:
- FRST.txt
- Search.txt
 
Thank you for helping.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2012
Ran by SYSTEM at 18-10-2012 15:48:14
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [x]
HKLM-x32\...\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2006-11-17] (AMD)
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml [10752 2012-02-20] ()
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2596984 2012-07-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [947808 2012-09-03] ()
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction [36960 2012-07-18] ()
HKLM-x32\...\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 [1022048 2012-09-03] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x]
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x]
HKU\Giovanni\...\Run: [Akamai NetSession Interface] "C:\Users\Giovanni\AppData\Local\Akamai\netsession_win.exe" [4440896 2012-08-10] (Akamai Technologies, Inc.)
HKU\Giovanni\...\Run: [Google Update] "C:\Users\Giovanni\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2012-03-02] (Google Inc.)
HKU\Giovanni\...\Policies\system: [LogonHoursAction] 2
HKU\Giovanni\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Guest\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x]
HKU\Guest\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10q_ActiveX.exe -update activex [x]
HKU\Serge\...\Run: [Google Update] "C:\Users\Serge\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-08-02] (Google Inc.)
HKU\Serge\...\Policies\system: [LogonHoursAction] 2
HKU\Serge\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Sergio\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1353080 2012-09-03] (Valve Corporation)
HKU\Sergio\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5628800 2012-10-16] (SUPERAntiSpyware.com)
HKU\Sergio\...\Policies\system: [LogonHoursAction] 2
HKU\Sergio\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Services (Whitelisted) ===================

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2012-09-07] (SUPERAntiSpyware.com)
2 avgfws; "C:\Program Files (x86)\AVG\AVG2012\avgfws.exe" [2321560 2012-06-12] (AVG Technologies CZ, s.r.o.)
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe" [5167736 2012-08-12] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
2 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [1028464 2012-10-03] (iolo technologies, LLC)
3 MSCSPTISRV; "C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe" [45056 2006-12-13] (Sony Corporation)
3 PACSPTISVR; "C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe" [57344 2006-12-13] ()
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-09-23] ()
4 RichVideo; "C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe" [247152 2009-04-17] ()
3 SonicStage Back-End Service; "C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe" [112184 2007-02-05] (Sony Corporation)
3 SPTISRV; "C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe" [69632 2006-12-13] (Sony Corporation)
3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
2 vToolbarUpdater12.2.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [722528 2012-09-03] ()
2 a016mgmt; C:\Windows\System32\symredrv.dll [x]
2 BVRPMPR5; C:\Windows\System32\spupdsvc.dll [x]
2 msloop; C:\Windows\System32\V0080Dev.dll [x]
2 PCDCODEC; C:\Windows\System32\dmserver.dll [x]
2 penclass; C:\Windows\System32\psasrv.dll [x]

==================== Drivers (Whitelisted) =====================

1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [48992 2011-05-22] (AVG Technologies CZ, s.r.o.)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [291680 2012-07-25] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [384352 2012-08-24] (AVG Technologies CZ, s.r.o.)
1 avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [31080 2012-09-03] (AVG Technologies)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [279616 2011-12-29] (DT Soft Ltd)
1 ElRawDisk; \??\C:\Windows\system32\drivers\ElRawDsk.sys [31432 2012-04-17] (EldoS Corporation)
1 hwinterface; C:\Windows\SysWow64\Drivers\hwinterface.sys [3026 2010-04-14] (Logix4u)
1 ISODisk; C:\Windows\SysWow64\Drivers\ISODisk.sys [9600 2006-04-25] ()
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
2 tandpl; C:\Windows\SysWow64\Drivers\tandpl.sys [4736 2003-04-18] ()
3 v3core; C:\Windows\SysWow64\Drivers\v3core.sys [248832 2011-03-17] (Prayaya Electronics Co.,Ltd. )
2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
3 catchme; \??\C:\ComboFix\catchme.sys [x]
3 dump_wmimmc; \??\C:\Program Files (x86)\SEGA\PHANTASY STAR UNIVERSE\GameGuard\dump_wmimmc.sys [x]
3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
3 rak; \??\C:\Game\SoftnyxGame\RakionIS\Bin\rakion64.sys [x]
3 vtany; \??\C:\Windows\vtany.sys [x]
3 X6va001; \??\C:\Users\Serge\AppData\Local\Temp\001BFB6.tmp [x]
3 X6va003; \??\C:\Users\Serge\AppData\Local\Temp\003927E.tmp [x]
3 X6va005; \??\C:\Users\Giovanni\AppData\Local\Temp\005A721.tmp [x]
3 X6va006; \??\C:\Users\Giovanni\AppData\Local\Temp\006128.tmp [x]
3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]
3 xsherlock; C:\Windows\system32\xsherlock.xem [x]

==================== NetSvcs (Whitelisted) ====================

NETSVC: BVRPMPR5 -> C:\Windows\system32\spupdsvc.dll ==> No File.
NETSVC: PCDCODEC -> C:\Windows\system32\dmserver.dll ==> No File.
NETSVC: penclass -> C:\Windows\system32\psasrv.dll ==> No File.
NETSVC: msloop -> C:\Windows\system32\V0080Dev.dll ==> No File.
NETSVC: a016mgmt -> C:\Windows\system32\symredrv.dll ==> No File.

==================== One Month Created Files and Folders ========

2012-10-17 20:20 - 2012-10-17 20:20 - 00002061 ____A C:\Users\Sergio\Desktop\wakja.txt
2012-10-17 17:44 - 2012-10-17 18:34 - 00017528 ____A C:\Users\Sergio\My Documents\frhe.veg
2012-10-17 17:44 - 2012-10-17 18:34 - 00017528 ____A C:\Users\Sergio\Documents\frhe.veg
2012-10-17 17:44 - 2012-10-17 17:44 - 00014792 ____A C:\Users\Sergio\My Documents\frhe.veg.bak
2012-10-17 17:44 - 2012-10-17 17:44 - 00014792 ____A C:\Users\Sergio\Documents\frhe.veg.bak
2012-10-17 15:46 - 2012-10-17 15:46 - 00000000 ____D C:\Users\Sergio\Local Settings\DDMSettings
2012-10-17 15:46 - 2012-10-17 15:46 - 00000000 ____D C:\Users\Sergio\Local Settings\Application Data\DDMSettings
2012-10-17 15:46 - 2012-10-17 15:46 - 00000000 ____D C:\Users\Sergio\AppData\Local\DDMSettings
2012-10-17 15:45 - 2012-10-17 15:45 - 00000000 ____D C:\Program Files (x86)\Combined Community Codec Pack
2012-10-17 15:18 - 2012-10-17 15:18 - 00000000 ____D C:\Users\Sergio\Desktop\avic100
2012-10-17 15:17 - 2012-10-17 15:17 - 00141107 ____A C:\Users\Sergio\Desktop\avic100.zip
2012-10-17 15:03 - 2012-10-17 15:03 - 00001985 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2012-10-17 12:49 - 2012-10-17 12:49 - 37868688 ____A (Adobe Systems Incorporated) C:\Users\Sergio\Downloads\AdbeRdr11000_en_US.exe
2012-10-16 20:35 - 2012-10-16 20:35 - 00017737 ____A C:\Users\Sergio\Desktop\attach.txt
2012-10-16 20:34 - 2012-10-16 20:35 - 00024312 ____A C:\Users\Sergio\Desktop\dds.txt
2012-10-15 13:18 - 2012-10-16 20:39 - 00000000 ____D C:\Users\Sergio\Desktop\gmer
2012-10-15 12:51 - 2012-10-17 11:49 - 00043985 ____A C:\Users\Sergio\Desktop\halp.txt
2012-10-15 03:25 - 2012-10-15 03:30 - 00000000 ___SD C:\ComboFix
2012-10-14 19:59 - 2012-10-14 20:00 - 17253875 ____A C:\Users\Sergio\Downloads\Les mystérieuses cités d'or - Trailer (2012) - Vidéo Jeu.mp4
2012-10-14 18:42 - 2012-10-14 18:42 - 00001973 ____A C:\Users\Public\Desktop\Arcanum Of Steamworks and Magick Obscura.lnk
2012-10-14 18:22 - 2012-10-14 18:22 - 00000218 ____A C:\Users\Sergio\Local Settings\recently-used.xbel
2012-10-14 18:22 - 2012-10-14 18:22 - 00000218 ____A C:\Users\Sergio\Local Settings\Application Data\recently-used.xbel
2012-10-14 18:22 - 2012-10-14 18:22 - 00000218 ____A C:\Users\Sergio\AppData\Local\recently-used.xbel
2012-10-14 18:19 - 2012-10-14 18:21 - 00000000 ____D C:\Users\Sergio\Application Data\RetroCityRampage
2012-10-14 18:19 - 2012-10-14 18:21 - 00000000 ____D C:\Users\Sergio\AppData\Roaming\RetroCityRampage
2012-10-14 18:17 - 2012-10-15 03:18 - 00000000 ____D C:\Program Files (x86)\Retro City Rampage
2012-10-14 14:32 - 2012-10-14 14:32 - 00000000 ____D C:\Users\Sergio\Application Data\dvdcss
2012-10-14 14:32 - 2012-10-14 14:32 - 00000000 ____D C:\Users\Sergio\AppData\Roaming\dvdcss
2012-10-13 21:32 - 2012-10-13 21:32 - 00058880 ___SH C:\Trainer.dll
2012-10-13 15:01 - 2012-10-13 15:01 - 00000034 ____A C:\Users\Sergio\My Documents\witch2cut.avi.sfl
2012-10-13 15:01 - 2012-10-13 15:01 - 00000034 ____A C:\Users\Sergio\Documents\witch2cut.avi.sfl
2012-10-11 17:30 - 2012-10-11 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-10-10 16:31 - 2012-09-14 11:19 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-10 16:31 - 2012-09-14 10:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-10 16:30 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-10 16:30 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-10 16:30 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-10 16:30 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-10 16:30 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-10 16:30 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-10 16:30 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-10 16:30 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-10 16:30 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-10 16:30 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-10 16:30 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-10 16:30 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-10 16:30 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-10-09 17:47 - 2012-10-09 17:47 - 01324875 ____A C:\Users\Sergio\Downloads\invasion_the_secret_world_chronicle_-_mercedes_lackey.epub
2012-10-09 17:47 - 2012-10-09 17:47 - 00829465 ____A C:\Users\Sergio\Downloads\pirate_cinema_-_cory_doctorow.epub
2012-10-09 17:47 - 2012-10-09 17:47 - 00450056 ____A C:\Users\Sergio\Downloads\zoo_city_-_lauren_beukes.epub
2012-10-09 17:47 - 2012-10-09 17:47 - 00367128 ____A C:\Users\Sergio\Downloads\magic_for_beginners_-_kelly_link.epub
2012-10-09 17:47 - 2012-10-09 17:47 - 00364320 ____A C:\Users\Sergio\Downloads\pump_six_and_other_stories_-_paolo_bacigalupi.epub
2012-10-09 17:47 - 2012-10-09 17:47 - 00333421 ____A C:\Users\Sergio\Downloads\stranger_things_happen_-_kelly_link.epub
2012-10-08 09:46 - 2012-10-08 09:46 - 00000000 ____D C:\Users\Sergio\My Documents\Two Worlds Demo Saves
2012-10-08 09:46 - 2012-10-08 09:46 - 00000000 ____D C:\Users\Sergio\Documents\Two Worlds Demo Saves
2012-10-05 13:57 - 2012-10-05 13:57 - 00000000 ____D C:\Users\Serge\AppData\Roaming\Fujitsu
2012-10-05 13:57 - 2012-10-05 13:57 - 00000000 ____D C:\Users\Serge\AppData\Local\Fujitsu
2012-10-05 13:56 - 2012-10-13 11:15 - 00000000 ____D C:\Users\Serge\AppData\Local\TSVNCache
2012-10-05 13:56 - 2012-10-05 13:56 - 00000000 ____D C:\Users\Serge\AppData\Roaming\Subversion
2012-10-04 20:24 - 2012-10-12 13:38 - 00000000 ____D C:\Users\Sergio\Desktop\823WGTMA
2012-10-04 18:14 - 2012-10-03 11:35 - 02155248 ____A (iolo technologies, LLC) C:\Windows\System32\Incinerator64.dll
2012-10-04 15:11 - 2012-10-04 15:11 - 00000000 ____D C:\Users\Sergio\Local Settings\FLT
2012-10-04 15:11 - 2012-10-04 15:11 - 00000000 ____D C:\Users\Sergio\Local Settings\Application Data\FLT
2012-10-04 15:11 - 2012-10-04 15:11 - 00000000 ____D C:\Users\Sergio\AppData\Local\FLT
2012-10-04 15:06 - 2012-10-14 19:50 - 00041236 ____A C:\Windows\DirectX.log
2012-10-04 15:03 - 2012-10-04 15:03 - 00000000 ____D C:\Program Files (x86)\Castle Crashers
2012-09-30 18:46 - 2012-10-15 17:56 - 00013283 ____A C:\Users\Sergio\Desktop\hqp.torrent
2012-09-30 10:35 - 2012-09-30 10:35 - 00406292 ____A C:\Users\Sergio\My Documents\Tewnz_2.0.wal
2012-09-30 10:35 - 2012-09-30 10:35 - 00406292 ____A C:\Users\Sergio\Documents\Tewnz_2.0.wal
2012-09-30 10:35 - 2012-09-30 10:35 - 00067655 ____A C:\Users\Sergio\My Documents\Into_the_Windows_Media.wsz
2012-09-30 10:35 - 2012-09-30 10:35 - 00067655 ____A C:\Users\Sergio\Documents\Into_the_Windows_Media.wsz
2012-09-30 10:34 - 2012-09-30 10:34 - 01305284 ____A C:\Users\Sergio\My Documents\S7Reflex.wal
2012-09-30 10:34 - 2012-09-30 10:34 - 01305284 ____A C:\Users\Sergio\Documents\S7Reflex.wal
2012-09-30 10:25 - 2012-09-30 10:25 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2012-09-30 10:24 - 2012-09-30 10:30 - 00000000 ____D C:\Users\Sergio\Application Data\Winamp
2012-09-30 10:24 - 2012-09-30 10:30 - 00000000 ____D C:\Users\Sergio\AppData\Roaming\Winamp
2012-09-30 10:24 - 2012-09-30 10:26 - 00000000 ____D C:\Program Files (x86)\Winamp
2012-09-27 16:48 - 2012-09-27 16:48 - 00000000 ____D C:\Users\Sergio\Downloads\VisualBasic
2012-09-27 14:20 - 2012-09-27 14:22 - 00001936 ____A C:\Users\Sergio\My Documents\Anne.txt
2012-09-27 14:20 - 2012-09-27 14:22 - 00001936 ____A C:\Users\Sergio\Documents\Anne.txt
2012-09-26 12:38 - 2012-09-26 12:38 - 00000000 ____D C:\Users\Sergio\Local Settings\ArmA 2 OA DEMO
2012-09-26 12:38 - 2012-09-26 12:38 - 00000000 ____D C:\Users\Sergio\Local Settings\Application Data\ArmA 2 OA DEMO
2012-09-26 12:38 - 2012-09-26 12:38 - 00000000 ____D C:\Users\Sergio\AppData\Local\ArmA 2 OA DEMO
2012-09-25 14:00 - 2012-09-25 14:00 - 00000000 ____D C:\Users\Sergio\Application Data\xu4
2012-09-25 14:00 - 2012-09-25 14:00 - 00000000 ____D C:\Users\Sergio\AppData\Roaming\xu4
2012-09-25 13:59 - 2012-09-25 14:01 - 00000000 ____D C:\Program Files (x86)\xu4
2012-09-23 10:00 - 2012-09-23 10:00 - 00000298 ____A C:\Windows\vtmb.ini
2012-09-23 07:54 - 2012-09-23 07:54 - 00000000 ____D C:\Users\Sergio\My Documents\VBS2 US Army
2012-09-23 07:54 - 2012-09-23 07:54 - 00000000 ____D C:\Users\Sergio\Documents\VBS2 US Army
2012-09-22 20:31 - 2012-09-22 20:58 - 00000000 ____D C:\Program Files (x86)\SONICADVENTUREDX
2012-09-22 20:31 - 2012-09-22 20:36 - 00000000 ____D C:\Program Files\Sega
2012-09-22 18:47 - 2012-09-23 07:54 - 00000000 ____D C:\Users\Sergio\Local Settings\VBS2
2012-09-22 18:47 - 2012-09-23 07:54 - 00000000 ____D C:\Users\Sergio\Local Settings\Application Data\VBS2
2012-09-22 18:47 - 2012-09-23 07:54 - 00000000 ____D C:\Users\Sergio\AppData\Local\VBS2
2012-09-22 18:47 - 2012-09-22 18:47 - 00000000 ____D C:\Users\Sergio\My Documents\JCOVE
2012-09-22 18:47 - 2012-09-22 18:47 - 00000000 ____D C:\Users\Sergio\Documents\JCOVE
2012-09-22 06:50 - 2012-09-30 07:31 - 00000000 ____D C:\CyberStep
2012-09-21 13:08 - 2012-08-24 02:31 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-09-21 13:08 - 2012-08-24 02:22 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-09-21 13:08 - 2012-08-24 02:21 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-09-21 13:08 - 2012-08-24 02:20 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-09-21 13:08 - 2012-08-24 02:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-09-21 13:08 - 2012-08-24 02:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-09-21 13:08 - 2012-08-24 02:14 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-09-21 13:08 - 2012-08-24 02:14 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-09-21 13:08 - 2012-08-24 02:13 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-09-21 13:08 - 2012-08-24 02:12 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-09-21 13:08 - 2012-08-24 02:11 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-09-21 13:08 - 2012-08-24 02:10 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-09-21 13:08 - 2012-08-24 02:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-09-21 13:08 - 2012-08-24 02:04 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-09-21 13:08 - 2012-08-23 23:27 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-09-21 13:08 - 2012-08-23 22:59 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-09-21 13:08 - 2012-08-23 22:51 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-09-21 13:08 - 2012-08-23 22:51 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-09-21 13:08 - 2012-08-23 22:51 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-09-21 13:08 - 2012-08-23 22:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-09-21 13:08 - 2012-08-23 22:48 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-09-21 13:08 - 2012-08-23 22:47 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-09-21 13:08 - 2012-08-23 22:47 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-09-21 13:08 - 2012-08-23 22:47 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-09-21 13:08 - 2012-08-23 22:45 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-09-21 13:08 - 2012-08-23 22:44 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-09-21 13:08 - 2012-08-23 22:44 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-09-21 13:08 - 2012-08-23 22:43 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-09-21 13:08 - 2012-08-23 22:40 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-09-21 13:07 - 2012-08-24 03:15 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-09-21 13:07 - 2012-08-24 02:39 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-09-21 13:07 - 2012-08-23 23:03 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-09-21 13:07 - 2012-08-22 10:12 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-09-21 13:07 - 2012-07-04 12:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2012-09-21 13:07 - 2012-05-05 00:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-09-21 13:07 - 2012-05-04 23:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2012-09-21 13:07 - 2012-02-10 22:43 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-09-21 13:07 - 2012-02-10 22:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-09-21 13:07 - 2012-02-10 22:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-09-21 13:07 - 2012-02-10 21:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2012-09-21 13:06 - 2012-08-02 09:58 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-09-21 13:06 - 2012-08-02 08:57 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2012-09-20 13:07 - 2012-09-20 13:07 - 00000000 ____D C:\Users\Sergio\Local Settings\SKIDROW
2012-09-20 13:07 - 2012-09-20 13:07 - 00000000 ____D C:\Users\Sergio\Local Settings\Application Data\SKIDROW
2012-09-20 13:07 - 2012-09-20 13:07 - 00000000 ____D C:\Users\Sergio\AppData\Local\SKIDROW
2012-09-19 13:13 - 2012-09-19 13:13 - 00243260 ___AH C:\Windows\SysWOW64\mlfcache.dat


==================== 3 Months Modified Files ==================

2012-10-17 20:35 - 2009-09-22 14:50 - 01289458 ____A C:\Windows\WindowsUpdate.log
2012-10-17 20:29 - 2012-03-02 12:36 - 00000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709730911-3575959158-105785236-1005UA.job
2012-10-17 20:20 - 2012-10-17 20:20 - 00002061 ____A C:\Users\Sergio\Desktop\wakja.txt
2012-10-17 20:15 - 2010-01-22 17:55 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-10-17 20:03 - 2011-08-18 05:53 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709730911-3575959158-105785236-1000UA.job
2012-10-17 19:39 - 2012-05-06 19:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-17 18:34 - 2012-10-17 17:44 - 00017528 ____A C:\Users\Sergio\My Documents\frhe.veg
2012-10-17 18:34 - 2012-10-17 17:44 - 00017528 ____A C:\Users\Sergio\Documents\frhe.veg
2012-10-17 17:44 - 2012-10-17 17:44 - 00014792 ____A C:\Users\Sergio\My Documents\frhe.veg.bak
2012-10-17 17:44 - 2012-10-17 17:44 - 00014792 ____A C:\Users\Sergio\Documents\frhe.veg.bak
2012-10-17 15:43 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-17 15:43 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-17 15:33 - 2010-01-22 17:55 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-10-17 15:31 - 2010-06-12 21:00 - 00193883 ____A C:\Windows\setupact.log
2012-10-17 15:31 - 2009-08-21 08:52 - 01171760 ____A C:\Windows\PFRO.log
2012-10-17 15:31 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-17 15:29 - 2009-07-13 21:13 - 00783374 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-17 15:17 - 2012-10-17 15:17 - 00141107 ____A C:\Users\Sergio\Desktop\avic100.zip
2012-10-17 15:03 - 2012-10-17 15:03 - 00001985 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2012-10-17 14:03 - 2011-08-18 05:53 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709730911-3575959158-105785236-1000Core.job
2012-10-17 13:26 - 2012-02-25 12:13 - 00001693 ____A C:\Users\Sergio\Desktop\De.txt
2012-10-17 12:49 - 2012-10-17 12:49 - 37868688 ____A (Adobe Systems Incorporated) C:\Users\Sergio\Downloads\AdbeRdr11000_en_US.exe
2012-10-17 11:49 - 2012-10-15 12:51 - 00043985 ____A C:\Users\Sergio\Desktop\halp.txt
2012-10-16 20:35 - 2012-10-16 20:35 - 00017737 ____A C:\Users\Sergio\Desktop\attach.txt
2012-10-16 20:35 - 2012-10-16 20:34 - 00024312 ____A C:\Users\Sergio\Desktop\dds.txt
2012-10-16 19:10 - 2012-02-22 15:31 - 00060968 ____A C:\Users\Sergio\Desktop\B.txt
2012-10-15 17:56 - 2012-09-30 18:46 - 00013283 ____A C:\Users\Sergio\Desktop\hqp.torrent
2012-10-15 03:23 - 2012-05-06 19:31 - 04980339 ____R (Swearware) C:\Users\Sergio\Desktop\ComboFix.exe
2012-10-14 20:00 - 2012-10-14 19:59 - 17253875 ____A C:\Users\Sergio\Downloads\Les mystérieuses cités d'or - Trailer (2012) - Vidéo Jeu.mp4
2012-10-14 19:50 - 2012-10-04 15:06 - 00041236 ____A C:\Windows\DirectX.log
2012-10-14 18:42 - 2012-10-14 18:42 - 00001973 ____A C:\Users\Public\Desktop\Arcanum Of Steamworks and Magick Obscura.lnk
2012-10-14 18:22 - 2012-10-14 18:22 - 00000218 ____A C:\Users\Sergio\Local Settings\recently-used.xbel
2012-10-14 18:22 - 2012-10-14 18:22 - 00000218 ____A C:\Users\Sergio\Local Settings\Application Data\recently-used.xbel
2012-10-14 18:22 - 2012-10-14 18:22 - 00000218 ____A C:\Users\Sergio\AppData\Local\recently-used.xbel
2012-10-13 21:32 - 2012-10-13 21:32 - 00058880 ___SH C:\Trainer.dll
2012-10-13 15:01 - 2012-10-13 15:01 - 00000034 ____A C:\Users\Sergio\My Documents\witch2cut.avi.sfl
2012-10-13 15:01 - 2012-10-13 15:01 - 00000034 ____A C:\Users\Sergio\Documents\witch2cut.avi.sfl
2012-10-12 12:30 - 2010-10-12 11:47 - 00000336 ____A C:\Windows\Tasks\HPCeeScheduleForSergio.job
2012-10-10 16:35 - 2009-12-11 14:34 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-10 02:47 - 2009-12-09 20:50 - 00150656 ____A C:\Users\Serge\AppData\Local\GDIPFONTCACHEV1.DAT
2012-10-09 17:47 - 2012-10-09 17:47 - 01324875 ____A C:\Users\Sergio\Downloads\invasion_the_secret_world_chronicle_-_mercedes_lackey.epub
2012-10-09 17:47 - 2012-10-09 17:47 - 00829465 ____A C:\Users\Sergio\Downloads\pirate_cinema_-_cory_doctorow.epub
2012-10-09 17:47 - 2012-10-09 17:47 - 00450056 ____A C:\Users\Sergio\Downloads\zoo_city_-_lauren_beukes.epub
2012-10-09 17:47 - 2012-10-09 17:47 - 00367128 ____A C:\Users\Sergio\Downloads\magic_for_beginners_-_kelly_link.epub
2012-10-09 17:47 - 2012-10-09 17:47 - 00364320 ____A C:\Users\Sergio\Downloads\pump_six_and_other_stories_-_paolo_bacigalupi.epub
2012-10-09 17:47 - 2012-10-09 17:47 - 00333421 ____A C:\Users\Sergio\Downloads\stranger_things_happen_-_kelly_link.epub
2012-10-09 12:26 - 2011-07-08 12:37 - 00001463 ____A C:\Users\Serge\Desktop\2.txt
2012-10-09 10:39 - 2012-05-06 19:18 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-09 10:39 - 2011-05-19 20:00 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-08 12:56 - 2012-08-20 20:50 - 00000250 ____A C:\Users\Sergio\My Documents\Pirate List.txt
2012-10-08 12:56 - 2012-08-20 20:50 - 00000250 ____A C:\Users\Sergio\Documents\Pirate List.txt
2012-10-08 06:29 - 2012-03-02 12:36 - 00000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709730911-3575959158-105785236-1005Core.job
2012-10-06 05:54 - 2009-07-13 21:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-10-04 18:14 - 2012-05-06 20:03 - 00002185 ____A C:\Users\Sergio\Desktop\System Mechanic.lnk
2012-10-03 11:52 - 2012-05-04 19:51 - 00057144 ____A (iolo technologies, LLC) C:\Windows\System32\iolobtdfg.exe
2012-10-03 11:52 - 2012-05-04 19:51 - 00025744 ____A (iolo technologies, LLC) C:\Windows\System32\smrgdf.exe
2012-10-03 11:35 - 2012-10-04 18:14 - 02155248 ____A (iolo technologies, LLC) C:\Windows\System32\Incinerator64.dll
2012-10-03 11:35 - 2012-07-28 13:25 - 02097032 ____A (iolo technologies, LLC) C:\Windows\SysWOW64\Incinerator32.dll
2012-09-30 10:35 - 2012-09-30 10:35 - 00406292 ____A C:\Users\Sergio\My Documents\Tewnz_2.0.wal
2012-09-30 10:35 - 2012-09-30 10:35 - 00406292 ____A C:\Users\Sergio\Documents\Tewnz_2.0.wal
2012-09-30 10:35 - 2012-09-30 10:35 - 00067655 ____A C:\Users\Sergio\My Documents\Into_the_Windows_Media.wsz
2012-09-30 10:35 - 2012-09-30 10:35 - 00067655 ____A C:\Users\Sergio\Documents\Into_the_Windows_Media.wsz
2012-09-30 10:34 - 2012-09-30 10:34 - 01305284 ____A C:\Users\Sergio\My Documents\S7Reflex.wal
2012-09-30 10:34 - 2012-09-30 10:34 - 01305284 ____A C:\Users\Sergio\Documents\S7Reflex.wal
2012-09-29 20:17 - 2012-09-17 18:52 - 00066607 ____A C:\Users\Sergio\Downloads\An-eventful-bath.txt
2012-09-27 14:22 - 2012-09-27 14:20 - 00001936 ____A C:\Users\Sergio\My Documents\Anne.txt
2012-09-27 14:22 - 2012-09-27 14:20 - 00001936 ____A C:\Users\Sergio\Documents\Anne.txt
2012-09-25 12:05 - 2012-04-20 19:36 - 00000386 ____A C:\Windows\System32\ioloBootDefrag.cfg
2012-09-23 19:59 - 2012-06-03 18:21 - 00002139 ____A C:\Users\Sergio\My Documents\GALO.txt
2012-09-23 19:59 - 2012-06-03 18:21 - 00002139 ____A C:\Users\Sergio\Documents\GALO.txt
2012-09-23 10:00 - 2012-09-23 10:00 - 00000298 ____A C:\Windows\vtmb.ini
2012-09-23 08:26 - 2012-02-23 14:28 - 00298280 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-09-23 08:26 - 2009-12-28 18:22 - 00298280 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2012-09-23 08:24 - 2012-02-23 14:28 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2012-09-23 08:24 - 2011-10-30 14:53 - 00298280 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-09-23 07:53 - 2012-07-20 23:43 - 03360624 ____A C:\Windows\SysWOW64\pbsvc.exe
2012-09-22 04:59 - 2009-07-13 20:45 - 00524192 ____A C:\Windows\System32\FNTCACHE.DAT
2012-09-21 11:29 - 2010-02-21 07:27 - 00073216 __ASH C:\Users\Sergio\Thumbs.db
2012-09-19 13:13 - 2012-09-19 13:13 - 00243260 ___AH C:\Windows\SysWOW64\mlfcache.dat
2012-09-17 21:35 - 2012-09-17 21:35 - 00000990 ____A C:\Users\Sergio\Desktop\IrfanView 4.27.lnk
2012-09-17 18:53 - 2012-09-17 18:53 - 00015245 ____A C:\Users\Sergio\Downloads\Bump-in-the-night 3.txt
2012-09-17 18:53 - 2012-09-17 18:53 - 00009830 ____A C:\Users\Sergio\Downloads\Bump-in-the-night 1.txt
2012-09-17 18:53 - 2012-09-17 18:52 - 00027241 ____A C:\Users\Sergio\Downloads\Bump-in-the-night 2.txt
2012-09-17 18:52 - 2012-09-17 18:52 - 00009830 ____A C:\Users\Sergio\Downloads\Bump-in-the-night.htm
2012-09-17 16:57 - 2012-09-17 16:57 - 04174440 ____A C:\Users\Sergio\Downloads\Blade_of_Woe_Replacer_by_Allomerus_OMOD-42760-1-0.omod
2012-09-17 16:56 - 2012-09-17 16:56 - 17185148 ____A C:\Users\Sergio\Downloads\DS_assets-22899--9.rar
2012-09-17 16:55 - 2012-09-17 16:55 - 06093757 ____A C:\Users\Sergio\Downloads\Dawnguard_-_Dwarven_Rifles_Variant_G_V2-1-22894-2-1.7z
2012-09-17 13:25 - 2012-09-17 13:25 - 01869176 ____A C:\Users\Sergio\Downloads\KD-06_3 Blood Geist.rar
2012-09-17 12:04 - 2012-09-17 12:04 - 02211928 ____A (Kaspersky Lab ZAO) C:\Users\Sergio\Desktop\tdsskiller.exe
2012-09-17 10:22 - 2012-09-17 10:22 - 35970041 ____A C:\Users\Sergio\Downloads\ds_hirestextures.zip
2012-09-17 10:22 - 2012-09-17 10:21 - 30071404 ____A C:\Users\Sergio\Downloads\be_hirestextures.zip
2012-09-17 06:29 - 2012-02-11 21:05 - 00001075 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-16 23:40 - 2009-12-09 22:12 - 00150656 ____A C:\Users\Sergio\Local Settings\GDIPFONTCACHEV1.DAT
2012-09-16 23:40 - 2009-12-09 22:12 - 00150656 ____A C:\Users\Sergio\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-09-16 23:40 - 2009-12-09 22:12 - 00150656 ____A C:\Users\Sergio\AppData\Local\GDIPFONTCACHEV1.DAT
2012-09-16 09:23 - 2012-09-16 09:23 - 00001320 ____A C:\Users\Sergio\ia_remove.sh
2012-09-16 08:52 - 2012-09-16 08:52 - 00054525 ____A C:\Users\Sergio\Downloads\HUDtutorial.rar
2012-09-15 20:00 - 2012-09-15 20:00 - 00001942 ____A C:\Users\Sergio\Desktop\DOSBox 0.74.lnk
2012-09-14 11:19 - 2012-10-10 16:31 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-14 10:28 - 2012-10-10 16:31 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-09-13 12:10 - 2011-09-12 12:47 - 00151176 ____A C:\Users\Giovanni\AppData\Local\GDIPFONTCACHEV1.DAT
2012-09-08 15:24 - 2012-09-08 15:23 - 21299200 ____A C:\Users\Sergio\Downloads\TortoiseSVN-1.7.9.23248-x64-svn-1.7.6.msi
2012-09-07 13:04 - 2010-10-24 20:29 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-09-04 11:40 - 2012-08-18 17:19 - 00000830 ____A C:\Users\Sergio\My Documents\FRHONHON.txt
2012-09-04 11:40 - 2012-08-18 17:19 - 00000830 ____A C:\Users\Sergio\Documents\FRHONHON.txt
2012-09-03 20:36 - 2012-09-03 20:36 - 00031080 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2012-09-03 19:05 - 2012-09-03 19:05 - 00001988 ____A C:\Users\Serge\Desktop\UMod Browser.lnk
2012-09-03 19:05 - 2012-09-03 19:05 - 00001988 ____A C:\Users\Guest\Desktop\UMod Browser.lnk
2012-09-03 19:05 - 2012-09-03 19:05 - 00001988 ____A C:\Users\Giovanni\Desktop\UMod Browser.lnk
2012-09-03 09:55 - 2012-09-03 09:55 - 00174614 ____A C:\Users\Sergio\My Documents\kmp.reg
2012-09-03 09:55 - 2012-09-03 09:55 - 00174614 ____A C:\Users\Sergio\Documents\kmp.reg
2012-09-02 21:45 - 2012-09-02 21:45 - 00111543 ____A C:\Users\Sergio\Downloads\http___www.gaspseries.tv__template_swf_catflap_character.swf
2012-08-31 16:03 - 2012-08-31 16:03 - 00001076 ____A C:\Users\Sergio\Desktop\Torrent Ratio Keeper.lnk
2012-08-30 10:03 - 2012-10-10 16:30 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-30 09:12 - 2012-10-10 16:30 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-30 09:12 - 2012-10-10 16:30 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-29 19:22 - 2012-08-29 19:22 - 00000945 ____A C:\Users\Public\Desktop\Deluge.lnk
2012-08-28 14:32 - 2012-08-28 14:32 - 07304036 ____A C:\Users\Sergio\My Documents\nhocr-0.18-dic-zh_CN-091226.tar.gz
2012-08-28 14:32 - 2012-08-28 14:32 - 07304036 ____A C:\Users\Sergio\Documents\nhocr-0.18-dic-zh_CN-091226.tar.gz
2012-08-27 12:34 - 2012-08-27 12:33 - 05382790 ____A C:\Users\Sergio\My Documents\3.0-758_64-bit.7z
2012-08-27 12:34 - 2012-08-27 12:33 - 05382790 ____A C:\Users\Sergio\Documents\3.0-758_64-bit.7z
2012-08-24 14:17 - 2012-08-24 14:17 - 00513522 ____A (Grismar ) C:\Users\Sergio\Downloads\setup.exe
2012-08-24 13:16 - 2012-08-24 13:16 - 00000953 ____A C:\Users\Guest\Desktop\MeCab.lnk
2012-08-24 11:43 - 2012-08-24 11:43 - 00384352 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
2012-08-24 11:14 - 2012-08-24 10:06 - 00057344 ____A C:\Windows\UNINSTCP.EXE
2012-08-24 10:15 - 2012-08-24 10:15 - 00000256 ___AH C:\Windows\SysWOW64\LTAW14FN.BIN
2012-08-24 10:15 - 2012-08-24 10:15 - 00000256 ___AH C:\Windows\SysWOW64\FJLTAFOU.BIN
2012-08-24 10:05 - 2012-10-10 16:30 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 08:57 - 2012-10-10 16:30 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-24 03:15 - 2012-09-21 13:07 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 02:39 - 2012-09-21 13:07 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 02:31 - 2012-09-21 13:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-24 02:22 - 2012-09-21 13:08 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 02:21 - 2012-09-21 13:08 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 02:20 - 2012-09-21 13:08 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-24 02:18 - 2012-09-21 13:08 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 02:17 - 2012-09-21 13:08 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 02:14 - 2012-09-21 13:08 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-24 02:14 - 2012-09-21 13:08 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-24 02:13 - 2012-09-21 13:08 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-24 02:12 - 2012-09-21 13:08 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 02:11 - 2012-09-21 13:08 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 02:10 - 2012-09-21 13:08 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 02:09 - 2012-09-21 13:08 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 02:04 - 2012-09-21 13:08 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-23 23:27 - 2012-09-21 13:08 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-23 23:03 - 2012-09-21 13:07 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-23 22:59 - 2012-09-21 13:08 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-23 22:51 - 2012-09-21 13:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-23 22:51 - 2012-09-21 13:08 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-23 22:51 - 2012-09-21 13:08 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-23 22:49 - 2012-09-21 13:08 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-23 22:48 - 2012-09-21 13:08 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-23 22:47 - 2012-09-21 13:08 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-23 22:47 - 2012-09-21 13:08 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-08-23 22:47 - 2012-09-21 13:08 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-23 22:45 - 2012-09-21 13:08 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-08-23 22:44 - 2012-09-21 13:08 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-23 22:44 - 2012-09-21 13:08 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-23 22:43 - 2012-09-21 13:08 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-23 22:40 - 2012-09-21 13:08 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-22 10:12 - 2012-09-21 13:07 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 10:12 - 2012-09-12 20:55 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-22 10:12 - 2012-09-12 20:55 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-22 10:12 - 2012-09-12 20:55 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-08-21 12:20 - 2012-08-21 12:20 - 00001187 ____A C:\Users\Sergio\Desktop\Any Audio Converter.lnk
2012-08-21 12:14 - 2012-08-21 12:14 - 00000162 ____A C:\11.txt
2012-08-19 22:30 - 2012-08-19 22:30 - 00687759 ____A C:\Users\Sergio\Downloads\CHILDREN ANNUAD.esp
2012-08-14 20:16 - 2009-07-13 18:34 - 00000923 ____A C:\Windows\win.ini
2012-08-13 11:03 - 2012-08-13 11:03 - 00002423 ____A C:\Users\Sergio\My Documents\A New Dawn.lnk
2012-08-13 11:03 - 2012-08-13 11:03 - 00002423 ____A C:\Users\Sergio\Documents\A New Dawn.lnk
2012-08-13 11:03 - 2012-08-13 11:03 - 00002407 ____A C:\Users\Sergio\My Documents\A New Dawn Configuration.lnk
2012-08-13 11:03 - 2012-08-13 11:03 - 00002407 ____A C:\Users\Sergio\Documents\A New Dawn Configuration.lnk
2012-08-10 16:56 - 2012-10-10 16:30 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-10 15:56 - 2012-10-10 16:30 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-08-10 15:35 - 2012-08-10 15:35 - 00115926 ____A C:\Users\Sergio\Downloads\welcome to 4chan.swf
2012-08-08 14:28 - 2012-08-18 17:35 - 00000918 ____A C:\Users\Sergio\My Documents\De.txt
2012-08-08 14:28 - 2012-08-18 17:35 - 00000918 ____A C:\Users\Sergio\Documents\De.txt
2012-08-07 19:30 - 2012-08-07 19:30 - 00000300 ____A C:\Users\Sergio\My Documents\test.fg
2012-08-07 19:30 - 2012-08-07 19:30 - 00000300 ____A C:\Users\Sergio\Documents\test.fg
2012-08-07 10:20 - 2011-02-03 18:42 - 00000023 ____A C:\Windows\BlendSettings.ini
2012-08-05 13:24 - 2012-07-23 11:52 - 00000032 ____A C:\Windows\CD_Start.INI
2012-08-05 05:15 - 2010-11-03 14:13 - 00001001 ___AH C:\Users\Sergio\Desktop\KMPlayer.lnk
2012-08-04 17:46 - 2012-08-04 17:46 - 00477136 ____A (SEGA Corporation) C:\Users\Sergio\My Documents\downloader.exe
2012-08-04 17:46 - 2012-08-04 17:46 - 00477136 ____A (SEGA Corporation) C:\Users\Sergio\Documents\downloader.exe
2012-08-02 09:58 - 2012-09-21 13:06 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-08-02 08:57 - 2012-09-21 13:06 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2012-08-01 07:17 - 2011-03-26 15:23 - 00000001 ____A C:\Users\Sergio\Application Data\FileJoin.ini
2012-08-01 07:17 - 2011-03-26 15:23 - 00000001 ____A C:\Users\Sergio\AppData\Roaming\FileJoin.ini
2012-07-31 08:39 - 2009-12-09 22:12 - 00000552 ____A C:\Windows\Tasks\PCDRScheduledMaintenance.job
2012-07-29 20:06 - 2012-07-29 20:06 - 00463951 ____A C:\Users\Sergio\My Documents\Check'em.swf
2012-07-29 20:06 - 2012-07-29 20:06 - 00463951 ____A C:\Users\Sergio\Documents\Check'em.swf
2012-07-29 19:59 - 2012-07-29 19:58 - 00946222 ____A C:\Users\Sergio\Downloads\map.swf
2012-07-29 13:18 - 2012-07-29 13:18 - 00000987 ____A C:\Users\Guest\Desktop\Sudeki.lnk
2012-07-26 14:57 - 2012-07-26 14:57 - 00074703 ____A C:\Windows\SysWOW64\mfc45.dat
2012-07-25 23:21 - 2012-07-25 23:21 - 00291680 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgldx64.sys
2012-07-25 14:01 - 2012-07-25 14:01 - 00001407 ____A C:\Users\Guest\Desktop\Cellfactor Revolution.lnk
2012-07-24 11:09 - 2012-07-24 11:09 - 00000105 ____A C:\Windows\MAPPER.INI
2012-07-24 06:52 - 2012-07-26 14:58 - 00082160 ____A (Raxco Software, Inc.) C:\Windows\System32\Drivers\PDFsFilter.sys
2012-07-23 11:57 - 2012-07-23 11:57 - 01135827 ____A C:\Users\Sergio\Downloads\ShiveringIsles_v1.2.0416English.exe
2012-07-23 11:01 - 2012-07-23 11:00 - 54179488 ____A C:\Users\Sergio\Downloads\Fallout3_1.7_English_US.exe
2012-07-23 11:00 - 2012-07-23 11:00 - 05340989 ____A C:\Users\Sergio\Downloads\Oblivion_v1.2.0416English.exe
2012-07-22 07:31 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-10-14 19:48:27
Restore point made on: 2012-10-17 12:21:36
Restore point made on: 2012-10-17 12:24:03
Restore point made on: 2012-10-17 15:01:40

==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 3070.49 MB
Available physical RAM: 2348.51 MB
Total Pagefile: 3068.64 MB
Available Pagefile: 2347.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (COMPAQ) (Fixed) (Total:454.76 GB) (Free:116.47 GB) NTFS
2 Drive e: (FACTORY_IMAGE) (Fixed) (Total:10.9 GB) (Free:1.78 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: () (CDROM) (Total:6.67 GB) (Free:0 GB) CDFS
4 Drive g: (MY GS DRIVE) (Removable) (Total:7.47 GB) (Free:2.11 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.08 GB) (Free:0.07 GB) NTFS
6 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 7663 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 454 GB 101 MB
Partition 3 Primary 10 GB 454 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C COMPAQ NTFS Partition 454 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E FACTORY_IMA NTFS Partition 10 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7655 MB 22 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G MY GS DRIVE FAT32 Removable 7655 MB Healthy

=========================================================

Last Boot: 2012-10-15 21:39

==================== End Of Log =============================


Farbar Recovery Scan Tool (x64) Version: 16-10-2012
Ran by SYSTEM at 2012-10-18 15:51:31
Running from G:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\ERDNT\cache64\services.exe
[2012-07-19 11:53] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

====== End Of Search ======
 
Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the UBCD.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Next...

Restart normally.

=============================

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

==============================

  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

============================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
 

Attachments

  • fixlist.txt
    481 bytes · Views: 2
Thanks again.
Here are the logs, they are too long for one message.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-10-2012
Ran by SYSTEM at 2012-10-19 18:56:44 Run:1
Running from G:\

==============================================

HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows No ZeroAccess entry found.
C:\Windows\System32\consrv.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs BVRPMPR5 Deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs PCDCODEC Deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs penclass Deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs msloop Deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs a016mgmt Deleted successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.

==== End of Fixlog ====

________________________________

19:21:12.0011 2972 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
19:21:12.0323 2972 ============================================================
19:21:12.0323 2972 Current date / time: 2012/10/19 19:21:12.0323
19:21:12.0323 2972 SystemInfo:
19:21:12.0323 2972
19:21:12.0323 2972 OS Version: 6.1.7601 ServicePack: 1.0
19:21:12.0323 2972 Product type: Workstation
19:21:12.0323 2972 ComputerName: SERGE-PC
19:21:12.0323 2972 UserName: Sergio
19:21:12.0323 2972 Windows directory: C:\Windows
19:21:12.0323 2972 System windows directory: C:\Windows
19:21:12.0323 2972 Running under WOW64
19:21:12.0323 2972 Processor architecture: Intel x64
19:21:12.0323 2972 Number of processors: 2
19:21:12.0323 2972 Page size: 0x1000
19:21:12.0323 2972 Boot type: Normal boot
19:21:12.0323 2972 ============================================================
19:21:13.0463 2972 BG loaded
19:21:13.0744 2972 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:21:13.0760 2972 Drive \Device\Harddisk1\DR1 - Size: 0x1DEFFFE00 (7.48 Gb), SectorSize: 0x200, Cylinders: 0x3D1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:21:13.0760 2972 ============================================================
19:21:13.0760 2972 \Device\Harddisk0\DR0:
19:21:13.0760 2972 MBR partitions:
19:21:13.0760 2972 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:21:13.0760 2972 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38D84000
19:21:13.0760 2972 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38DB6800, BlocksNum 0x15CF000
19:21:13.0760 2972 \Device\Harddisk1\DR1:
19:21:13.0760 2972 MBR partitions:
19:21:13.0760 2972 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2C, BlocksNum 0xEF3FA4
19:21:13.0760 2972 ============================================================
19:21:13.0791 2972 C: <-> \Device\Harddisk0\DR0\Partition2
19:21:13.0822 2972 D: <-> \Device\Harddisk0\DR0\Partition3
19:21:13.0822 2972 ============================================================
19:21:13.0822 2972 Initialize success
19:21:13.0822 2972 ============================================================
19:21:32.0729 3588 ============================================================
19:21:32.0729 3588 Scan started
19:21:32.0729 3588 Mode: Manual; TDLFS;
19:21:32.0729 3588 ============================================================
19:21:34.0211 3588 ================ Scan system memory ========================
19:21:34.0211 3588 System memory - ok
19:21:34.0211 3588 ================ Scan services =============================
19:21:34.0289 3588 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:21:34.0289 3588 !SASCORE - ok
19:21:34.0414 3588 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:21:34.0414 3588 1394ohci - ok
19:21:34.0414 3588 a016mgmt - ok
19:21:34.0445 3588 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:21:34.0461 3588 ACPI - ok
19:21:34.0476 3588 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:21:34.0476 3588 AcpiPmi - ok
19:21:34.0601 3588 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:21:34.0632 3588 AdobeARMservice - ok
19:21:34.0851 3588 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:21:34.0851 3588 AdobeFlashPlayerUpdateSvc - ok
19:21:34.0913 3588 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:21:34.0944 3588 adp94xx - ok
19:21:34.0960 3588 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:21:34.0976 3588 adpahci - ok
19:21:34.0976 3588 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:21:34.0991 3588 adpu320 - ok
19:21:35.0022 3588 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:21:35.0022 3588 AeLookupSvc - ok
19:21:35.0069 3588 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:21:35.0069 3588 AFD - ok
19:21:35.0085 3588 [ 48008D4EA73C1058F36D323A644410D4 ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
19:21:35.0085 3588 AgereModemAudio - ok
19:21:35.0132 3588 [ DDF52C4C92D831A4CDB7788B37585E36 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
19:21:35.0163 3588 AgereSoftModem - ok
19:21:35.0194 3588 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:21:35.0194 3588 agp440 - ok
19:21:35.0225 3588 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:21:35.0241 3588 ALG - ok
19:21:35.0256 3588 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:21:35.0256 3588 aliide - ok
19:21:35.0288 3588 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:21:35.0288 3588 AMD External Events Utility - ok
19:21:35.0303 3588 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:21:35.0303 3588 amdide - ok
19:21:35.0334 3588 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
19:21:35.0334 3588 amdiox64 - ok
19:21:35.0397 3588 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:21:35.0397 3588 AmdK8 - ok
19:21:35.0678 3588 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:21:35.0849 3588 amdkmdag - ok
19:21:35.0912 3588 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:21:35.0927 3588 amdkmdap - ok
19:21:35.0943 3588 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:21:35.0958 3588 AmdPPM - ok
19:21:35.0990 3588 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:21:35.0990 3588 amdsata - ok
19:21:36.0036 3588 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:21:36.0036 3588 amdsbs - ok
19:21:36.0052 3588 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:21:36.0068 3588 amdxata - ok
19:21:36.0068 3588 AODDriver4.01 - ok
19:21:36.0083 3588 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:21:36.0099 3588 AppID - ok
19:21:36.0130 3588 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:21:36.0130 3588 AppIDSvc - ok
19:21:36.0192 3588 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:21:36.0208 3588 Appinfo - ok
19:21:36.0286 3588 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:21:36.0286 3588 Apple Mobile Device - ok
19:21:36.0348 3588 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:21:36.0348 3588 arc - ok
19:21:36.0380 3588 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:21:36.0380 3588 arcsas - ok
19:21:36.0489 3588 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:21:36.0489 3588 aspnet_state - ok
19:21:36.0536 3588 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:21:36.0536 3588 AsyncMac - ok
19:21:36.0567 3588 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:21:36.0567 3588 atapi - ok
19:21:36.0754 3588 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:21:36.0754 3588 AudioEndpointBuilder - ok
19:21:36.0770 3588 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:21:36.0785 3588 AudioSrv - ok
19:21:36.0816 3588 [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
19:21:36.0816 3588 Avgfwfd - ok
19:21:37.0097 3588 [ BD5D11CEDBCDE4FA97D2387E7069B1FF ] avgfws C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
19:21:37.0160 3588 avgfws - ok
19:21:37.0331 3588 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
19:21:37.0362 3588 AVGIDSAgent - ok
19:21:37.0394 3588 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:21:37.0409 3588 AVGIDSDriver - ok
19:21:37.0440 3588 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
19:21:37.0456 3588 AVGIDSFilter - ok
19:21:37.0456 3588 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
19:21:37.0456 3588 AVGIDSHA - ok
19:21:37.0472 3588 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
19:21:37.0472 3588 Avgldx64 - ok
19:21:37.0472 3588 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
19:21:37.0487 3588 Avgmfx64 - ok
19:21:37.0518 3588 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
19:21:37.0518 3588 Avgrkx64 - ok
19:21:37.0550 3588 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
19:21:37.0550 3588 Avgtdia - ok
19:21:37.0581 3588 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
19:21:37.0581 3588 avgtp - ok
19:21:37.0612 3588 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:21:37.0612 3588 avgwd - ok
19:21:37.0659 3588 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:21:37.0659 3588 AxInstSV - ok
19:21:38.0002 3588 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:21:38.0018 3588 b06bdrv - ok
19:21:38.0096 3588 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:21:38.0111 3588 b57nd60a - ok
19:21:38.0158 3588 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:21:38.0174 3588 BDESVC - ok
19:21:38.0205 3588 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:21:38.0205 3588 Beep - ok
19:21:38.0267 3588 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:21:38.0283 3588 BFE - ok
19:21:38.0314 3588 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:21:38.0330 3588 BITS - ok
19:21:38.0330 3588 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:21:38.0330 3588 blbdrive - ok
19:21:38.0423 3588 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:21:38.0423 3588 Bonjour Service - ok
19:21:38.0486 3588 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:21:38.0501 3588 bowser - ok
19:21:38.0564 3588 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:21:38.0564 3588 BrFiltLo - ok
19:21:38.0610 3588 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:21:38.0610 3588 BrFiltUp - ok
19:21:38.0673 3588 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:21:38.0673 3588 BridgeMP - ok
19:21:38.0720 3588 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:21:38.0751 3588 Browser - ok
19:21:38.0766 3588 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:21:38.0766 3588 Brserid - ok
19:21:38.0782 3588 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:21:38.0782 3588 BrSerWdm - ok
19:21:38.0798 3588 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:21:38.0798 3588 BrUsbMdm - ok
19:21:38.0798 3588 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:21:38.0798 3588 BrUsbSer - ok
19:21:38.0844 3588 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:21:38.0844 3588 BTHMODEM - ok
19:21:38.0876 3588 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:21:38.0891 3588 bthserv - ok
19:21:38.0891 3588 BVRPMPR5 - ok
19:21:38.0985 3588 catchme - ok
19:21:39.0016 3588 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:21:39.0016 3588 cdfs - ok
19:21:39.0063 3588 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:21:39.0063 3588 cdrom - ok
19:21:39.0110 3588 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:21:39.0110 3588 CertPropSvc - ok
19:21:39.0156 3588 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:21:39.0156 3588 circlass - ok
19:21:39.0188 3588 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:21:39.0188 3588 CLFS - ok
19:21:39.0234 3588 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:21:39.0234 3588 clr_optimization_v2.0.50727_32 - ok
19:21:39.0359 3588 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:21:39.0359 3588 clr_optimization_v2.0.50727_64 - ok
19:21:39.0437 3588 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:21:39.0437 3588 clr_optimization_v4.0.30319_32 - ok
19:21:39.0468 3588 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:21:39.0468 3588 clr_optimization_v4.0.30319_64 - ok
19:21:39.0500 3588 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:21:39.0500 3588 CmBatt - ok
19:21:39.0515 3588 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:21:39.0515 3588 cmdide - ok
19:21:39.0578 3588 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:21:39.0578 3588 CNG - ok
19:21:39.0593 3588 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:21:39.0593 3588 Compbatt - ok
19:21:39.0640 3588 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:21:39.0640 3588 CompositeBus - ok
19:21:39.0640 3588 COMSysApp - ok
19:21:39.0671 3588 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:21:39.0671 3588 crcdisk - ok
19:21:39.0718 3588 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:21:39.0718 3588 CryptSvc - ok
19:21:39.0749 3588 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
19:21:39.0749 3588 dc3d - ok
19:21:39.0843 3588 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:21:39.0843 3588 DcomLaunch - ok
19:21:39.0905 3588 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:21:39.0905 3588 defragsvc - ok
19:21:40.0030 3588 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
19:21:40.0030 3588 Desura Install Service - ok
19:21:40.0092 3588 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:21:40.0108 3588 DfsC - ok
19:21:40.0139 3588 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:21:40.0139 3588 Dhcp - ok
19:21:40.0155 3588 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:21:40.0155 3588 discache - ok
19:21:40.0186 3588 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:21:40.0186 3588 Disk - ok
19:21:40.0217 3588 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:21:40.0233 3588 Dnscache - ok
19:21:40.0264 3588 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:21:40.0264 3588 dot3svc - ok
19:21:40.0342 3588 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:21:40.0342 3588 Dot4 - ok
19:21:40.0389 3588 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
19:21:40.0389 3588 Dot4Print - ok
19:21:40.0420 3588 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:21:40.0420 3588 dot4usb - ok
19:21:40.0482 3588 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:21:40.0482 3588 DPS - ok
19:21:40.0498 3588 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:21:40.0498 3588 drmkaud - ok
19:21:40.0545 3588 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:21:40.0560 3588 dtsoftbus01 - ok
19:21:40.0576 3588 dump_wmimmc - ok
19:21:40.0732 3588 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:21:40.0763 3588 DXGKrnl - ok
19:21:40.0763 3588 EagleX64 - ok
19:21:40.0779 3588 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:21:40.0794 3588 EapHost - ok
19:21:40.0857 3588 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:21:40.0872 3588 ebdrv - ok
19:21:40.0935 3588 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:21:40.0935 3588 EFS - ok
19:21:41.0122 3588 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:21:41.0122 3588 ehRecvr - ok
19:21:41.0184 3588 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:21:41.0184 3588 ehSched - ok
19:21:41.0216 3588 [ F21A07780BBD64ADEF872F50E8CE2E75 ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
19:21:41.0216 3588 ElRawDisk - ok
19:21:41.0356 3588 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:21:41.0387 3588 elxstor - ok
19:21:41.0574 3588 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:21:41.0590 3588 ErrDev - ok
19:21:41.0637 3588 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:21:41.0637 3588 EventSystem - ok
19:21:41.0668 3588 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:21:41.0684 3588 exfat - ok
19:21:41.0699 3588 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:21:41.0699 3588 fastfat - ok
19:21:41.0746 3588 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:21:41.0746 3588 Fax - ok
19:21:41.0793 3588 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:21:41.0793 3588 fdc - ok
19:21:41.0840 3588 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:21:41.0840 3588 fdPHost - ok
19:21:41.0902 3588 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:21:41.0902 3588 FDResPub - ok
19:21:41.0933 3588 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:21:41.0933 3588 FileInfo - ok
19:21:41.0964 3588 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:21:41.0964 3588 Filetrace - ok
19:21:41.0980 3588 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:21:41.0996 3588 flpydisk - ok
19:21:42.0042 3588 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:21:42.0042 3588 FltMgr - ok
19:21:42.0105 3588 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:21:42.0120 3588 FontCache - ok
19:21:42.0245 3588 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:21:42.0261 3588 FontCache3.0.0.0 - ok
19:21:42.0276 3588 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:21:42.0276 3588 FsDepends - ok
19:21:42.0354 3588 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:21:42.0354 3588 fssfltr - ok
19:21:42.0588 3588 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:21:42.0620 3588 fsssvc - ok
19:21:42.0651 3588 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:21:42.0651 3588 Fs_Rec - ok
19:21:42.0744 3588 [ 0D015D3584704EC814A58276232F143B ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
19:21:42.0744 3588 Futuremark SystemInfo Service - ok
19:21:42.0807 3588 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:21:42.0822 3588 fvevol - ok
19:21:42.0869 3588 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:21:42.0885 3588 gagp30kx - ok
19:21:42.0932 3588 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:21:42.0932 3588 GEARAspiWDM - ok
19:21:43.0088 3588 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:21:43.0119 3588 gpsvc - ok
19:21:43.0306 3588 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:21:43.0322 3588 gupdate - ok
19:21:43.0353 3588 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:21:43.0353 3588 gupdatem - ok
19:21:43.0384 3588 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:21:43.0384 3588 hamachi - ok
19:21:43.0462 3588 [ 21D24138B736983F6E23823E092E9428 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:21:43.0540 3588 Hamachi2Svc - ok
19:21:43.0571 3588 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:21:43.0602 3588 hcw85cir - ok
19:21:43.0696 3588 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:21:43.0712 3588 HdAudAddService - ok
19:21:43.0758 3588 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:21:43.0774 3588 HDAudBus - ok
19:21:43.0836 3588 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:21:43.0836 3588 HidBatt - ok
19:21:43.0899 3588 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:21:43.0930 3588 HidBth - ok
19:21:43.0946 3588 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:21:43.0961 3588 HidIr - ok
19:21:44.0008 3588 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:21:44.0008 3588 hidserv - ok
19:21:44.0070 3588 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:21:44.0070 3588 HidUsb - ok
19:21:44.0117 3588 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:21:44.0117 3588 hkmsvc - ok
19:21:44.0258 3588 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:21:44.0273 3588 HomeGroupListener - ok
19:21:44.0320 3588 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:21:44.0336 3588 HomeGroupProvider - ok
19:21:44.0398 3588 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:21:44.0414 3588 HP Support Assistant Service - ok
19:21:44.0476 3588 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:21:44.0492 3588 HPDrvMntSvc.exe - ok
19:21:44.0554 3588 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
19:21:44.0554 3588 hpqwmiex - ok
 
19:21:34.0960 3588 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:21:34.0976 3588 adpahci - ok
19:21:34.0976 3588 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:21:34.0991 3588 adpu320 - ok
19:21:35.0022 3588 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:21:35.0022 3588 AeLookupSvc - ok
19:21:35.0069 3588 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:21:35.0069 3588 AFD - ok
19:21:35.0085 3588 [ 48008D4EA73C1058F36D323A644410D4 ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
19:21:35.0085 3588 AgereModemAudio - ok
19:21:35.0132 3588 [ DDF52C4C92D831A4CDB7788B37585E36 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
19:21:35.0163 3588 AgereSoftModem - ok
19:21:35.0194 3588 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:21:35.0194 3588 agp440 - ok
19:21:35.0225 3588 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:21:35.0241 3588 ALG - ok
19:21:35.0256 3588 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:21:35.0256 3588 aliide - ok
19:21:35.0288 3588 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:21:35.0288 3588 AMD External Events Utility - ok
19:21:35.0303 3588 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:21:35.0303 3588 amdide - ok
19:21:35.0334 3588 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
19:21:35.0334 3588 amdiox64 - ok
19:21:35.0397 3588 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:21:35.0397 3588 AmdK8 - ok
19:21:35.0678 3588 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:21:35.0849 3588 amdkmdag - ok
19:21:35.0912 3588 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:21:35.0927 3588 amdkmdap - ok
19:21:35.0943 3588 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:21:35.0958 3588 AmdPPM - ok
19:21:35.0990 3588 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:21:35.0990 3588 amdsata - ok
19:21:36.0036 3588 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:21:36.0036 3588 amdsbs - ok
19:21:36.0052 3588 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:21:36.0068 3588 amdxata - ok
19:21:36.0068 3588 AODDriver4.01 - ok
19:21:36.0083 3588 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:21:36.0099 3588 AppID - ok
19:21:36.0130 3588 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:21:36.0130 3588 AppIDSvc - ok
19:21:36.0192 3588 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:21:36.0208 3588 Appinfo - ok
19:21:36.0286 3588 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:21:36.0286 3588 Apple Mobile Device - ok
19:21:36.0348 3588 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:21:36.0348 3588 arc - ok
19:21:36.0380 3588 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:21:36.0380 3588 arcsas - ok
19:21:36.0489 3588 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:21:36.0489 3588 aspnet_state - ok
19:21:36.0536 3588 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:21:36.0536 3588 AsyncMac - ok
19:21:36.0567 3588 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:21:36.0567 3588 atapi - ok
19:21:36.0754 3588 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:21:36.0754 3588 AudioEndpointBuilder - ok
19:21:36.0770 3588 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:21:36.0785 3588 AudioSrv - ok
19:21:36.0816 3588 [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
19:21:36.0816 3588 Avgfwfd - ok
19:21:37.0097 3588 [ BD5D11CEDBCDE4FA97D2387E7069B1FF ] avgfws C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
19:21:37.0160 3588 avgfws - ok
19:21:37.0331 3588 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
19:21:37.0362 3588 AVGIDSAgent - ok
 
19:21:44.0585 3588 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:21:44.0585 3588 HpSAMD - ok
19:21:44.0819 3588 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:21:44.0819 3588 HTTP - ok
19:21:44.0819 3588 hwinterface - ok
19:21:44.0897 3588 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:21:44.0897 3588 hwpolicy - ok
19:21:44.0944 3588 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:21:44.0944 3588 i8042prt - ok
19:21:44.0975 3588 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:21:44.0991 3588 iaStorV - ok
19:21:45.0084 3588 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:21:45.0116 3588 IDriverT - ok
19:21:45.0178 3588 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:21:45.0178 3588 idsvc - ok
19:21:45.0209 3588 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:21:45.0225 3588 iirsp - ok
19:21:45.0256 3588 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:21:45.0272 3588 IKEEXT - ok
19:21:45.0365 3588 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:21:45.0412 3588 IntcAzAudAddService - ok
19:21:45.0443 3588 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:21:45.0443 3588 intelide - ok
19:21:45.0506 3588 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:21:45.0506 3588 intelppm - ok
19:21:45.0630 3588 [ 735C295D5C161F4927032585692B57B0 ] ioloSystemService C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
19:21:45.0646 3588 ioloSystemService - ok
19:21:45.0662 3588 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:21:45.0677 3588 IPBusEnum - ok
19:21:45.0708 3588 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:21:45.0724 3588 IpFilterDriver - ok
19:21:45.0786 3588 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:21:45.0786 3588 iphlpsvc - ok
19:21:45.0802 3588 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:21:45.0802 3588 IPMIDRV - ok
19:21:45.0864 3588 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:21:45.0880 3588 IPNAT - ok
19:21:45.0927 3588 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:21:45.0942 3588 iPod Service - ok
19:21:45.0958 3588 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:21:45.0958 3588 IRENUM - ok
19:21:45.0989 3588 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:21:46.0005 3588 isapnp - ok
19:21:46.0083 3588 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:21:46.0130 3588 iScsiPrt - ok
19:21:46.0130 3588 ISODisk - ok
19:21:46.0145 3588 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:21:46.0161 3588 kbdclass - ok
19:21:46.0176 3588 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:21:46.0192 3588 kbdhid - ok
19:21:46.0239 3588 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:21:46.0239 3588 KeyIso - ok
19:21:46.0301 3588 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:21:46.0301 3588 KSecDD - ok
19:21:46.0332 3588 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:21:46.0348 3588 KSecPkg - ok
19:21:46.0379 3588 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:21:46.0379 3588 ksthunk - ok
19:21:46.0426 3588 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:21:46.0426 3588 KtmRm - ok
19:21:46.0488 3588 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:21:46.0488 3588 LanmanServer - ok
19:21:46.0520 3588 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:21:46.0520 3588 LanmanWorkstation - ok
19:21:46.0598 3588 [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:21:46.0598 3588 LightScribeService - ok
19:21:46.0644 3588 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:21:46.0644 3588 lltdio - ok
19:21:46.0707 3588 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:21:46.0722 3588 lltdsvc - ok
19:21:46.0722 3588 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:21:46.0722 3588 lmhosts - ok
19:21:46.0754 3588 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:21:46.0769 3588 LSI_FC - ok
19:21:46.0941 3588 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:21:47.0003 3588 LSI_SAS - ok
19:21:47.0081 3588 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:21:47.0128 3588 LSI_SAS2 - ok
19:21:47.0175 3588 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:21:47.0175 3588 LSI_SCSI - ok
19:21:47.0190 3588 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:21:47.0190 3588 luafv - ok
19:21:47.0223 3588 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:21:47.0223 3588 Mcx2Svc - ok
19:21:47.0254 3588 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:21:47.0254 3588 megasas - ok
19:21:47.0301 3588 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:21:47.0301 3588 MegaSR - ok
19:21:47.0379 3588 Microsoft SharePoint Workspace Audit Service - ok
19:21:47.0425 3588 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:21:47.0425 3588 MMCSS - ok
19:21:47.0441 3588 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:21:47.0441 3588 Modem - ok
19:21:47.0457 3588 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:21:47.0457 3588 monitor - ok
19:21:47.0488 3588 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:21:47.0488 3588 mouclass - ok
19:21:47.0550 3588 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:21:47.0550 3588 mouhid - ok
19:21:47.0597 3588 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:21:47.0628 3588 mountmgr - ok
19:21:47.0675 3588 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:21:47.0675 3588 MozillaMaintenance - ok
19:21:47.0691 3588 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:21:47.0706 3588 mpio - ok
19:21:47.0737 3588 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:21:47.0737 3588 mpsdrv - ok
19:21:47.0784 3588 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:21:47.0800 3588 MpsSvc - ok
19:21:47.0847 3588 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:21:47.0847 3588 MRxDAV - ok
19:21:47.0893 3588 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:21:47.0893 3588 mrxsmb - ok
19:21:47.0956 3588 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:21:47.0956 3588 mrxsmb10 - ok
19:21:48.0003 3588 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:21:48.0003 3588 mrxsmb20 - ok
19:21:48.0034 3588 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:21:48.0034 3588 msahci - ok
19:21:48.0159 3588 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
19:21:48.0174 3588 MSCSPTISRV - ok
19:21:48.0238 3588 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:21:48.0238 3588 msdsm - ok
19:21:48.0284 3588 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:21:48.0284 3588 MSDTC - ok
19:21:48.0316 3588 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:21:48.0316 3588 Msfs - ok
19:21:48.0316 3588 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:21:48.0316 3588 mshidkmdf - ok
19:21:48.0331 3588 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:21:48.0331 3588 msisadrv - ok
19:21:48.0378 3588 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:21:48.0378 3588 MSiSCSI - ok
19:21:48.0378 3588 msiserver - ok
19:21:48.0394 3588 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:21:48.0394 3588 MSKSSRV - ok
19:21:48.0394 3588 msloop - ok
19:21:48.0440 3588 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:21:48.0440 3588 MSPCLOCK - ok
19:21:48.0487 3588 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:21:48.0487 3588 MSPQM - ok
19:21:48.0550 3588 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:21:48.0565 3588 MsRPC - ok
19:21:48.0596 3588 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:21:48.0612 3588 mssmbios - ok
19:21:48.0643 3588 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:21:48.0643 3588 MSTEE - ok
19:21:48.0674 3588 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:21:48.0674 3588 MTConfig - ok
19:21:48.0706 3588 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:21:48.0721 3588 Mup - ok
19:21:48.0815 3588 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:21:48.0830 3588 napagent - ok
19:21:48.0846 3588 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:21:48.0846 3588 NativeWifiP - ok
19:21:48.0940 3588 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:21:48.0955 3588 NDIS - ok
19:21:48.0971 3588 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:21:48.0971 3588 NdisCap - ok
19:21:48.0986 3588 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:21:48.0986 3588 NdisTapi - ok
19:21:49.0049 3588 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:21:49.0064 3588 Ndisuio - ok
19:21:49.0236 3588 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:21:49.0236 3588 NdisWan - ok
19:21:49.0315 3588 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:21:49.0315 3588 NDProxy - ok
19:21:49.0346 3588 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:21:49.0346 3588 NetBIOS - ok
19:21:49.0393 3588 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:21:49.0393 3588 NetBT - ok
19:21:49.0409 3588 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:21:49.0409 3588 Netlogon - ok
19:21:49.0440 3588 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:21:49.0440 3588 Netman - ok
19:21:49.0502 3588 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:21:49.0533 3588 NetMsmqActivator - ok
19:21:49.0533 3588 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:21:49.0533 3588 NetPipeActivator - ok
19:21:49.0565 3588 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:21:49.0565 3588 netprofm - ok
19:21:49.0565 3588 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:21:49.0565 3588 NetTcpActivator - ok
19:21:49.0580 3588 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:21:49.0580 3588 NetTcpPortSharing - ok
19:21:49.0596 3588 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:21:49.0611 3588 nfrd960 - ok
19:21:49.0674 3588 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:21:49.0674 3588 NlaSvc - ok
19:21:49.0689 3588 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:21:49.0689 3588 Npfs - ok
19:21:49.0689 3588 NPPTNT2 - ok
19:21:49.0736 3588 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:21:49.0736 3588 nsi - ok
19:21:49.0767 3588 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:21:49.0767 3588 nsiproxy - ok
19:21:50.0064 3588 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:21:50.0095 3588 Ntfs - ok
19:21:50.0189 3588 [ 77EB11DA191D12D12E28D7BD8905C42C ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
19:21:50.0204 3588 NuidFltr - ok
19:21:50.0251 3588 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:21:50.0267 3588 Null - ok
19:21:51.0515 3588 [ E55CAB397F77D5208DB18A78B1B7C0D5 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:21:51.0733 3588 nvlddmkm - ok
19:21:51.0998 3588 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
19:21:51.0998 3588 NVNET - ok
19:21:52.0061 3588 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:21:52.0061 3588 nvraid - ok
19:21:52.0107 3588 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:21:52.0107 3588 nvstor - ok
19:21:52.0185 3588 [ 6BA747B1A9297A6C0271700D12FDD495 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
19:21:52.0185 3588 nvstor64 - ok
19:21:52.0248 3588 [ 43BC8151893AE6AFE42E149D663C2221 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:21:52.0248 3588 nvsvc - ok
19:21:52.0279 3588 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:21:52.0279 3588 nv_agp - ok
19:21:52.0310 3588 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:21:52.0310 3588 ohci1394 - ok
19:21:52.0373 3588 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:21:52.0388 3588 ose - ok
19:21:53.0246 3588 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:21:53.0277 3588 osppsvc - ok
19:21:53.0340 3588 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:21:53.0340 3588 p2pimsvc - ok
19:21:53.0355 3588 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:21:53.0355 3588 p2psvc - ok
19:21:53.0402 3588 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
19:21:53.0402 3588 PACSPTISVR - ok
19:21:53.0433 3588 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:21:53.0449 3588 Parport - ok
19:21:53.0496 3588 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:21:53.0511 3588 partmgr - ok
19:21:53.0543 3588 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:21:53.0543 3588 PcaSvc - ok
19:21:53.0543 3588 PCDCODEC - ok
19:21:53.0605 3588 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:21:53.0605 3588 pci - ok
19:21:53.0621 3588 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:21:53.0621 3588 pciide - ok
19:21:53.0714 3588 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:21:53.0730 3588 pcmcia - ok
19:21:53.0745 3588 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:21:53.0745 3588 pcw - ok
19:21:53.0792 3588 [ 8570C04D9DBFDDD2CCF655DEB4D84715 ] PDFsFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys
19:21:53.0792 3588 PDFsFilter - ok
19:21:53.0855 3588 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:21:53.0870 3588 PEAUTH - ok
19:21:53.0870 3588 penclass - ok
19:21:54.0900 3588 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:21:54.0915 3588 PerfHost - ok
19:21:55.0259 3588 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:21:55.0305 3588 pla - ok
19:21:55.0352 3588 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:21:55.0352 3588 PlugPlay - ok
19:21:55.0352 3588 PnkBstrA - ok
19:21:55.0383 3588 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:21:55.0383 3588 PNRPAutoReg - ok
19:21:55.0430 3588 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:21:55.0430 3588 PNRPsvc - ok
19:21:55.0461 3588 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
19:21:55.0461 3588 Point64 - ok
19:21:55.0586 3588 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:21:55.0602 3588 PolicyAgent - ok
19:21:55.0649 3588 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:21:55.0649 3588 Power - ok
19:21:55.0664 3588 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:21:55.0680 3588 PptpMiniport - ok
19:21:55.0711 3588 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:21:55.0711 3588 Processor - ok
19:21:55.0742 3588 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:21:55.0773 3588 ProfSvc - ok
19:21:55.0805 3588 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:21:55.0805 3588 ProtectedStorage - ok
19:21:55.0836 3588 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:21:55.0851 3588 Psched - ok
19:21:55.0883 3588 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:21:55.0898 3588 PxHlpa64 - ok
19:21:56.0085 3588 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:21:56.0132 3588 ql2300 - ok
19:21:56.0163 3588 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:21:56.0179 3588 ql40xx - ok
19:21:56.0210 3588 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:21:56.0210 3588 QWAVE - ok
19:21:56.0241 3588 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:21:56.0241 3588 QWAVEdrv - ok
19:21:56.0241 3588 rak - ok
19:21:56.0257 3588 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:21:56.0273 3588 RasAcd - ok
19:21:56.0304 3588 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:21:56.0304 3588 RasAgileVpn - ok
19:21:56.0382 3588 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:21:56.0413 3588 RasAuto - ok
19:21:56.0460 3588 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:21:56.0460 3588 Rasl2tp - ok
19:21:56.0522 3588 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:21:56.0522 3588 RasMan - ok
19:21:56.0553 3588 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:21:56.0553 3588 RasPppoe - ok
19:21:56.0585 3588 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:21:56.0585 3588 RasSstp - ok
19:21:56.0663 3588 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:21:56.0663 3588 rdbss - ok
19:21:56.0709 3588 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:21:56.0709 3588 rdpbus - ok
19:21:56.0756 3588 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:21:56.0756 3588 RDPCDD - ok
19:21:56.0772 3588 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:21:56.0772 3588 RDPENCDD - ok
19:21:56.0819 3588 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:21:56.0819 3588 RDPREFMP - ok
19:21:56.0928 3588 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:21:56.0959 3588 RDPWD - ok
19:21:56.0975 3588 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:21:56.0975 3588 rdyboost - ok
19:21:57.0053 3588 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:21:57.0084 3588 RemoteAccess - ok
19:21:57.0131 3588 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:21:57.0131 3588 RemoteRegistry - ok
19:21:57.0193 3588 [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
19:21:57.0193 3588 RichVideo - ok
19:21:57.0209 3588 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:21:57.0209 3588 RpcEptMapper - ok
19:21:57.0240 3588 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:21:57.0240 3588 RpcLocator - ok
19:21:57.0287 3588 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:21:57.0287 3588 RpcSs - ok
19:21:57.0349 3588 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:21:57.0365 3588 rspndr - ok
19:21:57.0380 3588 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:21:57.0380 3588 SamSs - ok
19:21:57.0427 3588 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:21:57.0427 3588 SASDIFSV - ok
19:21:57.0489 3588 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:21:57.0489 3588 SASKUTIL - ok
19:21:57.0536 3588 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:21:57.0567 3588 sbp2port - ok
19:21:57.0583 3588 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:21:57.0583 3588 SCardSvr - ok
19:21:57.0599 3588 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:21:57.0614 3588 scfilter - ok
19:21:57.0661 3588 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:21:57.0677 3588 Schedule - ok
19:21:57.0708 3588 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:21:57.0708 3588 SCPolicySvc - ok
19:21:57.0755 3588 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:21:57.0755 3588 SDRSVC - ok
19:21:57.0770 3588 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:21:57.0770 3588 secdrv - ok
19:21:57.0848 3588 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:21:57.0848 3588 seclogon - ok
19:21:57.0926 3588 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:21:57.0926 3588 SENS - ok
19:21:57.0942 3588 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:21:57.0957 3588 SensrSvc - ok
19:21:57.0973 3588 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:21:57.0973 3588 Serenum - ok
19:21:58.0035 3588 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:21:58.0051 3588 Serial - ok
19:21:58.0113 3588 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:21:58.0113 3588 sermouse - ok
19:21:58.0176 3588 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:21:58.0191 3588 SessionEnv - ok
19:21:58.0223 3588 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:21:58.0223 3588 sffdisk - ok
19:21:58.0269 3588 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:21:58.0285 3588 sffp_mmc - ok
19:21:58.0285 3588 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:21:58.0301 3588 sffp_sd - ok
19:21:58.0316 3588 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:21:58.0316 3588 sfloppy - ok
19:21:58.0363 3588 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:21:58.0379 3588 SharedAccess - ok
19:21:58.0425 3588 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:21:58.0425 3588 ShellHWDetection - ok
19:21:58.0488 3588 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:21:58.0488 3588 SiSRaid2 - ok
19:21:58.0566 3588 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:21:58.0581 3588 SiSRaid4 - ok
19:21:58.0628 3588 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:21:58.0628 3588 Smb - ok
19:21:58.0675 3588 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:21:58.0675 3588 SNMPTRAP - ok
19:21:58.0691 3588 [ 977AAA4398D7D6FA65D973F5B3F54E40 ] SonicStage Back-End Service C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe
19:21:58.0706 3588 SonicStage Back-End Service - ok
19:21:58.0737 3588 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:21:58.0753 3588 spldr - ok
19:21:58.0784 3588 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:21:58.0784 3588 Spooler - ok
19:21:59.0346 3588 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:21:59.0424 3588 sppsvc - ok
19:21:59.0455 3588 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:21:59.0455 3588 sppuinotify - ok
19:21:59.0486 3588 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
19:21:59.0486 3588 SPTISRV - ok
19:21:59.0533 3588 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:21:59.0533 3588 srv - ok
19:21:59.0580 3588 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:21:59.0580 3588 srv2 - ok
19:21:59.0595 3588 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:21:59.0595 3588 srvnet - ok
19:21:59.0611 3588 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:21:59.0627 3588 SSDPSRV - ok
19:21:59.0642 3588 [ 756E371B3B86A3D3039926D32EAC0E8D ] SSScsiSV C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe
19:21:59.0642 3588 SSScsiSV - ok
19:21:59.0658 3588 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:21:59.0658 3588 SstpSvc - ok
19:21:59.0689 3588 Steam Client Service - ok
19:21:59.0751 3588 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:21:59.0767 3588 stexstor - ok
19:21:59.0923 3588 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:21:59.0923 3588 stisvc - ok
19:21:59.0985 3588 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:21:59.0985 3588 swenum - ok
19:22:00.0110 3588 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:22:00.0157 3588 swprv - ok
19:22:00.0266 3588 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:22:00.0313 3588 SysMain - ok
19:22:00.0344 3588 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:22:00.0344 3588 TabletInputService - ok
19:22:00.0360 3588 tandpl - ok
19:22:00.0578 3588 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:22:00.0578 3588 TapiSrv - ok
19:22:00.0687 3588 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:22:00.0687 3588 TBS - ok
19:22:00.0859 3588 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:22:00.0875 3588 Tcpip - ok
19:22:00.0921 3588 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:22:00.0937 3588 TCPIP6 - ok
19:22:00.0968 3588 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:22:00.0968 3588 tcpipreg - ok
19:22:00.0999 3588 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:22:01.0015 3588 TDPIPE - ok
19:22:01.0046 3588 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:22:01.0046 3588 TDTCP - ok
19:22:01.0077 3588 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:22:01.0093 3588 tdx - ok
19:22:01.0140 3588 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:22:01.0140 3588 TermDD - ok
19:22:01.0171 3588 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:22:01.0187 3588 TermService - ok
19:22:01.0202 3588 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:22:01.0218 3588 Themes - ok
19:22:01.0233 3588 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:22:01.0233 3588 THREADORDER - ok
19:22:01.0265 3588 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:22:01.0280 3588 TrkWks - ok
19:22:01.0374 3588 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:22:01.0374 3588 TrustedInstaller - ok
19:22:01.0436 3588 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:22:01.0436 3588 tssecsrv - ok
19:22:01.0483 3588 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:22:01.0499 3588 TsUsbFlt - ok
19:22:01.0545 3588 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:22:01.0545 3588 tunnel - ok
19:22:01.0592 3588 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:22:01.0608 3588 uagp35 - ok
19:22:01.0623 3588 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:22:01.0639 3588 udfs - ok
19:22:01.0670 3588 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:22:01.0670 3588 UI0Detect - ok
19:22:01.0686 3588 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:22:01.0686 3588 uliagpkx - ok
19:22:01.0717 3588 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:22:01.0733 3588 umbus - ok
19:22:01.0764 3588 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:22:01.0764 3588 UmPass - ok
19:22:01.0795 3588 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:22:01.0826 3588 upnphost - ok
19:22:01.0873 3588 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:22:01.0873 3588 USBAAPL64 - ok
19:22:01.0920 3588 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:22:01.0935 3588 usbaudio - ok
19:22:01.0951 3588 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:22:01.0967 3588 usbccgp - ok
19:22:02.0013 3588 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:22:02.0013 3588 usbcir - ok
19:22:02.0045 3588 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:22:02.0045 3588 usbehci - ok
19:22:02.0076 3588 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:22:02.0076 3588 usbhub - ok
19:22:02.0091 3588 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:22:02.0091 3588 usbohci - ok
19:22:02.0138 3588 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:22:02.0138 3588 usbprint - ok
19:22:02.0169 3588 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:22:02.0169 3588 usbscan - ok
19:22:02.0185 3588 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:22:02.0185 3588 USBSTOR - ok
19:22:02.0216 3588 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:22:02.0216 3588 usbuhci - ok
19:22:02.0294 3588 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:22:02.0294 3588 UxSms - ok
19:22:02.0294 3588 v3core - ok
19:22:02.0325 3588 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:22:02.0325 3588 VaultSvc - ok
19:22:02.0357 3588 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:22:02.0357 3588 vdrvroot - ok
19:22:02.0403 3588 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:22:02.0403 3588 vds - ok
19:22:02.0436 3588 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:22:02.0436 3588 vga - ok
19:22:02.0451 3588 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:22:02.0451 3588 VgaSave - ok
19:22:02.0514 3588 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:22:02.0514 3588 vhdmp - ok
19:22:02.0560 3588 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:22:02.0560 3588 viaide - ok
19:22:02.0592 3588 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:22:02.0592 3588 volmgr - ok
19:22:02.0638 3588 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:22:02.0638 3588 volmgrx - ok
19:22:02.0670 3588 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:22:02.0670 3588 volsnap - ok
19:22:02.0701 3588 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:22:02.0716 3588 vsmraid - ok
19:22:02.0779 3588 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:22:02.0826 3588 VSS - ok
19:22:02.0826 3588 vtany - ok
19:22:02.0950 3588 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
19:22:02.0950 3588 vToolbarUpdater12.2.6 - ok
19:22:02.0982 3588 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:22:02.0982 3588 vwifibus - ok
19:22:03.0028 3588 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:22:03.0028 3588 W32Time - ok
19:22:03.0075 3588 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:22:03.0075 3588 WacomPen - ok
19:22:03.0106 3588 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:22:03.0106 3588 WANARP - ok
19:22:03.0122 3588 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:22:03.0122 3588 Wanarpv6 - ok
19:22:03.0184 3588 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:22:03.0216 3588 WatAdminSvc - ok
19:22:03.0309 3588 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:22:03.0325 3588 wbengine - ok
19:22:03.0356 3588 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:22:03.0356 3588 WbioSrvc - ok
19:22:03.0434 3588 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:22:03.0434 3588 wcncsvc - ok
19:22:03.0450 3588 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:22:03.0465 3588 WcsPlugInService - ok
19:22:03.0496 3588 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:22:03.0512 3588 Wd - ok
19:22:03.0543 3588 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
19:22:03.0543 3588 WDC_SAM - ok
19:22:03.0590 3588 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:22:03.0606 3588 Wdf01000 - ok
19:22:03.0637 3588 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:22:03.0637 3588 WdiServiceHost - ok
19:22:03.0652 3588 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:22:03.0652 3588 WdiSystemHost - ok
19:22:03.0730 3588 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:22:03.0746 3588 WebClient - ok
19:22:03.0762 3588 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:22:03.0777 3588 Wecsvc - ok
19:22:03.0793 3588 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:22:03.0793 3588 wercplsupport - ok
19:22:03.0808 3588 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:22:03.0808 3588 WerSvc - ok
19:22:03.0840 3588 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:22:03.0871 3588 WfpLwf - ok
19:22:03.0918 3588 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:22:03.0918 3588 WIMMount - ok
19:22:03.0933 3588 WinDefend - ok
19:22:03.0933 3588 WinHttpAutoProxySvc - ok
19:22:04.0089 3588 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:22:04.0105 3588 Winmgmt - ok
19:22:04.0230 3588 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:22:04.0261 3588 WinRM - ok
19:22:04.0308 3588 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:22:04.0308 3588 WinUsb - ok
19:22:04.0417 3588 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:22:04.0432 3588 Wlansvc - ok
19:22:04.0495 3588 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:22:04.0495 3588 wlcrasvc - ok
19:22:04.0635 3588 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:22:04.0651 3588 wlidsvc - ok
19:22:04.0682 3588 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:22:04.0682 3588 WmiAcpi - ok
19:22:04.0744 3588 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] WmiApSrv C:\Windows\System32\wbem\WmiApSrv.exe
19:22:04.0776 3588 WmiApSrv - ok
19:22:04.0791 3588 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:22:04.0791 3588 WPCSvc - ok
19:22:04.0838 3588 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:22:04.0838 3588 WPDBusEnum - ok
19:22:04.0869 3588 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:22:04.0885 3588 ws2ifsl - ok
19:22:04.0916 3588 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:22:04.0916 3588 wscsvc - ok
19:22:04.0932 3588 WSearch - ok
19:22:05.0197 3588 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:22:05.0212 3588 wuauserv - ok
19:22:05.0244 3588 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:22:05.0259 3588 WudfPf - ok
19:22:05.0368 3588 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:22:05.0384 3588 WUDFRd - ok
19:22:05.0462 3588 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:22:05.0478 3588 wudfsvc - ok
19:22:05.0509 3588 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:22:05.0509 3588 WwanSvc - ok
19:22:05.0634 3588 X6va001 - ok
19:22:05.0634 3588 X6va003 - ok
19:22:05.0727 3588 X6va005 - ok
19:22:05.0727 3588 X6va006 - ok
19:22:06.0102 3588 X6va008 - ok
19:22:06.0117 3588 X6va009 - ok
19:22:06.0180 3588 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
19:22:06.0211 3588 xnacc - ok
19:22:06.0211 3588 xsherlock - ok
19:22:06.0258 3588 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:22:06.0258 3588 xusb21 - ok
19:22:06.0273 3588 ================ Scan global ===============================
19:22:06.0304 3588 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:22:06.0351 3588 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:22:06.0367 3588 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:22:06.0382 3588 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:22:06.0414 3588 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:22:06.0414 3588 [Global] – ok

19:22:06.0429 3588 ================ Scan MBR ==================================
19:22:06.0429 3588 [ AF00FC1920E1CF861B39B90A4375EDF3 ] \Device\Harddisk0\DR0
19:22:07.0147 3588 \Device\Harddisk0\DR0 - ok
19:22:07.0147 3588 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR1
19:22:21.0358 3588 \Device\Harddisk1\DR1 - ok
19:22:21.0374 3588 ================ Scan VBR ==================================
19:22:21.0374 3588 [ EBA8655466C035177020AE569CB13A60 ] \Device\Harddisk0\DR0\Partition1
19:22:21.0390 3588 \Device\Harddisk0\DR0\Partition1 - ok
19:22:21.0390 3588 [ 1F418EA9D33D1DA1F5B6AF85B54FE64B ] \Device\Harddisk0\DR0\Partition2
19:22:21.0390 3588 \Device\Harddisk0\DR0\Partition2 - ok
19:22:21.0421 3588 [ 28624251AA9BB9D202863FFF29DA62A6 ] \Device\Harddisk0\DR0\Partition3
19:22:21.0452 3588 \Device\Harddisk0\DR0\Partition3 - ok
19:22:21.0452 3588 [ 33BC62095E9627775E18A5B2DDD39886 ] \Device\Harddisk1\DR1\Partition1
19:22:21.0452 3588 \Device\Harddisk1\DR1\Partition1 - ok
19:22:21.0452 3588 ================ Scan active images ========================
19:22:21.0452 3588 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
19:22:21.0452 3588 C:\Windows\System32\drivers\crashdmp.sys - ok
19:22:21.0468 3588 [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
19:22:21.0468 3588 C:\Windows\System32\drivers\Diskdump.sys - ok
19:22:21.0468 3588 [ 6BA747B1A9297A6C0271700D12FDD495 ] C:\Windows\System32\drivers\nvstor64.sys
19:22:21.0468 3588 C:\Windows\System32\drivers\nvstor64.sys - ok
19:22:21.0468 3588 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
19:22:21.0468 3588 C:\Windows\System32\drivers\dumpfve.sys - ok
19:22:21.0483 3588 [ 400582B09E0BB557D0EC28A945150EEB ] C:\Windows\System32\drivers\dtsoftbus01.sys
19:22:21.0483 3588 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
19:22:21.0483 3588 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] C:\Windows\System32\drivers\avgmfx64.sys
19:22:21.0483 3588 C:\Windows\System32\drivers\avgmfx64.sys - ok
19:22:21.0483 3588 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
19:22:21.0483 3588 C:\Windows\System32\drivers\cdrom.sys - ok
19:22:21.0483 3588 [ A313C4AE276E3C975A1BC27170AA23C6 ] C:\Windows\System32\drivers\avgtpx64.sys
19:22:21.0483 3588 C:\Windows\System32\drivers\avgtpx64.sys - ok
19:22:21.0499 3588 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
19:22:21.0499 3588 C:\Windows\System32\drivers\beep.sys - ok
19:22:21.0499 3588 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
19:22:21.0499 3588 C:\Windows\System32\drivers\null.sys - ok
19:22:21.0499 3588 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
19:22:21.0499 3588 C:\Windows\System32\drivers\RDPCDD.sys - ok
19:22:21.0499 3588 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
19:22:21.0499 3588 C:\Windows\System32\drivers\vga.sys - ok
19:22:21.0514 3588 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
19:22:21.0514 3588 C:\Windows\System32\drivers\videoprt.sys - ok
19:22:21.0514 3588 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
19:22:21.0514 3588 C:\Windows\System32\drivers\watchdog.sys - ok
19:22:21.0514 3588 [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] C:\Windows\System32\drivers\avgfwd6a.sys
19:22:21.0514 3588 C:\Windows\System32\drivers\avgfwd6a.sys - ok
19:22:21.0530 3588 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
19:22:21.0530 3588 C:\Windows\System32\drivers\msfs.sys - ok
19:22:21.0530 3588 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
19:22:21.0530 3588 C:\Windows\System32\drivers\npfs.sys - ok
19:22:21.0530 3588 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
19:22:21.0530 3588 C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:22:21.0530 3588 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
19:22:21.0530 3588 C:\Windows\System32\drivers\RDPREFMP.sys - ok
19:22:21.0546 3588 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
19:22:21.0546 3588 C:\Windows\System32\drivers\tdi.sys - ok
19:22:21.0546 3588 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
19:22:21.0546 3588 C:\Windows\System32\drivers\tdx.sys - ok
19:22:21.0546 3588 [ F8C3C7ED612A41B05C66358FC9786BFD ] C:\Windows\System32\drivers\avgtdia.sys
19:22:21.0546 3588 C:\Windows\System32\drivers\avgtdia.sys - ok
19:22:21.0561 3588 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
19:22:21.0561 3588 C:\Windows\System32\drivers\netbt.sys - ok
19:22:21.0561 3588 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
19:22:21.0561 3588 C:\Windows\System32\drivers\afd.sys - ok
19:22:21.0561 3588 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
19:22:21.0561 3588 C:\Windows\System32\drivers\netbios.sys - ok
 
19:22:21.0561 3588 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
19:22:21.0561 3588 C:\Windows\System32\drivers\pacer.sys - ok
19:22:21.0577 3588 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
19:22:21.0577 3588 C:\Windows\System32\drivers\termdd.sys - ok
19:22:21.0577 3588 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
19:22:21.0577 3588 C:\Windows\System32\drivers\wanarp.sys - ok
19:22:21.0577 3588 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
19:22:21.0577 3588 C:\Windows\System32\drivers\wfplwf.sys - ok
19:22:21.0577 3588 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
19:22:21.0577 3588 C:\Windows\System32\drivers\ws2ifsl.sys - ok
19:22:21.0592 3588 [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
19:22:21.0592 3588 C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
19:22:21.0592 3588 [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
19:22:21.0592 3588 C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
19:22:21.0592 3588 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
19:22:21.0592 3588 C:\Windows\System32\drivers\nsiproxy.sys - ok
19:22:21.0608 3588 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
19:22:21.0608 3588 C:\Windows\System32\drivers\rdbss.sys - ok
19:22:21.0608 3588 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
19:22:21.0608 3588 C:\Windows\System32\drivers\blbdrive.sys - ok
19:22:21.0608 3588 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
19:22:21.0608 3588 C:\Windows\System32\drivers\dfsc.sys - ok
19:22:21.0624 3588 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
19:22:21.0624 3588 C:\Windows\System32\drivers\discache.sys - ok
19:22:21.0624 3588 [ F21A07780BBD64ADEF872F50E8CE2E75 ] C:\Windows\System32\drivers\ElRawDsk.sys
19:22:21.0624 3588 C:\Windows\System32\drivers\ElRawDsk.sys - ok
19:22:21.0624 3588 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
19:22:21.0624 3588 C:\Windows\System32\drivers\mssmbios.sys - ok
19:22:21.0624 3588 [ 221FEBAB02D6C97C95558348CC354A85 ] C:\Windows\System32\drivers\avgldx64.sys
19:22:21.0624 3588 C:\Windows\System32\drivers\avgldx64.sys - ok
19:22:21.0639 3588 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
19:22:21.0639 3588 C:\Windows\System32\drivers\amdppm.sys - ok
19:22:21.0639 3588 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
19:22:21.0639 3588 C:\Windows\System32\drivers\i8042prt.sys - ok
19:22:21.0639 3588 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
19:22:21.0639 3588 C:\Windows\System32\drivers\tunnel.sys - ok
19:22:21.0639 3588 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
19:22:21.0639 3588 C:\Windows\System32\drivers\kbdclass.sys - ok
19:22:21.0655 3588 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
19:22:21.0655 3588 C:\Windows\System32\drivers\usbport.sys - ok
19:22:21.0655 3588 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
19:22:21.0655 3588 C:\Windows\System32\drivers\hdaudbus.sys - ok
19:22:21.0655 3588 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
19:22:21.0655 3588 C:\Windows\System32\drivers\usbehci.sys - ok
19:22:21.0670 3588 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
19:22:21.0670 3588 C:\Windows\System32\drivers\usbohci.sys - ok
19:22:21.0670 3588 [ AF4DEE5531395DEE72B35B36C9671FD0 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
19:22:21.0670 3588 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
19:22:21.0670 3588 [ 909EEDCBD365BB81027D8E742E6B3416 ] C:\Windows\System32\drivers\nvmf6264.sys
19:22:21.0670 3588 C:\Windows\System32\drivers\nvmf6264.sys - ok
19:22:21.0686 3588 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] C:\Windows\System32\drivers\atikmpag.sys
19:22:21.0686 3588 C:\Windows\System32\drivers\atikmpag.sys - ok
19:22:21.0686 3588 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
19:22:21.0686 3588 C:\Windows\System32\ntdll.dll - ok
19:22:21.0686 3588 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
19:22:21.0686 3588 C:\Windows\System32\smss.exe - ok
19:22:21.0686 3588 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] C:\Windows\System32\drivers\atikmdag.sys
19:22:21.0686 3588 C:\Windows\System32\drivers\atikmdag.sys - ok
19:22:21.0702 3588 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
19:22:21.0702 3588 C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:22:21.0702 3588 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
19:22:21.0702 3588 C:\Windows\System32\drivers\dxgmms1.sys - ok
19:22:21.0702 3588 [ DDF52C4C92D831A4CDB7788B37585E36 ] C:\Windows\System32\drivers\agrsm64.sys
19:22:21.0702 3588 C:\Windows\System32\drivers\agrsm64.sys - ok
19:22:21.0702 3588 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
19:22:21.0702 3588 C:\Windows\System32\drivers\usbd.sys - ok
19:22:21.0717 3588 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
19:22:21.0717 3588 C:\Windows\System32\drivers\CompositeBus.sys - ok
19:22:21.0717 3588 [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
19:22:21.0717 3588 C:\Windows\System32\drivers\modem.sys - ok
19:22:21.0717 3588 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
19:22:21.0717 3588 C:\Windows\System32\drivers\agilevpn.sys - ok
19:22:21.0733 3588 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
19:22:21.0733 3588 C:\Windows\System32\drivers\ndistapi.sys - ok
19:22:21.0733 3588 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
19:22:21.0733 3588 C:\Windows\System32\drivers\ndiswan.sys - ok
19:22:21.0733 3588 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
19:22:21.0733 3588 C:\Windows\System32\drivers\rasl2tp.sys - ok
19:22:21.0733 3588 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] C:\Windows\System32\drivers\hamachi.sys
19:22:21.0733 3588 C:\Windows\System32\drivers\hamachi.sys - ok
19:22:21.0748 3588 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
19:22:21.0748 3588 C:\Windows\System32\drivers\raspppoe.sys - ok
19:22:21.0748 3588 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
19:22:21.0748 3588 C:\Windows\System32\drivers\raspptp.sys - ok
19:22:21.0748 3588 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
19:22:21.0748 3588 C:\Windows\System32\drivers\rassstp.sys - ok
19:22:21.0764 3588 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
19:22:21.0764 3588 C:\Windows\System32\drivers\ks.sys - ok
19:22:21.0764 3588 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
19:22:21.0764 3588 C:\Windows\System32\drivers\mouclass.sys - ok
19:22:21.0764 3588 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
19:22:21.0764 3588 C:\Windows\System32\drivers\swenum.sys - ok
19:22:21.0764 3588 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
19:22:21.0764 3588 C:\Windows\System32\drivers\umbus.sys - ok
19:22:21.0780 3588 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
19:22:21.0780 3588 C:\Windows\System32\drivers\usbhub.sys - ok
19:22:21.0780 3588 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
19:22:21.0780 3588 C:\Windows\System32\drivers\ndproxy.sys - ok
19:22:21.0780 3588 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
19:22:21.0780 3588 C:\Windows\System32\drivers\drmk.sys - ok
19:22:21.0795 3588 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
19:22:21.0795 3588 C:\Windows\System32\drivers\portcls.sys - ok
19:22:21.0795 3588 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] C:\Windows\System32\drivers\RTKVHD64.sys
19:22:21.0795 3588 C:\Windows\System32\drivers\RTKVHD64.sys - ok
19:22:21.0795 3588 [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
19:22:21.0795 3588 C:\Windows\System32\drivers\HdAudio.sys - ok
19:22:21.0795 3588 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
19:22:21.0795 3588 C:\Windows\System32\drivers\ksthunk.sys - ok
19:22:21.0811 3588 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
19:22:21.0811 3588 C:\Windows\System32\drivers\USBSTOR.SYS - ok
19:22:21.0811 3588 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
19:22:21.0811 3588 C:\Windows\System32\drivers\cdfs.sys - ok
19:22:21.0811 3588 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
19:22:21.0811 3588 C:\Windows\System32\drivers\hidclass.sys - ok
19:22:21.0826 3588 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
19:22:21.0826 3588 C:\Windows\System32\drivers\hidparse.sys - ok
19:22:21.0826 3588 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
19:22:21.0826 3588 C:\Windows\System32\drivers\hidusb.sys - ok
19:22:21.0826 3588 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
19:22:21.0826 3588 C:\Windows\System32\drivers\mouhid.sys - ok
19:22:21.0826 3588 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
19:22:21.0826 3588 C:\Windows\System32\msvcrt.dll - ok
19:22:21.0842 3588 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
19:22:21.0842 3588 C:\Windows\System32\kernel32.dll - ok
19:22:21.0842 3588 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
19:22:21.0842 3588 C:\Windows\System32\advapi32.dll - ok
19:22:21.0842 3588 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
19:22:21.0842 3588 C:\Windows\System32\ole32.dll - ok
19:22:21.0842 3588 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
19:22:21.0842 3588 C:\Windows\System32\user32.dll - ok
19:22:21.0858 3588 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
19:22:21.0858 3588 C:\Windows\System32\imagehlp.dll - ok
19:22:21.0858 3588 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
19:22:21.0858 3588 C:\Windows\System32\difxapi.dll - ok
19:22:21.0858 3588 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
19:22:21.0858 3588 C:\Windows\System32\lpk.dll - ok
19:22:21.0873 3588 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
19:22:21.0873 3588 C:\Windows\System32\sechost.dll - ok
19:22:21.0873 3588 [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll
19:22:21.0873 3588 C:\Windows\System32\wininet.dll - ok
19:22:21.0873 3588 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
19:22:21.0873 3588 C:\Windows\System32\oleaut32.dll - ok
19:22:21.0873 3588 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
19:22:21.0873 3588 C:\Windows\System32\setupapi.dll - ok
19:22:21.0889 3588 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
19:22:21.0889 3588 C:\Windows\System32\shlwapi.dll - ok
19:22:21.0889 3588 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
19:22:21.0889 3588 C:\Windows\System32\nsi.dll - ok
19:22:21.0889 3588 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
19:22:21.0889 3588 C:\Windows\System32\psapi.dll - ok
19:22:21.0889 3588 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
19:22:21.0889 3588 C:\Windows\System32\Wldap32.dll - ok
19:22:21.0904 3588 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
19:22:21.0904 3588 C:\Windows\System32\gdi32.dll - ok
19:22:21.0904 3588 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
19:22:21.0904 3588 C:\Windows\System32\normaliz.dll - ok
19:22:21.0904 3588 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
19:22:21.0904 3588 C:\Windows\System32\ws2_32.dll - ok
19:22:21.0920 3588 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
19:22:21.0920 3588 C:\Windows\System32\shell32.dll - ok
19:22:21.0920 3588 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
19:22:21.0920 3588 C:\Windows\System32\comdlg32.dll - ok
19:22:21.0920 3588 [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll
19:22:21.0920 3588 C:\Windows\System32\iertutil.dll - ok
19:22:21.0920 3588 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
19:22:21.0920 3588 C:\Windows\System32\msctf.dll - ok
19:22:21.0936 3588 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
19:22:21.0936 3588 C:\Windows\System32\usp10.dll - ok
19:22:21.0936 3588 [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll
19:22:21.0936 3588 C:\Windows\System32\urlmon.dll - ok
19:22:21.0936 3588 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
19:22:21.0936 3588 C:\Windows\System32\clbcatq.dll - ok
19:22:21.0951 3588 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
19:22:21.0951 3588 C:\Windows\System32\rpcrt4.dll - ok
19:22:21.0951 3588 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
19:22:21.0951 3588 C:\Windows\System32\imm32.dll - ok
19:22:21.0951 3588 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
19:22:21.0951 3588 C:\Windows\System32\devobj.dll - ok
19:22:21.0951 3588 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
19:22:21.0951 3588 C:\Windows\System32\KernelBase.dll - ok
19:22:21.0967 3588 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
19:22:21.0967 3588 C:\Windows\System32\crypt32.dll - ok
19:22:21.0967 3588 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
19:22:21.0967 3588 C:\Windows\System32\wintrust.dll - ok
19:22:21.0967 3588 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
19:22:21.0967 3588 C:\Windows\System32\comctl32.dll - ok
19:22:21.0982 3588 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
19:22:21.0982 3588 C:\Windows\System32\cfgmgr32.dll - ok
19:22:21.0982 3588 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
19:22:21.0982 3588 C:\Windows\System32\msasn1.dll - ok
19:22:21.0982 3588 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
19:22:21.0982 3588 C:\Windows\SysWOW64\normaliz.dll - ok
19:22:21.0982 3588 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
19:22:21.0982 3588 C:\Windows\System32\drivers\dxapi.sys - ok
19:22:21.0998 3588 [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys
19:22:21.0998 3588 C:\Windows\System32\win32k.sys - ok
19:22:21.0998 3588 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
19:22:21.0998 3588 C:\Windows\System32\csrsrv.dll - ok
19:22:21.0998 3588 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
19:22:21.0998 3588 C:\Windows\System32\csrss.exe - ok
19:22:22.0014 3588 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
19:22:22.0014 3588 C:\Windows\System32\basesrv.dll - ok
19:22:22.0014 3588 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
19:22:22.0014 3588 C:\Windows\System32\winsrv.dll - ok
19:22:22.0014 3588 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
19:22:22.0014 3588 C:\Windows\System32\drivers\monitor.sys - ok
19:22:22.0014 3588 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
19:22:22.0014 3588 C:\Windows\System32\tsddd.dll - ok
19:22:22.0029 3588 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
19:22:22.0029 3588 C:\Windows\System32\sxssrv.dll - ok
19:22:22.0029 3588 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
19:22:22.0029 3588 C:\Windows\System32\wininit.exe - ok
19:22:22.0029 3588 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
19:22:22.0029 3588 C:\Windows\System32\cdd.dll - ok
19:22:22.0029 3588 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
19:22:22.0029 3588 C:\Windows\System32\profapi.dll - ok
19:22:22.0045 3588 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
19:22:22.0045 3588 C:\Windows\System32\RpcRtRemote.dll - ok
19:22:22.0045 3588 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
19:22:22.0045 3588 C:\Windows\System32\KBDUS.DLL - ok
19:22:22.0045 3588 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
19:22:22.0045 3588 C:\Windows\System32\sxs.dll - ok
19:22:22.0060 3588 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
19:22:22.0060 3588 C:\Windows\System32\WlS0WndH.dll - ok
19:22:22.0060 3588 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
19:22:22.0060 3588 C:\Windows\System32\cryptbase.dll - ok
19:22:22.0060 3588 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
19:22:22.0060 3588 C:\Windows\System32\winlogon.exe - ok
19:22:22.0060 3588 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
19:22:22.0060 3588 C:\Windows\System32\winsta.dll - ok
19:22:22.0076 3588 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
19:22:22.0076 3588 C:\Windows\System32\apphelp.dll - ok
19:22:22.0076 3588 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
19:22:22.0076 3588 C:\Windows\System32\lsass.exe - ok
19:22:22.0076 3588 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
19:22:22.0076 3588 C:\Windows\System32\lsm.exe - ok
19:22:22.0076 3588 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
19:22:22.0076 3588 C:\Windows\System32\services.exe - ok
19:22:22.0092 3588 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
19:22:22.0092 3588 C:\Windows\System32\sspicli.dll - ok
19:22:22.0092 3588 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
19:22:22.0092 3588 C:\Windows\System32\sspisrv.dll - ok
19:22:22.0092 3588 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
19:22:22.0092 3588 C:\Windows\System32\lsasrv.dll - ok
19:22:22.0107 3588 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
19:22:22.0107 3588 C:\Windows\System32\scesrv.dll - ok
19:22:22.0107 3588 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
19:22:22.0107 3588 C:\Windows\System32\scext.dll - ok
19:22:22.0107 3588 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
19:22:22.0107 3588 C:\Windows\System32\secur32.dll - ok
19:22:22.0107 3588 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
19:22:22.0107 3588 C:\Windows\System32\sysntfy.dll - ok
19:22:22.0123 3588 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
19:22:22.0123 3588 C:\Windows\System32\wmsgapi.dll - ok
19:22:22.0123 3588 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
19:22:22.0123 3588 C:\Windows\System32\samsrv.dll - ok
19:22:22.0123 3588 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
19:22:22.0123 3588 C:\Windows\System32\srvcli.dll - ok
19:22:22.0138 3588 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
19:22:22.0138 3588 C:\Windows\System32\cryptdll.dll - ok
19:22:22.0138 3588 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
19:22:22.0138 3588 C:\Windows\System32\wevtapi.dll - ok
19:22:22.0138 3588 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
19:22:22.0138 3588 C:\Windows\System32\authz.dll - ok
19:22:22.0154 3588 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
19:22:22.0154 3588 C:\Windows\System32\cngaudit.dll - ok
19:22:22.0154 3588 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
19:22:22.0154 3588 C:\Windows\System32\ncrypt.dll - ok
19:22:22.0154 3588 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
19:22:22.0154 3588 C:\Windows\System32\bcrypt.dll - ok
19:22:22.0154 3588 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
19:22:22.0154 3588 C:\Windows\System32\msprivs.dll - ok
19:22:22.0170 3588 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
19:22:22.0170 3588 C:\Windows\System32\netjoin.dll - ok
19:22:22.0170 3588 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
19:22:22.0170 3588 C:\Windows\System32\kerberos.dll - ok
19:22:22.0170 3588 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
19:22:22.0170 3588 C:\Windows\System32\negoexts.dll - ok
19:22:22.0170 3588 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
19:22:22.0170 3588 C:\Windows\System32\cryptsp.dll - ok
19:22:22.0185 3588 [ 4AC74A462F3A0506B929F599B5E1B1FB ] C:\Windows\System32\atmfd.dll
19:22:22.0185 3588 C:\Windows\System32\atmfd.dll - ok
19:22:22.0185 3588 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
19:22:22.0185 3588 C:\Windows\System32\msv1_0.dll - ok
19:22:22.0185 3588 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
19:22:22.0185 3588 C:\Windows\System32\mswsock.dll - ok
19:22:22.0185 3588 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
19:22:22.0185 3588 C:\Windows\System32\wship6.dll - ok
19:22:22.0201 3588 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
19:22:22.0201 3588 C:\Windows\System32\netlogon.dll - ok
19:22:22.0201 3588 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
19:22:22.0201 3588 C:\Windows\System32\dnsapi.dll - ok
19:22:22.0201 3588 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
19:22:22.0201 3588 C:\Windows\System32\logoncli.dll - ok
19:22:22.0216 3588 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
19:22:22.0216 3588 C:\Windows\System32\schannel.dll - ok
19:22:22.0216 3588 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
19:22:22.0216 3588 C:\Windows\System32\wdigest.dll - ok
19:22:22.0216 3588 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
19:22:22.0216 3588 C:\Windows\System32\pku2u.dll - ok
19:22:22.0216 3588 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
19:22:22.0216 3588 C:\Windows\System32\rsaenh.dll - ok
19:22:22.0232 3588 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
19:22:22.0232 3588 C:\Windows\System32\TSpkg.dll - ok
19:22:22.0232 3588 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
19:22:22.0232 3588 C:\Windows\System32\bcryptprimitives.dll - ok
19:22:22.0232 3588 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
19:22:22.0232 3588 C:\Windows\System32\LIVESSP.DLL - ok
19:22:22.0248 3588 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
19:22:22.0248 3588 C:\Windows\System32\credssp.dll - ok
19:22:22.0248 3588 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
19:22:22.0248 3588 C:\Windows\System32\efslsaext.dll - ok
19:22:22.0248 3588 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
19:22:22.0248 3588 C:\Windows\System32\scecli.dll - ok
19:22:22.0248 3588 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
19:22:22.0248 3588 C:\Windows\System32\ubpm.dll - ok
19:22:22.0263 3588 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
19:22:22.0263 3588 C:\Windows\System32\svchost.exe - ok
19:22:22.0263 3588 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
19:22:22.0263 3588 C:\Windows\System32\SPInf.dll - ok
19:22:22.0263 3588 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
19:22:22.0263 3588 C:\Windows\System32\umpnpmgr.dll - ok
19:22:22.0263 3588 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
19:22:22.0263 3588 C:\Windows\System32\devrtl.dll - ok
19:22:22.0279 3588 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
19:22:22.0279 3588 C:\Windows\System32\gpapi.dll - ok
19:22:22.0279 3588 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
19:22:22.0279 3588 C:\Windows\System32\userenv.dll - ok
19:22:22.0279 3588 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
19:22:22.0279 3588 C:\Windows\System32\umpo.dll - ok
19:22:22.0279 3588 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
19:22:22.0279 3588 C:\Windows\System32\pcwum.dll - ok
19:22:22.0294 3588 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
19:22:22.0294 3588 C:\Windows\System32\powrprof.dll - ok
19:22:22.0294 3588 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
19:22:22.0294 3588 C:\Windows\System32\drivers\luafv.sys - ok
19:22:22.0294 3588 [ 8570C04D9DBFDDD2CCF655DEB4D84715 ] C:\Windows\System32\drivers\PDFsFilter.sys
19:22:22.0294 3588 C:\Windows\System32\drivers\PDFsFilter.sys - ok
19:22:22.0310 3588 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
19:22:22.0310 3588 C:\Windows\System32\drivers\WUDFPf.sys - ok
19:22:22.0310 3588 [ 43BC8151893AE6AFE42E149D663C2221 ] C:\Windows\System32\nvvsvc.exe
19:22:22.0310 3588 C:\Windows\System32\nvvsvc.exe - ok
19:22:22.0310 3588 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
19:22:22.0310 3588 C:\Windows\System32\wtsapi32.dll - ok
19:22:22.0310 3588 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
19:22:22.0310 3588 C:\Windows\System32\rpcss.dll - ok
19:22:22.0326 3588 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
19:22:22.0326 3588 C:\Windows\System32\RpcEpMap.dll - ok
19:22:22.0326 3588 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
19:22:22.0326 3588 C:\Windows\System32\wshqos.dll - ok
19:22:22.0326 3588 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
19:22:22.0326 3588 C:\Windows\System32\WSHTCPIP.DLL - ok
19:22:22.0341 3588 [ 20C8A3E435A47F0408A1EA674AFA6194 ] C:\Windows\System32\atiesrxx.exe
19:22:22.0341 3588 C:\Windows\System32\atiesrxx.exe - ok
19:22:22.0341 3588 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
19:22:22.0341 3588 C:\Windows\System32\FirewallAPI.dll - ok
19:22:22.0341 3588 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
19:22:22.0341 3588 C:\Windows\System32\LogonUI.exe - ok
19:22:22.0341 3588 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
19:22:22.0341 3588 C:\Windows\System32\version.dll - ok
19:22:22.0357 3588 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
19:22:22.0357 3588 C:\Windows\System32\authui.dll - ok
19:22:22.0357 3588 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
19:22:22.0357 3588 C:\Windows\System32\wevtsvc.dll - ok
19:22:22.0357 3588 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
19:22:22.0357 3588 C:\Windows\System32\audiosrv.dll - ok
19:22:22.0372 3588 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
19:22:22.0372 3588 C:\Windows\System32\ntmarta.dll - ok
19:22:22.0372 3588 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
19:22:22.0372 3588 C:\Windows\System32\mmcss.dll - ok
19:22:22.0372 3588 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
19:22:22.0372 3588 C:\Windows\System32\profsvc.dll - ok
19:22:22.0372 3588 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
19:22:22.0372 3588 C:\Windows\System32\cryptui.dll - ok
19:22:22.0388 3588 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
19:22:22.0388 3588 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
19:22:22.0388 3588 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
19:22:22.0388 3588 C:\Windows\System32\samlib.dll - ok
19:22:22.0388 3588 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
19:22:22.0388 3588 C:\Windows\System32\shacct.dll - ok
19:22:22.0404 3588 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
19:22:22.0404 3588 C:\Windows\System32\propsys.dll - ok
19:22:22.0404 3588 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
19:22:22.0404 3588 C:\Windows\System32\uxtheme.dll - ok
19:22:22.0404 3588 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
19:22:22.0404 3588 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
19:22:22.0404 3588 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
19:22:22.0404 3588 C:\Windows\System32\dui70.dll - ok
19:22:22.0419 3588 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
19:22:22.0419 3588 C:\Windows\System32\adtschema.dll - ok
19:22:22.0419 3588 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
19:22:22.0419 3588 C:\Windows\System32\netprofm.dll - ok
19:22:22.0419 3588 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
19:22:22.0419 3588 C:\Windows\System32\duser.dll - ok
19:22:22.0419 3588 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
19:22:22.0419 3588 C:\Windows\System32\hid.dll - ok
19:22:22.0435 3588 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
19:22:22.0435 3588 C:\Windows\System32\SndVolSSO.dll - ok
19:22:22.0435 3588 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
19:22:22.0435 3588 C:\Windows\System32\dwmapi.dll - ok
19:22:22.0435 3588 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
19:22:22.0435 3588 C:\Windows\System32\MMDevAPI.dll - ok
19:22:22.0450 3588 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
19:22:22.0450 3588 C:\Windows\System32\xmllite.dll - ok
19:22:22.0450 3588 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
19:22:22.0450 3588 C:\Windows\System32\WindowsCodecs.dll - ok
19:22:22.0450 3588 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
19:22:22.0450 3588 C:\Windows\System32\VaultCredProvider.dll - ok
19:22:22.0450 3588 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
19:22:22.0450 3588 C:\Windows\System32\winbrand.dll - ok
19:22:22.0466 3588 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:22:22.0466 3588 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:22:22.0466 3588 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
19:22:22.0466 3588 C:\Windows\System32\BioCredProv.dll - ok
19:22:22.0466 3588 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
19:22:22.0466 3588 C:\Windows\System32\credui.dll - ok
19:22:22.0466 3588 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
19:22:22.0466 3588 C:\Windows\System32\winbio.dll - ok
19:22:22.0482 3588 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
19:22:22.0482 3588 C:\Windows\System32\netapi32.dll - ok
19:22:22.0482 3588 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
19:22:22.0482 3588 C:\Windows\System32\vaultcli.dll - ok
19:22:22.0482 3588 [ EDF4DEC1041EEAF78A0B1E16C1BB4CC4 ] C:\Windows\System32\fthsvc.dll
19:22:22.0482 3588 C:\Windows\System32\fthsvc.dll - ok
19:22:22.0497 3588 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
19:22:22.0497 3588 C:\Windows\System32\MPSSVC.dll - ok
19:22:22.0497 3588 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
19:22:22.0497 3588 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
19:22:22.0497 3588 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
19:22:22.0497 3588 C:\Windows\System32\WUDFPlatform.dll - ok
19:22:22.0497 3588 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
19:22:22.0497 3588 C:\Windows\System32\avrt.dll - ok
19:22:22.0513 3588 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
19:22:22.0513 3588 C:\Windows\System32\netutils.dll - ok
19:22:22.0513 3588 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
19:22:22.0513 3588 C:\Windows\System32\wkscli.dll - ok
19:22:22.0513 3588 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
19:22:22.0513 3588 C:\Windows\System32\samcli.dll - ok
19:22:22.0528 3588 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
19:22:22.0528 3588 C:\Windows\System32\certCredProvider.dll - ok
19:22:22.0528 3588 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
19:22:22.0528 3588 C:\Windows\System32\drivers\fltMgr.sys - ok
19:22:22.0528 3588 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
19:22:22.0528 3588 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
19:22:22.0528 3588 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
19:22:22.0528 3588 C:\Windows\System32\rasplap.dll - ok
19:22:22.0544 3588 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
19:22:22.0544 3588 C:\Windows\System32\PSHED.DLL - ok
19:22:22.0544 3588 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
19:22:22.0544 3588 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
19:22:22.0544 3588 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
19:22:22.0544 3588 C:\Windows\System32\rasapi32.dll - ok
19:22:22.0560 3588 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
19:22:22.0560 3588 C:\Windows\System32\rasman.dll - ok
19:22:22.0560 3588 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
19:22:22.0560 3588 C:\Windows\System32\rtutils.dll - ok
19:22:22.0560 3588 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
19:22:22.0560 3588 C:\Windows\System32\oleacc.dll - ok
19:22:22.0560 3588 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
19:22:22.0560 3588 C:\Windows\System32\audiodg.exe - ok
19:22:22.0575 3588 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
19:22:22.0575 3588 C:\Windows\System32\UIAutomationCore.dll - ok
19:22:22.0575 3588 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
19:22:22.0575 3588 C:\Windows\System32\atl.dll - ok
19:22:22.0575 3588 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
19:22:22.0575 3588 C:\Windows\System32\winmm.dll - ok
19:22:22.0591 3588 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
19:22:22.0591 3588 C:\Windows\System32\gpsvc.dll - ok
19:22:22.0591 3588 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
19:22:22.0591 3588 C:\Windows\System32\ksuser.dll - ok
19:22:22.0591 3588 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
19:22:22.0591 3588 C:\Windows\System32\wdmaud.drv - ok
19:22:22.0591 3588 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
19:22:22.0591 3588 C:\Windows\System32\AudioSes.dll - ok
19:22:22.0591 3588 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
19:22:22.0591 3588 C:\Windows\System32\nlaapi.dll - ok
19:22:22.0606 3588 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
19:22:22.0606 3588 C:\Windows\System32\themeservice.dll - ok
19:22:22.0606 3588 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
19:22:22.0606 3588 C:\Windows\System32\dsrole.dll - ok
19:22:22.0606 3588 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
19:22:22.0606 3588 C:\Windows\System32\es.dll - ok
19:22:22.0622 3588 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
19:22:22.0622 3588 C:\Windows\System32\msacm32.dll - ok
19:22:22.0622 3588 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
19:22:22.0622 3588 C:\Windows\System32\msacm32.drv - ok
19:22:22.0622 3588 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
19:22:22.0622 3588 C:\Windows\System32\slc.dll - ok
19:22:22.0622 3588 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
19:22:22.0622 3588 C:\Windows\System32\midimap.dll - ok
19:22:22.0638 3588 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
19:22:22.0638 3588 C:\Windows\System32\AudioEng.dll - ok
19:22:22.0638 3588 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
19:22:22.0638 3588 C:\Windows\System32\comres.dll - ok
19:22:22.0638 3588 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
19:22:22.0638 3588 C:\Windows\System32\Sens.dll - ok
19:22:22.0653 3588 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
19:22:22.0653 3588 C:\Windows\System32\uxsms.dll - ok
19:22:22.0653 3588 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
19:22:22.0653 3588 C:\Windows\System32\WUDFSvc.dll - ok
19:22:22.0653 3588 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
19:22:22.0653 3588 C:\Windows\System32\AUDIOKSE.dll - ok
19:22:22.0653 3588 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
19:22:22.0653 3588 C:\Windows\System32\UXInit.dll - ok
19:22:22.0669 3588 [ D29819CE651FF9BDE858BFC9D795C784 ] C:\Windows\System32\atieclxx.exe
19:22:22.0669 3588 C:\Windows\System32\atieclxx.exe - ok
19:22:22.0669 3588 [ 1C029C75969E1D068B62061924E40DA1 ] C:\Windows\System32\atiadlxx.dll
19:22:22.0669 3588 C:\Windows\System32\atiadlxx.dll - ok
19:22:22.0669 3588 [ 853A17F7CED7ADE5A177520D5EAEC895 ] C:\Windows\System32\RtkAPO64.dll
19:22:22.0669 3588 C:\Windows\System32\RtkAPO64.dll - ok
19:22:22.0669 3588 [ 744D251E7AE80722B08076E160D76151 ] C:\Windows\System32\nvsvc64.dll
19:22:22.0669 3588 C:\Windows\System32\nvsvc64.dll - ok
19:22:22.0684 3588 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
19:22:22.0684 3588 C:\Windows\System32\drivers\lltdio.sys - ok
19:22:22.0684 3588 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
19:22:22.0684 3588 C:\Windows\System32\drivers\rspndr.sys - ok
19:22:22.0684 3588 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
19:22:22.0684 3588 C:\Windows\System32\IPHLPAPI.DLL - ok
19:22:22.0700 3588 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
19:22:22.0700 3588 C:\Windows\System32\lmhsvc.dll - ok
19:22:22.0700 3588 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
19:22:22.0700 3588 C:\Windows\System32\nsisvc.dll - ok
19:22:22.0700 3588 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
19:22:22.0700 3588 C:\Windows\System32\dhcpcore.dll - ok
19:22:22.0700 3588 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
19:22:22.0700 3588 C:\Windows\System32\imageres.dll - ok
19:22:22.0716 3588 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
19:22:22.0716 3588 C:\Windows\System32\nrpsrv.dll - ok
19:22:22.0716 3588 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
19:22:22.0716 3588 C:\Windows\System32\winnsi.dll - ok
19:22:22.0716 3588 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
19:22:22.0716 3588 C:\Windows\System32\dnsrslvr.dll - ok
19:22:22.0731 3588 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
19:22:22.0731 3588 C:\Windows\System32\FWPUCLNT.DLL - ok
19:22:22.0731 3588 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
19:22:22.0731 3588 C:\Windows\System32\dhcpcore6.dll - ok
19:22:22.0731 3588 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
19:22:22.0731 3588 C:\Windows\System32\dnsext.dll - ok
19:22:22.0731 3588 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
19:22:22.0731 3588 C:\Windows\System32\dhcpcsvc.dll - ok
19:22:22.0747 3588 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
19:22:22.0747 3588 C:\Windows\System32\dhcpcsvc6.dll - ok
19:22:22.0747 3588 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
19:22:22.0747 3588 C:\Windows\System32\shsvcs.dll - ok
19:22:22.0747 3588 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
19:22:22.0747 3588 C:\Windows\System32\schedsvc.dll - ok
19:22:22.0762 3588 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
19:22:22.0762 3588 C:\Windows\System32\ktmw32.dll - ok
19:22:22.0762 3588 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
19:22:22.0762 3588 C:\Windows\System32\WMALFXGFXDSP.dll - ok
19:22:22.0762 3588 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
19:22:22.0762 3588 C:\Windows\System32\drivers\fastfat.sys - ok
19:22:22.0762 3588 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
19:22:22.0762 3588 C:\Windows\System32\mfplat.dll - ok
19:22:22.0778 3588 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
19:22:22.0778 3588 C:\Windows\System32\taskcomp.dll - ok
19:22:22.0778 3588 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
19:22:22.0778 3588 C:\Windows\System32\drivers\http.sys - ok
19:22:22.0778 3588 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
19:22:22.0778 3588 C:\Windows\System32\spoolsv.exe - ok
19:22:22.0794 3588 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
19:22:22.0794 3588 C:\Windows\System32\fveapi.dll - ok
19:22:22.0794 3588 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
19:22:22.0794 3588 C:\Windows\System32\fvecerts.dll - ok
19:22:22.0794 3588 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
19:22:22.0794 3588 C:\Windows\System32\tbs.dll - ok
19:22:22.0809 3588 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
19:22:22.0809 3588 C:\Windows\System32\msimg32.dll - ok
19:22:22.0809 3588 [ 4536587738B28AE0FCFA864654E90BE8 ] C:\Windows\System32\nvapi64.dll
19:22:22.0809 3588 C:\Windows\System32\nvapi64.dll - ok
19:22:22.0809 3588 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
19:22:22.0809 3588 C:\Windows\System32\wiarpc.dll - ok
19:22:22.0825 3588 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
19:22:22.0825 3588 C:\Windows\System32\BFE.DLL - ok
19:22:22.0825 3588 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
19:22:22.0825 3588 C:\Windows\System32\drivers\srvnet.sys - ok
19:22:22.0825 3588 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
19:22:22.0825 3588 C:\Windows\System32\drivers\bowser.sys - ok
19:22:22.0825 3588 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
19:22:22.0825 3588 C:\Windows\System32\drivers\mpsdrv.sys - ok
19:22:22.0840 3588 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
19:22:22.0840 3588 C:\Windows\System32\drivers\mrxsmb.sys - ok
19:22:22.0840 3588 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
19:22:22.0840 3588 C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:22:22.0840 3588 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
19:22:22.0840 3588 C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:22:22.0840 3588 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
19:22:22.0840 3588 C:\Windows\System32\drivers\srv2.sys - ok
19:22:22.0856 3588 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
19:22:22.0856 3588 C:\Windows\System32\wfapigp.dll - ok
19:22:22.0856 3588 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
19:22:22.0856 3588 C:\Windows\System32\wkssvc.dll - ok
19:22:22.0856 3588 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
19:22:22.0856 3588 C:\Windows\System32\drivers\srv.sys - ok
19:22:22.0856 3588 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
19:22:22.0856 3588 C:\Windows\System32\browser.dll - ok
19:22:22.0872 3588 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
19:22:22.0872 3588 C:\Windows\System32\srvsvc.dll - ok
19:22:22.0872 3588 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
19:22:22.0872 3588 C:\Windows\System32\clusapi.dll - ok
19:22:22.0872 3588 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
19:22:22.0872 3588 C:\Windows\System32\netmsg.dll - ok
19:22:22.0887 3588 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
19:22:22.0887 3588 C:\Windows\System32\sscore.dll - ok
19:22:22.0887 3588 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
19:22:22.0887 3588 C:\Windows\System32\resutils.dll - ok
19:22:22.0887 3588 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
19:22:22.0887 3588 C:\Windows\System32\mscms.dll - ok
19:22:22.0887 3588 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
19:22:22.0887 3588 C:\Windows\System32\pcasvc.dll - ok
19:22:22.0903 3588 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
19:22:22.0903 3588 C:\Windows\System32\snmptrap.exe - ok
19:22:22.0903 3588 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
19:22:22.0903 3588 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
19:22:22.0903 3588 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
19:22:22.0903 3588 C:\Windows\System32\provsvc.dll - ok
19:22:22.0903 3588 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
19:22:22.0903 3588 C:\Windows\System32\sstpsvc.dll - ok
19:22:22.0918 3588 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
19:22:22.0918 3588 C:\Windows\System32\winspool.drv - ok
19:22:22.0918 3588 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
19:22:22.0918 3588 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
19:22:22.0918 3588 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
19:22:22.0918 3588 C:\Program Files\Bonjour\mdnsNSP.dll - ok
19:22:22.0934 3588 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
19:22:22.0934 3588 C:\Windows\System32\rasadhlp.dll - ok
19:22:22.0934 3588 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
19:22:22.0934 3588 C:\Windows\System32\localspl.dll - ok
19:22:22.0934 3588 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
19:22:22.0934 3588 C:\Windows\System32\umb.dll - ok
19:22:22.0934 3588 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
19:22:22.0934 3588 C:\Windows\System32\spoolss.dll - ok
19:22:22.0950 3588 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
19:22:22.0950 3588 C:\Windows\System32\FXSMON.dll - ok
19:22:22.0950 3588 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
19:22:22.0950 3588 C:\Windows\System32\PrintIsolationProxy.dll - ok
19:22:22.0950 3588 [ F3319EB0062F86F186E06F86A50B8535 ] C:\Windows\System32\hpz3l5ha.dll
19:22:22.0950 3588 C:\Windows\System32\hpz3l5ha.dll - ok
19:22:22.0965 3588 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
19:22:22.0965 3588 C:\Windows\System32\tcpmon.dll - ok
19:22:22.0965 3588 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
19:22:22.0965 3588 C:\Windows\System32\snmpapi.dll - ok
19:22:22.0965 3588 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
19:22:22.0965 3588 C:\Windows\System32\wsnmp32.dll - ok
19:22:22.0965 3588 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
19:22:22.0965 3588 C:\Windows\System32\msxml6.dll - ok
19:22:22.0981 3588 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
19:22:22.0981 3588 C:\Windows\System32\usbmon.dll - ok
19:22:22.0981 3588 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
19:22:22.0981 3588 C:\Windows\System32\WSDMon.dll - ok
19:22:22.0981 3588 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
19:22:22.0981 3588 C:\Windows\System32\WSDApi.dll - ok
19:22:22.0981 3588 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
19:22:22.0981 3588 C:\Windows\System32\webservices.dll - ok
19:22:22.0996 3588 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
19:22:22.0996 3588 C:\Windows\System32\fundisc.dll - ok
19:22:22.0996 3588 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
 
19:22:22.0996 3588 C:\Windows\System32\fdPnp.dll - ok
19:22:22.0996 3588 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
19:22:22.0996 3588 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
19:22:23.0012 3588 [ 9769C4ACCFA81F1DBE7EAC6728D69BDD ] C:\Windows\System32\spool\prtprocs\x64\hpzpp5ha.dll
19:22:23.0012 3588 C:\Windows\System32\spool\prtprocs\x64\hpzpp5ha.dll - ok
19:22:23.0012 3588 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
19:22:23.0012 3588 C:\Windows\System32\win32spl.dll - ok
19:22:23.0012 3588 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
19:22:23.0012 3588 C:\Windows\System32\inetpp.dll - ok
19:22:23.0012 3588 [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:22:23.0012 3588 C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE - ok
19:22:23.0028 3588 [ B1EA9681502EE57F87DB71D726288A5B ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:22:23.0028 3588 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
19:22:23.0028 3588 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
19:22:23.0028 3588 C:\Windows\SysWOW64\ntdll.dll - ok
19:22:23.0028 3588 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
19:22:23.0028 3588 C:\Windows\System32\wow64.dll - ok
19:22:23.0028 3588 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
19:22:23.0028 3588 C:\Windows\System32\wow64win.dll - ok
19:22:23.0043 3588 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
19:22:23.0043 3588 C:\Windows\System32\wow64cpu.dll - ok
19:22:23.0043 3588 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
19:22:23.0043 3588 C:\Windows\SysWOW64\kernel32.dll - ok
19:22:23.0043 3588 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
19:22:23.0043 3588 C:\Windows\SysWOW64\KernelBase.dll - ok
19:22:23.0059 3588 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
19:22:23.0059 3588 C:\Windows\SysWOW64\user32.dll - ok
19:22:23.0059 3588 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
19:22:23.0059 3588 C:\Windows\SysWOW64\gdi32.dll - ok
19:22:23.0059 3588 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
19:22:23.0059 3588 C:\Windows\SysWOW64\lpk.dll - ok
19:22:23.0059 3588 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
19:22:23.0059 3588 C:\Windows\SysWOW64\usp10.dll - ok
19:22:23.0074 3588 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
19:22:23.0074 3588 C:\Windows\SysWOW64\msvcrt.dll - ok
19:22:23.0074 3588 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
19:22:23.0074 3588 C:\Windows\SysWOW64\advapi32.dll - ok
19:22:23.0074 3588 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
19:22:23.0074 3588 C:\Windows\SysWOW64\rpcrt4.dll - ok
19:22:23.0074 3588 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
19:22:23.0074 3588 C:\Windows\SysWOW64\sechost.dll - ok
19:22:23.0090 3588 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
19:22:23.0090 3588 C:\Windows\SysWOW64\cryptbase.dll - ok

19:22:23.0090 3588 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
19:22:23.0090 3588 C:\Windows\SysWOW64\shell32.dll - ok
19:22:23.0090 3588 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
19:22:23.0090 3588 C:\Windows\SysWOW64\sspicli.dll - ok
19:22:23.0106 3588 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
19:22:23.0106 3588 C:\Windows\SysWOW64\shlwapi.dll - ok
19:22:23.0106 3588 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
19:22:23.0106 3588 C:\Windows\SysWOW64\ole32.dll - ok
19:22:23.0106 3588 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
19:22:23.0106 3588 C:\Windows\SysWOW64\oleaut32.dll - ok
19:22:23.0106 3588 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
19:22:23.0106 3588 C:\Windows\SysWOW64\crypt32.dll - ok
19:22:23.0121 3588 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
19:22:23.0121 3588 C:\Windows\SysWOW64\msasn1.dll - ok
19:22:23.0121 3588 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
19:22:23.0121 3588 C:\Windows\SysWOW64\wintrust.dll - ok
19:22:23.0121 3588 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
19:22:23.0121 3588 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
19:22:23.0121 3588 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
19:22:23.0121 3588 C:\Windows\SysWOW64\imm32.dll - ok
19:22:23.0137 3588 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
19:22:23.0137 3588 C:\Windows\SysWOW64\msctf.dll - ok

19:22:23.0137 3588 [ 7EF47644B74EBE721CC32211D3C35E76 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:22:23.0137 3588 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
19:22:23.0137 3588 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
19:22:23.0137 3588 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
19:22:23.0152 3588 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
19:22:23.0152 3588 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
19:22:23.0152 3588 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
19:22:23.0152 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
19:22:23.0152 3588 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
19:22:23.0152 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
19:22:23.0152 3588 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
19:22:23.0152 3588 C:\Windows\SysWOW64\version.dll - ok

19:22:23.0168 3588 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
19:22:23.0168 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
19:22:23.0168 3588 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
19:22:23.0168 3588 C:\Windows\SysWOW64\nsi.dll - ok
19:22:23.0168 3588 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
19:22:23.0168 3588 C:\Windows\SysWOW64\ws2_32.dll - ok
19:22:23.0184 3588 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
19:22:23.0184 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
19:22:23.0184 3588 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
19:22:23.0184 3588 C:\Windows\SysWOW64\wsock32.dll - ok
19:22:23.0184 3588 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
19:22:23.0184 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
19:22:23.0184 3588 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
19:22:23.0184 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
19:22:23.0199 3588 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
19:22:23.0199 3588 C:\Windows\SysWOW64\winmm.dll - ok
19:22:23.0199 3588 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
19:22:23.0199 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
19:22:23.0199 3588 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
19:22:23.0199 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

19:22:23.0215 3588 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
19:22:23.0215 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
19:22:23.0215 3588 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
19:22:23.0215 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
19:22:23.0215 3588 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
19:22:23.0215 3588 C:\Windows\SysWOW64\profapi.dll - ok
19:22:23.0230 3588 [ F8ECB748B53A010464F7A63154D75F56 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
19:22:23.0230 3588 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
19:22:23.0230 3588 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
19:22:23.0230 3588 C:\Windows\SysWOW64\setupapi.dll - ok
19:22:23.0230 3588 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
19:22:23.0230 3588 C:\Windows\SysWOW64\cfgmgr32.dll - ok
19:22:23.0230 3588 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
19:22:23.0230 3588 C:\Windows\SysWOW64\devobj.dll - ok
19:22:23.0246 3588 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
19:22:23.0246 3588 C:\Windows\SysWOW64\userenv.dll - ok
19:22:23.0246 3588 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
19:22:23.0246 3588 C:\Windows\SysWOW64\wtsapi32.dll - ok
19:22:23.0246 3588 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
19:22:23.0246 3588 C:\Windows\System32\cscapi.dll - ok
19:22:23.0246 3588 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
19:22:23.0246 3588 C:\Windows\System32\dllhost.exe - ok
19:22:23.0262 3588 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
19:22:23.0262 3588 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
19:22:23.0262 3588 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
19:22:23.0262 3588 C:\Windows\System32\IDStore.dll - ok
19:22:23.0262 3588 [ 001D7099C3DB8E53A955FF4D66E25AA2 ] C:\Windows\System32\kbd101.dll
19:22:23.0262 3588 C:\Windows\System32\kbd101.dll - ok
19:22:23.0277 3588 [ A1D990022654CFE37E2561E540F0253B ] C:\Windows\System32\kbd106.dll
19:22:23.0277 3588 C:\Windows\System32\kbd106.dll - ok
19:22:23.0277 3588 [ 6D707786D7163383C64F07263BB9478E ] C:\Windows\System32\KBDJPN.DLL
19:22:23.0277 3588 C:\Windows\System32\KBDJPN.DLL - ok
19:22:23.0277 3588 [ 117865AD39587EB4DA218AAF2E559B8C ] C:\Windows\System32\kbdnec.dll
19:22:23.0277 3588 C:\Windows\System32\kbdnec.dll - ok
19:22:23.0277 3588 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
19:22:23.0277 3588 C:\Windows\System32\taskhost.exe - ok
19:22:23.0293 3588 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
19:22:23.0293 3588 C:\Windows\System32\MsCtfMonitor.dll - ok
19:22:23.0293 3588 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
19:22:23.0293 3588 C:\Windows\System32\msutb.dll - ok
19:22:23.0293 3588 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
19:22:23.0293 3588 C:\Windows\System32\taskeng.exe - ok
19:22:23.0293 3588 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
19:22:23.0293 3588 C:\Windows\System32\TSChannel.dll - ok
19:22:23.0308 3588 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
19:22:23.0308 3588 C:\Windows\System32\AtBroker.exe - ok
19:22:23.0308 3588 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
19:22:23.0308 3588 C:\Windows\System32\mpr.dll - ok
19:22:23.0308 3588 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
19:22:23.0308 3588 C:\Windows\System32\HotStartUserAgent.dll - ok
19:22:23.0324 3588 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
19:22:23.0324 3588 C:\Windows\System32\PlaySndSrv.dll - ok
19:22:23.0324 3588 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
19:22:23.0324 3588 C:\Windows\System32\userinit.exe - ok
19:22:23.0324 3588 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
19:22:23.0324 3588 C:\Windows\System32\dwm.exe - ok
19:22:23.0324 3588 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
19:22:23.0324 3588 C:\Windows\System32\dwmredir.dll - ok
19:22:23.0340 3588 [ D41A8A1751E52CCFCB209E09478A13DB ] C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
19:22:23.0340 3588 C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe - ok
19:22:23.0340 3588 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:22:23.0340 3588 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
19:22:23.0355 3588 [ 9FACF68EE6BDED00108002C61517D08A ] C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
19:22:23.0355 3588 C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe - ok
19:22:23.0355 3588 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
19:22:23.0355 3588 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
19:22:23.0355 3588 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
19:22:23.0355 3588 C:\Windows\SysWOW64\dnssd.dll - ok
19:22:23.0371 3588 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
19:22:23.0371 3588 C:\Windows\SysWOW64\ntmarta.dll - ok
19:22:23.0371 3588 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
19:22:23.0371 3588 C:\Windows\SysWOW64\Wldap32.dll - ok
19:22:23.0371 3588 [ BD5D11CEDBCDE4FA97D2387E7069B1FF ] C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
19:22:23.0371 3588 C:\Program Files (x86)\AVG\AVG2012\avgfws.exe - ok
19:22:23.0371 3588 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
19:22:23.0371 3588 C:\Windows\explorer.exe - ok
19:22:23.0386 3588 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
19:22:23.0386 3588 C:\Windows\System32\ExplorerFrame.dll - ok
19:22:23.0386 3588 [ 7B18A5CE7FE9FC43FDCC55161996262D ] C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
19:22:23.0386 3588 C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll - ok
19:22:23.0386 3588 [ 782AFE631FF002A2129A138CBD1239D6 ] C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
19:22:23.0386 3588 C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll - ok
19:22:23.0386 3588 [ 7BFD8C921139920C62945A4FEF466D5C ] C:\Program Files\TortoiseSVN\bin\TortoiseSVN.dll
19:22:23.0386 3588 C:\Program Files\TortoiseSVN\bin\TortoiseSVN.dll - ok
19:22:23.0402 3588 [ 77051FE4239E85FC2901A1769C715D84 ] C:\Program Files\TortoiseSVN\bin\libsvn_tsvn.dll
19:22:23.0402 3588 C:\Program Files\TortoiseSVN\bin\libsvn_tsvn.dll - ok
19:22:23.0402 3588 [ A593916E3B7DDA49DF7D6C90A5ACB324 ] C:\Program Files\TortoiseSVN\bin\libapr_tsvn.dll
19:22:23.0402 3588 C:\Program Files\TortoiseSVN\bin\libapr_tsvn.dll - ok
19:22:23.0402 3588 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
19:22:23.0402 3588 C:\Windows\System32\msvcr100.dll - ok
19:22:23.0402 3588 [ 054732155B90EED8CAD94F30E24C066B ] C:\Program Files\TortoiseSVN\bin\intl3_tsvn.dll
19:22:23.0402 3588 C:\Program Files\TortoiseSVN\bin\intl3_tsvn.dll - ok
19:22:23.0418 3588 [ FDBD09306ADC44FB8F3073068F65FE8B ] C:\Program Files\TortoiseSVN\bin\libaprutil_tsvn.dll
19:22:23.0418 3588 C:\Program Files\TortoiseSVN\bin\libaprutil_tsvn.dll - ok
19:22:23.0418 3588 [ FC4C2CB056690DFABF38FA4A88905334 ] C:\Program Files\TortoiseSVN\bin\libsasl.dll
19:22:23.0418 3588 C:\Program Files\TortoiseSVN\bin\libsasl.dll - ok
19:22:23.0418 3588 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
19:22:23.0418 3588 C:\Windows\System32\msvcp100.dll - ok
19:22:23.0433 3588 [ AF4F04FF1CAB93340262B17D5319EE9A ] C:\Program Files\TortoiseSVN\bin\crshhndl.dll
19:22:23.0433 3588 C:\Program Files\TortoiseSVN\bin\crshhndl.dll - ok
19:22:23.0433 3588 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
19:22:23.0433 3588 C:\Windows\System32\EhStorShell.dll - ok
19:22:23.0433 3588 [ 68D8AC3F047D3E105C1674FD4EF08913 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
19:22:23.0433 3588 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
19:22:23.0433 3588 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
19:22:23.0433 3588 C:\Windows\SysWOW64\mswsock.dll - ok
19:22:23.0449 3588 [ 2C478E667CE27B2B7142F756CF569A9A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
19:22:23.0449 3588 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
19:22:23.0449 3588 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
19:22:23.0449 3588 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
19:22:23.0449 3588 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll
19:22:23.0449 3588 C:\Windows\SysWOW64\wininet.dll - ok
19:22:23.0464 3588 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll
19:22:23.0464 3588 C:\Windows\SysWOW64\iertutil.dll - ok
19:22:23.0464 3588 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll
19:22:23.0464 3588 C:\Windows\SysWOW64\urlmon.dll - ok
19:22:23.0464 3588 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
19:22:23.0464 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
19:22:23.0464 3588 [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
19:22:23.0464 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
19:22:23.0480 3588 [ 93312F83FD4D5C38CEE8AA1265C061EE ] C:\Program Files (x86)\AVG\AVG2012\avgsysx.dll
19:22:23.0480 3588 C:\Program Files (x86)\AVG\AVG2012\avgsysx.dll - ok
19:22:23.0480 3588 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
19:22:23.0480 3588 C:\Windows\SysWOW64\rasapi32.dll - ok
19:22:23.0480 3588 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
19:22:23.0480 3588 C:\Windows\SysWOW64\rasman.dll - ok
19:22:23.0480 3588 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
19:22:23.0480 3588 C:\Windows\SysWOW64\snmpapi.dll - ok
19:22:23.0496 3588 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
19:22:23.0496 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
19:22:23.0496 3588 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
19:22:23.0496 3588 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
19:22:23.0496 3588 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
19:22:23.0496 3588 C:\Windows\SysWOW64\winnsi.dll - ok
19:22:23.0511 3588 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
19:22:23.0511 3588 C:\Windows\SysWOW64\netapi32.dll - ok
19:22:23.0511 3588 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
19:22:23.0511 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
19:22:23.0511 3588 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
19:22:23.0511 3588 C:\Windows\SysWOW64\netutils.dll - ok
19:22:23.0511 3588 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
19:22:23.0511 3588 C:\Windows\SysWOW64\srvcli.dll - ok
19:22:23.0527 3588 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
19:22:23.0527 3588 C:\Windows\SysWOW64\wkscli.dll - ok
19:22:23.0527 3588 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
19:22:23.0527 3588 C:\Windows\SysWOW64\logoncli.dll - ok
19:22:23.0527 3588 [ 91DC97F9DA3E2B59049D410870935C78 ] C:\Program Files (x86)\AVG\AVG2012\avgntopensslx.dll
19:22:23.0527 3588 C:\Program Files (x86)\AVG\AVG2012\avgntopensslx.dll - ok
19:22:23.0542 3588 [ 25CD97F030AE70AF458FF6AB0B7E9B2E ] C:\Program Files (x86)\AVG\AVG2012\avglogx.dll
19:22:23.0542 3588 C:\Program Files (x86)\AVG\AVG2012\avglogx.dll - ok
19:22:23.0542 3588 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] C:\Windows\System32\drivers\avgidsfiltera.sys
19:22:23.0542 3588 C:\Windows\System32\drivers\avgidsfiltera.sys - ok
19:22:23.0542 3588 [ EA1145DEBCD508FD25BD1E95C4346929 ] C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:22:23.0542 3588 C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe - ok
19:22:23.0542 3588 [ E2C78D19572AACC2062A00F01503807E ] C:\Program Files (x86)\AVG\AVG2012\avgcfgx.dll
19:22:23.0542 3588 C:\Program Files (x86)\AVG\AVG2012\avgcfgx.dll - ok
19:22:23.0558 3588 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
19:22:23.0558 3588 C:\Program Files\Bonjour\mDNSResponder.exe - ok
19:22:23.0558 3588 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
19:22:23.0558 3588 C:\Windows\System32\cryptsvc.dll - ok
19:22:23.0558 3588 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
19:22:23.0558 3588 C:\Windows\System32\dps.dll - ok
19:22:23.0558 3588 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
19:22:23.0558 3588 C:\Windows\System32\efscore.dll - ok
19:22:23.0574 3588 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
19:22:23.0574 3588 C:\Windows\System32\efssvc.dll - ok
19:22:23.0574 3588 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
19:22:23.0574 3588 C:\Windows\System32\IKEEXT.DLL - ok
19:22:23.0574 3588 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
19:22:23.0574 3588 C:\Windows\System32\cryptnet.dll - ok
19:22:23.0589 3588 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
19:22:23.0589 3588 C:\Windows\System32\efsutil.dll - ok
19:22:23.0589 3588 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
19:22:23.0589 3588 C:\Windows\System32\taskschd.dll - ok
19:22:23.0589 3588 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
19:22:23.0589 3588 C:\Windows\System32\vssapi.dll - ok
19:22:23.0589 3588 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
19:22:23.0589 3588 C:\Windows\System32\vsstrace.dll - ok
19:22:23.0605 3588 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
19:22:23.0605 3588 C:\Windows\System32\vpnikeapi.dll - ok
19:22:23.0605 3588 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
19:22:23.0605 3588 C:\Windows\System32\dwmcore.dll - ok
19:22:23.0605 3588 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
19:22:23.0605 3588 C:\Windows\System32\d3d10_1.dll - ok
19:22:23.0605 3588 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
19:22:23.0605 3588 C:\Windows\System32\d3d10_1core.dll - ok
19:22:23.0620 3588 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
19:22:23.0620 3588 C:\Windows\System32\dxgi.dll - ok
19:22:23.0620 3588 [ BDEF0087DA885F169A0EC296BB4E04F2 ] C:\Windows\System32\aticfx64.dll
19:22:23.0620 3588 C:\Windows\System32\aticfx64.dll - ok
19:22:23.0620 3588 [ 34087E8D8D13D2B37648C53CA048EF3C ] C:\Windows\System32\atiuxp64.dll
19:22:23.0620 3588 C:\Windows\System32\atiuxp64.dll - ok
19:22:23.0636 3588 [ DD82EB68D97944B192C7803EB585B03C ] C:\Program Files (x86)\IObit\Game Booster 3\rtl120.bpl
19:22:23.0636 3588 C:\Program Files (x86)\IObit\Game Booster 3\rtl120.bpl - ok
19:22:23.0636 3588 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
19:22:23.0636 3588 C:\Windows\SysWOW64\imagehlp.dll - ok
19:22:23.0636 3588 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
19:22:23.0636 3588 C:\Windows\SysWOW64\mpr.dll - ok
19:22:23.0636 3588 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
19:22:23.0636 3588 C:\Windows\SysWOW64\oleacc.dll - ok
19:22:23.0652 3588 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
19:22:23.0652 3588 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
19:22:23.0652 3588 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
19:22:23.0652 3588 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
19:22:23.0652 3588 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
19:22:23.0652 3588 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
19:22:23.0667 3588 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:22:23.0667 3588 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:22:23.0667 3588 [ 66E3C667D853DF349E310568F60B9B6A ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
19:22:23.0667 3588 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
19:22:23.0667 3588 [ FCF1A9C3FB29786946302B4470952D85 ] C:\Program Files (x86)\AVG\AVG2012\avgcslx.dll
19:22:23.0667 3588 C:\Program Files (x86)\AVG\AVG2012\avgcslx.dll - ok
19:22:23.0667 3588 [ AFF2E23E4E867140F07ABADC9E29ACDC ] C:\Program Files (x86)\AVG\AVG2012\avgopensslx.dll
19:22:23.0667 3588 C:\Program Files (x86)\AVG\AVG2012\avgopensslx.dll - ok
19:22:23.0683 3588 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
19:22:23.0683 3588 C:\Windows\SysWOW64\secur32.dll - ok
19:22:23.0683 3588 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
19:22:23.0683 3588 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
19:22:23.0683 3588 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
19:22:23.0683 3588 C:\Windows\SysWOW64\msi.dll - ok
19:22:23.0698 3588 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
19:22:23.0698 3588 C:\Windows\SysWOW64\cscapi.dll - ok
19:22:23.0698 3588 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
19:22:23.0698 3588 C:\Windows\SysWOW64\dbghelp.dll - ok
19:22:23.0698 3588 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
19:22:23.0698 3588 C:\Windows\SysWOW64\apphelp.dll - ok
19:22:23.0698 3588 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
19:22:23.0698 3588 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
19:22:23.0714 3588 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
19:22:23.0714 3588 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
19:22:23.0714 3588 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
19:22:23.0714 3588 C:\Windows\SysWOW64\clbcatq.dll - ok
19:22:23.0714 3588 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
19:22:23.0714 3588 C:\Windows\SysWOW64\mstask.dll - ok
19:22:23.0730 3588 [ 735C295D5C161F4927032585692B57B0 ] C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
19:22:23.0730 3588 C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe - ok
19:22:23.0730 3588 [ 773EBD87010A6F644869A59D98792C9C ] C:\Program Files (x86)\IObit\Game Booster 3\vcl120.bpl
19:22:23.0730 3588 C:\Program Files (x86)\IObit\Game Booster 3\vcl120.bpl - ok
19:22:23.0730 3588 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
19:22:23.0730 3588 C:\Windows\SysWOW64\comdlg32.dll - ok
19:22:23.0730 3588 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
19:22:23.0730 3588 C:\Windows\SysWOW64\msimg32.dll - ok
19:22:23.0745 3588 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
19:22:23.0745 3588 C:\Windows\SysWOW64\winspool.drv - ok
19:22:23.0745 3588 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
19:22:23.0745 3588 C:\Windows\System32\IconCodecService.dll - ok
19:22:23.0745 3588 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
19:22:23.0745 3588 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
19:22:23.0761 3588 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
19:22:23.0761 3588 C:\Windows\System32\dbghelp.dll - ok
19:22:23.0761 3588 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
19:22:23.0761 3588 C:\Windows\System32\runonce.exe - ok
19:22:23.0761 3588 [ B066155F34C74C20A14A2E717BBDF3C7 ] C:\Windows\System32\atidxx64.dll
19:22:23.0761 3588 C:\Windows\System32\atidxx64.dll - ok
19:22:23.0761 3588 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
19:22:23.0761 3588 C:\Windows\SysWOW64\propsys.dll - ok
19:22:23.0776 3588 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
19:22:23.0776 3588 C:\Windows\SysWOW64\olepro32.dll - ok
19:22:23.0776 3588 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
19:22:23.0776 3588 C:\Windows\SysWOW64\browcli.dll - ok
19:22:23.0776 3588 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
19:22:23.0776 3588 C:\Windows\SysWOW64\psapi.dll - ok
19:22:23.0776 3588 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
19:22:23.0776 3588 C:\Windows\SysWOW64\samcli.dll - ok
19:22:23.0792 3588 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
19:22:23.0792 3588 C:\Windows\SysWOW64\schedcli.dll - ok
19:22:23.0792 3588 [ D73B5BEFC8BB6E877A7E6437E2613FFA ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
19:22:23.0792 3588 C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
19:22:23.0792 3588 [ 108333981C841EB0FF198AA5DFCF3D3B ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:22:23.0792 3588 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
19:22:23.0808 3588 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
19:22:23.0808 3588 C:\Windows\SysWOW64\sxs.dll - ok
19:22:23.0808 3588 [ 61DACB0FBB1F7237FFEF769C23C903AF ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
19:22:23.0808 3588 C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
19:22:23.0808 3588 [ 60732ECEC8AEF0A05FE36E661AA1C99C ] C:\Program Files (x86)\AVG\AVG2012\avgclitx.dll
19:22:23.0808 3588 C:\Program Files (x86)\AVG\AVG2012\avgclitx.dll - ok
19:22:23.0808 3588 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
19:22:23.0808 3588 C:\Windows\SysWOW64\msxml6.dll - ok
19:22:23.0823 3588 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
19:22:23.0823 3588 C:\Windows\System32\netman.dll - ok
19:22:23.0823 3588 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
19:22:23.0823 3588 C:\Windows\System32\nlasvc.dll - ok
19:22:23.0823 3588 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
19:22:23.0823 3588 C:\Windows\System32\ncsi.dll - ok
19:22:23.0839 3588 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
19:22:23.0839 3588 C:\Windows\System32\winhttp.dll - ok
19:22:23.0839 3588 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
19:22:23.0839 3588 C:\Windows\System32\webio.dll - ok
19:22:23.0839 3588 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
19:22:23.0839 3588 C:\Windows\System32\aepic.dll - ok
19:22:23.0839 3588 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
19:22:23.0839 3588 C:\Windows\System32\drivers\PEAuth.sys - ok
19:22:23.0854 3588 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
19:22:23.0854 3588 C:\Windows\System32\sfc.dll - ok
19:22:23.0854 3588 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
19:22:23.0854 3588 C:\Windows\System32\sfc_os.dll - ok
19:22:23.0854 3588 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
19:22:23.0854 3588 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
19:22:23.0854 3588 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
19:22:23.0854 3588 C:\Windows\System32\aeevts.dll - ok
19:22:23.0870 3588 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] C:\Windows\SysWOW64\PnkBstrA.exe
19:22:23.0870 3588 C:\Windows\SysWOW64\PnkBstrA.exe - ok
19:22:23.0870 3588 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
19:22:23.0870 3588 C:\Windows\System32\ssdpapi.dll - ok
19:22:23.0870 3588 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
19:22:23.0870 3588 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
19:22:23.0886 3588 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
19:22:23.0886 3588 C:\Windows\System32\drivers\secdrv.sys - ok
19:22:23.0886 3588 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
19:22:23.0886 3588 C:\Windows\SysWOW64\cryptsp.dll - ok
19:22:23.0886 3588 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
19:22:23.0886 3588 C:\Windows\SysWOW64\rsaenh.dll - ok
19:22:23.0886 3588 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
19:22:23.0886 3588 C:\Windows\System32\httpapi.dll - ok
19:22:23.0901 3588 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
19:22:23.0901 3588 C:\Windows\System32\seclogon.dll - ok
19:22:23.0901 3588 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
19:22:23.0901 3588 C:\Windows\System32\wiaservc.dll - ok
19:22:23.0901 3588 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
19:22:23.0901 3588 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
19:22:23.0901 3588 [ A11B3865C0EE49DFE35EFD7F6CBAC5B9 ] C:\Program Files (x86)\iolo\Common\Lib\Res_55FD1D5A7AEF4DA38FAFA71B2A52FFC7.dll
19:22:23.0901 3588 C:\Program Files (x86)\iolo\Common\Lib\Res_55FD1D5A7AEF4DA38FAFA71B2A52FFC7.dll - ok
19:22:23.0917 3588 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
19:22:23.0917 3588 C:\Windows\System32\drivers\tcpipreg.sys - ok
19:22:23.0917 3588 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
19:22:23.0917 3588 C:\Windows\System32\sysmain.dll - ok
19:22:23.0917 3588 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
19:22:23.0917 3588 C:\Windows\System32\tapisrv.dll - ok
19:22:23.0917 3588 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
19:22:23.0917 3588 C:\Windows\System32\wiatrace.dll - ok
19:22:23.0932 3588 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
19:22:23.0932 3588 C:\Windows\System32\trkwks.dll - ok
19:22:23.0932 3588 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
19:22:23.0932 3588 C:\Windows\SysWOW64\oledlg.dll - ok
19:22:23.0932 3588 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
19:22:23.0932 3588 C:\Windows\SysWOW64\uxtheme.dll - ok
19:22:23.0948 3588 [ 07DE550E2C672BCA2B2FA3D082094CB7 ] C:\Program Files (x86)\IObit\Game Booster 3\PowerConfig.dll
19:22:23.0948 3588 C:\Program Files (x86)\IObit\Game Booster 3\PowerConfig.dll - ok
19:22:23.0948 3588 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
19:22:23.0948 3588 C:\Windows\SysWOW64\dwmapi.dll - ok
19:22:23.0948 3588 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
19:22:23.0948 3588 C:\Windows\SysWOW64\powrprof.dll - ok
19:22:23.0948 3588 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
19:22:23.0948 3588 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
19:22:23.0964 3588 [ AC633C7D40C63A197649955A512AD7BD ] C:\Program Files (x86)\AVG\AVG2012\avgwd.dll
19:22:23.0964 3588 C:\Program Files (x86)\AVG\AVG2012\avgwd.dll - ok
19:22:23.0964 3588 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
19:22:23.0964 3588 C:\Windows\SysWOW64\runonce.exe - ok
19:22:23.0964 3588 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
19:22:23.0964 3588 C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL - ok
19:22:23.0979 3588 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
19:22:23.0979 3588 C:\Windows\System32\IPSECSVC.DLL - ok
19:22:23.0979 3588 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
19:22:23.0979 3588 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
19:22:23.0979 3588 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
19:22:23.0979 3588 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
19:22:23.0979 3588 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:22:23.0979 3588 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:22:23.0995 3588 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
19:22:23.0995 3588 C:\Windows\SysWOW64\cmd.exe - ok
19:22:23.0995 3588 [ CBA3F6EF1E70167DB376B4013F71A62B ] C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
19:22:23.0995 3588 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe - ok
19:22:23.0995 3588 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
19:22:23.0995 3588 C:\Windows\System32\FwRemoteSvr.dll - ok
19:22:24.0010 3588 [ 315AF7B0CAC4E0515864A49D7F4EB7F6 ] C:\Program Files (x86)\iolo\Common\Lib\Corvus.dll
19:22:24.0010 3588 C:\Program Files (x86)\iolo\Common\Lib\Corvus.dll - ok
19:22:24.0010 3588 [ 6FCD74011AFD5843456F3ED9B4C4D909 ] C:\Program Files (x86)\iolo\Common\Lib\fbembed.dll
19:22:24.0010 3588 C:\Program Files (x86)\iolo\Common\Lib\fbembed.dll - ok
19:22:24.0010 3588 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
19:22:24.0010 3588 C:\Windows\System32\wbem\WMIsvc.dll - ok
19:22:24.0010 3588 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
19:22:24.0010 3588 C:\Windows\SysWOW64\rtutils.dll - ok
19:22:24.0026 3588 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:22:24.0026 3588 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
19:22:24.0026 3588 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
19:22:24.0026 3588 C:\Windows\SysWOW64\msvcp60.dll - ok
19:22:24.0026 3588 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
19:22:24.0026 3588 C:\Windows\System32\conhost.exe - ok
19:22:24.0042 3588 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
19:22:24.0042 3588 C:\Windows\SysWOW64\winbrand.dll - ok
19:22:24.0042 3588 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll
19:22:24.0042 3588 C:\Windows\SysWOW64\ieframe.dll - ok
19:22:24.0042 3588 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
19:22:24.0042 3588 C:\Windows\SysWOW64\shdocvw.dll - ok
19:22:24.0042 3588 [ D2033210D4DA9E9CE7670DFF45D7101B ] C:\Users\Sergio\AppData\Local\Temp\E015080D-131E-46BF-AA8C-4B2F499CEB6D.exe
19:22:24.0042 3588 C:\Users\Sergio\AppData\Local\Temp\E015080D-131E-46BF-AA8C-4B2F499CEB6D.exe - ok
19:22:24.0057 3588 [ 5B8D71AC2074550D78BC188A8888054F ] C:\Program Files (x86)\AVG\AVG2012\avgidpsdkx.dll
19:22:24.0057 3588 C:\Program Files (x86)\AVG\AVG2012\avgidpsdkx.dll - ok
19:22:24.0057 3588 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
19:22:24.0057 3588 C:\Windows\SysWOW64\sfc.dll - ok
19:22:24.0057 3588 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
19:22:24.0057 3588 C:\Windows\SysWOW64\sfc_os.dll - ok
19:22:24.0073 3588 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
19:22:24.0073 3588 C:\Windows\SysWOW64\devrtl.dll - ok
19:22:24.0073 3588 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
19:22:24.0073 3588 C:\Windows\SysWOW64\winhttp.dll - ok
19:22:24.0073 3588 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
19:22:24.0073 3588 C:\Windows\System32\ie4uinit.exe - ok
19:22:24.0073 3588 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
19:22:24.0073 3588 C:\Windows\SysWOW64\webio.dll - ok
19:22:24.0088 3588 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
19:22:24.0088 3588 C:\Windows\System32\timedate.cpl - ok
19:22:24.0088 3588 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
19:22:24.0088 3588 C:\Windows\SysWOW64\credssp.dll - ok
19:22:24.0088 3588 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
19:22:24.0088 3588 C:\Windows\SysWOW64\dnsapi.dll - ok
19:22:24.0104 3588 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
19:22:24.0104 3588 C:\Windows\SysWOW64\wship6.dll - ok
19:22:24.0104 3588 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
19:22:24.0104 3588 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
19:22:24.0104 3588 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
19:22:24.0104 3588 C:\Windows\System32\wbemcomn.dll - ok
19:22:24.0104 3588 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
19:22:24.0104 3588 C:\Windows\SysWOW64\hnetcfg.dll - ok
19:22:24.0120 3588 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
19:22:24.0120 3588 C:\Windows\System32\SensApi.dll - ok
19:22:24.0120 3588 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
19:22:24.0120 3588 C:\Windows\SysWOW64\atl.dll - ok
19:22:24.0120 3588 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
19:22:24.0120 3588 C:\Windows\SysWOW64\gpapi.dll - ok
19:22:24.0120 3588 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
19:22:24.0120 3588 C:\Windows\SysWOW64\slc.dll - ok
19:22:24.0135 3588 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
19:22:24.0135 3588 C:\Windows\System32\netshell.dll - ok
19:22:24.0135 3588 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
19:22:24.0135 3588 C:\Windows\System32\actxprxy.dll - ok
19:22:24.0135 3588 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
19:22:24.0135 3588 C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:22:24.0151 3588 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
19:22:24.0151 3588 C:\Windows\System32\shdocvw.dll - ok
19:22:24.0151 3588 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
19:22:24.0151 3588 C:\Windows\System32\linkinfo.dll - ok
19:22:24.0151 3588 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
19:22:24.0151 3588 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
19:22:24.0151 3588 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
19:22:24.0151 3588 C:\Windows\System32\wer.dll - ok
19:22:24.0166 3588 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
19:22:24.0166 3588 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
19:22:24.0166 3588 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
19:22:24.0166 3588 C:\Windows\System32\wbem\fastprox.dll - ok
19:22:24.0166 3588 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
19:22:24.0166 3588 C:\Windows\System32\WinSCard.dll - ok
19:22:24.0182 3588 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] C:\Windows\System32\drivers\avgidsdrivera.sys
19:22:24.0182 3588 C:\Windows\System32\drivers\avgidsdrivera.sys - ok
19:22:24.0182 3588 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
19:22:24.0182 3588 C:\Windows\System32\iphlpsvc.dll - ok
19:22:24.0182 3588 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
19:22:24.0182 3588 C:\Windows\System32\sqmapi.dll - ok
19:22:24.0182 3588 [ 63DCDFFCBB7E41540F4D64CCED66536B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
19:22:24.0182 3588 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
19:22:24.0198 3588 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
19:22:24.0198 3588 C:\Windows\System32\msxml3.dll - ok
19:22:24.0198 3588 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
19:22:24.0198 3588 C:\Windows\System32\wdscore.dll - ok
19:22:24.0198 3588 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
19:22:24.0198 3588 C:\Windows\System32\rasmans.dll - ok
19:22:24.0198 3588 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
19:22:24.0198 3588 C:\Windows\System32\eappprxy.dll - ok
19:22:24.0213 3588 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
19:22:24.0213 3588 C:\Windows\System32\rastapi.dll - ok
19:22:24.0213 3588 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
19:22:24.0213 3588 C:\Windows\System32\tapi32.dll - ok
19:22:24.0213 3588 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
19:22:24.0213 3588 C:\Windows\System32\netcfgx.dll - ok
19:22:24.0229 3588 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
19:22:24.0229 3588 C:\Windows\System32\wbem\wbemprox.dll - ok
 
19:22:24.0229 3588 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
19:22:24.0229 3588 C:\Windows\System32\dssenh.dll - ok
19:22:24.0229 3588 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
19:22:24.0229 3588 C:\Windows\System32\ntdsapi.dll - ok
19:22:24.0229 3588 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
19:22:24.0229 3588 C:\Windows\System32\unimdm.tsp - ok
19:22:24.0244 3588 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
19:22:24.0244 3588 C:\Windows\System32\uniplat.dll - ok
19:22:24.0244 3588 [ C1446A66BB89FC3AA2485C67562247DA ] C:\Windows\System32\modemui.dll
19:22:24.0244 3588 C:\Windows\System32\modemui.dll - ok
19:22:24.0244 3588 [ 2472BDF30C62F3E81AE27A968C25608C ] C:\Windows\System32\unimdmat.dll
19:22:24.0244 3588 C:\Windows\System32\unimdmat.dll - ok
19:22:24.0260 3588 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
19:22:24.0260 3588 C:\Windows\System32\kmddsp.tsp - ok
19:22:24.0260 3588 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
19:22:24.0260 3588 C:\Windows\System32\ndptsp.tsp - ok
19:22:24.0260 3588 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
19:22:24.0260 3588 C:\Windows\System32\hidphone.tsp - ok
19:22:24.0260 3588 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
19:22:24.0260 3588 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
19:22:24.0276 3588 [ B642E645D7A790E0FA41E16C6C4234E6 ] C:\Program Files (x86)\AVG\AVG2012\avgwdwsc.dll
19:22:24.0276 3588 C:\Program Files (x86)\AVG\AVG2012\avgwdwsc.dll - ok
19:22:24.0276 3588 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
19:22:24.0276 3588 C:\Windows\SysWOW64\wscapi.dll - ok
19:22:24.0276 3588 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
19:22:24.0276 3588 C:\Windows\SysWOW64\wbemcomn.dll - ok
19:22:24.0276 3588 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
19:22:24.0276 3588 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
19:22:24.0291 3588 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
19:22:24.0291 3588 C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe - ok
19:22:24.0291 3588 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
19:22:24.0291 3588 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
19:22:24.0291 3588 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
19:22:24.0291 3588 C:\Windows\SysWOW64\rasadhlp.dll - ok
19:22:24.0307 3588 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
19:22:24.0307 3588 C:\Windows\System32\hnetcfg.dll - ok
19:22:24.0307 3588 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
19:22:24.0307 3588 C:\Windows\System32\nci.dll - ok
19:22:24.0307 3588 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
19:22:24.0307 3588 C:\Windows\System32\eappcfg.dll - ok
19:22:24.0307 3588 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
19:22:24.0307 3588 C:\Windows\System32\rasppp.dll - ok
19:22:24.0322 3588 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
19:22:24.0322 3588 C:\Windows\System32\vpnike.dll - ok
19:22:24.0322 3588 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
19:22:24.0322 3588 C:\Windows\System32\wbem\wbemcore.dll - ok
19:22:24.0322 3588 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\63785236.sys
19:22:24.0322 3588 C:\Windows\System32\drivers\63785236.sys - ok
19:22:24.0322 3588 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
19:22:24.0322 3588 C:\Windows\System32\wbem\esscli.dll - ok
19:22:24.0338 3588 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
19:22:24.0338 3588 C:\Windows\System32\raschap.dll - ok
19:22:24.0338 3588 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
19:22:24.0338 3588 C:\Windows\System32\wbem\wbemsvc.dll - ok
19:22:24.0338 3588 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
19:22:24.0338 3588 C:\Windows\System32\wbem\wmiutils.dll - ok
19:22:24.0354 3588 [ 583D2AB70DA4BDC7DCB5EC5C7B87A57C ] C:\Program Files (x86)\AVG\AVG2012\avgcertx.dll
19:22:24.0354 3588 C:\Program Files (x86)\AVG\AVG2012\avgcertx.dll - ok
19:22:24.0354 3588 [ 3466855DE825F86C484A3454AD090967 ] C:\Program Files (x86)\AVG\AVG2012\avgchclx.dll
19:22:24.0354 3588 C:\Program Files (x86)\AVG\AVG2012\avgchclx.dll - ok
19:22:24.0354 3588 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
19:22:24.0354 3588 C:\Windows\SysWOW64\riched20.dll - ok
19:22:24.0354 3588 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
19:22:24.0354 3588 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
19:22:24.0369 3588 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
19:22:24.0369 3588 C:\Windows\SysWOW64\duser.dll - ok
19:22:24.0369 3588 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
19:22:24.0369 3588 C:\Windows\SysWOW64\dui70.dll - ok
19:22:24.0369 3588 [ CA4912C91BAD92DD2AFCF282039740EC ] C:\Program Files (x86)\AVG\AVG2012\avgcorex.dll
19:22:24.0369 3588 C:\Program Files (x86)\AVG\AVG2012\avgcorex.dll - ok
19:22:24.0385 3588 [ 72EE3BF7378869AB5D72E7E191FD5FAA ] C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
19:22:24.0385 3588 C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe - ok
19:22:24.0385 3588 [ 2C58EB7106AB5316127CAAC366B5EC29 ] C:\Program Files (x86)\AVG\AVG2012\winspamcatcher.dll
19:22:24.0385 3588 C:\Program Files (x86)\AVG\AVG2012\winspamcatcher.dll - ok
19:22:24.0385 3588 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
19:22:24.0385 3588 C:\Windows\SysWOW64\netshell.dll - ok
19:22:24.0400 3588 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
19:22:24.0400 3588 C:\Windows\SysWOW64\nlaapi.dll - ok
19:22:24.0400 3588 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
19:22:24.0400 3588 C:\Windows\System32\dot3api.dll - ok
19:22:24.0400 3588 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
19:22:24.0400 3588 C:\Windows\System32\wlanapi.dll - ok
19:22:24.0400 3588 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
19:22:24.0400 3588 C:\Windows\System32\wlanhlp.dll - ok
19:22:24.0416 3588 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
19:22:24.0416 3588 C:\Windows\System32\wlanutil.dll - ok
19:22:24.0416 3588 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
19:22:24.0416 3588 C:\Windows\System32\onex.dll - ok
19:22:24.0416 3588 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
19:22:24.0416 3588 C:\Windows\System32\wbem\repdrvfs.dll - ok
19:22:24.0432 3588 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
19:22:24.0432 3588 C:\Windows\System32\ipnathlp.dll - ok
19:22:24.0432 3588 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
19:22:24.0432 3588 C:\Windows\System32\mprapi.dll - ok
19:22:24.0432 3588 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
19:22:24.0432 3588 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
19:22:24.0432 3588 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
19:22:24.0432 3588 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
19:22:24.0447 3588 [ 938928B014F2ABA4C1293EA4D8714020 ] C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
19:22:24.0447 3588 C:\Program Files (x86)\AVG\AVG2012\avgemca.exe - ok
19:22:24.0447 3588 [ F108BD69365EFC749C7E5F8BBEB51E3B ] C:\Program Files (x86)\AVG\AVG2012\avgsysa.dll
19:22:24.0447 3588 C:\Program Files (x86)\AVG\AVG2012\avgsysa.dll - ok
19:22:24.0447 3588 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:22:24.0447 3588 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:22:24.0463 3588 [ E0234DE95FAF6233E825F71424BFF81E ] C:\Program Files\iTunes\iTunesMiniPlayer.dll
19:22:24.0463 3588 C:\Program Files\iTunes\iTunesMiniPlayer.dll - ok
19:22:24.0463 3588 [ E92C02705E7A94B36C30DF380DF4249C ] C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
19:22:24.0463 3588 C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll - ok
19:22:24.0463 3588 [ 701C1DF4136001CB94E5B34B4F9D1765 ] C:\Program Files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
19:22:24.0463 3588 C:\Program Files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll - ok
19:22:24.0463 3588 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
19:22:24.0463 3588 C:\Windows\System32\ncobjapi.dll - ok
19:22:24.0478 3588 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
19:22:24.0478 3588 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
19:22:24.0478 3588 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
19:22:24.0478 3588 C:\Windows\System32\wbem\wbemess.dll - ok
19:22:24.0478 3588 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
19:22:24.0478 3588 C:\Windows\SysWOW64\ntdsapi.dll - ok
19:22:24.0494 3588 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
19:22:24.0494 3588 C:\Windows\System32\gameux.dll - ok
19:22:24.0494 3588 [ A5675206B80C4127BC687DCCA9A57212 ] C:\Program Files (x86)\AVG\AVG2012\avgntsqlitex.dll
19:22:24.0494 3588 C:\Program Files (x86)\AVG\AVG2012\avgntsqlitex.dll - ok
19:22:24.0494 3588 [ EB4A30EAC3B3C304EAC8A10970E3402E ] C:\Program Files (x86)\AVG\AVG2012\avgsched.dll
19:22:24.0494 3588 C:\Program Files (x86)\AVG\AVG2012\avgsched.dll - ok
19:22:24.0510 3588 [ 43425FD0BD73B0930E77AE2E35ED8F7A ] C:\Program Files (x86)\AVG\AVG2012\avgamx.dll
19:22:24.0510 3588 C:\Program Files (x86)\AVG\AVG2012\avgamx.dll - ok
19:22:24.0510 3588 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
19:22:24.0510 3588 C:\Windows\SysWOW64\SensApi.dll - ok
19:22:24.0510 3588 [ 863D56F63D254EBE27589893688CA8B3 ] C:\Program Files (x86)\AVG\AVG2012\avgntopenssla.dll
19:22:24.0510 3588 C:\Program Files (x86)\AVG\AVG2012\avgntopenssla.dll - ok
19:22:24.0510 3588 [ 67165D5818A872A7F01047771AA81FC9 ] C:\Program Files (x86)\AVG\AVG2012\avgloga.dll
19:22:24.0510 3588 C:\Program Files (x86)\AVG\AVG2012\avgloga.dll - ok
19:22:24.0525 3588 [ 8415EF35A9CC4CF9E335AEC0EB562AAA ] C:\Program Files (x86)\AVG\AVG2012\avgcfga.dll
19:22:24.0525 3588 C:\Program Files (x86)\AVG\AVG2012\avgcfga.dll - ok
19:22:24.0525 3588 [ 072D294B9005F9AA1D03B7EBFA981344 ] C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
19:22:24.0525 3588 C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe - ok
19:22:24.0525 3588 [ 0C9456994D087498B4B12DB6DE02779C ] C:\Program Files (x86)\AVG\AVG2012\avgchjwa.dll
19:22:24.0525 3588 C:\Program Files (x86)\AVG\AVG2012\avgchjwa.dll - ok
19:22:24.0541 3588 [ 8B9D6D070113CFD8E20793768AFA26FC ] C:\Program Files (x86)\AVG\AVG2012\avglngx.dll
19:22:24.0541 3588 C:\Program Files (x86)\AVG\AVG2012\avglngx.dll - ok
19:22:24.0541 3588 [ 2A4C9B21AEE9B53DD086B3AFBD251514 ] C:\Program Files (x86)\AVG\AVG2012\avgclita.dll
19:22:24.0541 3588 C:\Program Files (x86)\AVG\AVG2012\avgclita.dll - ok
19:22:24.0541 3588 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
19:22:24.0541 3588 C:\Windows\System32\SearchFolder.dll - ok
19:22:24.0541 3588 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
19:22:24.0541 3588 C:\Windows\System32\msftedit.dll - ok
19:22:24.0556 3588 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
19:22:24.0556 3588 C:\Windows\System32\msiltcfg.dll - ok
19:22:24.0556 3588 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
19:22:24.0556 3588 C:\Windows\System32\msi.dll - ok
19:22:24.0556 3588 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
19:22:24.0556 3588 C:\Windows\System32\msls31.dll - ok
19:22:24.0572 3588 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
19:22:24.0572 3588 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
19:22:24.0572 3588 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
19:22:24.0572 3588 C:\Windows\System32\DeviceCenter.dll - ok
19:22:24.0572 3588 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
19:22:24.0572 3588 C:\Windows\System32\StructuredQuery.dll - ok
19:22:24.0572 3588 [ 88CA0FFA894AF4B0D90B93FAA2A0A0D9 ] C:\Program Files\Microsoft IntelliType Pro\itype.exe
19:22:24.0572 3588 C:\Program Files\Microsoft IntelliType Pro\itype.exe - ok
19:22:24.0588 3588 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
19:22:24.0588 3588 C:\Windows\System32\UIAnimation.dll - ok
19:22:24.0588 3588 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft IntelliType Pro\SQMAPI.dll
19:22:24.0588 3588 C:\Program Files\Microsoft IntelliType Pro\SQMAPI.dll - ok
19:22:24.0588 3588 [ 5B72629C8144D1A96490D4C090D28DA1 ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
19:22:24.0588 3588 C:\Program Files\Microsoft IntelliPoint\ipoint.exe - ok
19:22:24.0603 3588 [ 9E465711248B66D72C7E9D3867D5CB19 ] C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll
19:22:24.0603 3588 C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll - ok
19:22:24.0603 3588 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
19:22:24.0603 3588 C:\Windows\System32\wsock32.dll - ok
19:22:24.0603 3588 [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll
19:22:24.0603 3588 C:\Windows\System32\ieframe.dll - ok
19:22:24.0603 3588 [ ED43758BF94B8A5221D69F1B7F63F13D ] C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
19:22:24.0603 3588 C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe - ok
19:22:24.0619 3588 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll
19:22:24.0619 3588 C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll - ok
19:22:24.0619 3588 [ BFB3091B167550EC6E6454813D3DB244 ] C:\Windows\System32\xinput1_3.dll
19:22:24.0619 3588 C:\Windows\System32\xinput1_3.dll - ok
19:22:24.0619 3588 [ 3CDC9975457E78EE6A9D64599DBB76DD ] C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll
19:22:24.0619 3588 C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll - ok
19:22:24.0634 3588 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
19:22:24.0634 3588 C:\Windows\System32\networkexplorer.dll - ok
19:22:24.0634 3588 [ 60A24CA5E2D760F4F619F1D1FE62FB27 ] C:\Program Files (x86)\Steam\Steam.exe
19:22:24.0634 3588 C:\Program Files (x86)\Steam\Steam.exe - ok
19:22:24.0634 3588 [ 6E86E6BD2778A3D8428688C3D1BF053A ] C:\Program Files\Microsoft Xbox 360 Accessories\Xboxres.dll
19:22:24.0634 3588 C:\Program Files\Microsoft Xbox 360 Accessories\Xboxres.dll - ok
19:22:24.0650 3588 [ 3621BDA7672BDC4F6526FA4C86B08F95 ] C:\Windows\System32\Incinerator64.dll
19:22:24.0650 3588 C:\Windows\System32\Incinerator64.dll - ok
19:22:24.0650 3588 [ DCB679EA4BA802DBA775A7E32BA88302 ] C:\Program Files (x86)\AVG\AVG2012\avgameh.dll
19:22:24.0650 3588 C:\Program Files (x86)\AVG\AVG2012\avgameh.dll - ok
19:22:24.0650 3588 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
19:22:24.0650 3588 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
19:22:24.0650 3588 [ 881E647998F005D4554BFCE7D46D94A5 ] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
19:22:24.0650 3588 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE - ok
19:22:24.0666 3588 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
19:22:24.0666 3588 C:\Windows\System32\stobject.dll - ok
19:22:24.0666 3588 [ 3898DDD17D019A40AD432EDABA5E66F7 ] C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll
19:22:24.0666 3588 C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll - ok
19:22:24.0666 3588 [ 554A50B5310E702029D3A675459108FF ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
19:22:24.0666 3588 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe - ok
19:22:24.0681 3588 [ 013F05784A4BD193C9CD1817ACC31B6B ] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
19:22:24.0681 3588 C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe - ok
19:22:24.0681 3588 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
19:22:24.0681 3588 C:\Windows\System32\batmeter.dll - ok
19:22:24.0681 3588 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
19:22:24.0681 3588 C:\Windows\SysWOW64\hid.dll - ok
19:22:24.0681 3588 [ 587F4E7E41B0A690B05C707F8E524686 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
19:22:24.0681 3588 C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe - ok
19:22:24.0697 3588 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
19:22:24.0697 3588 C:\Windows\System32\thumbcache.dll - ok
19:22:24.0697 3588 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
19:22:24.0697 3588 C:\Windows\System32\prnfldr.dll - ok
19:22:24.0697 3588 [ 5516C26A6AF8EB4E2CAB48EC98A74398 ] C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
19:22:24.0697 3588 C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe - ok
19:22:24.0712 3588 [ FC06A07DC10C3412E2787429A72412CA ] C:\Program Files\Microsoft IntelliType Pro\Components\Commands\DPGHnt\DPGHnt.dll
19:22:24.0712 3588 C:\Program Files\Microsoft IntelliType Pro\Components\Commands\DPGHnt\DPGHnt.dll - ok
19:22:24.0712 3588 [ 99F7C16BA2198332F19F2703D3D695C3 ] C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe
19:22:24.0712 3588 C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe - ok
19:22:24.0712 3588 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
19:22:24.0712 3588 C:\Windows\System32\DXP.dll - ok
19:22:24.0712 3588 [ 596F5A2C5916EFD177B0614788B0CDF1 ] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
19:22:24.0712 3588 C:\Program Files (x86)\AVG\AVG2012\avgtray.exe - ok
19:22:24.0728 3588 [ 70CF4129C12FC061F0D4F9AEAE7DCAAE ] C:\Program Files (x86)\AVG Secure Search\vprot.exe
19:22:24.0728 3588 C:\Program Files (x86)\AVG Secure Search\vprot.exe - ok
19:22:24.0728 3588 [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:22:24.0728 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
19:22:24.0728 3588 [ 569CDDD12656B793732A573D192472F5 ] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe
19:22:24.0728 3588 C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe - ok
19:22:24.0728 3588 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
19:22:24.0728 3588 C:\Windows\System32\Syncreg.dll - ok
19:22:24.0744 3588 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
19:22:24.0744 3588 C:\Windows\ehome\ehSSO.dll - ok
19:22:24.0744 3588 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
19:22:24.0744 3588 C:\Windows\System32\AltTab.dll - ok
19:22:24.0744 3588 [ 7E72B82A67212BC07E23CC96D966B1CF ] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe
19:22:24.0744 3588 C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe - ok
19:22:24.0759 3588 [ FE821F6FA60E9DF9FDEE69A23488BBAB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:22:24.0759 3588 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
19:22:24.0759 3588 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
19:22:24.0759 3588 C:\Windows\System32\WPDShServiceObj.dll - ok
19:22:24.0759 3588 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
19:22:24.0759 3588 C:\Windows\SysWOW64\FirewallAPI.dll - ok
19:22:24.0759 3588 [ E352C8177B6B1F712167DCA12F5BE0BE ] C:\Program Files\SUPERAntiSpyware\9fde00a6-48e5-474e-9055-4168899581ab.com
19:22:24.0759 3588 C:\Program Files\SUPERAntiSpyware\9fde00a6-48e5-474e-9055-4168899581ab.com - ok
19:22:24.0775 3588 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
19:22:24.0775 3588 C:\Windows\System32\pnidui.dll - ok
19:22:24.0775 3588 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
19:22:24.0775 3588 C:\Windows\SysWOW64\msxml3.dll - ok
19:22:24.0775 3588 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
19:22:24.0775 3588 C:\Windows\System32\esent.dll - ok
19:22:24.0790 3588 [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
19:22:24.0790 3588 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
19:22:24.0790 3588 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
19:22:24.0790 3588 C:\Windows\System32\NapiNSP.dll - ok
19:22:24.0790 3588 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
19:22:24.0790 3588 C:\Windows\System32\pnrpnsp.dll - ok
19:22:24.0790 3588 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
19:22:24.0790 3588 C:\Windows\SysWOW64\bcrypt.dll - ok
19:22:24.0806 3588 [ A3800DDB103BA33BB960905A37F12C5B ] C:\Windows\SysWOW64\kdbsdk32.dll
19:22:24.0806 3588 C:\Windows\SysWOW64\kdbsdk32.dll - ok
19:22:24.0806 3588 [ C85C6C5B466440BC833FCCF1CDB0B718 ] C:\Windows\SysWOW64\OpenCL.dll
19:22:24.0806 3588 C:\Windows\SysWOW64\OpenCL.dll - ok
19:22:24.0806 3588 [ CA0C67BA7AEBA6AED5DDB852E6EEA811 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
19:22:24.0806 3588 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
19:22:24.0822 3588 [ 2D81F69820E6277062745709C1C4F773 ] C:\Windows\SysWOW64\nvcuda.dll
19:22:24.0822 3588 C:\Windows\SysWOW64\nvcuda.dll - ok
19:22:24.0822 3588 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
19:22:24.0822 3588 C:\Windows\System32\winrnr.dll - ok
19:22:24.0822 3588 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
19:22:24.0822 3588 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
19:22:24.0822 3588 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
19:22:24.0822 3588 C:\Windows\System32\QUTIL.DLL - ok
19:22:24.0837 3588 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
19:22:24.0837 3588 C:\Windows\System32\PortableDeviceTypes.dll - ok
19:22:24.0837 3588 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
19:22:24.0837 3588 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
19:22:24.0837 3588 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
19:22:24.0837 3588 C:\Windows\System32\FXSST.dll - ok
19:22:24.0853 3588 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
19:22:24.0853 3588 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
19:22:24.0853 3588 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
19:22:24.0853 3588 C:\Windows\SysWOW64\msvcp100.dll - ok
19:22:24.0853 3588 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
19:22:24.0853 3588 C:\Windows\SysWOW64\msvcr100.dll - ok
19:22:24.0853 3588 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
19:22:24.0853 3588 C:\Windows\System32\FXSAPI.dll - ok
19:22:24.0868 3588 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
19:22:24.0868 3588 C:\Windows\System32\mstask.dll - ok
19:22:24.0868 3588 [ ABB1B50F36CCBEF119FBEF8FDF14AD61 ] C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL
19:22:24.0868 3588 C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL - ok
19:22:24.0868 3588 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
19:22:24.0868 3588 C:\Windows\System32\PortableDeviceApi.dll - ok
19:22:24.0884 3588 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
19:22:24.0884 3588 C:\Windows\System32\FXSRESM.dll - ok
19:22:24.0884 3588 [ C739FE43590288A09AA2BCE1E13F3F38 ] C:\Windows\SysWOW64\nvapi.dll
19:22:24.0884 3588 C:\Windows\SysWOW64\nvapi.dll - ok
19:22:24.0884 3588 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
19:22:24.0884 3588 C:\Windows\System32\srchadmin.dll - ok
19:22:24.0884 3588 [ 1498E70FC23A90009EB17B22D62CAF0B ] C:\Program Files (x86)\RADVideo\binkpl64.exe
19:22:24.0884 3588 C:\Program Files (x86)\RADVideo\binkpl64.exe - ok
19:22:24.0900 3588 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
19:22:24.0900 3588 C:\Windows\System32\ntshrui.dll - ok
19:22:24.0900 3588 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
19:22:24.0900 3588 C:\Windows\SysWOW64\msvfw32.dll - ok
19:22:24.0900 3588 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
19:22:24.0900 3588 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
19:22:24.0900 3588 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
19:22:24.0915 3588 C:\Windows\System32\FXSSVC.exe - ok
19:22:24.0915 3588 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
19:22:24.0915 3588 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
19:22:24.0915 3588 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
19:22:24.0915 3588 C:\Windows\System32\bthprops.cpl - ok
19:22:24.0915 3588 [ 42BE6B74C7C49D105573CD333E2AC6D8 ] C:\Program Files\CCleaner\CCleaner64.exe
19:22:24.0915 3588 C:\Program Files\CCleaner\CCleaner64.exe - ok
19:22:24.0931 3588 [ 75A08148812AE3C68EFFF719E357CB85 ] C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
19:22:24.0931 3588 C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll - ok
19:22:24.0931 3588 [ 5F5CFC3E15B8750B447E4CCEF37FC2F9 ] C:\Windows\SysWOW64\amdocl.dll
19:22:24.0931 3588 C:\Windows\SysWOW64\amdocl.dll - ok
19:22:24.0931 3588 [ 7240EA3FA768ED1E6E52741AE47EA08A ] C:\Program Files (x86)\AVG\AVG2012\avgabout.dll
19:22:24.0931 3588 C:\Program Files (x86)\AVG\AVG2012\avgabout.dll - ok
19:22:24.0931 3588 [ C2D6A2B1689B2EC8112E34376622E09B ] C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
19:22:24.0931 3588 C:\Program Files\TortoiseSVN\bin\TSVNCache.exe - ok
19:22:24.0946 3588 [ 6F20729E802D5CC643A73A7F0339032B ] C:\Program Files (x86)\AVG\AVG2012\avguires.dll
19:22:24.0946 3588 C:\Program Files (x86)\AVG\AVG2012\avguires.dll - ok
19:22:24.0946 3588 [ 80A9908EAE6C151C801B97DF7C436665 ] C:\Program Files (x86)\NVIDIA Corporation\Nvidia Demos\A New Dawn\bin\Dawn64.exe
19:22:24.0946 3588 C:\Program Files (x86)\NVIDIA Corporation\Nvidia Demos\A New Dawn\bin\Dawn64.exe - ok
19:22:24.0946 3588 [ B2E9DB5E5F4091FCDA0C9249C1E3F974 ] C:\Program Files (x86)\AVG\AVG2012\avgidpmx.dll
19:22:24.0946 3588 C:\Program Files (x86)\AVG\AVG2012\avgidpmx.dll - ok
19:22:24.0962 3588 [ A53EB4F11CE22200359B92016035A013 ] C:\Users\Sergio\Documents\Dolphin\3.0-758 64-bit\x64\Dolphin.exe
19:22:24.0962 3588 C:\Users\Sergio\Documents\Dolphin\3.0-758 64-bit\x64\Dolphin.exe - ok
19:22:24.0962 3588 [ DE3782BE34F864220F5748F3015E4F75 ] C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
19:22:24.0962 3588 C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll - ok
19:22:24.0962 3588 [ 8E9F9A1675118DD496EF6F5726ABE8F9 ] C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
19:22:24.0962 3588 C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll - ok
19:22:24.0978 3588 [ 53FC73B80989AEE09C402D3352913B0D ] C:\Windows\SysWOW64\aticaldd.dll
19:22:24.0978 3588 C:\Windows\SysWOW64\aticaldd.dll - ok
19:22:24.0978 3588 [ 80DDC9151BFDF260AC4441A2F3943A04 ] C:\Program Files (x86)\AVG\AVG2012\avgcclia.dll
19:22:24.0978 3588 C:\Program Files (x86)\AVG\AVG2012\avgcclia.dll - ok
19:22:24.0978 3588 [ 83B510A3EAF8325211F37442747AED8B ] C:\Program Files (x86)\Steam\Steam.dll
19:22:24.0978 3588 C:\Program Files (x86)\Steam\Steam.dll - ok
19:22:24.0978 3588 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
19:22:24.0978 3588 C:\Windows\SysWOW64\NapiNSP.dll - ok
19:22:24.0993 3588 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
19:22:24.0993 3588 C:\Windows\SysWOW64\pnrpnsp.dll - ok
19:22:24.0993 3588 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
19:22:24.0993 3588 C:\Windows\SysWOW64\winrnr.dll - ok
19:22:24.0993 3588 [ 173C217E677C4B0C4F8A6D54BA13BF9B ] C:\Program Files (x86)\Steam\CSERHelper.dll
19:22:24.0993 3588 C:\Program Files (x86)\Steam\CSERHelper.dll - ok
19:22:24.0993 3588 [ A7532E66EA2F168A0970E829D8986423 ] C:\Program Files (x86)\Steam\dbghelp.dll
19:22:24.0993 3588 C:\Program Files (x86)\Steam\dbghelp.dll - ok
19:22:25.0009 3588 [ C6426BAB3412364E9E17BCB9E331E29C ] C:\Program Files (x86)\Steam\SteamUI.dll
19:22:25.0009 3588 C:\Program Files (x86)\Steam\SteamUI.dll - ok
19:22:25.0009 3588 [ 71CF106700CDD530CE4C8BF8BD43C6AB ] C:\Program Files (x86)\Steam\tier0_s.dll
19:22:25.0009 3588 C:\Program Files (x86)\Steam\tier0_s.dll - ok
19:22:25.0009 3588 [ EC34921AABCBC7A46DAED90CF70B600F ] C:\Program Files (x86)\Steam\vstdlib_s.dll
19:22:25.0009 3588 C:\Program Files (x86)\Steam\vstdlib_s.dll - ok
19:22:25.0009 3588 [ 7E0C34E0788C7AC23874021F20EFFD52 ] C:\Program Files (x86)\Steam\crashhandler.dll
19:22:25.0009 3588 C:\Program Files (x86)\Steam\crashhandler.dll - ok
19:22:25.0024 3588 [ 0A8BC417802DE2F5D0D6A356B7B76698 ] C:\Program Files (x86)\Steam\bin\FileSystem_Steam.dll
19:22:25.0024 3588 C:\Program Files (x86)\Steam\bin\FileSystem_Steam.dll - ok
19:22:25.0024 3588 [ 130B97A0B41CE44EC9F9D3DAB39227D9 ] C:\Program Files (x86)\Steam\bin\vgui2_s.dll
19:22:25.0024 3588 C:\Program Files (x86)\Steam\bin\vgui2_s.dll - ok
19:22:25.0024 3588 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
19:22:25.0024 3588 C:\Windows\SysWOW64\opengl32.dll - ok
19:22:25.0040 3588 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
19:22:25.0040 3588 C:\Windows\SysWOW64\glu32.dll - ok
19:22:25.0040 3588 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
19:22:25.0040 3588 C:\Windows\SysWOW64\ddraw.dll - ok
19:22:25.0040 3588 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
19:22:25.0040 3588 C:\Windows\SysWOW64\dciman32.dll - ok
19:22:25.0040 3588 [ 0B41D860C0FCF5C312A1F6090C113EFC ] C:\Program Files (x86)\Steam\bin\chromehtml.dll
19:22:25.0040 3588 C:\Program Files (x86)\Steam\bin\chromehtml.dll - ok
19:22:25.0056 3588 [ 2F2E70672E3C5952701E575F794C148B ] C:\Program Files (x86)\Steam\bin\libcef.dll
19:22:25.0056 3588 C:\Program Files (x86)\Steam\bin\libcef.dll - ok
19:22:25.0056 3588 [ 045D0F4F41CA53D4CB22BDC814A22B64 ] C:\Program Files (x86)\Steam\bin\icudt.dll
19:22:25.0056 3588 C:\Program Files (x86)\Steam\bin\icudt.dll - ok
19:22:25.0056 3588 [ 63BF63C0DCEB128C49D94EBBCB4F6495 ] C:\Program Files (x86)\Steam\bin\avcodec-53.dll
19:22:25.0056 3588 C:\Program Files (x86)\Steam\bin\avcodec-53.dll - ok
19:22:25.0071 3588 [ 4386F00DC7FF8B07045F6F5931BE871C ] C:\Program Files (x86)\Steam\bin\avformat-53.dll
19:22:25.0071 3588 C:\Program Files (x86)\Steam\bin\avformat-53.dll - ok
19:22:25.0071 3588 [ 70DA9D6B53D0772447A89574A9973A90 ] C:\Program Files (x86)\Steam\bin\avutil-51.dll
19:22:25.0071 3588 C:\Program Files (x86)\Steam\bin\avutil-51.dll - ok
19:22:25.0071 3588 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
19:22:25.0071 3588 C:\Windows\SysWOW64\DWrite.dll - ok
19:22:25.0071 3588 [ 283BA4ACC3CF1E5797AF7879EFB38386 ] C:\Program Files (x86)\AVG\AVG2012\avgxpl.dll
19:22:25.0071 3588 C:\Program Files (x86)\AVG\AVG2012\avgxpl.dll - ok
19:22:25.0087 3588 [ 8F01B9DA1D372D1C80B92F725E736B54 ] C:\Windows\SysWOW64\atigktxx.dll
19:22:25.0087 3588 C:\Windows\SysWOW64\atigktxx.dll - ok
19:22:25.0087 3588 [ 08B098B89C5F5968BDA67EC58855B309 ] C:\Program Files (x86)\AVG\AVG2012\avgamnot.dll
19:22:25.0087 3588 C:\Program Files (x86)\AVG\AVG2012\avgamnot.dll - ok
19:22:25.0087 3588 [ B96E3E543675039FC93D14EDF627231A ] C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
19:22:25.0087 3588 C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe - ok
19:22:25.0087 3588 [ 37C4514E33546E9AB84AAEA7DD347165 ] C:\Windows\SysWOW64\atiadlxy.dll
19:22:25.0087 3588 C:\Windows\SysWOW64\atiadlxy.dll - ok
19:22:25.0102 3588 [ FC7BEA10A59ABEA8C225BD6C55B09B7F ] C:\Program Files (x86)\AVG\AVG2012\avgcorea.dll
19:22:25.0102 3588 C:\Program Files (x86)\AVG\AVG2012\avgcorea.dll - ok
19:22:25.0102 3588 [ 747601D47721AD1DE22CFFB4F912203D ] C:\Program Files (x86)\AVG\AVG2012\avgcerta.dll
19:22:25.0102 3588 C:\Program Files (x86)\AVG\AVG2012\avgcerta.dll - ok
19:22:25.0102 3588 [ D64B112ECC7230808829A7BE86DCE8E3 ] C:\Program Files (x86)\AVG\AVG2012\avgchcla.dll
19:22:25.0102 3588 C:\Program Files (x86)\AVG\AVG2012\avgchcla.dll - ok
19:22:25.0118 3588 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
19:22:25.0118 3588 C:\Windows\SysWOW64\ncrypt.dll - ok
19:22:25.0118 3588 [ 0EF2A60CC81C8401CCEE8C5E59368602 ] C:\Program Files\Java\jre6\bin\java.exe
19:22:25.0118 3588 C:\Program Files\Java\jre6\bin\java.exe - ok
19:22:25.0118 3588 [ 139F156F7D3B0981EB542563E347B479 ] C:\Program Files\Java\jre6\bin\javaw.exe
19:22:25.0118 3588 C:\Program Files\Java\jre6\bin\javaw.exe - ok
19:22:25.0118 3588 [ 6EA3692D7AECA0D5C5E5F74B9EF8AD8B ] C:\Program Files (x86)\iolo\System Mechanic\SysMech.exe
19:22:25.0118 3588 C:\Program Files (x86)\iolo\System Mechanic\SysMech.exe - ok
19:22:25.0134 3588 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
19:22:25.0134 3588 C:\Windows\SysWOW64\winsta.dll - ok
19:22:25.0134 3588 [ B7439A352DE0FB9C5E1737B3242E6E92 ] C:\Program Files (x86)\AVG\AVG2012\avgxpla.dll
19:22:25.0134 3588 C:\Program Files (x86)\AVG\AVG2012\avgxpla.dll - ok
19:22:25.0134 3588 [ 6F83C67F5339C2235996174BFB05041E ] C:\Program Files (x86)\AVG\AVG2012\avgopenssla.dll
19:22:25.0134 3588 C:\Program Files (x86)\AVG\AVG2012\avgopenssla.dll - ok
19:22:25.0149 3588 [ BE1EB5E10D155FC363696C2B88E8BE87 ] C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
19:22:25.0149 3588 C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe - ok
19:22:25.0149 3588 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
19:22:25.0149 3588 C:\Windows\SysWOW64\cryptnet.dll - ok
19:22:25.0149 3588 [ 55933254903B7E3C3F997630FF612E11 ] C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe
19:22:25.0149 3588 C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe - ok
19:22:25.0149 3588 [ 68AD456C0A7B236C8D314BC138F89ED0 ] C:\Program Files\PeerBlock\peerblock.exe
19:22:25.0149 3588 C:\Program Files\PeerBlock\peerblock.exe - ok
19:22:25.0165 3588 [ BC78AB97A7416928B84772CA9E6D2DA0 ] C:\Program Files\Recuva\recuva64.exe
19:22:25.0165 3588 C:\Program Files\Recuva\recuva64.exe - ok
19:22:25.0165 3588 [ 34AC4792D436BEEDA65D8241AEA7B29E ] C:\Program Files\Sony\Vegas Pro 11.0\vegas110.exe
19:22:25.0165 3588 C:\Program Files\Sony\Vegas Pro 11.0\vegas110.exe - ok
19:22:25.0165 3588 [ B86BFD99C2493F73BF9BAD516C43CEF7 ] C:\Users\Sergio\Downloads\Wii\26812-WiiBackupManager_Build78\WiiBackupManager_Win64.exe
19:22:25.0165 3588 C:\Users\Sergio\Downloads\Wii\26812-WiiBackupManager_Build78\WiiBackupManager_Win64.exe - ok
19:22:25.0180 3588 [ A23A3C4630A214E156EE9E1E07E2BFB0 ] C:\Program Files\WinRAR\WinRAR.exe
19:22:25.0180 3588 C:\Program Files\WinRAR\WinRAR.exe - ok
19:22:25.0180 3588 [ 715BFF236158F61C042928A53C0D5AA8 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
19:22:25.0180 3588 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
19:22:25.0180 3588 [ F924D18569D6E32F867C80F217A185E8 ] C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll
19:22:25.0180 3588 C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll - ok
19:22:25.0180 3588 [ 0FEC5F3C533DAE4B68C57EB8432E7881 ] C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll
19:22:25.0180 3588 C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll - ok
19:22:25.0196 3588 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
19:22:25.0196 3588 C:\Windows\System32\wbem\NCProv.dll - ok
19:22:25.0196 3588 [ 416C51633BF1E74E48B0B3BF106CBFEC ] C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
19:22:25.0196 3588 C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll - ok
19:22:25.0196 3588 [ 5F1F35F2F995FA8615438AB922B0BA7B ] C:\Program Files\Internet Explorer\ieproxy.dll
19:22:25.0196 3588 C:\Program Files\Internet Explorer\ieproxy.dll - ok
19:22:25.0212 3588 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
19:22:25.0212 3588 C:\Windows\System32\drprov.dll - ok
19:22:25.0212 3588 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
19:22:25.0212 3588 C:\Windows\System32\ntlanman.dll - ok
19:22:25.0212 3588 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
19:22:25.0212 3588 C:\Windows\System32\davclnt.dll - ok
19:22:25.0212 3588 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
19:22:25.0212 3588 C:\Windows\System32\davhlpr.dll - ok
19:22:25.0227 3588 [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
19:22:25.0227 3588 C:\Windows\System32\wpdshext.dll - ok
19:22:25.0227 3588 [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\Windows\System32\EhStorAPI.dll
19:22:25.0227 3588 C:\Windows\System32\EhStorAPI.dll - ok
19:22:25.0227 3588 [ BBAAE027C176402E221CADBFCAEB5407 ] C:\Windows\System32\zipfldr.dll
19:22:25.0227 3588 C:\Windows\System32\zipfldr.dll - ok
19:22:25.0227 3588 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
19:22:25.0227 3588 C:\Windows\System32\NaturalLanguage6.dll - ok
19:22:25.0243 3588 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
19:22:25.0243 3588 C:\Windows\System32\NlsData0009.dll - ok
19:22:25.0243 3588 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
19:22:25.0243 3588 C:\Windows\System32\NlsLexicons0009.dll - ok
19:22:25.0243 3588 [ 439C69D0E835FE588B561DD0A2659DAC ] F:\FRST64.exe
19:22:25.0243 3588 F:\FRST64.exe - ok
19:22:25.0243 3588 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
19:22:25.0243 3588 C:\Windows\System32\notepad.exe - ok
19:22:25.0258 3588 [ 41DF7355A5A907E2C1D7804EC028965D ] C:\Windows\System32\wermgr.exe
19:22:25.0258 3588 C:\Windows\System32\wermgr.exe - ok
19:22:25.0258 3588 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
19:22:25.0258 3588 C:\Windows\System32\browcli.dll - ok
19:22:25.0258 3588 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
19:22:25.0258 3588 C:\Windows\System32\FntCache.dll - ok
19:22:25.0274 3588 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
19:22:25.0274 3588 C:\Windows\System32\schedcli.dll - ok
19:22:25.0274 3588 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
19:22:25.0274 3588 C:\Windows\System32\SearchIndexer.exe - ok
19:22:25.0274 3588 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
19:22:25.0274 3588 C:\Windows\System32\msvcp60.dll - ok
19:22:25.0274 3588 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
19:22:25.0274 3588 C:\Windows\System32\npmproxy.dll - ok
19:22:25.0290 3588 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
19:22:25.0290 3588 C:\Windows\System32\rasdlg.dll - ok
19:22:25.0290 3588 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
19:22:25.0290 3588 C:\Windows\SysWOW64\netprofm.dll - ok
19:22:25.0290 3588 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
19:22:25.0290 3588 C:\Windows\SysWOW64\npmproxy.dll - ok
19:22:25.0305 3588 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
19:22:25.0305 3588 C:\Windows\System32\tquery.dll - ok
19:22:25.0305 3588 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
19:22:25.0305 3588 C:\Windows\System32\WWanAPI.dll - ok
19:22:25.0305 3588 [ 26D652191B51854E66084DDAEE69EC65 ] C:\Windows\System32\verifier.dll
19:22:25.0305 3588 C:\Windows\System32\verifier.dll - ok
19:22:25.0305 3588 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
19:22:25.0305 3588 C:\Windows\System32\wwapi.dll - ok
19:22:25.0321 3588 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
19:22:25.0321 3588 C:\Windows\System32\mssrch.dll - ok
19:22:25.0321 3588 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
19:22:25.0321 3588 C:\Windows\System32\QAGENT.DLL - ok
19:22:25.0321 3588 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
19:22:25.0321 3588 C:\Windows\System32\aelupsvc.dll - ok
19:22:25.0321 3588 [ FB355B817AE641BBAE08607E58CB5CE2 ] C:\Windows\System32\hhctrl.ocx
19:22:25.0321 3588 C:\Windows\System32\hhctrl.ocx - ok
19:22:25.0336 3588 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
19:22:25.0336 3588 C:\Windows\System32\msidle.dll - ok
19:22:25.0336 3588 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
19:22:25.0336 3588 C:\Windows\System32\mssprxy.dll - ok
19:22:25.0336 3588 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
19:22:25.0336 3588 C:\Windows\System32\wdi.dll - ok
19:22:25.0352 3588 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
19:22:25.0352 3588 C:\Windows\System32\wpdbusenum.dll - ok
19:22:25.0352 3588 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
19:22:25.0352 3588 C:\Windows\System32\diagperf.dll - ok
19:22:25.0352 3588 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
19:22:25.0352 3588 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
19:22:25.0352 3588 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
19:22:25.0352 3588 C:\Windows\System32\perftrack.dll - ok
19:22:25.0368 3588 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
 
19:22:25.0368 3588 C:\Windows\System32\SyncCenter.dll - ok
19:22:25.0368 3588 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
19:22:25.0368 3588 C:\Windows\System32\en-US\tquery.dll.mui - ok
19:22:25.0368 3588 [ 1DB8C2220EFDBA97F671F46F6A8DE51E ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
19:22:25.0368 3588 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe - ok
19:22:25.0383 3588 [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys
19:22:25.0383 3588 C:\Windows\System32\drivers\WUDFRd.sys - ok
19:22:25.0383 3588 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
19:22:25.0383 3588 C:\Windows\System32\dimsjob.dll - ok
19:22:25.0383 3588 [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe
19:22:25.0383 3588 C:\Windows\System32\WUDFHost.exe - ok
19:22:25.0383 3588 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
19:22:25.0383 3588 C:\Windows\System32\pautoenr.dll - ok
19:22:25.0399 3588 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
19:22:25.0399 3588 C:\Windows\System32\certcli.dll - ok
19:22:25.0399 3588 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
19:22:25.0399 3588 C:\Windows\System32\Apphlpdm.dll - ok
19:22:25.0399 3588 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
19:22:25.0399 3588 C:\Windows\System32\pnpts.dll - ok
19:22:25.0414 3588 [ B78F6C774E8FB20F31329A869000CA1C ] C:\Program Files (x86)\Steam\steamclient.dll
19:22:25.0414 3588 C:\Program Files (x86)\Steam\steamclient.dll - ok
19:22:25.0414 3588 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
19:22:25.0414 3588 C:\Windows\System32\radardt.dll - ok
19:22:25.0414 3588 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
19:22:25.0414 3588 C:\Windows\SysWOW64\pdh.dll - ok
19:22:25.0414 3588 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
19:22:25.0414 3588 C:\Windows\System32\CertEnroll.dll - ok
19:22:25.0430 3588 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
19:22:25.0430 3588 C:\Windows\System32\wdiasqmmodule.dll - ok
19:22:25.0430 3588 [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll
19:22:25.0430 3588 C:\Windows\System32\WUDFx.dll - ok
19:22:25.0430 3588 [ 4F48A8E35782B24AD4B2F3DA8E8F70D4 ] C:\Program Files (x86)\Steam\bin\SteamService.dll
19:22:25.0430 3588 C:\Program Files (x86)\Steam\bin\SteamService.dll - ok
19:22:25.0446 3588 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
19:22:25.0446 3588 C:\Windows\System32\mscoree.dll - ok
19:22:25.0446 3588 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
19:22:25.0446 3588 C:\Windows\SysWOW64\MMDevAPI.dll - ok
19:22:25.0446 3588 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
19:22:25.0446 3588 C:\Windows\SysWOW64\wdmaud.drv - ok
19:22:25.0446 3588 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
19:22:25.0446 3588 C:\Windows\SysWOW64\ksuser.dll - ok
19:22:25.0461 3588 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
19:22:25.0461 3588 C:\Windows\SysWOW64\avrt.dll - ok
19:22:25.0461 3588 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
19:22:25.0461 3588 C:\Windows\SysWOW64\AudioSes.dll - ok
19:22:25.0461 3588 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
19:22:25.0461 3588 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
19:22:25.0477 3588 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
19:22:25.0477 3588 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
19:22:25.0477 3588 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
19:22:25.0477 3588 C:\Windows\SysWOW64\msacm32.drv - ok
19:22:25.0477 3588 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
19:22:25.0477 3588 C:\Windows\SysWOW64\msacm32.dll - ok
19:22:25.0477 3588 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
19:22:25.0477 3588 C:\Windows\SysWOW64\midimap.dll - ok
19:22:25.0492 3588 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
19:22:25.0492 3588 C:\Windows\System32\WMVCORE.DLL - ok
19:22:25.0492 3588 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
19:22:25.0492 3588 C:\Windows\SysWOW64\dsound.dll - ok
19:22:25.0492 3588 [ E389EA130C4A9A4DBA0F138222261056 ] C:\Program Files\SUPERAntiSpyware\SSUPDATE64.EXE
19:22:25.0492 3588 C:\Program Files\SUPERAntiSpyware\SSUPDATE64.EXE - ok
19:22:25.0492 3588 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
19:22:25.0492 3588 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
19:22:25.0508 3588 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
19:22:25.0508 3588 C:\Windows\System32\WMASF.DLL - ok
19:22:25.0508 3588 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
19:22:25.0508 3588 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
19:22:25.0508 3588 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
19:22:25.0508 3588 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
19:22:25.0508 3588 [ 27B9E163740A226B65E4B9E186117911 ] C:\Program Files\Windows Portable Devices\sqmapi.dll
19:22:25.0508 3588 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
19:22:25.0524 3588 [ 560BCE434D208C6FD9943B9BE5B376ED ] C:\Program Files\WinRAR\RarExt.dll
19:22:25.0524 3588 C:\Program Files\WinRAR\RarExt.dll - ok
19:22:25.0524 3588 [ E3E18EEB7B4D172BEC44231508C0F8BE ] C:\Program Files\7-Zip\7-zip.dll
19:22:25.0524 3588 C:\Program Files\7-Zip\7-zip.dll - ok
19:22:25.0524 3588 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
19:22:25.0524 3588 C:\Windows\System32\wbem\cimwin32.dll - ok
19:22:25.0539 3588 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
19:22:25.0539 3588 C:\Windows\System32\framedynos.dll - ok
19:22:25.0539 3588 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
19:22:25.0539 3588 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
19:22:25.0539 3588 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
19:22:25.0539 3588 C:\Windows\SysWOW64\gameux.dll - ok
19:22:25.0555 3588 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
19:22:25.0555 3588 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
19:22:25.0555 3588 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
19:22:25.0555 3588 C:\Windows\SysWOW64\xmllite.dll - ok
19:22:25.0555 3588 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
19:22:25.0555 3588 C:\Windows\SysWOW64\wer.dll - ok
19:22:25.0555 3588 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
19:22:25.0555 3588 C:\Windows\SysWOW64\linkinfo.dll - ok
19:22:25.0570 3588 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
19:22:25.0570 3588 C:\Windows\SysWOW64\ntshrui.dll - ok
19:22:25.0570 3588 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
19:22:25.0570 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
19:22:25.0570 3588 [ F9720D087584A2100888CBFB41940C94 ] C:\Program Files (x86)\Steam\bin\friendsUI.dll
19:22:25.0570 3588 C:\Program Files (x86)\Steam\bin\friendsUI.dll - ok
19:22:25.0586 3588 [ 469E94A8F20B8BAB9CB5CE9802BB650A ] C:\Program Files (x86)\Steam\bin\ServerBrowser.dll
19:22:25.0586 3588 C:\Program Files (x86)\Steam\bin\ServerBrowser.dll - ok
19:22:25.0586 3588 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
19:22:25.0586 3588 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
19:22:25.0586 3588 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
19:22:25.0586 3588 C:\Windows\System32\riched20.dll - ok
19:22:25.0586 3588 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
19:22:25.0586 3588 C:\Windows\SysWOW64\d3d9.dll - ok
19:22:25.0602 3588 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
19:22:25.0602 3588 C:\Windows\SysWOW64\d3d8thk.dll - ok
19:22:25.0602 3588 [ 9BD682DE4EC56C61550A1DE8DC18DFBE ] C:\Windows\SysWOW64\aticfx32.dll
19:22:25.0602 3588 C:\Windows\SysWOW64\aticfx32.dll - ok
19:22:25.0602 3588 [ 8A6A671776A1CFFAEE44A4312BE8AB3A ] C:\Windows\SysWOW64\atiu9pag.dll
19:22:25.0602 3588 C:\Windows\SysWOW64\atiu9pag.dll - ok
19:22:25.0617 3588 [ D02ADF06C62AC91E2ECD478DF3C9AF6E ] C:\Windows\SysWOW64\atiumdag.dll
19:22:25.0617 3588 C:\Windows\SysWOW64\atiumdag.dll - ok
19:22:25.0617 3588 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
19:22:25.0617 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
19:22:25.0617 3588 [ 5E700E9CFEC795812305E4ADDC34C8A7 ] C:\Windows\SysWOW64\atiumdva.dll
19:22:25.0617 3588 C:\Windows\SysWOW64\atiumdva.dll - ok
19:22:25.0617 3588 [ 92CBA4EBF1EAC5329662A967C079F660 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll
19:22:25.0617 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll - ok
19:22:25.0633 3588 [ 383661D710295D2DA3FDFBA0C3ED4BCF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll
19:22:25.0633 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll - ok
19:22:25.0633 3588 [ 77D23D333BF27515EA51A23E96A63D6C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll
19:22:25.0633 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll - ok
19:22:25.0633 3588 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
19:22:25.0633 3588 C:\Windows\System32\qmgr.dll - ok
19:22:25.0648 3588 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
19:22:25.0648 3588 C:\Windows\System32\bitsperf.dll - ok
19:22:25.0648 3588 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
19:22:25.0648 3588 C:\Windows\System32\webcheck.dll - ok
19:22:25.0648 3588 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
19:22:25.0648 3588 C:\Windows\System32\bitsigd.dll - ok
19:22:25.0648 3588 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:22:25.0648 3588 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
19:22:25.0664 3588 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
19:22:25.0664 3588 C:\Windows\System32\upnp.dll - ok
19:22:25.0664 3588 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
19:22:25.0664 3588 C:\Windows\System32\SearchProtocolHost.exe - ok
19:22:25.0664 3588 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
19:22:25.0664 3588 C:\Windows\System32\mlang.dll - ok
19:22:25.0680 3588 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
19:22:25.0680 3588 C:\Windows\System32\msshooks.dll - ok
19:22:25.0680 3588 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
19:22:25.0680 3588 C:\Windows\System32\imapi2.dll - ok
19:22:25.0680 3588 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
19:22:25.0680 3588 C:\Windows\System32\SearchFilterHost.exe - ok
19:22:25.0680 3588 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
19:22:25.0680 3588 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
19:22:25.0695 3588 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
19:22:25.0695 3588 C:\Windows\SysWOW64\mscoree.dll - ok
19:22:25.0695 3588 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
19:22:25.0695 3588 C:\Windows\System32\mssph.dll - ok
19:22:25.0695 3588 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
19:22:25.0695 3588 C:\Windows\System32\ssdpsrv.dll - ok
19:22:25.0695 3588 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
19:22:25.0695 3588 C:\Windows\System32\mapi32.dll - ok
19:22:25.0711 3588 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:22:25.0711 3588 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
19:22:25.0711 3588 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
19:22:25.0711 3588 C:\Windows\System32\hgcpl.dll - ok
19:22:25.0711 3588 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
19:22:25.0711 3588 C:\Windows\System32\msvcr100_clr0400.dll - ok
19:22:25.0726 3588 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
19:22:25.0726 3588 C:\Windows\System32\fdPHost.dll - ok
19:22:25.0726 3588 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
19:22:25.0726 3588 C:\Windows\System32\FDResPub.dll - ok
19:22:25.0726 3588 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
19:22:25.0726 3588 C:\Windows\System32\fdWSD.dll - ok
19:22:25.0726 3588 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
19:22:25.0726 3588 C:\Windows\System32\fdSSDP.dll - ok
19:22:25.0742 3588 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
19:22:25.0742 3588 C:\Windows\System32\fdProxy.dll - ok
19:22:25.0742 3588 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
19:22:25.0742 3588 C:\Windows\System32\ELSCore.dll - ok
19:22:25.0742 3588 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
19:22:25.0742 3588 C:\Windows\System32\elsTrans.dll - ok
19:22:25.0742 3588 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
19:22:25.0742 3588 C:\Windows\System32\elslad.dll - ok
19:22:25.0758 3588 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
19:22:25.0758 3588 C:\Windows\System32\NlsData0000.dll - ok
19:22:25.0758 3588 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
19:22:25.0758 3588 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
19:22:25.0758 3588 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
19:22:25.0758 3588 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok
19:22:25.0773 3588 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
19:22:25.0773 3588 C:\Windows\System32\ListSvc.dll - ok
19:22:25.0773 3588 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
19:22:25.0773 3588 C:\Windows\System32\P2P.dll - ok
19:22:25.0773 3588 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
19:22:25.0773 3588 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe - ok
19:22:25.0773 3588 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
19:22:25.0773 3588 C:\Windows\System32\p2pcollab.dll - ok
19:22:25.0789 3588 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
19:22:25.0789 3588 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
19:22:25.0789 3588 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
19:22:25.0789 3588 C:\Windows\System32\IdListen.dll - ok
19:22:25.0789 3588 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
19:22:25.0789 3588 C:\Windows\System32\Query.dll - ok
19:22:25.0789 3588 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
19:22:25.0789 3588 C:\Windows\System32\hgprint.dll - ok
19:22:25.0804 3588 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
19:22:25.0804 3588 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
19:22:25.0804 3588 [ 87204B04A63E684D3FD02A7BC10741CD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll
19:22:25.0804 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll - ok
19:22:25.0804 3588 [ A9DA8CC5E02FF594E11A78D86D5B6A5B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
19:22:25.0804 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll - ok
19:22:25.0820 3588 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
19:22:25.0820 3588 C:\Windows\System32\pnrpsvc.dll - ok
19:22:25.0820 3588 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
19:22:25.0820 3588 C:\Windows\System32\sppsvc.exe - ok
19:22:25.0820 3588 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
19:22:25.0820 3588 C:\Windows\System32\wscsvc.dll - ok
19:22:25.0820 3588 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
19:22:25.0820 3588 C:\Windows\System32\wuaueng.dll - ok
19:22:25.0836 3588 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
19:22:25.0836 3588 C:\Windows\System32\cabinet.dll - ok
19:22:25.0836 3588 [ 040CAD6E6600BCEF7A91AE9885C4158F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
19:22:25.0836 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll - ok
19:22:25.0836 3588 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
19:22:25.0836 3588 C:\Windows\System32\mspatcha.dll - ok
19:22:25.0836 3588 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
19:22:25.0836 3588 C:\Windows\System32\drivers\spsys.sys - ok
19:22:25.0851 3588 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
19:22:25.0851 3588 C:\Windows\System32\QAGENTRT.DLL - ok
19:22:25.0851 3588 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
19:22:25.0851 3588 C:\Windows\System32\fveui.dll - ok
19:22:25.0851 3588 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
19:22:25.0851 3588 C:\Windows\SysWOW64\wscisvif.dll - ok
19:22:25.0867 3588 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
19:22:25.0867 3588 C:\Windows\System32\wuapi.dll - ok
19:22:25.0867 3588 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
19:22:25.0867 3588 C:\Windows\System32\wups.dll - ok
19:22:25.0867 3588 [ 800B746FDC4D80469AFC7E5E9B510C9C ] C:\msdia80.dll
19:22:25.0867 3588 C:\msdia80.dll - ok
19:22:25.0867 3588 [ 2B0605ABC47532155FFBFDC1693317D8 ] C:\Windows\System32\NlsData0010.dll
19:22:25.0867 3588 C:\Windows\System32\NlsData0010.dll - ok
19:22:25.0882 3588 [ FC3001B4B9DF50B61F3CCA615759EFE7 ] C:\Windows\System32\PhotoMetadataHandler.dll
19:22:25.0882 3588 C:\Windows\System32\PhotoMetadataHandler.dll - ok
19:22:25.0882 3588 [ 362ACF8F7476637A5F76BE5953F4F258 ] C:\Windows\System32\NlsLexicons0010.dll
19:22:25.0882 3588 C:\Windows\System32\NlsLexicons0010.dll - ok
19:22:25.0882 3588 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files (x86)\Windows Defender\MpClient.dll
19:22:25.0882 3588 C:\Program Files (x86)\Windows Defender\MpClient.dll - ok
19:22:25.0898 3588 [ A42FBC61385A5F5F444209EE94D89F27 ] C:\Windows\System32\NlsData0021.dll
19:22:25.0898 3588 C:\Windows\System32\NlsData0021.dll - ok
19:22:25.0898 3588 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
19:22:25.0898 3588 C:\Windows\System32\sppwinob.dll - ok
19:22:25.0898 3588 [ E5283AFD7590ECC37F8D62C4D6F1FB48 ] C:\Windows\System32\NlsLexicons0021.dll
19:22:25.0898 3588 C:\Windows\System32\NlsLexicons0021.dll - ok
19:22:25.0898 3588 [ 1E8D1091011E1C51B44A94DE5EE89A6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
19:22:25.0898 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll - ok
19:22:25.0914 3588 [ 5F7A2596C96FF7A5C0C4715893B841ED ] C:\Program Files (x86)\iolo\Common\Lib\WWSDK.dll
19:22:25.0914 3588 C:\Program Files (x86)\iolo\Common\Lib\WWSDK.dll - ok
19:22:25.0914 3588 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
19:22:25.0914 3588 C:\Windows\SysWOW64\fltLib.dll - ok
19:22:25.0914 3588 [ 8C4077D3D87A562F0C64D6063F401A59 ] C:\Program Files (x86)\iolo\System Mechanic\SystemGuardAlerter.exe
19:22:25.0914 3588 C:\Program Files (x86)\iolo\System Mechanic\SystemGuardAlerter.exe - ok
19:22:25.0914 3588 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
19:22:25.0914 3588 C:\Windows\System32\wbem\WMIADAP.exe - ok
19:22:25.0929 3588 [ 52799EAD792B0E9AE7FD4BA5BD18FE5C ] C:\Windows\SysWOW64\wbem\WMIADAP.exe
19:22:25.0929 3588 C:\Windows\SysWOW64\wbem\WMIADAP.exe - ok
19:22:25.0929 3588 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
19:22:25.0929 3588 C:\Windows\System32\loadperf.dll - ok
19:22:25.0929 3588 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
19:22:25.0929 3588 C:\Windows\SysWOW64\msiltcfg.dll - ok
19:22:25.0945 3588 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
19:22:25.0945 3588 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
19:22:25.0945 3588 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
19:22:25.0945 3588 C:\Windows\System32\wups2.dll - ok
19:22:25.0945 3588 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
19:22:25.0945 3588 C:\Windows\SysWOW64\rundll32.exe - ok
19:22:25.0945 3588 [ EC9E402B81B43B3F10D3033FA381C39F ] C:\Program Files (x86)\iolo\Common\Lib\HookDLL64.dll
19:22:25.0945 3588 C:\Program Files (x86)\iolo\Common\Lib\HookDLL64.dll - ok
19:22:25.0960 3588 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
19:22:25.0960 3588 C:\Windows\AppPatch\AcLayers.dll - ok
19:22:25.0960 3588 [ 6D7DE520D8AA80A243347BECD401EB54 ] C:\Windows\AppPatch\acwow64.dll
19:22:25.0960 3588 C:\Windows\AppPatch\acwow64.dll - ok
19:22:25.0960 3588 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
19:22:25.0960 3588 C:\Windows\System32\rundll32.exe - ok
19:22:25.0976 3588 [ E4B4D12ADDA9F4D2EF0B128C6EA03865 ] C:\Program Files (x86)\iolo\Common\Lib\ioloHook64.sys
19:22:25.0976 3588 C:\Program Files (x86)\iolo\Common\Lib\ioloHook64.sys - ok
19:22:25.0976 3588 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
19:22:25.0976 3588 C:\Windows\System32\sppobjs.dll - ok
19:22:25.0976 3588 [ 37C813CF6B4E892E2CDA6FEF3B871AFC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
19:22:25.0976 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll - ok
19:22:25.0976 3588 [ 685891C03A266D15B6529C6D0487EA97 ] C:\Program Files (x86)\iolo\Common\Lib\HookDLL32.dll
19:22:25.0976 3588 C:\Program Files (x86)\iolo\Common\Lib\HookDLL32.dll - ok
19:22:25.0992 3588 [ 28943370E3AF1D34D77D22911F891213 ] C:\Windows\System32\NlsData0003.dll
19:22:25.0992 3588 C:\Windows\System32\NlsData0003.dll - ok
19:22:25.0992 3588 [ 4F0429B763D05E721C0DD50693B7EFBE ] C:\Windows\System32\NlsLexicons0003.dll
19:22:25.0992 3588 C:\Windows\System32\NlsLexicons0003.dll - ok
19:22:25.0992 3588 [ 061A78FEFA0457FD64F62DF791939466 ] C:\Windows\System32\NlsData000a.dll
19:22:25.0992 3588 C:\Windows\System32\NlsData000a.dll - ok
19:22:26.0007 3588 [ CDDF26D22DF0C095BC3DF44BBCDC426C ] C:\Windows\System32\NlsLexicons000a.dll
19:22:26.0007 3588 C:\Windows\System32\NlsLexicons000a.dll - ok
19:22:26.0007 3588 [ 857F78A80A36BF9BE8B10D85E49CE2C4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
19:22:26.0007 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll - ok
19:22:26.0007 3588 [ C17DFE97C4F5835505BBF6D6C1DEAC7F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\ec95ad2463c5588fc8ef552b3f375ee6\System.Transactions.ni.dll
19:22:26.0007 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\ec95ad2463c5588fc8ef552b3f375ee6\System.Transactions.ni.dll - ok
19:22:26.0007 3588 [ E4806AC8BE2D890193252D4BEE7EA95C ] C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
19:22:26.0007 3588 C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
19:22:26.0023 3588 [ 9BDB62D5C4B3AE8807CB61F7503784E7 ] C:\Windows\System32\NlsData0018.dll
19:22:26.0023 3588 C:\Windows\System32\NlsData0018.dll - ok
19:22:26.0023 3588 [ 3A84190D1D472A3BB9CC4AF141326F13 ] C:\Windows\System32\NlsLexicons0018.dll
19:22:26.0023 3588 C:\Windows\System32\NlsLexicons0018.dll - ok
19:22:26.0023 3588 [ 62427A3A76CDAAED50C699FA94BE3DCA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll
19:22:26.0023 3588 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll - ok
19:22:26.0038 3588 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
19:22:26.0038 3588 C:\Windows\System32\shfolder.dll - ok
19:22:26.0038 3588 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
19:22:26.0038 3588 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
19:22:26.0038 3588 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
19:22:26.0038 3588 C:\Windows\System32\wbem\wmiprov.dll - ok
19:22:26.0038 3588 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
19:22:26.0038 3588 C:\Windows\System32\wmi.dll - ok
19:22:26.0054 3588 [ 97E0EC3D6D99E8CC2B17EF2D3760E8FC ] C:\Windows\System32\schtasks.exe
19:22:26.0054 3588 C:\Windows\System32\schtasks.exe - ok
19:22:26.0054 3588 [ CDEBD55FFBDA3889AA2A8CE52B9DC097 ] C:\Windows\System32\sdclt.exe
19:22:26.0054 3588 C:\Windows\System32\sdclt.exe - ok
19:22:26.0054 3588 [ 8CE1C165396F2453012B3E23ADD9DF76 ] C:\Windows\System32\ReAgent.dll
19:22:26.0054 3588 C:\Windows\System32\ReAgent.dll - ok
19:22:26.0054 3588 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
19:22:26.0054 3588 C:\Windows\System32\spp.dll - ok
19:22:26.0070 3588 [ 11C405A2DCF38E098316FD904A4FB662 ] C:\Windows\System32\sdengin2.dll
19:22:26.0070 3588 C:\Windows\System32\sdengin2.dll - ok
19:22:26.0070 3588 [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
19:22:26.0070 3588 C:\Windows\System32\sdrsvc.dll - ok
19:22:26.0070 3588 [ E7FBBF3193E248EE05CBC9562810C44A ] C:\Windows\System32\sxshared.dll
19:22:26.0070 3588 C:\Windows\System32\sxshared.dll - ok
19:22:26.0070 3588 [ 55BA6C87FFB2C478E1C9351FA631CC1A ] C:\Windows\System32\sxproxy.dll
19:22:26.0070 3588 C:\Windows\System32\sxproxy.dll - ok
19:22:26.0085 3588 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
19:22:26.0085 3588 C:\Windows\System32\security.dll - ok
19:22:26.0085 3588 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
19:22:26.0085 3588 C:\Windows\System32\wbem\wmipcima.dll - ok
19:22:26.0085 3588 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
19:22:26.0085 3588 C:\Windows\System32\slwga.dll - ok
19:22:26.0101 3588 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
19:22:26.0101 3588 C:\Windows\System32\sppc.dll - ok
19:22:26.0101 3588 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
19:22:26.0101 3588 C:\Windows\System32\advpack.dll - ok
19:22:26.0101 3588 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
19:22:26.0101 3588 C:\Windows\servicing\TrustedInstaller.exe - ok
19:22:26.0101 3588 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
19:22:26.0101 3588 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
19:22:26.0116 3588 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
19:22:26.0116 3588 C:\Windows\System32\dpx.dll - ok
19:22:26.0116 3588 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
19:22:26.0116 3588 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
19:22:26.0116 3588 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
19:22:26.0116 3588 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
19:22:26.0132 3588 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
19:22:26.0132 3588 C:\Windows\System32\srclient.dll - ok
19:22:26.0132 3588 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
19:22:26.0132 3588 C:\Windows\System32\sxsstore.dll - ok
19:22:26.0132 3588 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
19:22:26.0132 3588 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
19:22:26.0148 3588 [ DB4C494406ECAA861C49E4BF2FE1352E ] C:\Program Files (x86)\AVG\AVG2012\avgadvisorx.dll
19:22:26.0148 3588 C:\Program Files (x86)\AVG\AVG2012\avgadvisorx.dll - ok
19:22:26.0148 3588 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
19:22:26.0148 3588 C:\Windows\SysWOW64\wlanapi.dll - ok
19:22:26.0148 3588 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
19:22:26.0148 3588 C:\Windows\SysWOW64\wlanutil.dll - ok
19:22:26.0148 3588 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
19:22:26.0148 3588 C:\Windows\servicing\CbsApi.dll - ok
19:22:26.0163 3588 [ B082D1AA020008B26D08B838C5B1E6BB ] C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
19:22:26.0163 3588 C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe - ok
19:22:26.0163 3588 [ B496B116F621223357DEFE4508B0987E ] C:\Program Files (x86)\AVG\AVG2012\avgsrmx.dll
19:22:26.0163 3588 C:\Program Files (x86)\AVG\AVG2012\avgsrmx.dll - ok
19:22:26.0163 3588 [ BC03475EC281AA1E685388896ACADE8D ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
19:22:26.0163 3588 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
19:22:26.0163 3588 [ CC6FEB2186A2537DBD300DA012428C8F ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
19:22:26.0163 3588 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
19:22:26.0179 3588 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
19:22:26.0179 3588 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
19:22:26.0179 3588 [ 461E8171CC252CE0BE406F7928653493 ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
19:22:26.0179 3588 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
19:22:26.0179 3588 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
19:22:26.0179 3588 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
19:22:26.0194 3588 [ BBA763ABF2DE608FB5D196D4037695D8 ] C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
19:22:26.0194 3588 C:\Program Files (x86)\Mozilla Firefox\nspr4.dll - ok
19:22:26.0194 3588 [ A20918072F6E8D1175F1CCF4B3809E2C ] C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
19:22:26.0194 3588 C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll - ok
19:22:26.0194 3588 [ B67DD248876685C9C6F981B462876FAD ] C:\Program Files (x86)\Mozilla Firefox\plc4.dll
19:22:26.0194 3588 C:\Program Files (x86)\Mozilla Firefox\plc4.dll - ok
19:22:26.0194 3588 [ B1C8AFE8E448DAB0D8E9D4EAEF2C5FE4 ] C:\Program Files (x86)\Mozilla Firefox\plds4.dll
19:22:26.0194 3588 C:\Program Files (x86)\Mozilla Firefox\plds4.dll - ok
19:22:26.0210 3588 [ C2695F2C77081F68269D93014953657E ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
19:22:26.0210 3588 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
19:22:26.0210 3588 [ AD4E1F7A31B0D1DF306E16AAEEAC3A19 ] C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
19:22:26.0210 3588 C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll - ok
19:22:26.0210 3588 [ AE3023742879C317A1B1CA576185DA98 ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
19:22:26.0210 3588 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
19:22:26.0226 3588 [ B5589F1F0AEDC9CDFC6A3BAB55B9A340 ] C:\Program Files (x86)\Mozilla Firefox\smime3.dll
19:22:26.0226 3588 C:\Program Files (x86)\Mozilla Firefox\smime3.dll - ok
19:22:26.0226 3588 [ B2A0CB1C0A17A6C04625DE4457B4B847 ] C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
19:22:26.0226 3588 C:\Program Files (x86)\Mozilla Firefox\ssl3.dll - ok
19:22:26.0226 3588 [ 1CDB643F6561E4648D47B6BBF7333122 ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
19:22:26.0226 3588 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
19:22:26.0226 3588 [ C9CB0A6626B731206BF9E1007CE4755D ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
19:22:26.0226 3588 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
19:22:26.0241 3588 [ F3CA1C3694EAC2B2E44AEF94406E3768 ] C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
19:22:26.0241 3588 C:\Program Files (x86)\Mozilla Firefox\xpcom.dll - ok
19:22:26.0241 3588 [ DBC50C88618094AEEE22723C11D6307A ] C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
19:22:26.0241 3588 C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll - ok
19:22:26.0241 3588 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
19:22:26.0241 3588 C:\Windows\SysWOW64\wshqos.dll - ok
19:22:26.0257 3588 [ A2631C4465BBCE72B7E371DFB924A9D3 ] C:\Windows\SysWOW64\feclient.dll
19:22:26.0257 3588 C:\Windows\SysWOW64\feclient.dll - ok
19:22:26.0257 3588 [ AB1F1374CE30F0679263A05EF40AFDDC ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
19:22:26.0257 3588 C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
19:22:26.0257 3588 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
19:22:26.0257 3588 C:\Windows\SysWOW64\d3d10_1.dll - ok
19:22:26.0257 3588 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
19:22:26.0257 3588 C:\Windows\SysWOW64\d3d10_1core.dll - ok
19:22:26.0272 3588 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
19:22:26.0272 3588 C:\Windows\SysWOW64\dxgi.dll - ok
19:22:26.0272 3588 [ 551451BA49F18553BD0DF179A654BA95 ] C:\Windows\SysWOW64\atiuxpag.dll
19:22:26.0272 3588 C:\Windows\SysWOW64\atiuxpag.dll - ok
19:22:26.0272 3588 [ 0C470E904F321A548378682B48367DCF ] C:\Windows\SysWOW64\atidxx32.dll
19:22:26.0272 3588 C:\Windows\SysWOW64\atidxx32.dll - ok
19:22:26.0288 3588 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
19:22:26.0288 3588 C:\Windows\SysWOW64\d2d1.dll - ok
19:22:26.0288 3588 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
19:22:26.0288 3588 C:\Windows\SysWOW64\d3d10.dll - ok
19:22:26.0288 3588 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
19:22:26.0288 3588 C:\Windows\SysWOW64\d3d10core.dll - ok
19:22:26.0288 3588 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
19:22:26.0288 3588 C:\Windows\System32\msiexec.exe - ok
19:22:26.0304 3588 [ 58150C1AC5B86C1A6B5E15FE1C3A870D ] C:\Program Files (x86)\IrfanView\i_view32.exe
19:22:26.0304 3588 C:\Program Files (x86)\IrfanView\i_view32.exe - ok
19:22:26.0304 3588 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
19:22:26.0304 3588 C:\Windows\SysWOW64\mscms.dll - ok
19:22:26.0304 3588 [ B6A4E9A4364EE9A6CD8D81CA3AB9EE36 ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
19:22:26.0304 3588 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
19:22:26.0304 3588 [ 45357A45CB97C45A21A675CFC0070223 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
19:22:26.0304 3588 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
19:22:26.0319 3588 [ EA2A401F59CAE941DF233AC8B347F83B ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
19:22:26.0319 3588 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
19:22:26.0319 3588 [ 6ADE2A1469D6CC8263D0BBE05FA60B5C ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
19:22:26.0319 3588 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
19:22:26.0319 3588 [ 51089069D644D36891416407CB8C7B4F ] C:\Windows\System32\nvshext.dll
19:22:26.0319 3588 C:\Windows\System32\nvshext.dll - ok
19:22:26.0319 3588 [ E28FBD9D26FCFA48BCC8EAA90DF45A02 ] C:\Windows\System32\nvcpl.dll
19:22:26.0319 3588 C:\Windows\System32\nvcpl.dll - ok
19:22:26.0335 3588 [ AB11CEFE591909A85E98E27A230807C7 ] C:\Program Files\Windows Sidebar\sbdrop.dll
19:22:26.0335 3588 C:\Program Files\Windows Sidebar\sbdrop.dll - ok
19:22:26.0335 3588 [ 8163E23ED09D26E44D8F7E926DFEAC60 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
19:22:26.0335 3588 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll - ok
19:22:26.0335 3588 [ 8DA342A2340B8C408E22CBD401E80AED ] C:\Program Files (x86)\MagicISO\misosh64.dll
19:22:26.0335 3588 C:\Program Files (x86)\MagicISO\misosh64.dll - ok
19:22:26.0350 3588 [ A10B048B681C38E26CA90CD1BC123604 ] C:\Windows\System32\syncui.dll
19:22:26.0350 3588 C:\Windows\System32\syncui.dll - ok
19:22:26.0350 3588 [ 33947F1566C8EC685EB6057D882C99D2 ] C:\Windows\System32\synceng.dll
19:22:26.0350 3588 C:\Windows\System32\synceng.dll - ok
19:22:26.0350 3588 [ B4A4AE41F86BB7F01ADCCA7D6E34AAE6 ] C:\Program Files (x86)\AVG\AVG2012\avgsea.dll
19:22:26.0350 3588 C:\Program Files (x86)\AVG\AVG2012\avgsea.dll - ok
19:22:26.0350 3588 [ D2033210D4DA9E9CE7670DFF45D7101B ] C:\Users\Sergio\Desktop\TDSSKiller.exe
19:22:26.0350 3588 C:\Users\Sergio\Desktop\TDSSKiller.exe - ok
19:22:26.0366 3588 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\26864203.sys
19:22:26.0366 3588 C:\Windows\System32\drivers\26864203.sys - ok
19:22:26.0366 3588 ============================================================
19:22:26.0366 3588 Scan finished
19:22:26.0366 3588 ============================================================
19:22:26.0382 4376 Detected object count: 0
19:22:26.0382 4376 Actual detected object count: 0
_______________________________________
 
_______________________________________
RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Sergio [Admin rights]
Mode : Scan -- Date : 10/19/2012 19:26:27

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 18 ¤¤¤
[Services][ROGUE ST] HKLM\[...]\ControlSet001\Services\X6va006 (\??\C:\Users\Giovanni\AppData\Local\Temp\006128.tmp) -> FOUND
[Services][ROGUE ST] HKLM\[...]\ControlSet002\Services\X6va006 (\??\C:\Users\Giovanni\AppData\Local\Temp\006128.tmp) -> FOUND
[TASK][SUSP PATH] {12411ECD-648D-4B91-9E6F-AB4AB506DA74} : C:\Windows\system32\pcalua.exe -a C:\Users\Sergio\Desktop\abrViewer.Net_1.0.2_Install.exe -d C:\Users\Sergio\Desktop -> FOUND
[TASK][SUSP PATH] {15899B23-E159-4670-B995-44CF72A3DA6F} : C:\Windows\system32\pcalua.exe -a "C:\Users\Sergio\Desktop\Tribes ReVengeance\TV_SinglePlayer_AddOn.exe" -d "C:\Users\Sergio\Desktop\Tribes ReVengeance" -> FOUND
[TASK][SUSP PATH] {802C690F-E7DE-45CC-A552-186B64D0B7B9} : C:\Windows\system32\pcalua.exe -a "C:\Users\Sergio\Desktop\Creative Alchemy Universal 1.0.0.8.exe" -d C:\Users\Sergio\Desktop -> FOUND
[TASK][SUSP PATH] {8200A31F-080C-4563-A993-6D4859180760} : C:\Windows\system32\pcalua.exe -a C:\Users\Sergio\Desktop\abrViewer.NET\abrViewer.NET.exe -d C:\Users\Sergio\Desktop\abrViewer.NET -> FOUND
[TASK][SUSP PATH] {AE1F2058-A331-45E6-B5A5-3236857B96EE} : C:\Windows\system32\pcalua.exe -a "C:\Users\Sergio\Desktop\Portable - NFS Underground 2\speed2.exe" -d "C:\Users\Sergio\Desktop\Portable - NFS Underground 2" -> FOUND
[TASK][SUSP PATH] {BDF3B16A-B47E-466A-A769-0DCACE53F8C4} : C:\Windows\system32\pcalua.exe -a "C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NTM9M9MI\DOSBox0.73-win32-installer[1].exe" -d C:\Users\Sergio\Desktop -> FOUND
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.joystiq.com
127.0.0.1 minecraft.net
127.0.0.1 kotaku.com


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST350041 8AS SCSI Disk Device +++++
--- User ---
[MBR] 423bd5cfb17b1e245ab7f4934a43fd1c
[BSP] 77d61e3f0f3b1e81ee071fb237ed0ddd : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 465672 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 953903104 | Size: 11166 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive1: Best Buy Geek Squad USB Device +++++
--- User ---
[MBR] 34c794082fc3155303d0e578c66050eb
[BSP] e1b6546b754dac1a850095bd1d624e14 : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 44 | Size: 7655 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt

______________

RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Sergio [Admin rights]
Mode : Remove -- Date : 10/19/2012 19:27:28

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 15 ¤¤¤
[Services][ROGUE ST] HKLM\[...]\ControlSet001\Services\X6va006 (\??\C:\Users\Giovanni\AppData\Local\Temp\006128.tmp) -> DELETED
[Services][ROGUE ST] HKLM\[...]\ControlSet002\Services\X6va006 (\??\C:\Users\Giovanni\AppData\Local\Temp\006128.tmp) -> DELETED
[TASK][SUSP PATH] {12411ECD-648D-4B91-9E6F-AB4AB506DA74} : C:\Windows\system32\pcalua.exe -a C:\Users\Sergio\Desktop\abrViewer.Net_1.0.2_Install.exe -d C:\Users\Sergio\Desktop -> DELETED
[TASK][SUSP PATH] {15899B23-E159-4670-B995-44CF72A3DA6F} : C:\Windows\system32\pcalua.exe -a "C:\Users\Sergio\Desktop\Tribes ReVengeance\TV_SinglePlayer_AddOn.exe" -d "C:\Users\Sergio\Desktop\Tribes ReVengeance" -> DELETED
[TASK][SUSP PATH] {802C690F-E7DE-45CC-A552-186B64D0B7B9} : C:\Windows\system32\pcalua.exe -a "C:\Users\Sergio\Desktop\Creative Alchemy Universal 1.0.0.8.exe" -d C:\Users\Sergio\Desktop -> DELETED
[TASK][SUSP PATH] {8200A31F-080C-4563-A993-6D4859180760} : C:\Windows\system32\pcalua.exe -a C:\Users\Sergio\Desktop\abrViewer.NET\abrViewer.NET.exe -d C:\Users\Sergio\Desktop\abrViewer.NET -> DELETED
[TASK][SUSP PATH] {AE1F2058-A331-45E6-B5A5-3236857B96EE} : C:\Windows\system32\pcalua.exe -a "C:\Users\Sergio\Desktop\Portable - NFS Underground 2\speed2.exe" -d "C:\Users\Sergio\Desktop\Portable - NFS Underground 2" -> DELETED
[TASK][SUSP PATH] {BDF3B16A-B47E-466A-A769-0DCACE53F8C4} : C:\Windows\system32\pcalua.exe -a "C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NTM9M9MI\DOSBox0.73-win32-installer[1].exe" -d C:\Users\Sergio\Desktop -> DELETED
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.joystiq.com
127.0.0.1 minecraft.net
127.0.0.1 kotaku.com


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST350041 8AS SCSI Disk Device +++++
--- User ---
[MBR] 423bd5cfb17b1e245ab7f4934a43fd1c
[BSP] 77d61e3f0f3b1e81ee071fb237ed0ddd : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 465672 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 953903104 | Size: 11166 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive1: Best Buy Geek Squad USB Device +++++
--- User ---
[MBR] 34c794082fc3155303d0e578c66050eb
[BSP] e1b6546b754dac1a850095bd1d624e14 : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 44 | Size: 7655 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt



_______________________________________


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-19 19:28:59
-----------------------------
19:28:59.482 OS Version: Windows x64 6.1.7601 Service Pack 1
19:28:59.482 Number of processors: 2 586 0x602
19:28:59.497 ComputerName: SERGE-PC UserName: Sergio
19:29:00.714 Initialize success
19:29:31.293 AVAST engine defs: 12101901
19:29:34.194 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006a
19:29:34.194 Disk 0 Vendor: ST350041 HP34 Size: 476940MB BusType: 3
19:29:34.194 Disk 0 MBR read successfully
19:29:34.210 Disk 0 MBR scan
19:29:34.210 Disk 0 Windows 7 default MBR code
19:29:34.210 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:29:34.225 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465672 MB offset 206848
19:29:34.257 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11166 MB offset 953903104
19:29:34.288 Disk 0 scanning C:\Windows\system32\drivers
19:29:48.000 Service scanning
19:30:08.764 Modules scanning
19:30:08.764 Disk 0 trace - called modules:
19:30:08.779 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
19:30:08.795 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800337b790]
19:30:08.795 3 CLASSPNP.SYS[fffff8800191043f] -> nt!IofCallDriver -> [0xfffffa8002e6bca0]
19:30:08.795 5 ACPI.sys[fffff88000f547a1] -> nt!IofCallDriver -> \Device\0000006a[0xfffffa8002eb19c0]
19:30:09.887 AVAST engine scan C:\Windows
19:30:22.507 AVAST engine scan C:\Windows\system32
19:33:58.315 AVAST engine scan C:\Windows\system32\drivers
19:34:13.827 AVAST engine scan C:\Users\Sergio
20:24:01.721 Disk 0 MBR has been saved successfully to "C:\Users\Sergio\Desktop\MBR.dat"
20:24:01.736 The log file has been saved successfully to "C:\Users\Sergio\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-20 00:12:43
-----------------------------
00:12:43.431 OS Version: Windows x64 6.1.7601 Service Pack 1
00:12:43.431 Number of processors: 2 586 0x602
00:12:43.431 ComputerName: SERGE-PC UserName: Sergio
00:12:44.867 Initialize success
00:12:57.403 AVAST engine defs: 12101901
00:13:17.293 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006a
00:13:17.293 Disk 0 Vendor: ST350041 HP34 Size: 476940MB BusType: 3
00:13:17.324 Disk 0 MBR read successfully
00:13:17.324 Disk 0 MBR scan
00:13:17.324 Disk 0 Windows 7 default MBR code
00:13:17.340 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
00:13:17.356 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465672 MB offset 206848
00:13:17.387 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11166 MB offset 953903104
00:13:17.480 Disk 0 scanning C:\Windows\system32\drivers
00:13:39.991 Service scanning
00:14:04.359 Modules scanning
00:14:04.359 Disk 0 trace - called modules:
00:14:04.406 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
00:14:04.406 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800337b790]
00:14:04.422 3 CLASSPNP.SYS[fffff8800191043f] -> nt!IofCallDriver -> [0xfffffa8002e6bca0]
00:14:04.422 5 ACPI.sys[fffff88000f547a1] -> nt!IofCallDriver -> \Device\0000006a[0xfffffa8002eb19c0]
00:14:05.732 AVAST engine scan C:\
00:20:12.918 File: C:\FRST\Quarantine\Desktop.ini **INFECTED** Win32:Sirefef-HO [Rtk]
01:49:45.537 File: C:\Program Files (x86)\GOG.com\Rayman Forever\RayKit\MAPPER.EXE **INFECTED** Win32:CIH-G@dam
01:49:46.473 File: C:\Program Files (x86)\GOG.com\Rayman Forever\RayKit\OSD\CLIENT.EXE **INFECTED** Win32:CIH-G@dam
01:49:47.128 File: C:\Program Files (x86)\GOG.com\Rayman Forever\RayKit\OSD\STARTUP.EXE **INFECTED** Win32:CIH-G@dam
01:49:49.967 File: C:\Program Files (x86)\GOG.com\Rayman Forever\RayKit\RAYRUN.EXE **INFECTED** Win32:CIH-G@dam
02:58:31.703 File: C:\Program Files (x86)\XBlades\X-Blades v1.0 + 10 Trainer.exe **INFECTED** Win32:Malware-gen
07:12:10.141 Disk 0 MBR has been saved successfully to "C:\Users\Sergio\Desktop\MBR.dat"
07:12:10.157 The log file has been saved successfully to "C:\Users\Sergio\Desktop\aswMBR.txt"
 
Well done :)

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
ComboFix 12-10-21.01 - Sergio 10/21/2012 0:43.7.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3070.1620 [GMT -4:00]
Running from: c:\users\Sergio\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Serge\AppData\Local\Microsoft\Windows\Temporary Internet Files\{34D816D2-B6A0-4DEA-822E-92546906E107}.xps
I:\install.exe
.
---- Previous Run -------
.
C:\install.exe
c:\users\Serge\AppData\Local\Microsoft\Windows\Temporary Internet Files\{4EF015C3-6455-4201-9DCF-83E9E4C3F315}.xps
c:\windows\20120917_180035.TMP
c:\windows\apppatch\AppLoc.exe
c:\windows\apppatch\AppLocA.exe
c:\windows\apppatch\unins000.dat
c:\windows\apppatch\unins000.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_nvsvc
.
.
((((((((((((((((((((((((( Files Created from 2012-09-21 to 2012-10-21 )))))))))))))))))))))))))))))))
.
.
2012-10-21 04:58 . 2012-10-21 04:58 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-10-21 04:58 . 2012-10-21 04:58 -------- d-----w- c:\users\My Documents\AppData\Local\temp
2012-10-21 04:58 . 2012-10-21 04:58 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-10-21 04:58 . 2012-10-21 04:58 -------- d-----w- c:\users\Giovanni\AppData\Local\temp
2012-10-21 04:58 . 2012-10-21 04:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-20 20:41 . 2012-10-21 04:58 -------- d-----w- c:\users\Serge\AppData\Local\temp
2012-10-19 22:16 . 2012-10-19 22:16 -------- d-----w- c:\users\Giovanni\AppData\Local\ElevatedDiagnostics
2012-10-18 23:48 . 2012-10-18 23:48 -------- d-----w- C:\FRST
2012-10-17 23:46 . 2012-10-17 23:46 -------- d-----w- c:\users\Sergio\AppData\Local\DDMSettings
2012-10-17 23:45 . 2012-10-17 23:45 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack
2012-10-15 02:19 . 2012-10-15 02:21 -------- d-----w- c:\users\Sergio\AppData\Roaming\RetroCityRampage
2012-10-15 02:17 . 2012-10-15 11:18 -------- d-----w- c:\program files (x86)\Retro City Rampage
2012-10-14 22:32 . 2012-10-14 22:32 -------- d-----w- c:\users\Sergio\AppData\Roaming\dvdcss
2012-10-14 05:32 . 2012-10-14 05:32 58880 --sh--w- C:\Trainer.dll
2012-10-11 00:31 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-11 00:31 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-05 21:57 . 2012-10-05 21:57 -------- d-----w- c:\users\Serge\AppData\Roaming\Fujitsu
2012-10-05 21:57 . 2012-10-05 21:57 -------- d-----w- c:\users\Serge\AppData\Local\Fujitsu
2012-10-05 21:56 . 2012-10-21 02:47 -------- d-----w- c:\users\Serge\AppData\Local\TSVNCache
2012-10-05 21:56 . 2012-10-05 21:56 -------- d-----w- c:\users\Serge\AppData\Roaming\Subversion
2012-10-05 02:14 . 2012-10-03 19:35 2155248 ----a-w- c:\windows\system32\Incinerator64.dll
2012-10-04 23:11 . 2012-10-04 23:11 -------- d-----w- c:\users\Sergio\AppData\Local\FLT
2012-10-04 23:03 . 2012-10-04 23:03 -------- d-----w- c:\program files (x86)\Castle Crashers
2012-09-30 18:25 . 2012-09-30 18:25 -------- d-----w- c:\program files (x86)\Winamp Detect
2012-09-30 18:24 . 2012-09-30 18:30 -------- d-----w- c:\users\Sergio\AppData\Roaming\Winamp
2012-09-30 18:24 . 2012-09-30 18:26 -------- d-----w- c:\program files (x86)\Winamp
2012-09-26 20:38 . 2012-09-26 20:38 -------- d-----w- c:\users\Sergio\AppData\Local\ArmA 2 OA DEMO
2012-09-25 22:00 . 2012-09-25 22:00 -------- d-----w- c:\users\Sergio\AppData\Roaming\xu4
2012-09-25 21:59 . 2012-09-25 22:01 -------- d-----w- c:\program files (x86)\xu4
2012-09-23 04:31 . 2012-09-23 04:58 -------- d-----w- c:\program files (x86)\SONICADVENTUREDX
2012-09-23 04:31 . 2012-09-23 04:36 -------- d-----w- c:\program files\Sega
2012-09-23 02:47 . 2012-09-23 15:54 -------- d-----w- c:\users\Sergio\AppData\Local\VBS2
2012-09-22 14:50 . 2012-09-30 15:31 -------- d-----w- C:\CyberStep
2012-09-21 21:07 . 2012-08-24 11:15 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-09-21 21:07 . 2012-08-24 10:39 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-09-21 21:07 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-09-21 21:07 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-09-21 21:07 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-21 21:07 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-21 21:07 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-09-21 21:07 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-09-21 21:07 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-09-21 21:07 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-09-21 21:06 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-21 21:06 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 00:35 . 2009-12-11 22:34 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 18:39 . 2012-05-07 03:18 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 18:39 . 2011-05-20 04:00 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-03 19:52 . 2012-05-05 03:51 57144 ----a-w- c:\windows\system32\iolobtdfg.exe
2012-10-03 19:52 . 2012-05-05 03:51 25744 ----a-w- c:\windows\system32\smrgdf.exe
2012-10-03 19:35 . 2012-07-28 21:25 2097032 ----a-w- c:\windows\SysWow64\Incinerator32.dll
2012-09-23 16:26 . 2012-02-23 22:28 298280 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-09-23 16:26 . 2009-12-29 02:22 298280 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-09-23 16:24 . 2012-02-23 22:28 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-09-23 16:24 . 2011-10-30 22:53 298280 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-09-23 15:53 . 2012-07-21 07:43 3360624 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-09-07 21:04 . 2010-10-25 04:29 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-04 04:36 . 2012-09-04 04:36 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-08-24 19:43 . 2012-08-24 19:43 384352 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2012-08-24 19:14 . 2012-08-24 18:06 57344 ----a-w- c:\windows\UNINSTCP.EXE
2012-08-22 18:12 . 2012-09-13 04:55 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-13 04:55 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-13 04:55 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-07-26 22:57 . 2012-07-26 22:57 74703 ----a-w- c:\windows\SysWow64\mfc45.dat
2012-07-26 07:21 . 2012-07-26 07:21 291680 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-07-24 14:52 . 2012-07-26 22:58 82160 ----a-w- c:\windows\system32\drivers\PDFsFilter.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-09-04 04:36 1734240 ----a-w- c:\program files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll" [2012-09-04 1734240]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-09-04 1353080]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-10-16 5628800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2006-11-17 77824]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-09-04 947808]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]
"ROC_ROC_JULY_P1"="c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-09-04 1022048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ """""""autocheck autochk /p \??\I:"""""""\0"""""""autocheck autochk *"""""""\0i\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5"""""""\0OUL4C5R\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5"""""""\0LT1JTKO\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5"""""""\0OUL4C5R\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5"""""""\0OUL4C5R\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5"""""""\0OUL4C5R\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5"""""""\0LT1JTKO\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5"""""""\0LT1JTKO\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L84XTXN3\"""""""\0"""""""F??"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L84XTXN3\"""""""\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5"""""""\0OUL4C5R\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0N3\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0N3\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0JF\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0JF\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0N3\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\05R\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\05R\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0N3\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0JF\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0JF\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0KO\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0KO\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0JF\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\05R\\0"""""""???"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5"""""""\0LT1JTKO\\05R\\0??Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0JF\\0"""""""???"""""""\0]\0"""""""c:\users\Giovanni\AppData\Local\Google\Chrome\Application\chrome.exe --make-default-browser"""""""\0???????????????????????????????????????????????????\0????\0""""""""""""""\0"""""""?????????"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0???Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""????????"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0???Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""????????"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0???Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""????????"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0???Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""????????"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0???Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""????????"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0???Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0"""""""????????"""""""\0^\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0???Â\0"""""""c:\users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UERS09JF\"""""""\0????????????????????????????????????????????\0?\0"""""""??????"""""""\021??21????\0"""""""iolobtdfg c:\windows\system32"""""""\0"""iolobtdfg c:\windows\system32"""\0"c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart"\0"iolobtdfg c:\windows\system32"\0??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????\0?\0??????&\0??????\0?\0\0"""""""???"""""""\0????\0\0"""""""???"""""""\0????\0\0"""""""F??"""""""\0????\0\0"""""""???"""""""\0????\0\0"""""""???"""""""\0????\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0????\0\0"""""""???"""""""\0????\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0????\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0??0\0"""""""??????"""""""\0?????\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""F??"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0??0\0"""""""??????"""""""\0"\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0???\0\0"""""""???"""""""\0??0\0"""""""??????"""""""\0autocheck smrgdf c:\users\Sergio\AppData\Roaming\iolo\\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
R1 ISODisk;ISODisk; [x]
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-23 135664]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-28 52584]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-01-07 131912]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\SEGA\PHANTASY STAR UNIVERSE\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-23 135664]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-12 115168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 rak;rak;c:\game\SoftnyxGame\RakionIS\Bin\rakion64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 v3core;v3core;c:\windows\system32\Drivers\v3core.sys [x]
R3 vtany;vtany;c:\windows\vtany.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-07 1255736]
R3 X6va001;X6va001;c:\users\Serge\AppData\Local\Temp\001BFB6.tmp [x]
R3 X6va003;X6va003;c:\users\Serge\AppData\Local\Temp\003927E.tmp [x]
R3 X6va005;X6va005;c:\users\Giovanni\AppData\Local\Temp\005A721.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
R4 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-04 31080]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-30 279616]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-04-17 31432]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-07 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-24 65192]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-10-03 1028464]
S2 PDFsFilter;PDFsFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys [2012-07-24 82160]
S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-09-04 722528]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - ioloSGuardDriver
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 18:39]
.
2012-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-23 01:55]
.
2012-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-23 01:55]
.
2012-10-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709730911-3575959158-105785236-1000Core.job
- c:\users\Serge\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-18 01:33]
.
2012-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709730911-3575959158-105785236-1000UA.job
- c:\users\Serge\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-18 01:33]
.
2012-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709730911-3575959158-105785236-1005Core.job
- c:\users\Giovanni\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-02 20:36]
.
2012-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709730911-3575959158-105785236-1005UA.job
- c:\users\Giovanni\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-02 20:36]
.
2012-10-19 c:\windows\Tasks\HPCeeScheduleForSergio.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15]
.
------- Supplementary Scan -------
.
uStart Page = astroburn-search.com
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local;<local>
IE: &Translate with ATLAS - c:\program files (x86)\ATLAS V14\Atlscript.html
IE: ATLAS Translation &Editor - c:\program files (x86)\ATLAS V14\AtlscriptEdit.html
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - g:\micros~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - g:\micros~1\Office14\ONBttnIE.dll/105
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~2\Crawler\Toolbar\ctbr.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
Wow6432Node-HKLM-RunOnce-SMRequiresRestart - (no file)
SafeBoot-81856206.sys
AddRemove-Starsiege - c:\dynamix\Starsiege\Uninst.isu
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va001]
"ImagePath"="\??\c:\users\Serge\AppData\Local\Temp\001BFB6.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\Serge\AppData\Local\Temp\003927E.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Giovanni\AppData\Local\Temp\005A721.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\xsherlock]
"ImagePath"="c:\windows\system32\xsherlock.xem"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{1E61ED7C-7CB8-49D6-B9E9-AB4C880C8414}"=hex:51,66,7a,6c,4c,1d,38,12,12,ee,72,
1a,8a,32,b8,0c,c6,ff,e8,0c,8d,52,c0,00
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{EFEED92A-A33D-4873-BA8F-32BAA631E54D}"=hex:51,66,7a,6c,4c,1d,38,12,44,da,fd,
eb,0f,ed,1d,0d,c5,99,71,fa,a3,6f,a1,59
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{593DDEC6-7468-4CDD-90E1-42DADAA222E9}"=hex:51,66,7a,6c,4c,1d,38,12,a8,dd,2e,
5d,5a,3a,b3,09,ef,f7,01,9a,df,fc,66,fd
"{597A9974-8CB0-4F41-B61F-ED065738A397}"=hex:51,66,7a,6c,4c,1d,38,12,1a,9a,69,
5d,82,c2,2f,0a,c9,09,ae,46,52,66,e7,83
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{ACD6A209-4AAF-4B1C-9930-B82FA131E958}"=hex:51,66,7a,6c,4c,1d,38,12,67,a1,c5,
a8,9d,04,72,0e,e6,26,fb,6f,a4,6f,ad,4c
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}"=hex:51,66,7a,6c,4c,1d,38,12,2e,fd,ed,
e4,cb,b5,c0,07,c5,4e,3a,0c,a2,bd,bf,47
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:a0,aa,b7,e0,f2,b5,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ed,fb,6f,3a,74,a8,98,4b,85,bf,f3,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ed,fb,6f,3a,74,a8,98,4b,85,bf,f3,\
.
[HKEY_USERS\S-1-5-21-2709730911-3575959158-105785236-1001\Software\CyberLink\Common\claud\yberlink\PowerDirector\P* ***Ì**\PDR8]
"AuDsInterface"=dword:00000008
"AuHDMIMode"=dword:00000000
"AuDsDnmx"=dword:00000008
"AuDsDualMono"=dword:00000000
"AuDsDHMode"=dword:00000002
"AuDsDVSMode"=dword:00000005
"AuDsCLHMode"=dword:00000002
"AuDsCLVSMode"=dword:00000002
"AuDsTSOn"=dword:00000001
"AuDsFocusOn"=dword:00000001
"AuDsTBOn"=dword:00000001
"AuDsFocusLevel"=dword:00000005
"AuDsTBLevel"=dword:00000008
"AuDsSpkSize"=dword:00000001
"AuDsDTSS2SpeakWidth"=dword:0000000a
"AuDsDTSS2DialGain"=dword:00000000
"AuDsDTSS2BassRGain"=dword:00000000
"AuDsChanExpand"=dword:00000004
"AuDsPL2Mode"=dword:00000003
"AuDsPL2XPanorama"=dword:00000000
"AuDsPL2XCntrWidth"=dword:00000003
"AuDsMEIMode"=dword:00000014
"AuDsMEIVolFront"=dword:0000001e
"AuDsMEIVolRear"=dword:0000001e
"AuDsMEIVolCenter"=dword:0000001e
"AuDsMEIVolLFE"=dword:0000001e
"AuDsNeo6Mode"=dword:00000000
"AU_DRC_MODE"=dword:00000002
"LFEON"=dword:00000001
"AuDsCntrMix"=dword:00000000
.
[HKEY_USERS\S-1-5-21-2709730911-3575959158-105785236-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2709730911-3575959158-105785236-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:c7,e1,5f,27,b8,22,c2,fd,a9,5c,c9,3c,5b,f3,63,b7,0e,3c,bb,52,6f,02,72,
55,f4,59,a6,f7,0f,3e,67,8b,c4,d4,86,e8,57,c2,3c,d7,3d,34,93,52,d5,00,3e,79,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-2709730911-3575959158-105785236-1001\Software\SecuROM\License information*]
"datasecu"=hex:d2,22,08,c0,40,84,0b,9c,d9,4b,ff,7a,91,50,48,18,af,52,b9,ec,73,
51,61,61,c3,3a,7b,d7,e6,d0,43,60,6f,be,4f,73,ba,22,82,01,ea,0b,32,cf,68,6e,\
"rkeysecu"=hex:3d,78,9d,9f,77,c2,1b,58,f8,7f,61,47,24,56,10,de
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-21 01:03:28
ComboFix-quarantined-files.txt 2012-10-21 05:03
ComboFix2.txt 2012-07-22 15:38
ComboFix3.txt 2012-07-19 19:57
.
Pre-Run: 118,699,372,544 bytes free
Post-Run: 118,390,587,392 bytes free
.
- - End Of File - - C0B3BA18F4AAF6189D2F5165362FD021
 
Looks good :)

Any current issues?

============================

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Sorry, but when OTL reaches "Scanning FireFox Settings..." it stops responding.
Ive terminated the process and tried OTL 3 times with the same result
 
1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

3. Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next...

  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.

4. Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

5. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
1. SecurityCheck ran well

Results of screen317's Security Check version 0.99.53
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
AVG Internet Security 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.0.1400
JavaFX 2.1.1
Java(TM) 6 Update 22
Java(TM) 6 Update 30
Java(TM) 7 Update 5
Java version out of Date!
Adobe Flash Player 11.4.402.287
Mozilla Firefox (16.0.1)
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
iolo Common Lib ioloServiceManager.exe
iolo System Mechanic SystemGuardAlerter.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


2. FSS managed to scan successfully, here is the log

Farbar Service Scanner Version: 19-10-2012
Ran by Sergio (administrator) on 22-10-2012 at 17:11:17
Running from "C:\Users\Sergio\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


3.AdwCleaner freezes up after 30 minutes
No log

4.I successfully ran TFC

5.ESET ran successfully and found a few threats, but I know that these are false positives.

C:\Users\Sergio\Documents\AceDS\Homebrew\[1547]ds2pc.rar probably a variant of Win32/Spy.KeyLogger.NDW trojan deleted - quarantined
C:\Users\Sergio\Documents\My Videos\g\agth\Translation Aggregator 0.4.9.r171.rar probably a variant of Win32/AGTH.A application deleted - quarantined
C:\Users\Sergio\Documents\My Videos\g\agth\Translation Aggregator 0.4.9.r171\agth.dll probably a variant of Win32/AGTH.A application cleaned by deleting - quarantined
C:\Users\Sergio\Downloads\Modding\flt-dspd.7z a variant of Win32/Packed.VMProtect.AAN trojan deleted - quarantined


On a whim I ran rKill, it found something and produced a log.
____________________________________

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 10/22/2012 at 17:03:04.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:

C:\Windows\SysWOW64\rundll32.exe


Rkill completed on 10/22/2012 at 17:04:33.
_________________________________


A scan in AVG has also detected C:\Windows\SysWOW64\mfc45.dll
 
Thanks, it worked. What do I do with the quarantine folder of roguekiller and FRST? Can it just be deleted?

AdwCleaner log
_______________________________
# AdwCleaner v2.005 - Logfile created 10/23/2012 at 16:39:38
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Sergio - SERGE-PC
# Boot Mode : Safe mode
# Running from : C:\Users\Sergio\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\5z77mhhc.default\searchplugins\mywebsearch.xml
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Giovanni\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Giovanni\AppData\Local\Conduit
Folder Deleted : C:\Users\Giovanni\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Giovanni\AppData\Roaming\Mozilla\Firefox\Profiles\y0sqdvyh.default\FCTB
Folder Deleted : C:\Users\Serge\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Sergio\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Sergio\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Sergio\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Sergio\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Sergio\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Sergio\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Sergio\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Sergio\AppData\Roaming\BabylonToolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5F970FDE-702B-4EF9-920C-5F2848A5AF26}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\SOFTWARE\FCSB000063123
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={7EA4BF3F-6EAA-4C8F-9D41-94E7281F7CE0}&mid=b4438680197047d1b7ca41affcd54571-6ed2972a9320afa5d115548b7317ea45dc552151&lang=&ds=&pr=&d=&v=9.0.0.22&sap=nt --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.1 (en-US)

Profile name : default
File : C:\Users\Serge\AppData\Roaming\Mozilla\Firefox\Profiles\ucns3ca7.default\prefs.js

Deleted : user_pref("extensions.personas.current", "{\"id\":\"300372\",\"name\":\"Conduit 2\",\"headerURL\":\"[...]
Deleted : user_pref("extensions.personas.lastselected0", "{\"id\":\"300372\",\"name\":\"Conduit 2\",\"headerUR[...]
Deleted : user_pref("lightweightThemes.usedThemes", "[{\"id\":\"300372\",\"name\":\"Conduit 2\",\"headerURL\":[...]

Profile name : default
File : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\5z77mhhc.default\prefs.js

C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\5z77mhhc.default\user.js ... Deleted !

Deleted : user_pref("FlashVD.cache.video", "hxxp://vids.myspace.com\nhxxp://www.yourfilehost.com\nhxxp://www.m[...]
Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\9.0.0.21");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "PageRage Customized Web Search");
Deleted : user_pref("browser.search.order.1", "Crawler Search");
Deleted : user_pref("extensions.BabylonToolbar.admin", "false");
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "a0a2395400000000000090e6ba31ac82");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15581");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.isdcmntcmplt", true);
Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.sg", "none");
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111020&tt=280812_2003_3512_2");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "a0a2395400000000000090e6ba31ac82");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "a0a2395400000000000090e6ba31ac82");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15534");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.128:52:06");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true);
Deleted : user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea[...]
Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");
Deleted : user_pref("extensions.personas.current", "{\"id\":\"300372\",\"name\":\"Conduit 2\",\"headerURL\":\"[...]
Deleted : user_pref("extensions.personas.lastselected0", "{\"id\":\"300372\",\"name\":\"Conduit 2\",\"headerUR[...]
Deleted : user_pref("lightweightThemes.usedThemes", "[{\"id\":\"300372\",\"name\":\"Conduit 2\",\"headerURL\":[...]
Deleted : user_pref("tweaktube.pref.cacheInfo", "({'hxxp://wedata.net/databases/AutoPagerize/items.json':{url:[...]

Profile name : default
File : C:\Users\Giovanni\AppData\Roaming\Mozilla\Firefox\Profiles\y0sqdvyh.default\prefs.js

C:\Users\Giovanni\AppData\Roaming\Mozilla\Firefox\Profiles\y0sqdvyh.default\user.js ... Deleted !

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\9.0.0.21");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("extensions.crossriderapp498.498.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp498.498.InstallationTime", 1323378875);
Deleted : user_pref("extensions.crossriderapp498.498.InstallationUserSettings.searchUserConifrmation", false);
Deleted : user_pref("extensions.crossriderapp498.498.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp498.498.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp498.498.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp498.498.active", true);
Deleted : user_pref("extensions.crossriderapp498.498.addressbar", "");
Deleted : user_pref("extensions.crossriderapp498.498.affid", "0");
Deleted : user_pref("extensions.crossriderapp498.498.backgroundjs", "\n/**************************************[...]
Deleted : user_pref("extensions.crossriderapp498.498.backgroundver", 4);
Deleted : user_pref("extensions.crossriderapp498.498.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp498.498.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp498.498.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:[...]
Deleted : user_pref("extensions.crossriderapp498.498.cookie.InstallationTime.value", "1323378875");
Deleted : user_pref("extensions.crossriderapp498.498.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:0[...]
Deleted : user_pref("extensions.crossriderapp498.498.cookie.InstallerParams.value", "%7B%22sub_id%22%3A%22defa[...]
Deleted : user_pref("extensions.crossriderapp498.498.cookie._GPL_geo.expiration", "Thu Dec 15 2011 16:43:44 GM[...]
Deleted : user_pref("extensions.crossriderapp498.498.cookie._GPL_geo.value", "%7B%22geoplugin_city%22%3A%22Cam[...]
Deleted : user_pref("extensions.crossriderapp498.498.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp498.498.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp498.498.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp498.498.cookie._GPL_parent_zoneid.value", "%2211697%22");
Deleted : user_pref("extensions.crossriderapp498.498.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00[...]
Deleted : user_pref("extensions.crossriderapp498.498.cookie._GPL_zoneid.value", "%2213563%22");
Deleted : user_pref("extensions.crossriderapp498.498.description", "RewardsArcade is a platform that allows us[...]
Deleted : user_pref("extensions.crossriderapp498.498.domain", "www.rewardsarcade.com");
Deleted : user_pref("extensions.crossriderapp498.498.emailsig", "");
Deleted : user_pref("extensions.crossriderapp498.498.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp498.498.exposesites", "");
Deleted : user_pref("extensions.crossriderapp498.498.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp498.498.group", 0);
Deleted : user_pref("extensions.crossriderapp498.498.homepage", "");
Deleted : user_pref("extensions.crossriderapp498.498.iframe", false);
Deleted : user_pref("extensions.crossriderapp498.498.js", "\n\nvar _GPL_PID = 18;\n\n(function($) { \n\n $.[...]
Deleted : user_pref("extensions.crossriderapp498.498.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp498.498.name", "RewardsArcade");
Deleted : user_pref("extensions.crossriderapp498.498.newtab", "");
Deleted : user_pref("extensions.crossriderapp498.498.opensearch", "");
Deleted : user_pref("extensions.crossriderapp498.498.premium", true);
Deleted : user_pref("extensions.crossriderapp498.498.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp498.498.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp498.498.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp498.498.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp498.498.thankyou", "hxxp://www.rewardsarcade.com/r.php?app_id=498[...]
Deleted : user_pref("extensions.crossriderapp498.498.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp498.498.ver", 61);
Deleted : user_pref("extensions.crossriderapp498.apps", "498");
Deleted : user_pref("extensions.crossriderapp498.bic", "1341fa1c1b277b896bf2ab88d212b510");
Deleted : user_pref("extensions.crossriderapp498.cid", 498);
Deleted : user_pref("extensions.crossriderapp498.firstrun", false);
Deleted : user_pref("extensions.crossriderapp498.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp498.installationdate", 1323380622);
Deleted : user_pref("extensions.crossriderapp498.jsver", 3);
Deleted : user_pref("extensions.crossriderapp498.lastcheck", 22060755);
Deleted : user_pref("extensions.crossriderapp498.lastcheckitem", 22060835);
Deleted : user_pref("extensions.crossriderapp498.misc.lastBgWorkerTimer", "1323650138351");
Deleted : user_pref("extensions.crossriderapp498.misc.lastDomWorkerTimer", "1323650138345");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.DNSCatch", false);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.FirstLaunchShown", true);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.LastDate", 19);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.customNewTab", false);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.CaptureType", 3);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.clickSendingStats.20121019.connection_e[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.clickSendingStats.20121019.invalid_cert[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.clickSendingStats.20121019.server_error[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.clickSendingStats.20121019.success", 0)[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.currentOffset", 4);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.dcaConfigInterval", "60");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.enableVoicebox", false);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.epochTimeInterval", "1440");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.eulaVersion", 20110301);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.externalJSInterval", "60");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.externalJSRshInterval", "60");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.externalJSSerpInterval", "60");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.externalJSShoppingcartInterval", "60");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastDcaConfigModification", "Tue, 05 Ju[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastDcaConfigTime", "1350684851049");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastDcaConfigUrl", "hxxps://dcs-config.[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastDcaStatus", 1);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastEpochTime", "1350684851401");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastEpochTimeUrl", "hxxps://dcs.consume[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastEventSendAttemptDate", "20121019");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastEventSendSuccessDate", "20121019");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSModification", "Tue, 15 M[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSRshModification", "Tue, 1[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSRshTime", "1350684850512"[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSRshUrl", "hxxps://dcs-fil[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSSerpModification", "Mon, [...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSSerpTime", "1350684850513[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSSerpUrl", "hxxps://dcs-fi[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSShoppingcartModification"[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSShoppingcartTime", "13506[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSShoppingcartUrl", "hxxps:[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSTime", "1350684850079");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastExternalJSUrl", "hxxps://dcs-files.[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastPingTime", "1350684909257");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastPrivacyRulesModification", "Mon, 17[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastPrivacyRulesTime", "1350684850062")[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastPrivacyRulesUrl", "hxxps://dcs-file[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastWhitelistModification", "Wed, 17 Oc[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastWhitelistTime", "1350684850599");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.lastWhitelistUrl", "hxxps://dcs-files.c[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.panelID", "FCZ3F9Lfox");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.pingInterval", "1440");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.privacyFailures", 0);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.privacyFailuresThreshold", 6);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.privacyRulesInterval", "60");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.probationLength", 1440);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.rulesVersion", "2003");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.userID", "FCZ3F9L58569927");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.version", "1.7.0.9411");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dca.whitelistInterval", "60");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.installDate", "12092011");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.version", "1.0.39");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.processAddrBar", false);
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.session", "1BB1BB670AF34250BAD8142015BB4410ACAA[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.tb_lang", "en");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.user_id", "58569927");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.vars.dcaAlertShown", "1");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.vars.disablecuidinject", "1");
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.vars.lastcheck", "Sat%20Dec%2031%202011%2010%3A[...]
Deleted : user_pref("freecause46d606b0a64511df981c0800200c9a66.yahooSearch", false);
Deleted : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid={7EA4BF3F-6EAA-4C8F-9D41-94E7281F7CE0}&[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.1] : icon_url ={"bookmark_bar":{"show_on_all_tabs":true},"browser":{"check_default_browser":false,"clear_data":{"form_data":true,"passwords":true,"time_period":4},"show_home_button":true,"window_placement":{"bottom":1323,"left":160,"maximized":true,"right":1210,"top":349,"work_area_bottom":994,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"cloud_print":{"email":""},"countryid_at_install":21843,"default_apps_install_state":1,"default_search_provider":{"enabled":true,"encodings":"UTF-8","hxxp://www.google.com/favicon.ico","id":"2","instant_url":"{google:baseURL}webhp?{google:RLZ}sourceid=chrome-instant&{google:instantFieldTrialGroupParameter}ie={inputEncoding}&ion=1{searchTerms}","keyword":"google.com","name":"Google","prepopulate_id":"1","search_url":"{google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}","suggest_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}"},"dns_prefetching":{"host_referral_list":[2,["hxxp://cheese.formice.com/",["hxxp://en.transformice.com/",1.667545806713975,"hxxp://www.google-analytics.com/",2.063489714889133]],["hxxp://en.transformice.com/",["hxxp://ad.doubleclick.net/",4.258266517648518,"hxxp://avatar.transformice.com/",3.634707505960125,"hxxp://belette.transformice.com/",4.501818640882298,"hxxp://bulle.transformice.com/",4.561169660961329,"hxxp://cdn2.cpmstar.com/",3.020024856803117,"hxxp://cheese.formice.com/",3.020024856803117,"hxxp://en.transformice.com/",4.258266517648518,"hxxp://s0.2mdn.net/",3.020024856803117,"hxxp://server.cpmstar.com/",4.561169660961329]],["hxxp://talesrunner.gpotato.com/",["hxxp://ajax.googleapis.com/",2.457556104889546,"hxxp://connect.facebook.net/",2.145776599045350,"hxxp://register.gpotato.com/",2.145776599045350,"hxxp://secure.gpotato.com/",2.145776599045350,"hxxp://static.ak.connect.facebook.com/",3.081115116577939,"hxxp://talesrunner.gpotato.com/",41.42999433541418,"hxxp://www.connect.facebook.com/",2.457556104889546,"hxxp://www.facebook.com/",2.145776599045350,"hxxp://www.google-analytics.com/",2.769335610733743,"hxxps://secure.gpotato.com/",2.145776599045350]],["hxxp://www.connect.facebook.com/",["hxxp://profile.ak.fbcdn.net/",4.016453634110526,"hxxp://static.ak.fbcdn.net/",4.640012645798919]],["hxxp://www.google.com/",["hxxp://id.google.com/",0.6169021891191421,"hxxp://ssl.gstatic.com/",0.9768670658012355,"hxxp://www.google.com/",4.416017019654065]],["hxxps://secure.gpotato.com/",["hxxps://secure.gpotato.com/",7.757807704240880]]],"startup_list":[1,"hxxp://www.google.com/"]},"download":{"directory_upgrade":true,"extensions_to_open":""},"extensions":{"autoupdate":{"last_check":"12968732314540600","next_check":"12970111026240000"},"blacklistupdate":{"lastpingday":"12968668798690600","version":"0.0.0.7"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","webstorePrivate"]},"app_launcher_index":-2,"page_index":0},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"app_launcher_index":3,"from_bookmark":false,"from_webstore":false,"install_time":"12968732315865600","lastpingday":"12968668797809600","location":2,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/"},"web_content":{"enabled":true,"origin":"hxxp://www.youtube.com"}},"current_locale":"en_US","default_locale":"en","description":"The world's most popular online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","name":"YouTube","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.2"},"page_index":0,"path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.2_0","state":1},"cbbjhegipokkofhhicbckicchjpcpeni":{"blacklist":true},"coobgpohoikkiipiblmjeljniedjpjpf":{"app_launcher_index":5,"from_bookmark":false,"from_webstore":false,"install_time":"12968732317854600","lastpingday":"12968668797809600","location":2,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/"},"urls":["*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"en_US","default_locale":"en","description":"The fastest way to search the web.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","name":"Google Search","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"0.0.0.16"},"page_index":0,"path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.16_0","state":1},"fnjbmmemklcjgepojigaapkoodmkgbae":{"active_permissions":{"api":["tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"allowFileAccess":true,"app_launcher_index":-1,"install_time":"12958149275024500","lastpingday":"12968668797809600","location":3,"manifest":{"background_page":"core.html","content_scripts":[{"js":["json-sans-eval.js","HiQLocale.js","HiQSmartUpdate.js","wpaCommon.js","wpaContentScript.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_end"}],"current_locale":"en_US","default_locale":"en","description":"Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites.","icons":{"128":"images/divx128x128.png","48":"images/divx48x48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCcGrxEIFDMZsRcZElmc43mwjk59yras7iAXtDuGIf0XA5tWoFOD3+VaIcpNltXT2/xNmNE/ifp2jAZPti3L+5/5Ly6KKid6gUUIv51gpZ08iDRrHsJ+b9mtiC6CeYge5JS+kl/mi8tODxYBZE/Hz1wXFp0+Z4um1Qi8K6H2pV8EQIDAQAB","name":"DivX HiQ","permissions":["tabs","hxxp://*/*","hxxps://*/*"],"version":"2.1.1.94"},"path":"fnjbmmemklcjgepojigaapkoodmkgbae\\2.1.1.94_0","state":1},"hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true},"jfmjfhklogoienhpfnppmbcbjfjnkonk":{"active_permissions":{"api":["tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"allowFileAccess":true,"app_launcher_index":-1,"install_time":"12958149274741500","lastpingday":"12968668797809600","location":3,"manifest":{"background_page":"background.html","content_scripts":[{"js":["contentscript.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_idle"}],"description":"RealPlayer HTML5Video Downloader Extension","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCl0WKWTrid8Fh+tsoJPRheLc7tksPgH1NfLF79Fj3YKb0fk2Fip1eE/chfSnGWQkxe5Ck2r+ZPba7m+FWQhZDCE5EXvOTDoqi7TEvjccW5pMpW5wCUOLKQVSttgBwkY8EUYt40SwtJ6HmLoPZfQmo9W3qAjnlhlF5AkY4jYgBv3QIDAQAB","name":"RealPlayer HTML5Video Downloader Extension","permissions":["tabs","hxxp://*/*","hxxps://*/*"],"version":"1.4"},"path":"jfmjfhklogoienhpfnppmbcbjfjnkonk\\1.4_0","state":1},"lncjcfkpannmofmpgdfoonkniofdnaba":{"blacklist":true},"nneajnkjbffgblleaoojgaacokifdkhm":{"active_permissions":{"api":["tabs"],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"allowFileAccess":true,"app_launcher_index":-1,"install_time":"12958149275080500","lastpingday":"12968668797809600","location":3,"manifest":{"content_scripts":[{"js":["script.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_end"}],"current_locale":"en_US","default_locale":"en","description":"Increase performance and video formats for your HTML5 <video>","icons":{"128":"divx128x128.png","48":"divx48x48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgKGj4sjJKwOs1NkcicEV4Rkq2kpG7jM+u/UGvcCzxtLTjUIbJ80v6eoI33XmcwiKILCymnIX591nlTXDOI+eHeHUAY42f3SIeh/bDlea9T6MMJXW1Fh7ZuG30QKivxtzwKSSgrspwbBTauN6Rq3FGoDrv2L9rNwmYBrUPA8Z4awIDAQAB","name":"DivX Plus Web Player HTML5 <video>","permissions":["tabs"],"version":"2.1.1.94"},"path":"nneajnkjbffgblleaoojgaacokifdkhm\\2.1.1.94_0","state":1},"pbglijbamgmlcpnnpbfjkbdeheejjloj":{"blacklist":true},"pjkljhegncpnkpknbcohdijeoejaedia":{"active_permissions":{"api":["notifications"]},"app_launcher_index":4,"from_bookmark":false,"from_webstore":false,"install_time":"12968732316851600","lastpingday":"12968668797809600","location":2,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxps://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"en_US","default_locale":"en","description":"Fast, searchable email with less spam.","icons":{"128":"128.png","24":"24.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","name":"Gmail","options_page":"hxxps://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"6.1.4"},"page_index":0,"path":"pjkljhegncpnkpknbcohdijeoejaedia\\6.1.4_0","state":1}}},"google":{"services":{"username":""}},"homepage":"hxxp://www.google.com/","homepage_is_newtabpage":false,"hxxp_throttling":{"enabled":true},"ntp":{"intro_display_count":4,"pref_version":3,"promo_build":0,"promo_closed":false,"promo_end":1323071940.0,"promo_group":89,"promo_group_max":0,"promo_group_timeslice":0,"promo_line":"<a href=\"hxxp://www.google.com/chromebook/index.html#utm_campaign=en&utm_source=en-ntp-holidays-na-us-bkws&utm_medium=ntp-holidays\">Get a Chromebook for the holidays</a>: the computer powered by Chrome.","promo_resource_cache_update":"1324258027.7196","promo_start":1321862280.0,"promo_views":0,"promo_views_max":0,"shown_sections":64,"webstore_last_promo_id":"1335115"},"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"last_internal_directory":"C:\\Users\\Serge\\AppData\\Local\\Google\\Chrome\\Application\\16.0.912.63","plugins_list":[{"enabled":true,"name":"Shockwave Flash","path":"C:\\Users\\Serge\\AppData\\Local\\Google\\Chrome\\Application\\16.0.912.63\\gcswf32.dll","version":"11,1,102,55"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32.dll","version":"11,0,1,152"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin2.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin3.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin4.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin5.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin6.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin7.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"Java Deployment Toolkit 6.0.240.7","path":"C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npdeployJava1.dll","version":"6.0.240.7"},{"enabled":true,"name":"Java(TM) Platform SE 6 U24","path":"C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npjp2.dll","version":"6.0.240.7"},{"enabled":false,"name":"Adobe Acrobat","path":"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Browser\\nppdf32.dll","version":"9.3.2.163"},{"enabled":true,"name":"Silverlight Plug-In","path":"c:\\Program Files (x86)\\Microsoft Silverlight\\4.0.60831.0\\npctrl.dll","version":"4.0.60831.0"},{"enabled":true,"name":"Shockwave for Director","path":"C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll","version":"11.5.9r620"},{"enabled":true,"name":"DivX Web Player","path":"C:\\Program Files (x86)\\DivX\\DivX Plus Web Player\\npdivx32.dll","version":"2, 1, 1, 94"},{"enabled":true,"name":"RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\nppl3260.dll","version":"12.0.1.647"},{"enabled":true,"name":"RealPlayer Version Plugin","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\nprpjplug.dll","version":"12.0.1.647"},{"enabled":true,"name":"RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ","path":"C:\\ProgramData\\Real\\RealPlayer\\BrowserRecordPlugin\\MozillaPlugins\\nprpchromebrowserrecordext.dll","version":"12.0.1.647"},{"enabled":true,"name":"RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ","path":"C:\\ProgramData\\Real\\RealPlayer\\BrowserRecordPlugin\\MozillaPlugins\\nprphtml5videoshim.dll","version":"12.0.1.647"},{"enabled":true,"name":"Microsoft® Windows Media Player Firefox Plugin","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\np-mswmp.dll","version":"1.0.0.8"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~2\\MICROS~2\\Office14\\NPAUTHZ.DLL","version":"14.0.4730.1010"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~2\\MICROS~2\\Office14\\NPSPWRAP.DLL","version":"14.0.4761.1000"},{"enabled":true,"name":"Remoting Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Native Client","path":"C:\\Users\\Serge\\AppData\\Local\\Google\\Chrome\\Application\\16.0.912.63\\ppGoogleNaClPluginChrome.dll","version":""},{"enabled":true,"name":"Chrome PDF Viewer","path":"C:\\Users\\Serge\\AppData\\Local\\Google\\Chrome\\Application\\16.0.912.63\\pdf.dll","version":""},{"enabled":true,"name":"RealJukebox NS Plugin","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\nprjplug.dll","version":"12.0.1.647"},{"enabled":true,"name":"DivX VOD Helper Plug-in","path":"C:\\Program Files (x86)\\DivX\\DivX OVS Helper\\npovshelper.dll","version":"1.0.0.363"},{"enabled":true,"name":"Google Update","path":"C:\\Program Files (x86)\\Google\\Update\\1.3.21.79\\npGoogleUpdate3.dll","version":"1.3.21.79"},{"enabled":true,"name":"Pando Web Plugin","path":"C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll","version":"2.3.3.8"},{"enabled":true,"name":"Windows Live? Photo Gallery","path":"C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll","version":"15.4.3508.1109_ship.wlx.w4m4 (ship)"},{"enabled":true,"name":"iTunes Application Detector","path":"C:\\Program Files (x86)\\iTunes\\Mozilla Plugins\\npitunes.dll","version":"1.0.1.1"},{"enabled":true,"name":"Nexon Game Controller","path":"C:\\ProgramData\\NexonUS\\NGM\\npNxGameUS.dll","version":"1, 0, 1, 2"},{"enabled":true,"name":"Unity Player","path":"C:\\Users\\Serge\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D32.dll","version":"3.4.0.27242"},{"enabled":true,"name":"Roblox Launcher Plugin","path":"C:\\Users\\Serge\\AppData\\Local\\Roblox\\Versions\\version-684ac714abb74f38\\\\NPRobloxProxy.dll","version":"1, 2, 2, 6"},{"enabled":true,"name":"Windows Activation Technologies","path":"C:\\Windows\\system32\\Wat\\npWatWeb.dll","version":"7.1.7600.16395"},{"enabled":true,"name":"OGPlanet Game Plugin","path":"C:\\Windows\\system32\\npOGPPlugin.dll","version":"2, 0, 0, 0"},{"enabled":true,"name":"Default Plug-in","path":"default_plugin","version":"1"},{"enabled":true,"name":"Flash"},{"enabled":true,"name":"QuickTime"},{"enabled":true,"name":"Java"},{"enabled":false,"name":"Adobe Acrobat"},{"enabled":true,"name":"Silverlight"},{"enabled":true,"name":"Shockwave"},{"enabled":true,"name":"DivX Player"},{"enabled":true,"name":"RealPlayer"},{"enabled":true,"name":"Windows Media Player"},{"enabled":true,"name":"Microsoft Office"},{"enabled":true,"name":"Remoting Viewer"},{"enabled":true,"name":"Native Client"},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"RealJukebox NS Plugin"},{"enabled":true,"name":"DivX VOD Helper Plug-in"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"Pando Web Plugin"},{"enabled":true,"name":"Windows Live? Photo Gallery"},{"enabled":true,"name":"iTunes Application Detector"},{"enabled":true,"name":"Nexon Game Controller"},{"enabled":true,"name":"Unity Player"},{"enabled":true,"name":"Roblox Launcher Plugin"},{"enabled":true,"name":"Windows Activation Technologies"},{"enabled":true,"name":"OGPlanet Game Plugin"},{"enabled":true,"name":"Default Plug-in"}]},"profile":{"content_settings":{"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1}}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"exited_cleanly":true},"spdy":{"servers":["clients2.google.com:443"]},"tabs":{"use_compact_navigation_bar":false,"use_vertical_tabs":false}}

File : C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [355 octets] - [22/10/2012 17:13:57]
AdwCleaner[S2].txt - [355 octets] - [23/10/2012 01:30:50]
AdwCleaner[S3].txt - [46777 octets] - [23/10/2012 16:39:38]

########## EOF - C:\AdwCleaner[S3].txt - [46838 octets] ##########
 
This topic is marked as abandoned and closed due to inactivity.
This member will NOT be eligible to receive any more help in malware removal forum.
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
786
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back