View Full Version : Annoying pop-ups in all browsers in bottom right/left corner
anton_ego
2013-05-22, 01:36
Hello.
Some unwanted and annoying ads keep popping up in all of my browsers (Firefox, Chrome, IE) for the last few months in almost all websites except facebook and google. I tried some malware removal tools like tdsskiller and rkill, but it didn't solve the problem. There are three kinds of popups which keep coming: one is a square shaped ad in left-bottom corner of the browser, then a facebook message kind of popup in the right bottom corner (with that typical FB msg notification sound) which usually has the "are you looking for + title of the webpage?" as its message, and the third is a rectangular white box in the right bottom corner with a 'click here' button which when clicked redirects to "tlbsearch.com". I tried some suggestions in some forums which has further complicated things for me. Earlier first type of pop-up (the left bottom corner) had a close button with which I can close it. Now it has become invisible and I am not able to access the left bottom corner of any of my browsers at all, hence not able to click any links or html objects in that place of the browser.
I got annoyed to an extent of taking it to service center before finding out this forum. I appreciate the effort and time of those who contribute to this forum, so thanks a lot in advance.
Waiting for your guidance,
SS
PS, I use a 64-bit Windows-7 Fujitsu laptop, if that info is needed.
Hi anton_ego,
My name is OCD.
I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.
Please stay with this topic until I let you know that your system appears to be "All Clear"
Important: All tools MUST be run from the Desktop.
=========================
You stated you ran TDSSKiller & rKill. If you still have the logs these tools generated, please post in your next reply.
A copy of the log will be saved automatically to the root of the drive (typically C:\)
=========================
1. Security Check
Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).
Save it to your Desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
=========================
2. aswMBR
Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) and save it to your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When asked if you want to download Avast's virus definitions please select Yes.
Click Scan
Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
=========================
3. OTL
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Make sure all other windows are closed and to let it run uninterrupted.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the window appears, underneath Output at the top change it to Minimal Output.
Check the boxes beside LOP Check and Purity Check.
Under Custom Scan paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
services.exe
/md5stop
%systemroot%\*. /rp /s
%systemdrive%\$Recycle.Bin|@;true;true;true
%USERPROFILE%\..|smtmp;true;true;true /FP
%temp%\smtmp\*.* /s >
BASESERVICES
DRIVES
CREATERESTOREPOINT
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
You may need two posts to fit them both in.
=========================
In your next post please provide the following:
checkup.txt
aswMBR.txt
attach MBR.zip
OTL.txt
Extras.txt
TDSSKiller log - if available
rKill log - if available
What symptoms are you experiencing at the moment?
anton_ego
2013-05-31, 10:11
Hi OCD.
First of all, a big thanks for your help. I was just about to post it in the waiting room. I can assure you that I won't do anything unless told.
Here are the log files you asked for:
Checkup.txt
Results of screen317's Security Check version 0.99.64
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Kaspersky Internet Security
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2011
TuneUp Utilities Language Pack (en-US)
TuneUp Utilities 2011
Java 7 Update 21
Adobe Flash Player 11.7.700.202
Adobe Reader XI
Mozilla Firefox (21.0)
Google Chrome 26.0.1410.64
Google Chrome 27.0.1453.94
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
aswMBR.txt
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-31 09:12:31
-----------------------------
09:12:31.462 OS Version: Windows x64 6.1.7601 Service Pack 1
09:12:31.462 Number of processors: 4 586 0x2A07
09:12:31.463 ComputerName: SUNDHAR-PC UserName: Sundhar
09:12:32.964 Initialize success
09:13:34.890 AVAST engine defs: 13053001
09:13:46.536 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:13:46.541 Disk 0 Vendor: Hitachi_ ES2O Size: 305245MB BusType: 3
09:13:46.913 Disk 0 MBR read successfully
09:13:46.918 Disk 0 MBR scan
09:13:46.929 Disk 0 Windows 7 default MBR code
09:13:46.952 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 2117 MB offset 2048
09:13:46.963 Disk 0 Partition - 00 0F Extended LBA 303125 MB offset 4339712
09:13:47.004 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122881 MB offset 4341760
09:13:47.015 Disk 0 Partition - 00 05 Extended 161240 MB offset 256002048
09:13:47.038 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 161239 MB offset 256004096
09:13:47.050 Disk 0 Partition - 00 05 Extended 5001 MB offset 837883904
09:13:47.090 Disk 0 Partition 4 00 27 Hidden NTFS WinRE NTFS 5000 MB offset 586223616
09:13:47.104 Disk 0 Partition - 00 05 Extended 14001 MB offset 1178347520
09:13:47.136 Disk 0 Partition 5 00 27 Hidden NTFS WinRE NTFS 14000 MB offset 596467712
09:13:47.265 Disk 0 scanning C:\Windows\system32\drivers
09:14:01.404 Service scanning
09:14:38.095 Modules scanning
09:14:38.110 Disk 0 trace - called modules:
09:14:38.153 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
09:14:38.166 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800664e060]
09:14:38.176 3 CLASSPNP.SYS[fffff8800205143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b0f050]
09:14:38.843 AVAST engine scan C:\Windows
09:14:41.865 AVAST engine scan C:\Windows\system32
09:18:52.576 AVAST engine scan C:\Windows\system32\drivers
09:19:11.541 AVAST engine scan C:\Users\Sundhar
09:38:40.097 AVAST engine scan C:\ProgramData
09:40:59.357 Scan finished successfully
09:43:22.166 Disk 0 MBR has been saved successfully to "D:\Fix\MBR.dat"
09:43:22.173 The log file has been saved successfully to "D:\Fix\aswMBR.txt"
OTL.txt
OTL logfile created on: 31-05-2013 09:45:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sundhar\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
3.91 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 35.18% Memory free
7.83 Gb Paging File | 5.06 Gb Available in Paging File | 64.62% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 120.00 Gb Total Space | 32.34 Gb Free Space | 26.95% Space Free | Partition Type: NTFS
Drive D: | 157.46 Gb Total Space | 56.16 Gb Free Space | 35.66% Space Free | Partition Type: NTFS
Computer Name: SUNDHAR-PC | User Name: Sundhar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Sundhar\Downloads\aswMBR(2).exe (AVAST Software)
PRC - C:\Users\Sundhar\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
PRC - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe (Affinegy, Inc.)
PRC - C:\Windows\vsnp2uvc.exe (Sonix)
PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
========== Modules (No Company Name) ==========
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\wx._gdi_.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\wx._misc_.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\pythoncom27.dll ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32com.shell.shell.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\_elementtree.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\PyWinTypes27.dll ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32api.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\_ctypes.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\wx._html2.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\_socket.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\_multiprocessing.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32ts.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32profile.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32crypt.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\wx._core_.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\_ssl.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\wx._windows_.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\_hashlib.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\wx._wizard.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32file.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32security.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32inet.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32process.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32pdh.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\wx._controls_.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\unicodedata.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\pyexpat.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\win32event.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI40282\select.pyd ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
MOD - C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll ()
MOD - C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll ()
MOD - C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll ()
MOD - C:\Windows\FunambolAddin.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll ()
MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll ()
MOD - C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (NIApplicationWebServer64) -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe File not found
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (PFNService) -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe (FUJITSU LIMITED)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (PowerSavingUtilityService) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (CSObjectsSrv) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (vToolbarUpdater13.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AffinegyService) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
DRV:64bit: - (SRS_AE_Service) -- C:\Windows\SysNative\drivers\SRS_AE_amd64.sys ()
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (CSCrySec) -- C:\Windows\SysNative\drivers\CSCrySec.sys (Infowatch)
DRV:64bit: - (CSVirtualDiskDrv) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.sys (FUJITSU LIMITED)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED)
DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ts.fujitsu.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {8BF7586B-60A1-4118-920A-5B08B92E1F4F}
IE - HKCU\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG_enNO487
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Sundhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sundhar\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sundhar\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.2: C:\Users\Sundhar\AppData\Roaming\TorrentStream\player\npts_plugin.dll File not found
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-13 13:06:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-05-21 21:52:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-05-21 21:52:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-05-21 21:52:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-05-21 21:52:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-05-21 21:52:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Sundhar\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
[2013-01-15 19:59:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Extensions
[2013-03-05 10:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Firefox\C\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions
[2013-03-05 10:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Firefox\C\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions\staged
[2013-05-29 20:55:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions
[2013-05-29 20:55:58 | 000,000,000 | ---D | M] (Youtube High Definition) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
[2013-05-22 01:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013-05-22 01:23:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: National Instruments LabVIEW 2010 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2010win32.dll
CHR - plugin: National Instruments LabVIEW 9.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv90win32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Adblock Plus = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google Search = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
CHR - Extension: ESPN Cricinfo = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlklinjgampohhihndkofhhaahoicoip\1.0.0_0\
CHR - Extension: Safe Money = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
CHR - Extension: SimilarWeb = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp\2.0.0.4_0\
CHR - Extension: Virtual Keyboard = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_0\
CHR - Extension: PricePeep = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.1.0.22_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Gmail = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\
O1 HOSTS File: ([2013-01-15 03:03:32 | 000,001,384 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 95.211.0.120 ad-emea.doubleclick.net.
O1 - Hosts: 95.211.0.120 www.statcounter.com.
O1 - Hosts: 95.211.0.120 platform.twitter.com.
O1 - Hosts: 93.115.241.27 ad-emea.doubleclick.net.
O1 - Hosts: 93.115.241.27 www.statcounter.com.
O1 - Hosts: 93.115.241.27 platform.twitter.com.
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - Startup: C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 87.94.164.67 84.20.150.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07C82958-E9E2-440A-AF17-3FB93F560E1B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA4A2F12-02C0-47B3-A2A7-144E72F460D6}: DhcpNameServer = 87.94.164.67 84.20.150.13
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\RunGame.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\H\Shell\setup\command - "" = H:\setup.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\CDCheck.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\autorun.exe
O33 - MountPoints2\J\Shell\setup\command - "" = J:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013-05-30 16:34:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Performance Trends
[2013-05-26 15:27:02 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013-05-26 05:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2013-05-26 05:35:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2013-05-24 15:48:45 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\Octoshape
[2013-05-24 03:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CricketAcademyBeta
[2013-05-24 03:30:09 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cricket Academy Beta
[2013-05-23 16:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013-05-22 01:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-05-22 00:53:58 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013-05-21 22:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2013-05-21 21:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
[2013-05-21 21:53:14 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013-05-21 21:52:56 | 000,084,536 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2013-05-21 21:52:56 | 000,066,616 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2013-05-21 21:52:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013-05-21 21:52:35 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013-05-21 21:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
[2013-05-21 02:26:49 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\Desktop\rkill
[2013-05-19 15:49:04 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\PDAppFlex
[2013-05-19 15:35:37 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\SolidDocuments
[2013-05-19 15:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013-05-19 15:22:02 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\YCanPDF
[2013-05-19 15:16:13 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013-05-13 12:22:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013-05-13 12:21:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013-05-13 12:19:27 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013-05-11 19:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
[2013-05-11 19:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Video Converter
[2013-05-11 19:14:10 | 015,728,768 | ---- | C] (EffectMatrix Inc. ) -- C:\Users\Sundhar\Desktop\tvc.exe
[2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\DassaultSystemes
[2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\DassaultSystemes
[2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DassaultSystemes
[2013-05-07 20:28:49 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{FFEB5070-73C9-48F6-941F-7530CDDEBC5A}
[2013-05-06 15:35:56 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{E3CCEAA2-634D-482E-AC1D-4CA24CBFE149}
[2013-05-02 19:24:07 | 000,441,104 | ---- | C] (Hide My IP) -- C:\Windows\SysNative\HMIPCore64.dll
[2013-05-02 19:23:56 | 000,342,288 | ---- | C] (Hide My IP) -- C:\Windows\SysWow64\HMIPCore.dll
========== Files - Modified Within 30 Days ==========
[2013-05-31 09:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-05-31 09:16:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-05-31 09:07:22 | 000,000,550 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
[2013-05-31 09:06:53 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
[2013-05-31 09:06:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-05-31 07:47:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
[2013-05-31 01:03:35 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-05-31 01:03:35 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-05-31 00:56:35 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-05-31 00:55:57 | 3152,506,880 | -HS- | M] () -- C:\hiberfil.sys
[2013-05-30 22:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
[2013-05-29 11:54:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
[2013-05-27 09:40:00 | 000,782,748 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-05-27 09:40:00 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-05-27 09:40:00 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-05-26 17:20:07 | 002,350,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-05-26 15:34:17 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk
[2013-05-26 05:32:01 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2013-05-24 20:16:12 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-05-24 03:30:10 | 000,001,147 | ---- | M] () -- C:\Users\Sundhar\Desktop\Cricket Academy Beta.lnk
[2013-05-23 16:50:18 | 000,001,711 | ---- | M] () -- C:\Users\Sundhar\Desktop\Google Drive.lnk
[2013-05-22 01:45:25 | 000,000,189 | ---- | M] () -- C:\Users\Sundhar\Desktop\register.bat
[2013-05-20 06:59:25 | 000,009,910 | ---- | M] () -- C:\Users\Sundhar\Documents\MEC-3050-56_Tentti31102012.pdf
[2013-05-15 15:31:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-05-15 15:31:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-05-15 15:31:06 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013-05-13 12:20:31 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013-05-11 19:14:30 | 000,001,018 | ---- | M] () -- C:\Users\Sundhar\Desktop\Total Video Converter.lnk
[2013-05-11 19:14:30 | 000,000,987 | ---- | M] () -- C:\Users\Sundhar\Desktop\Total Video Player.lnk
[2013-05-11 19:14:14 | 015,728,768 | ---- | M] (EffectMatrix Inc. ) -- C:\Users\Sundhar\Desktop\tvc.exe
[2013-05-11 01:13:25 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013-05-02 20:41:57 | 000,003,912 | ---- | M] () -- C:\Windows\SysWow64\HideMyIpSRV.ini
[2013-05-02 20:41:57 | 000,002,096 | ---- | M] () -- C:\Windows\SysWow64\HideMyIpSRVOff.ini
[2013-05-02 20:41:57 | 000,002,096 | ---- | M] () -- C:\Windows\SysNative\HideMyIpSRVOff.ini
[2013-05-01 15:09:05 | 000,001,045 | ---- | M] () -- C:\Users\Sundhar\Desktop\KMPlayer.lnk
[2013-05-01 15:08:25 | 032,642,064 | ---- | M] () -- C:\Users\Sundhar\Desktop\KMPlayer_3-6-0-87.exe
========== Files Created - No Company Name ==========
[2013-05-26 17:32:01 | 000,001,061 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013-05-26 15:34:17 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk
[2013-05-26 05:32:01 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2013-05-24 03:30:10 | 000,001,147 | ---- | C] () -- C:\Users\Sundhar\Desktop\Cricket Academy Beta.lnk
[2013-05-23 16:50:18 | 000,001,711 | ---- | C] () -- C:\Users\Sundhar\Desktop\Google Drive.lnk
[2013-05-22 01:45:25 | 000,000,189 | ---- | C] () -- C:\Users\Sundhar\Desktop\register.bat
[2013-05-20 06:59:16 | 000,009,910 | ---- | C] () -- C:\Users\Sundhar\Documents\MEC-3050-56_Tentti31102012.pdf
[2013-05-13 12:20:31 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013-05-13 12:19:27 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013-05-13 12:19:27 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013-05-11 19:14:30 | 000,001,018 | ---- | C] () -- C:\Users\Sundhar\Desktop\Total Video Converter.lnk
[2013-05-11 19:14:30 | 000,000,987 | ---- | C] () -- C:\Users\Sundhar\Desktop\Total Video Player.lnk
[2013-05-11 01:13:25 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013-05-11 01:13:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013-05-02 19:23:36 | 000,003,912 | ---- | C] () -- C:\Windows\SysWow64\HideMyIpSRV.ini
[2013-05-02 19:23:36 | 000,002,096 | ---- | C] () -- C:\Windows\SysWow64\HideMyIpSRVOff.ini
[2013-05-02 19:23:36 | 000,002,096 | ---- | C] () -- C:\Windows\SysNative\HideMyIpSRVOff.ini
[2013-05-01 15:07:52 | 032,642,064 | ---- | C] () -- C:\Users\Sundhar\Desktop\KMPlayer_3-6-0-87.exe
[2012-12-04 22:57:22 | 000,026,895 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012-08-28 10:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012-08-28 10:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012-08-28 10:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012-08-28 10:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012-08-28 10:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012-08-26 23:46:16 | 000,017,408 | ---- | C] () -- C:\Users\Sundhar\AppData\Local\WebpageIcons.db
[2012-08-26 17:03:35 | 000,012,229 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Comma Separated Values (Windows).CAL
[2012-08-26 13:21:37 | 000,097,792 | ---- | C] () -- C:\Windows\FunambolAddin.dll
[2012-08-25 11:43:42 | 720,432,986 | ---- | C] () -- C:\Users\Sundhar\www.TamilRockers.net - Urumi (2012) Tamil - DVD-Rip - 1CD - Xvid - 700MB.avi
[2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\gettopdirloc.exe
[2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\getstopdirloc.exe
[2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\getruntime.exe
[2012-08-21 23:14:15 | 000,016,384 | ---- | C] () -- C:\Windows\w9xpopen.exe
[2012-06-11 02:04:45 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2012-06-11 02:04:45 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012-06-11 02:04:45 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
========== ZeroAccess Check ==========
[2009-07-14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 08:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 07:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 06:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2011-02-26 08:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011-02-25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011-02-25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-02-26 09:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010-11-21 06:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011-02-25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011-02-25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010-11-21 06:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
To be contd...
anton_ego
2013-05-31, 10:15
Contd from above..
< MD5 for: SERVICES.EXE >
[2009-07-14 04:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009-07-14 04:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009-07-14 04:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011-03-01 11:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe
[2011-03-01 11:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\SysNative\svchost.exe
[2011-03-01 11:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe
[2011-03-01 11:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2009-07-14 04:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011-03-01 11:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe
[2011-03-01 11:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe
< MD5 for: USERINIT.EXE >
[2010-11-21 06:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010-11-21 06:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010-11-21 06:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010-11-21 06:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010-11-21 06:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-21 06:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< %systemroot%\*. /rp /s >
< %systemdrive%\$Recycle.Bin|@;true;true;true >
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
========== Base Services ==========
SRV:64bit: - [2009-07-14 04:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010-11-21 06:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009-07-14 04:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
No service found with a name of BITS
No service found with a name of BFE
SRV:64bit: - [2011-11-17 09:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009-07-14 04:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009-07-14 04:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012-07-05 01:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012-06-02 08:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012-06-02 07:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010-11-21 06:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010-11-21 06:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010-11-21 06:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011-03-03 09:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009-07-14 04:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009-07-14 04:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009-07-14 04:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
No service found with a name of SharedAccess
SRV:64bit: - [2010-11-21 06:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009-07-14 04:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009-07-14 04:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009-07-14 04:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009-07-14 04:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009-07-14 04:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012-10-03 20:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009-07-14 04:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011-05-24 14:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012-02-11 09:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011-11-17 09:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009-07-14 04:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010-11-21 06:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010-11-21 06:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010-11-21 06:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011-11-17 09:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
No service found with a name of wscsvc
SRV:64bit: - [2010-11-21 06:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010-11-21 06:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010-11-21 06:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010-11-21 06:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010-11-21 06:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010-11-21 06:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009-07-14 04:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012-05-01 08:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010-11-21 06:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010-11-21 06:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010-11-21 06:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010-11-21 06:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
No service found with a name of WinDefend
SRV:64bit: - [2010-11-21 06:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
No service found with a name of MpsSvc
SRV:64bit: - [2010-11-21 06:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010-11-21 06:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010-11-21 06:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009-07-14 04:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
No service found with a name of wuauserv
SRV:64bit: - [2010-11-21 06:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009-07-14 04:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010-11-21 06:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
========== Drive Information ==========
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: Hitachi HTS543232A7A384
Partitions: 5
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 2.00GB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 296.00GB
Starting Offset: 2221932544
Hidden sectors: 0
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\System32\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\System32\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\System32\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\Windows\System32\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\Windows\System32\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\Windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\Windows\System32\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\Windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\Windows\System32\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\Windows\System32\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\SysWOW64\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\Windows\SysWOW64\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\Windows\SysWOW64\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\Windows\SysWOW64\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction
< End of report >
Extras.txt
OTL Extras logfile created on: 31-05-2013 09:45:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sundhar\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
3.91 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 35.18% Memory free
7.83 Gb Paging File | 5.06 Gb Available in Paging File | 64.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 120.00 Gb Total Space | 32.34 Gb Free Space | 26.95% Space Free | Partition Type: NTFS
Drive D: | 157.46 Gb Total Space | 56.16 Gb Free Space | 35.66% Space Free | Partition Type: NTFS
Computer Name: SUNDHAR-PC | User Name: Sundhar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Intel(R) PROSet/Wireless WiFi Software
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"EPSON SX430 Series" = EPSON SX430 Series Printer Uninstall
"Matlab R2011b" = MATLAB R2011b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.11 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91B9368F-6C6F-3DB5-9CBA-6CAD56035B26}" = Google Talk Plugin
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"BSPlayerp" = BS.Player PRO
"DeskUpdate_is1" = DeskUpdate
"DivX Setup" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON SX430 Series Bog" = Basic Operation Guide EPSON SX430 Series
"EPSON SX430 Series Netg" = Network Guide EPSON SX430 Series
"EPSON SX430 Series Useg" = User's Guide EPSON SX430 Series
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"RiseOfNationsExpansion 1.0" = Rise of Nations Gold
"SmartVoip_is1" = SmartVoip
"SopCast" = SopCast 3.8.2
"The KMPlayer" = The KMPlayer (remove only)
"Total Video Converter 3.71_is1" = Total Video Converter 3.71 100812
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Dropbox" = Dropbox
"Spotify" = Spotify
"TorrentStream" = Torrent Stream 2.0.8.2
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28-05-2013 17:25:18 | Computer Name = Sundhar-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ins56D8.tmp, version: 3.0.0.0, time stamp:
0x40daa4fa Faulting module name: ins56D8.tmp, version: 3.0.0.0, time stamp: 0x40daa4fa
Exception
code: 0xc0000096 Fault offset: 0x00058b94 Faulting process id: 0x15bc Faulting application
start time: 0x01ce5be9d245f4be Faulting application path: C:\Users\Sundhar\AppData\Local\Temp\ins56D8.tmp
Faulting
module path: C:\Users\Sundhar\AppData\Local\Temp\ins56D8.tmp Report Id: 17802d76-c7dd-11e2-8963-5c9ad85b1c96
Error - 28-05-2013 17:25:18 | Computer Name = Sundhar-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Protection Stub because of this error. Program: Protection Stub
File:
The error value is listed in the Additional Data section. User Action 1. Open the
file again. This situation might be a temporary problem that corrects itself when
the program runs again. 2. If the file still cannot be accessed and - It is on the
network, your network administrator should verify that there is not a problem with
the network and that the server can be contacted. - It is on a removable disk, for
example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the
computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK,
click Start, click Run, type CMD, and then click OK. At the command prompt, type
CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from
a backup copy. 5. Determine whether other files on the same disk can be opened.
If not, the disk might be damaged. If it is a hard disk, contact your administrator
or computer hardware vendor for further assistance. Additional Data Error value: 00000000
Disk
type: 0
Error - 29-05-2013 12:38:19 | Computer Name = Sundhar-PC | Source = Application Error | ID = 1000
Description = Faulting application name: insF8B7.tmp, version: 3.0.0.0, time stamp:
0x40daa4fa Faulting module name: insF8B7.tmp, version: 3.0.0.0, time stamp: 0x40daa4fa
Exception
code: 0xc0000096 Fault offset: 0x00058b94 Faulting process id: 0x177c Faulting application
start time: 0x01ce5c8ae54beb3c Faulting application path: C:\Users\Sundhar\AppData\Local\Temp\insF8B7.tmp
Faulting
module path: C:\Users\Sundhar\AppData\Local\Temp\insF8B7.tmp Report Id: 2a91c39c-c87e-11e2-8963-5c9ad85b1c96
Error - 29-05-2013 12:38:19 | Computer Name = Sundhar-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Protection Stub because of this error. Program: Protection Stub
File:
The error value is listed in the Additional Data section. User Action 1. Open the
file again. This situation might be a temporary problem that corrects itself when
the program runs again. 2. If the file still cannot be accessed and - It is on the
network, your network administrator should verify that there is not a problem with
the network and that the server can be contacted. - It is on a removable disk, for
example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the
computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK,
click Start, click Run, type CMD, and then click OK. At the command prompt, type
CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from
a backup copy. 5. Determine whether other files on the same disk can be opened.
If not, the disk might be damaged. If it is a hard disk, contact your administrator
or computer hardware vendor for further assistance. Additional Data Error value: 00000000
Disk
type: 0
Error - 30-05-2013 07:02:46 | Computer Name = Sundhar-PC | Source = WinMgmt | ID = 10
Description =
Error - 30-05-2013 10:03:36 | Computer Name = Sundhar-PC | Source = MATLAB | ID = 0
Description =
Error - 30-05-2013 13:36:31 | Computer Name = Sundhar-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 21.0.0.4879, time
stamp: 0x518ec3cc Faulting module name: xul.dll, version: 21.0.0.4879, time stamp:
0x518ec306 Exception code: 0xc0000005 Fault offset: 0x001c9789 Faulting process id:
0x1634 Faulting application start time: 0x01ce5d54819d489a Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program
Files (x86)\Mozilla Firefox\xul.dll Report Id: 768ab92c-c94f-11e2-a5d8-ac72899a2ab2
Error - 30-05-2013 13:37:54 | Computer Name = Sundhar-PC | Source = WinMgmt | ID = 10
Description =
Error - 30-05-2013 14:07:14 | Computer Name = Sundhar-PC | Source = WinMgmt | ID = 10
Description =
Error - 30-05-2013 17:56:33 | Computer Name = Sundhar-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 18-11-2012 09:14:57 | Computer Name = Sundhar-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 20-11-2012 04:25:35 | Computer Name = Sundhar-PC | Source = DCOM | ID = 10010
Description =
Error - 20-11-2012 04:43:48 | Computer Name = Sundhar-PC | Source = DCOM | ID = 10010
Description =
Error - 20-11-2012 04:43:50 | Computer Name = Sundhar-PC | Source = DCOM | ID = 10010
Description =
Error - 20-11-2012 16:29:46 | Computer Name = Sundhar-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 20-11-2012 16:29:46 | Computer Name = Sundhar-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 20-11-2012 16:29:47 | Computer Name = Sundhar-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 20-11-2012 16:29:47 | Computer Name = Sundhar-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 20-11-2012 16:29:48 | Computer Name = Sundhar-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 26-11-2012 20:16:09 | Computer Name = Sundhar-PC | Source = DCOM | ID = 10010
Description =
< End of report >
To be contd...
anton_ego
2013-05-31, 10:22
Contd from above..
TDSSKiller log - 1
00:54:37.0308 6764 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:54:37.0854 6764 ============================================================
00:54:37.0854 6764 Current date / time: 2013/05/31 00:54:37.0854
00:54:37.0854 6764 SystemInfo:
00:54:37.0854 6764
00:54:37.0854 6764 OS Version: 6.1.7601 ServicePack: 1.0
00:54:37.0854 6764 Product type: Workstation
00:54:37.0854 6764 ComputerName: SUNDHAR-PC
00:54:37.0854 6764 UserName: Sundhar
00:54:37.0854 6764 Windows directory: C:\Windows
00:54:37.0854 6764 System windows directory: C:\Windows
00:54:37.0854 6764 Running under WOW64
00:54:37.0854 6764 Processor architecture: Intel x64
00:54:37.0854 6764 Number of processors: 4
00:54:37.0854 6764 Page size: 0x1000
00:54:37.0854 6764 Boot type: Normal boot
00:54:37.0854 6764 ============================================================
00:54:38.0431 6764 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:54:38.0447 6764 ============================================================
00:54:38.0447 6764 \Device\Harddisk0\DR0:
00:54:38.0462 6764 MBR partitions:
00:54:38.0478 6764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x424000, BlocksNum 0xF000800
00:54:38.0509 6764 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF425000, BlocksNum 0x13AEB800
00:54:38.0571 6764 ============================================================
00:54:38.0618 6764 C: <-> \Device\Harddisk0\DR0\Partition1
00:54:38.0665 6764 D: <-> \Device\Harddisk0\DR0\Partition2
00:54:38.0665 6764 ============================================================
00:54:38.0665 6764 Initialize success
00:54:38.0665 6764 ============================================================
00:55:09.0148 5796 Deinitialize success
RKill.txt
Rkill 2.4.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 05/31/2013 12:59:46 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual
* BFE [Missing Service]
* BITS [Missing Service]
* iphlpsvc [Missing Service]
* MpsSvc [Missing Service]
* WinDefend [Missing Service]
* wscsvc [Missing Service]
* wuauserv [Missing Service]
* SharedAccess [Missing ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 localhost
::1 localhost
95.211.0.120 ad-emea.doubleclick.net.
95.211.0.120 www.statcounter.com.
95.211.0.120 platform.twitter.com.
93.115.241.27 ad-emea.doubleclick.net.
93.115.241.27 www.statcounter.com.
93.115.241.27 platform.twitter.com.
Program finished at: 05/31/2013 12:59:51 AM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)
I have also attached the MBR.zip
There are two log files created by TDSSKiller, but the other one is more than 250000 characters long. Do I have to add that as well? Let me know if anymore data is required.
Thanks again. :thanks:
BR,
SS
anton_ego
2013-05-31, 13:17
What symptoms are you experiencing at the moment?
At the moment, all the earlier said symptoms are persisting. All the three ads I described earlier still keep coming.
BR,
SS
Hi anton_ego,
The TDSSKiller log you posted is not complete, please attach the other log.
=========================
1. Uninstall via Programs and Features
Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
AVG Secure Search
=========================
2. AdwCleaner
Download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) to your desktop.
Right click and select "Run as Administrator".
Run AdwCleaner and select Delete
Once done it will ask to reboot, allow the reboot
On reboot a log will be produced, please attach the content of the log to your next reply
=========================
3. Run OTL.exe
Windows Vista and Windows 7 users Right Click and select "Run as Administrator"
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:OTL
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
:Files
C:\Program Files (x86)\Common Files\AVG Secure Search
:Services
vToolbarUpdater13.2.0
:Reg
:Commands
[purity]
[createrestorepoint]
[emptyjava]
[emptyflash]
[resethosts]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then re-run OTL and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
=========================
In your next post please provide the following:
AdwCleaner[S1].txt
OTL fix log
Fresh OTL log
anton_ego
2013-05-31, 19:20
Hi OCD.
There is no AVG secure search option displayed in my programs list. I couldnt find it in start menu as well.
For some reason AdwCleaner has created AdwCleaner[S2] instead of [S1] as you had written. I am anyway attaching it along with this reply.
AdwCleaner[S2]
# AdwCleaner v2.301 - Logfile created 05/31/2013 at 19:04:53
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Sundhar - SUNDHAR-PC
# Boot Mode : Normal
# Running from : C:\Users\Sundhar\Downloads\AdwCleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\PricePeep
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Folder Deleted : C:\Users\Sundhar\AppData\LocalLow\boost_interprocess
***** [Registry] *****
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\PricePeep
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Registry is clean.
-\\ Google Chrome v27.0.1453.94
File : C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[S2].txt - [4018 octets] - [31/05/2013 19:04:53]
########## EOF - C:\AdwCleaner[S2].txt - [4078 octets] ##########
I am also attaching the previous TDSSKiller log you asked for:
TDSSKiller-2
00:57:11.0442 4028 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:57:11.0910 4028 ============================================================
00:57:11.0910 4028 Current date / time: 2013/05/31 00:57:11.0910
00:57:11.0910 4028 SystemInfo:
00:57:11.0910 4028
00:57:11.0910 4028 OS Version: 6.1.7601 ServicePack: 1.0
00:57:11.0910 4028 Product type: Workstation
00:57:11.0910 4028 ComputerName: SUNDHAR-PC
00:57:11.0910 4028 UserName: Sundhar
00:57:11.0910 4028 Windows directory: C:\Windows
00:57:11.0910 4028 System windows directory: C:\Windows
00:57:11.0910 4028 Running under WOW64
00:57:11.0910 4028 Processor architecture: Intel x64
00:57:11.0910 4028 Number of processors: 4
00:57:11.0910 4028 Page size: 0x1000
00:57:11.0910 4028 Boot type: Normal boot
00:57:11.0910 4028 ============================================================
00:57:16.0182 4028 BG loaded
00:57:18.0008 4028 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:57:18.0008 4028 ============================================================
00:57:18.0008 4028 \Device\Harddisk0\DR0:
00:57:18.0008 4028 MBR partitions:
00:57:18.0023 4028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x424000, BlocksNum 0xF000800
00:57:18.0148 4028 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF425000, BlocksNum 0x13AEB800
00:57:18.0616 4028 ============================================================
00:57:18.0663 4028 C: <-> \Device\Harddisk0\DR0\Partition1
00:57:18.0788 4028 D: <-> \Device\Harddisk0\DR0\Partition2
00:57:18.0788 4028 ============================================================
00:57:18.0788 4028 Initialize success
00:57:18.0788 4028 ============================================================
00:57:29.0489 4412 ============================================================
00:57:29.0489 4412 Scan started
00:57:29.0489 4412 Mode: Manual;
00:57:29.0489 4412 ============================================================
00:57:36.0977 4412 ================ Scan system memory ========================
00:57:36.0977 4412 System memory - ok
00:57:36.0977 4412 ================ Scan services =============================
00:57:37.0695 4412 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:57:37.0695 4412 1394ohci - ok
00:57:38.0085 4412 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
00:57:38.0100 4412 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
00:57:38.0163 4412 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:57:38.0178 4412 ACPI - ok
00:57:38.0288 4412 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:57:38.0350 4412 AcpiPmi - ok
00:57:39.0536 4412 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:57:39.0536 4412 AdobeARMservice - ok
00:57:43.0186 4412 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:57:43.0420 4412 AdobeFlashPlayerUpdateSvc - ok
00:57:43.0826 4412 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
00:57:43.0935 4412 adp94xx - ok
00:57:44.0091 4412 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
00:57:44.0216 4412 adpahci - ok
00:57:44.0325 4412 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
00:57:44.0325 4412 adpu320 - ok
00:57:44.0372 4412 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:57:44.0372 4412 AeLookupSvc - ok
00:57:44.0575 4412 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:57:44.0575 4412 AFD - ok
00:57:45.0074 4412 [ 7E077309910CE334C3B2B7B8665A55C4 ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
00:57:45.0089 4412 AffinegyService - ok
00:57:45.0167 4412 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:57:45.0183 4412 agp440 - ok
00:57:45.0277 4412 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:57:45.0308 4412 ALG - ok
00:57:45.0370 4412 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:57:45.0370 4412 aliide - ok
00:57:45.0401 4412 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:57:45.0417 4412 amdide - ok
00:57:45.0464 4412 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
00:57:45.0479 4412 AmdK8 - ok
00:57:45.0526 4412 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
00:57:45.0557 4412 AmdPPM - ok
00:57:45.0651 4412 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:57:45.0729 4412 amdsata - ok
00:57:45.0807 4412 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
00:57:45.0838 4412 amdsbs - ok
00:57:45.0932 4412 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:57:45.0947 4412 amdxata - ok
00:57:46.0135 4412 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:57:46.0150 4412 AppID - ok
00:57:46.0259 4412 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:57:46.0259 4412 AppIDSvc - ok
00:57:46.0322 4412 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:57:46.0322 4412 Appinfo - ok
00:57:46.0369 4412 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
00:57:46.0369 4412 AppMgmt - ok
00:57:46.0431 4412 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
00:57:46.0431 4412 arc - ok
00:57:46.0462 4412 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:57:46.0478 4412 arcsas - ok
00:57:47.0897 4412 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:57:48.0147 4412 aspnet_state - ok
00:57:48.0272 4412 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:57:48.0303 4412 AsyncMac - ok
00:57:48.0350 4412 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:57:48.0365 4412 atapi - ok
00:57:48.0443 4412 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:57:48.0459 4412 AudioEndpointBuilder - ok
00:57:48.0475 4412 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:57:48.0475 4412 AudioSrv - ok
00:57:48.0785 4412 [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
00:57:48.0785 4412 avgtp - ok
00:57:49.0097 4412 AVP - ok
00:57:49.0175 4412 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:57:49.0191 4412 AxInstSV - ok
00:57:49.0316 4412 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
00:57:49.0331 4412 b06bdrv - ok
00:57:49.0425 4412 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:57:49.0441 4412 b57nd60a - ok
00:57:49.0503 4412 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:57:49.0519 4412 BDESVC - ok
00:57:49.0550 4412 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:57:49.0550 4412 Beep - ok
00:57:49.0706 4412 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
00:57:49.0706 4412 blbdrive - ok
00:57:50.0127 4412 [ 55B0C8441DE7D91A819A39D0351154A2 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
00:57:50.0127 4412 Bluetooth Device Monitor - ok
00:57:50.0923 4412 [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
00:57:50.0938 4412 Bluetooth Media Service - ok
00:57:51.0079 4412 [ 8BF4B9956E13871A88A3810074E2E110 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
00:57:51.0094 4412 Bluetooth OBEX Service - ok
00:57:51.0328 4412 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
00:57:51.0328 4412 Bonjour Service - ok
00:57:51.0500 4412 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:57:51.0515 4412 bowser - ok
00:57:51.0593 4412 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
00:57:51.0593 4412 BrFiltLo - ok
00:57:51.0640 4412 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
00:57:51.0687 4412 BrFiltUp - ok
00:57:51.0812 4412 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:57:51.0812 4412 Browser - ok
00:57:51.0905 4412 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:57:51.0905 4412 Brserid - ok
00:57:51.0937 4412 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:57:51.0937 4412 BrSerWdm - ok
00:57:52.0015 4412 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:57:52.0030 4412 BrUsbMdm - ok
00:57:52.0155 4412 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:57:52.0171 4412 BrUsbSer - ok
00:57:52.0311 4412 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
00:57:52.0311 4412 BthEnum - ok
00:57:52.0389 4412 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:57:52.0389 4412 BTHMODEM - ok
00:57:52.0498 4412 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:57:52.0498 4412 BthPan - ok
00:57:52.0576 4412 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
00:57:52.0576 4412 BTHPORT - ok
00:57:52.0654 4412 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:57:52.0654 4412 bthserv - ok
00:57:52.0732 4412 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
00:57:52.0732 4412 BTHUSB - ok
00:57:52.0826 4412 [ 270FBA230E78E25726D065A924589A72 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
00:57:52.0841 4412 btmaux - ok
00:57:53.0060 4412 [ 0010A54571F525A97EED8C091E96EAA9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
00:57:53.0060 4412 btmhsf - ok
00:57:53.0122 4412 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:57:53.0138 4412 cdfs - ok
00:57:53.0185 4412 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:57:53.0185 4412 cdrom - ok
00:57:53.0216 4412 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:57:53.0231 4412 CertPropSvc - ok
00:57:53.0325 4412 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
00:57:53.0341 4412 circlass - ok
00:57:53.0434 4412 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:57:53.0450 4412 CLFS - ok
00:57:53.0731 4412 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:57:53.0980 4412 clr_optimization_v2.0.50727_32 - ok
00:57:54.0183 4412 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:57:54.0183 4412 clr_optimization_v2.0.50727_64 - ok
00:57:54.0589 4412 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:57:56.0068 4412 clr_optimization_v4.0.30319_32 - ok
00:57:56.0179 4412 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:57:56.0637 4412 clr_optimization_v4.0.30319_64 - ok
00:57:57.0138 4412 [ E13A438F9E51DD034730678E33B73290 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
00:57:57.0139 4412 clwvd - ok
00:57:57.0190 4412 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
00:57:57.0192 4412 CmBatt - ok
00:57:57.0297 4412 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:57:57.0298 4412 cmdide - ok
00:57:57.0566 4412 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
00:57:57.0580 4412 CNG - ok
00:57:57.0739 4412 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
00:57:57.0754 4412 Compbatt - ok
00:57:57.0832 4412 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:57:57.0832 4412 CompositeBus - ok
00:57:57.0832 4412 COMSysApp - ok
00:57:57.0957 4412 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
00:57:57.0973 4412 crcdisk - ok
00:57:58.0207 4412 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:57:58.0222 4412 CryptSvc - ok
00:57:58.0347 4412 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
00:57:58.0363 4412 CSC - ok
00:57:58.0488 4412 [ 04199CA5C4A6F6E935906A74EAFCA8E7 ] CSCrySec C:\Windows\system32\DRIVERS\CSCrySec.sys
00:57:58.0519 4412 CSCrySec - ok
00:57:59.0205 4412 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
00:57:59.0221 4412 CscService - ok
00:57:59.0642 4412 [ 0F9FE82E229C039F0AC1996E44059653 ] CSObjectsSrv C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
00:57:59.0642 4412 CSObjectsSrv - ok
00:57:59.0751 4412 [ 7D7F90460F1309B5205BF8CDFAD63E42 ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
00:57:59.0751 4412 CSVirtualDiskDrv - ok
00:57:59.0845 4412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:57:59.0860 4412 DcomLaunch - ok
00:57:59.0938 4412 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:57:59.0954 4412 defragsvc - ok
00:58:00.0032 4412 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:58:00.0032 4412 DfsC - ok
00:58:00.0188 4412 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:58:00.0204 4412 Dhcp - ok
00:58:00.0266 4412 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:58:00.0266 4412 discache - ok
00:58:00.0313 4412 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
00:58:00.0344 4412 Disk - ok
00:58:00.0484 4412 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
00:58:00.0500 4412 dmvsc - ok
00:58:00.0578 4412 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:58:00.0578 4412 Dnscache - ok
00:58:00.0640 4412 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:58:00.0906 4412 dot3svc - ok
00:58:00.0952 4412 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:58:00.0952 4412 DPS - ok
00:58:01.0062 4412 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:58:01.0093 4412 drmkaud - ok
00:58:01.0233 4412 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:58:01.0249 4412 DXGKrnl - ok
00:58:01.0311 4412 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:58:01.0311 4412 EapHost - ok
00:58:01.0654 4412 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
00:58:01.0826 4412 ebdrv - ok
00:58:02.0169 4412 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:58:02.0169 4412 EFS - ok
00:58:02.0372 4412 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:58:02.0497 4412 ehRecvr - ok
00:58:02.0544 4412 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:58:02.0544 4412 ehSched - ok
00:58:02.0622 4412 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
00:58:02.0637 4412 elxstor - ok
00:58:02.0762 4412 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:58:02.0778 4412 ErrDev - ok
00:58:02.0856 4412 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:58:02.0871 4412 EventSystem - ok
00:58:03.0136 4412 [ 7EE9F35BC1DD0CE1A4976032F9AC5162 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:58:03.0168 4412 EvtEng - ok
00:58:03.0230 4412 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:58:03.0230 4412 exfat - ok
00:58:03.0277 4412 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:58:03.0292 4412 fastfat - ok
00:58:03.0370 4412 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:58:03.0386 4412 Fax - ok
00:58:03.0402 4412 [ 9955BF48FD2FA8D481848CD3024EDD0B ] FBIOSDRV C:\Windows\system32\Drivers\FBIOSDRV.sys
00:58:03.0417 4412 FBIOSDRV - ok
00:58:03.0495 4412 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
00:58:03.0511 4412 fdc - ok
00:58:03.0589 4412 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:58:03.0604 4412 fdPHost - ok
00:58:03.0620 4412 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:58:03.0620 4412 FDResPub - ok
00:58:03.0714 4412 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:58:03.0729 4412 FileInfo - ok
00:58:03.0760 4412 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:58:03.0760 4412 Filetrace - ok
00:58:03.0838 4412 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:58:03.0948 4412 FLEXnet Licensing Service - ok
00:58:04.0057 4412 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
00:58:04.0072 4412 flpydisk - ok
00:58:04.0135 4412 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:58:04.0150 4412 FltMgr - ok
00:58:04.0322 4412 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
00:58:04.0416 4412 FontCache - ok
00:58:04.0519 4412 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:58:04.0539 4412 FontCache3.0.0.0 - ok
00:58:04.0609 4412 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:58:04.0619 4412 FsDepends - ok
00:58:05.0009 4412 [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk C:\Windows\SysWOW64\FsUsbExDisk.SYS
00:58:05.0009 4412 FsUsbExDisk - ok
00:58:05.0059 4412 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:58:05.0079 4412 Fs_Rec - ok
00:58:05.0139 4412 [ BA0C1FFDA496D8BCBCAC63F8D98D20E3 ] FUJ02B1 C:\Windows\system32\DRIVERS\FUJ02B1.sys
00:58:05.0139 4412 FUJ02B1 - ok
00:58:05.0159 4412 [ 7135030CBF87D724B6037BB023923730 ] FUJ02E3 C:\Windows\system32\drivers\FUJ02E3.sys
00:58:05.0169 4412 FUJ02E3 - ok
00:58:05.0219 4412 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:58:05.0219 4412 fvevol - ok
00:58:05.0269 4412 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:58:05.0289 4412 gagp30kx - ok
00:58:05.0429 4412 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:58:05.0439 4412 gpsvc - ok
00:58:05.0509 4412 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:58:05.0509 4412 gupdate - ok
00:58:05.0529 4412 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:58:05.0529 4412 gupdatem - ok
00:58:05.0599 4412 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
00:58:05.0599 4412 gusvc - ok
00:58:05.0669 4412 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:58:05.0689 4412 hcw85cir - ok
00:58:05.0819 4412 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:58:05.0839 4412 HdAudAddService - ok
00:58:05.0909 4412 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:58:05.0909 4412 HDAudBus - ok
00:58:05.0966 4412 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
00:58:05.0981 4412 HidBatt - ok
00:58:05.0997 4412 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
00:58:06.0012 4412 HidBth - ok
00:58:06.0090 4412 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
00:58:06.0090 4412 HidIr - ok
00:58:06.0168 4412 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:58:06.0168 4412 hidserv - ok
00:58:06.0231 4412 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:58:06.0231 4412 HidUsb - ok
00:58:06.0309 4412 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:58:06.0309 4412 hkmsvc - ok
00:58:06.0387 4412 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:58:06.0402 4412 HomeGroupListener - ok
00:58:06.0465 4412 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:58:06.0480 4412 HomeGroupProvider - ok
00:58:06.0543 4412 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:58:06.0543 4412 HpSAMD - ok
00:58:06.0605 4412 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:58:06.0621 4412 HTTP - ok
00:58:06.0652 4412 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:58:06.0668 4412 hwpolicy - ok
00:58:06.0714 4412 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:58:06.0714 4412 i8042prt - ok
00:58:06.0777 4412 [ 53CC5BF8B5A219119953C7ABB19A7705 ] iaStor C:\Windows\system32\drivers\iaStor.sys
00:58:06.0777 4412 iaStor - ok
00:58:06.0855 4412 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:58:06.0870 4412 iaStorV - ok
00:58:06.0917 4412 [ DE9E40BAEE2E48FD1E3EB423074C014C ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
00:58:06.0917 4412 iBtFltCoex - ok
00:58:07.0089 4412 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:58:07.0104 4412 IDriverT - ok
00:58:07.0198 4412 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:58:07.0214 4412 idsvc - ok
00:58:08.0430 4412 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
00:58:08.0540 4412 igfx - ok
00:58:08.0586 4412 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
00:58:08.0586 4412 iirsp - ok
00:58:08.0820 4412 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:58:08.0836 4412 IKEEXT - ok
00:58:08.0898 4412 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
00:58:08.0914 4412 intaud_WaveExtensible - ok
00:58:09.0148 4412 [ D492D3B5A8DDDE1D6621A8C53855EABF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:58:09.0242 4412 IntcAzAudAddService - ok
00:58:09.0320 4412 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:58:09.0320 4412 IntcDAud - ok
00:58:09.0335 4412 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:58:09.0335 4412 intelide - ok
00:58:09.0366 4412 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:58:09.0366 4412 intelppm - ok
00:58:09.0382 4412 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:58:09.0398 4412 IPBusEnum - ok
00:58:09.0429 4412 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:58:09.0429 4412 IpFilterDriver - ok
00:58:09.0444 4412 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:58:09.0460 4412 IPMIDRV - ok
00:58:09.0476 4412 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:58:09.0491 4412 IPNAT - ok
00:58:09.0491 4412 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:58:09.0491 4412 IRENUM - ok
00:58:09.0538 4412 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:58:09.0538 4412 isapnp - ok
00:58:09.0600 4412 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:58:09.0616 4412 iScsiPrt - ok
00:58:09.0647 4412 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
00:58:09.0663 4412 iwdbus - ok
00:58:09.0694 4412 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:58:09.0694 4412 kbdclass - ok
00:58:09.0725 4412 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
00:58:09.0741 4412 kbdhid - ok
00:58:09.0756 4412 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:58:09.0756 4412 KeyIso - ok
00:58:09.0803 4412 [ 8B5219318DF5895ABD230C373F2DF18A ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
00:58:09.0819 4412 KL1 - ok
00:58:09.0850 4412 [ 65F3B81FA285EAB641F5E6EF7AEB984D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
00:58:09.0866 4412 KLIF - ok
00:58:09.0912 4412 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
00:58:09.0912 4412 KLIM6 - ok
00:58:09.0959 4412 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
00:58:09.0959 4412 klkbdflt - ok
00:58:09.0990 4412 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
00:58:09.0990 4412 klmouflt - ok
00:58:10.0022 4412 [ A8081ED8D48FA611D11DB97F49A5343D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
00:58:10.0022 4412 kltdi - ok
00:58:10.0084 4412 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
00:58:10.0084 4412 kneps - ok
00:58:10.0131 4412 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:58:10.0146 4412 KSecDD - ok
00:58:10.0178 4412 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:58:10.0178 4412 KSecPkg - ok
00:58:10.0193 4412 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:58:10.0193 4412 ksthunk - ok
00:58:10.0240 4412 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:58:10.0271 4412 KtmRm - ok
00:58:10.0302 4412 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:58:10.0302 4412 LanmanServer - ok
00:58:10.0334 4412 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:58:10.0334 4412 LanmanWorkstation - ok
00:58:10.0365 4412 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:58:10.0365 4412 lltdio - ok
00:58:10.0412 4412 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:58:10.0427 4412 lltdsvc - ok
00:58:10.0443 4412 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:58:10.0443 4412 lmhosts - ok
00:58:10.0505 4412 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:58:10.0505 4412 LMS - ok
00:58:10.0521 4412 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
00:58:10.0536 4412 LSI_FC - ok
00:58:10.0552 4412 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:58:10.0552 4412 LSI_SAS - ok
00:58:10.0583 4412 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
00:58:10.0583 4412 LSI_SAS2 - ok
00:58:10.0599 4412 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
00:58:10.0599 4412 LSI_SCSI - ok
00:58:10.0614 4412 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:58:10.0614 4412 luafv - ok
00:58:10.0661 4412 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:58:10.0661 4412 Mcx2Svc - ok
00:58:10.0708 4412 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
00:58:10.0708 4412 megasas - ok
To be contd..
anton_ego
2013-05-31, 19:22
Contd from above..
00:58:10.0724 4412 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
00:58:10.0724 4412 MegaSR - ok
00:58:10.0771 4412 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:58:10.0771 4412 MEIx64 - ok
00:58:10.0911 4412 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
00:58:10.0927 4412 Microsoft Office Groove Audit Service - ok
00:58:10.0973 4412 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:58:10.0973 4412 MMCSS - ok
00:58:11.0020 4412 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:58:11.0020 4412 Modem - ok
00:58:11.0036 4412 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:58:11.0067 4412 monitor - ok
00:58:11.0098 4412 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:58:11.0098 4412 mouclass - ok
00:58:11.0129 4412 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:58:11.0129 4412 mouhid - ok
00:58:11.0161 4412 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:58:11.0161 4412 mountmgr - ok
00:58:11.0192 4412 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:58:11.0207 4412 MozillaMaintenance - ok
00:58:11.0239 4412 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:58:11.0239 4412 mpio - ok
00:58:11.0254 4412 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:58:11.0270 4412 mpsdrv - ok
00:58:11.0285 4412 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:58:11.0285 4412 MRxDAV - ok
00:58:11.0332 4412 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:58:11.0332 4412 mrxsmb - ok
00:58:11.0379 4412 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:58:11.0379 4412 mrxsmb10 - ok
00:58:11.0410 4412 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:58:11.0410 4412 mrxsmb20 - ok
00:58:11.0441 4412 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:58:11.0457 4412 msahci - ok
00:58:11.0473 4412 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:58:11.0488 4412 msdsm - ok
00:58:11.0504 4412 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:58:11.0519 4412 MSDTC - ok
00:58:11.0551 4412 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:58:11.0551 4412 Msfs - ok
00:58:11.0566 4412 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:58:11.0582 4412 mshidkmdf - ok
00:58:11.0629 4412 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:58:11.0629 4412 msisadrv - ok
00:58:11.0644 4412 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:58:11.0660 4412 MSiSCSI - ok
00:58:11.0660 4412 msiserver - ok
00:58:11.0691 4412 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:58:11.0691 4412 MSKSSRV - ok
00:58:11.0722 4412 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:58:11.0738 4412 MSPCLOCK - ok
00:58:11.0753 4412 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:58:11.0753 4412 MSPQM - ok
00:58:11.0769 4412 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:58:11.0785 4412 MsRPC - ok
00:58:11.0816 4412 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:58:11.0816 4412 mssmbios - ok
00:58:11.0878 4412 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:58:11.0894 4412 MSTEE - ok
00:58:11.0925 4412 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
00:58:11.0925 4412 MTConfig - ok
00:58:11.0941 4412 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:58:11.0941 4412 Mup - ok
00:58:12.0003 4412 [ 0CF5580F27918FFD2E165ECAFA734103 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:58:12.0003 4412 MyWiFiDHCPDNS - ok
00:58:12.0050 4412 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:58:12.0050 4412 napagent - ok
00:58:12.0112 4412 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:58:12.0112 4412 NativeWifiP - ok
00:58:12.0190 4412 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:58:12.0206 4412 NDIS - ok
00:58:12.0237 4412 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:58:12.0237 4412 NdisCap - ok
00:58:12.0268 4412 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:58:12.0268 4412 NdisTapi - ok
00:58:12.0284 4412 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:58:12.0284 4412 Ndisuio - ok
00:58:12.0331 4412 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:58:12.0331 4412 NdisWan - ok
00:58:12.0362 4412 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:58:12.0362 4412 NDProxy - ok
00:58:12.0393 4412 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:58:12.0393 4412 NetBIOS - ok
00:58:12.0440 4412 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:58:12.0440 4412 NetBT - ok
00:58:12.0471 4412 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:58:12.0471 4412 Netlogon - ok
00:58:12.0533 4412 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:58:12.0533 4412 Netman - ok
00:58:12.0643 4412 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:58:12.0689 4412 NetMsmqActivator - ok
00:58:12.0689 4412 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:58:12.0705 4412 NetPipeActivator - ok
00:58:12.0752 4412 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:58:12.0752 4412 netprofm - ok
00:58:12.0783 4412 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:58:12.0783 4412 NetTcpActivator - ok
00:58:12.0799 4412 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:58:12.0799 4412 NetTcpPortSharing - ok
00:58:13.0516 4412 [ B9C587BDAA61A689883439D5AE6FE7F3 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
00:58:13.0579 4412 NETwNs64 - ok
00:58:13.0625 4412 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
00:58:13.0641 4412 nfrd960 - ok
00:58:13.0641 4412 NIApplicationWebServer64 - ok
00:58:13.0719 4412 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:58:13.0750 4412 NlaSvc - ok
00:58:13.0922 4412 [ B6E56578E167AD7D146F1B316490AC03 ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
00:58:13.0937 4412 nlsX86cc - ok
00:58:13.0969 4412 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:58:13.0969 4412 Npfs - ok
00:58:14.0015 4412 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:58:14.0015 4412 nsi - ok
00:58:14.0047 4412 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:58:14.0047 4412 nsiproxy - ok
00:58:14.0140 4412 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:58:14.0203 4412 Ntfs - ok
00:58:14.0218 4412 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:58:14.0218 4412 Null - ok
00:58:14.0546 4412 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:58:14.0608 4412 nvlddmkm - ok
00:58:14.0686 4412 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
00:58:14.0686 4412 nvpciflt - ok
00:58:14.0733 4412 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:58:14.0749 4412 nvraid - ok
00:58:14.0780 4412 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:58:14.0780 4412 nvstor - ok
00:58:14.0827 4412 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
00:58:14.0842 4412 NVSvc - ok
00:58:14.0951 4412 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:58:15.0014 4412 nvUpdatusService - ok
00:58:15.0045 4412 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:58:15.0061 4412 nv_agp - ok
00:58:15.0201 4412 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:58:15.0201 4412 odserv - ok
00:58:15.0248 4412 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:58:15.0248 4412 ohci1394 - ok
00:58:15.0263 4412 OpcEnum - ok
00:58:15.0295 4412 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:58:15.0310 4412 ose - ok
00:58:15.0341 4412 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:58:15.0357 4412 p2pimsvc - ok
00:58:15.0404 4412 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:58:15.0404 4412 p2psvc - ok
00:58:15.0451 4412 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
00:58:15.0466 4412 Parport - ok
00:58:15.0497 4412 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:58:15.0497 4412 partmgr - ok
00:58:15.0513 4412 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:58:15.0529 4412 PcaSvc - ok
00:58:15.0560 4412 [ B26E102E0F54773119B162F56C9DD994 ] pci C:\Windows\system32\drivers\pci.sys
00:58:15.0560 4412 pci - ok
00:58:15.0591 4412 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:58:15.0591 4412 pciide - ok
00:58:15.0622 4412 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
00:58:15.0638 4412 pcmcia - ok
00:58:15.0700 4412 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:58:15.0716 4412 pcw - ok
00:58:15.0825 4412 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:58:15.0841 4412 PEAUTH - ok
00:58:16.0137 4412 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
00:58:16.0231 4412 PeerDistSvc - ok
00:58:16.0293 4412 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:58:16.0324 4412 PerfHost - ok
00:58:16.0449 4412 [ 6CE8BB00A615A4F3FA2F36FDB2EF4EFA ] PFNService C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
00:58:16.0465 4412 PFNService - ok
00:58:16.0589 4412 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:58:16.0667 4412 pla - ok
00:58:16.0808 4412 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:58:16.0823 4412 PlugPlay - ok
00:58:16.0870 4412 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:58:16.0886 4412 PNRPAutoReg - ok
00:58:16.0933 4412 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:58:16.0948 4412 PNRPsvc - ok
00:58:17.0011 4412 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:58:17.0042 4412 PolicyAgent - ok
00:58:17.0120 4412 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
00:58:17.0120 4412 Power - ok
00:58:17.0198 4412 [ 76FF4836EFA78DBF3F39F612D88CA7E7 ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe
00:58:17.0198 4412 PowerSavingUtilityService - ok
00:58:17.0307 4412 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:58:17.0307 4412 PptpMiniport - ok
00:58:17.0369 4412 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
00:58:17.0401 4412 Processor - ok
00:58:17.0510 4412 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:58:17.0525 4412 ProfSvc - ok
00:58:17.0557 4412 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:58:17.0557 4412 ProtectedStorage - ok
00:58:17.0681 4412 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:58:17.0681 4412 Psched - ok
00:58:17.0806 4412 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
00:58:17.0869 4412 ql2300 - ok
00:58:17.0915 4412 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
00:58:17.0931 4412 ql40xx - ok
00:58:17.0978 4412 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:58:17.0993 4412 QWAVE - ok
00:58:18.0056 4412 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:58:18.0056 4412 QWAVEdrv - ok
00:58:18.0071 4412 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:58:18.0071 4412 RasAcd - ok
00:58:18.0087 4412 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:58:18.0087 4412 RasAgileVpn - ok
00:58:18.0134 4412 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:58:18.0134 4412 RasAuto - ok
00:58:18.0181 4412 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:58:18.0181 4412 Rasl2tp - ok
00:58:18.0196 4412 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:58:18.0212 4412 RasMan - ok
00:58:18.0227 4412 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:58:18.0227 4412 RasPppoe - ok
00:58:18.0227 4412 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:58:18.0227 4412 RasSstp - ok
00:58:18.0259 4412 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:58:18.0259 4412 rdbss - ok
00:58:18.0274 4412 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:58:18.0274 4412 rdpbus - ok
00:58:18.0290 4412 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:58:18.0290 4412 RDPCDD - ok
00:58:18.0321 4412 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:58:18.0337 4412 RDPDR - ok
00:58:18.0337 4412 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:58:18.0352 4412 RDPENCDD - ok
00:58:18.0352 4412 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:58:18.0368 4412 RDPREFMP - ok
00:58:18.0415 4412 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:58:18.0415 4412 RDPWD - ok
00:58:18.0461 4412 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:58:18.0461 4412 rdyboost - ok
00:58:18.0571 4412 [ AA9FD849C028CCB441A78061B57DB734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:58:18.0571 4412 RegSrvc - ok
00:58:18.0617 4412 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:58:18.0633 4412 RemoteAccess - ok
00:58:18.0680 4412 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:58:18.0695 4412 RemoteRegistry - ok
00:58:18.0758 4412 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
00:58:18.0758 4412 RFCOMM - ok
00:58:18.0851 4412 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:58:18.0851 4412 RpcEptMapper - ok
00:58:18.0883 4412 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:58:18.0898 4412 RpcLocator - ok
00:58:18.0929 4412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:58:18.0945 4412 RpcSs - ok
00:58:18.0992 4412 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:58:18.0992 4412 rspndr - ok
00:58:19.0039 4412 [ 22D6B47D004A6568C500680BE2972854 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
00:58:19.0039 4412 RSUSBSTOR - ok
00:58:19.0085 4412 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:58:19.0101 4412 RTL8167 - ok
00:58:19.0132 4412 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
00:58:19.0148 4412 s3cap - ok
00:58:19.0163 4412 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:58:19.0163 4412 SamSs - ok
00:58:19.0179 4412 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:58:19.0195 4412 sbp2port - ok
00:58:19.0241 4412 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:58:19.0257 4412 SCardSvr - ok
00:58:19.0288 4412 [ BB19E8CDFE4DADE1DDD5825289854E86 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
00:58:19.0288 4412 SCDEmu - ok
00:58:19.0319 4412 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:58:19.0319 4412 scfilter - ok
00:58:19.0382 4412 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:58:19.0397 4412 Schedule - ok
00:58:19.0444 4412 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:58:19.0444 4412 SCPolicySvc - ok
00:58:19.0491 4412 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:58:19.0491 4412 SDRSVC - ok
00:58:19.0522 4412 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:58:19.0522 4412 secdrv - ok
00:58:19.0553 4412 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:58:19.0569 4412 seclogon - ok
00:58:19.0600 4412 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:58:19.0600 4412 SENS - ok
00:58:19.0616 4412 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:58:19.0616 4412 SensrSvc - ok
00:58:19.0647 4412 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
00:58:19.0663 4412 Serenum - ok
00:58:19.0678 4412 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
00:58:19.0678 4412 Serial - ok
00:58:19.0725 4412 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
00:58:19.0725 4412 sermouse - ok
00:58:19.0772 4412 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:58:19.0772 4412 SessionEnv - ok
00:58:19.0819 4412 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:58:19.0819 4412 sffdisk - ok
00:58:19.0850 4412 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:58:19.0865 4412 sffp_mmc - ok
00:58:19.0881 4412 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:58:19.0881 4412 sffp_sd - ok
00:58:19.0912 4412 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
00:58:19.0928 4412 sfloppy - ok
00:58:19.0975 4412 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:58:19.0975 4412 ShellHWDetection - ok
00:58:20.0006 4412 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
00:58:20.0006 4412 SiSRaid2 - ok
00:58:20.0037 4412 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:58:20.0037 4412 SiSRaid4 - ok
00:58:20.0115 4412 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:58:20.0131 4412 SkypeUpdate - ok
00:58:20.0177 4412 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:58:20.0193 4412 Smb - ok
00:58:20.0240 4412 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:58:20.0240 4412 SNMPTRAP - ok
00:58:20.0318 4412 [ 9CD1C53490EB5601870A69A8E40F7B12 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
00:58:20.0349 4412 SNP2UVC - ok
00:58:20.0380 4412 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:58:20.0380 4412 spldr - ok
00:58:20.0443 4412 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
00:58:20.0458 4412 Spooler - ok
00:58:20.0645 4412 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:58:20.0708 4412 sppsvc - ok
00:58:20.0739 4412 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:58:20.0739 4412 sppuinotify - ok
00:58:20.0801 4412 [ 62392CEB7DD65838364990E0F5494B73 ] SRS_AE_Service C:\Windows\system32\drivers\SRS_AE_amd64.sys
00:58:20.0817 4412 SRS_AE_Service - ok
00:58:20.0879 4412 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:58:20.0895 4412 srv - ok
00:58:20.0942 4412 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:58:20.0957 4412 srv2 - ok
00:58:20.0973 4412 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:58:20.0973 4412 srvnet - ok
00:58:21.0035 4412 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:58:21.0035 4412 SSDPSRV - ok
00:58:21.0113 4412 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:58:21.0129 4412 SstpSvc - ok
00:58:21.0160 4412 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
00:58:21.0160 4412 stexstor - ok
00:58:21.0207 4412 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:58:21.0223 4412 stisvc - ok
00:58:21.0254 4412 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
00:58:21.0254 4412 storflt - ok
00:58:21.0316 4412 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
00:58:21.0332 4412 StorSvc - ok
00:58:21.0363 4412 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
00:58:21.0363 4412 storvsc - ok
00:58:21.0394 4412 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
00:58:21.0394 4412 swenum - ok
00:58:21.0457 4412 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:58:21.0472 4412 swprv - ok
00:58:21.0503 4412 [ 3C08FB2829A5304825F974B1631DEDFA ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:58:21.0503 4412 SynTP - ok
00:58:21.0597 4412 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:58:21.0613 4412 SysMain - ok
00:58:21.0659 4412 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:58:21.0675 4412 TabletInputService - ok
00:58:21.0706 4412 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:58:21.0722 4412 TapiSrv - ok
00:58:21.0753 4412 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:58:21.0769 4412 TBS - ok
00:58:21.0878 4412 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:58:21.0940 4412 Tcpip - ok
00:58:22.0003 4412 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:58:22.0018 4412 TCPIP6 - ok
00:58:22.0081 4412 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:58:22.0081 4412 tcpipreg - ok
00:58:22.0127 4412 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:58:22.0127 4412 TDPIPE - ok
00:58:22.0174 4412 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:58:22.0174 4412 TDTCP - ok
00:58:22.0205 4412 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:58:22.0205 4412 tdx - ok
00:58:22.0252 4412 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:58:22.0252 4412 TermDD - ok
00:58:22.0299 4412 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:58:22.0315 4412 TermService - ok
00:58:22.0346 4412 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:58:22.0346 4412 Themes - ok
00:58:22.0408 4412 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:58:22.0408 4412 THREADORDER - ok
00:58:22.0439 4412 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:58:22.0439 4412 TrkWks - ok
00:58:22.0502 4412 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:58:22.0517 4412 TrustedInstaller - ok
00:58:22.0549 4412 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:58:22.0549 4412 tssecsrv - ok
00:58:22.0564 4412 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:58:22.0580 4412 TsUsbFlt - ok
00:58:22.0595 4412 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
00:58:22.0627 4412 TsUsbGD - ok
00:58:22.0814 4412 [ 535A376629A37E03F993D769490E8EED ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
00:58:22.0829 4412 TuneUp.UtilitiesSvc - ok
00:58:22.0907 4412 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
00:58:22.0907 4412 TuneUpUtilitiesDrv - ok
00:58:22.0985 4412 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:58:23.0001 4412 tunnel - ok
00:58:23.0032 4412 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:58:23.0048 4412 uagp35 - ok
00:58:23.0079 4412 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:58:23.0110 4412 udfs - ok
00:58:23.0157 4412 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:58:23.0157 4412 UI0Detect - ok
00:58:23.0188 4412 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:58:23.0188 4412 uliagpkx - ok
00:58:23.0219 4412 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:58:23.0219 4412 umbus - ok
00:58:23.0251 4412 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
00:58:23.0266 4412 UmPass - ok
00:58:23.0297 4412 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
00:58:23.0297 4412 UmRdpService - ok
00:58:23.0500 4412 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:58:23.0594 4412 UNS - ok
00:58:23.0625 4412 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:58:23.0625 4412 upnphost - ok
00:58:23.0672 4412 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:58:23.0672 4412 usbaudio - ok
00:58:23.0734 4412 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:58:23.0734 4412 usbccgp - ok
00:58:23.0797 4412 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:58:23.0797 4412 usbcir - ok
00:58:23.0843 4412 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:58:23.0843 4412 usbehci - ok
00:58:23.0875 4412 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:58:23.0890 4412 usbhub - ok
00:58:23.0906 4412 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:58:23.0921 4412 usbohci - ok
00:58:23.0937 4412 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
00:58:23.0953 4412 usbprint - ok
00:58:23.0984 4412 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:58:23.0984 4412 USBSTOR - ok
00:58:24.0015 4412 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:58:24.0015 4412 usbuhci - ok
00:58:24.0046 4412 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
00:58:24.0062 4412 usbvideo - ok
00:58:24.0093 4412 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:58:24.0093 4412 UxSms - ok
00:58:24.0140 4412 [ 6F10C7FF1F1E3F45D7E20DD6E398682E ] UxTuneUp C:\Windows\System32\uxtuneup.dll
00:58:24.0140 4412 UxTuneUp - ok
00:58:24.0171 4412 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:58:24.0171 4412 VaultSvc - ok
00:58:24.0233 4412 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:58:24.0233 4412 vdrvroot - ok
00:58:24.0280 4412 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:58:24.0296 4412 vds - ok
00:58:24.0343 4412 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:58:24.0343 4412 vga - ok
00:58:24.0374 4412 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:58:24.0374 4412 VgaSave - ok
00:58:24.0405 4412 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:58:24.0421 4412 vhdmp - ok
00:58:24.0452 4412 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:58:24.0467 4412 viaide - ok
00:58:24.0499 4412 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
00:58:24.0499 4412 vmbus - ok
00:58:24.0530 4412 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
00:58:24.0530 4412 VMBusHID - ok
00:58:24.0561 4412 [ 071E1B172D49154EE1D23A2ACC472EFB ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:58:24.0561 4412 volmgr - ok
00:58:24.0577 4412 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:58:24.0592 4412 volmgrx - ok
00:58:24.0608 4412 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:58:24.0623 4412 volsnap - ok
00:58:24.0655 4412 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:58:24.0670 4412 vsmraid - ok
00:58:24.0748 4412 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:58:24.0811 4412 VSS - ok
00:58:24.0935 4412 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
00:58:24.0951 4412 vToolbarUpdater13.2.0 - ok
00:58:24.0982 4412 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:58:24.0982 4412 vwifibus - ok
00:58:24.0998 4412 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:58:24.0998 4412 vwififlt - ok
00:58:25.0029 4412 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:58:25.0029 4412 vwifimp - ok
00:58:25.0076 4412 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:58:25.0091 4412 W32Time - ok
00:58:25.0138 4412 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
00:58:25.0138 4412 WacomPen - ok
00:58:25.0169 4412 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:58:25.0169 4412 WANARP - ok
00:58:25.0185 4412 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:58:25.0201 4412 Wanarpv6 - ok
00:58:25.0294 4412 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:58:25.0357 4412 WatAdminSvc - ok
00:58:25.0419 4412 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:58:25.0481 4412 wbengine - ok
00:58:25.0528 4412 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:58:25.0528 4412 WbioSrvc - ok
00:58:25.0575 4412 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:58:25.0575 4412 wcncsvc - ok
00:58:25.0637 4412 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:58:25.0669 4412 WcsPlugInService - ok
00:58:25.0700 4412 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
00:58:25.0700 4412 Wd - ok
00:58:25.0762 4412 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:58:25.0778 4412 Wdf01000 - ok
00:58:25.0809 4412 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:58:25.0809 4412 WdiServiceHost - ok
00:58:25.0825 4412 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:58:25.0825 4412 WdiSystemHost - ok
00:58:25.0856 4412 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:58:25.0887 4412 WebClient - ok
00:58:25.0918 4412 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:58:25.0918 4412 Wecsvc - ok
00:58:25.0949 4412 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:58:25.0965 4412 wercplsupport - ok
00:58:25.0996 4412 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:58:25.0996 4412 WerSvc - ok
00:58:26.0027 4412 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:58:26.0027 4412 WfpLwf - ok
00:58:26.0043 4412 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:58:26.0059 4412 WIMMount - ok
00:58:26.0090 4412 WinHttpAutoProxySvc - ok
00:58:26.0168 4412 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:58:26.0168 4412 Winmgmt - ok
00:58:26.0308 4412 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:58:26.0386 4412 WinRM - ok
00:58:26.0449 4412 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:58:26.0449 4412 WinUsb - ok
00:58:26.0495 4412 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:58:26.0511 4412 Wlansvc - ok
00:58:26.0542 4412 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:58:26.0542 4412 wlcrasvc - ok
00:58:26.0636 4412 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:58:26.0651 4412 wlidsvc - ok
00:58:26.0683 4412 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:58:26.0698 4412 WmiAcpi - ok
00:58:26.0761 4412 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:58:26.0776 4412 wmiApSrv - ok
00:58:26.0792 4412 WMPNetworkSvc - ok
00:58:26.0854 4412 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:58:26.0870 4412 WPCSvc - ok
00:58:26.0885 4412 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:58:26.0885 4412 WPDBusEnum - ok
00:58:26.0917 4412 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:58:26.0917 4412 ws2ifsl - ok
00:58:26.0932 4412 WSearch - ok
00:58:26.0979 4412 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:58:26.0979 4412 WudfPf - ok
00:58:27.0026 4412 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:58:27.0041 4412 WUDFRd - ok
00:58:27.0088 4412 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:58:27.0088 4412 wudfsvc - ok
00:58:27.0135 4412 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:58:27.0151 4412 WwanSvc - ok
00:58:27.0197 4412 ================ Scan global ===============================
00:58:27.0244 4412 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:58:27.0291 4412 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
00:58:27.0307 4412 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
00:58:27.0369 4412 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:58:27.0416 4412 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:58:27.0416 4412 [Global] - ok
00:58:27.0416 4412 ================ Scan MBR ==================================
00:58:27.0447 4412 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:58:28.0336 4412 \Device\Harddisk0\DR0 - ok
00:58:28.0336 4412 ================ Scan VBR ==================================
00:58:28.0367 4412 [ C6FF7C0E5D1785CC6DF032FFACC80E25 ] \Device\Harddisk0\DR0\Partition1
00:58:28.0383 4412 \Device\Harddisk0\DR0\Partition1 - ok
00:58:28.0399 4412 [ 9D3883957EA550A5F80AF50EFFD2BE82 ] \Device\Harddisk0\DR0\Partition2
00:58:28.0414 4412 \Device\Harddisk0\DR0\Partition2 - ok
00:58:28.0414 4412 ================ Scan active images ========================
00:58:28.0414 4412 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
00:58:28.0414 4412 C:\Windows\System32\drivers\crashdmp.sys - ok
00:58:28.0430 4412 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
00:58:28.0430 4412 C:\Windows\System32\drivers\dumpfve.sys - ok
00:58:28.0430 4412 [ 53CC5BF8B5A219119953C7ABB19A7705 ] C:\Windows\System32\drivers\iaStor.sys
00:58:28.0430 4412 C:\Windows\System32\drivers\iaStor.sys - ok
00:58:28.0445 4412 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
00:58:28.0445 4412 C:\Windows\System32\drivers\cdrom.sys - ok
00:58:28.0445 4412 [ DE362982A3645C8FD14E983E12BB67F2 ] C:\Windows\System32\drivers\klflt.sys
00:58:28.0445 4412 C:\Windows\System32\drivers\klflt.sys - ok
00:58:28.0445 4412 [ 65F3B81FA285EAB641F5E6EF7AEB984D ] C:\Windows\System32\drivers\klif.sys
00:58:28.0445 4412 C:\Windows\System32\drivers\klif.sys - ok
00:58:28.0461 4412 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
00:58:28.0461 4412 C:\Windows\System32\drivers\beep.sys - ok
00:58:28.0461 4412 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
00:58:28.0461 4412 C:\Windows\System32\drivers\null.sys - ok
00:58:28.0461 4412 [ 371428CF0F71934CB0F2344823ADFA32 ] C:\Windows\System32\drivers\avgtpx64.sys
00:58:28.0461 4412 C:\Windows\System32\drivers\avgtpx64.sys - ok
00:58:28.0477 4412 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
00:58:28.0477 4412 C:\Windows\System32\drivers\msfs.sys - ok
00:58:28.0477 4412 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
00:58:28.0477 4412 C:\Windows\System32\drivers\npfs.sys - ok
00:58:28.0477 4412 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
00:58:28.0477 4412 C:\Windows\System32\drivers\RDPCDD.sys - ok
00:58:28.0477 4412 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
00:58:28.0477 4412 C:\Windows\System32\drivers\RDPENCDD.sys - ok
00:58:28.0477 4412 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
00:58:28.0477 4412 C:\Windows\System32\drivers\RDPREFMP.sys - ok
00:58:28.0492 4412 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
00:58:28.0492 4412 C:\Windows\System32\drivers\vga.sys - ok
00:58:28.0492 4412 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
00:58:28.0492 4412 C:\Windows\System32\drivers\videoprt.sys - ok
00:58:28.0492 4412 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
00:58:28.0492 4412 C:\Windows\System32\drivers\watchdog.sys - ok
00:58:28.0492 4412 [ A8081ED8D48FA611D11DB97F49A5343D ] C:\Windows\System32\drivers\kltdi.sys
00:58:28.0492 4412 C:\Windows\System32\drivers\kltdi.sys - ok
00:58:28.0508 4412 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
00:58:28.0508 4412 C:\Windows\System32\drivers\tdi.sys - ok
00:58:28.0508 4412 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
00:58:28.0508 4412 C:\Windows\System32\drivers\tdx.sys - ok
00:58:28.0508 4412 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
00:58:28.0508 4412 C:\Windows\System32\drivers\afd.sys - ok
00:58:28.0508 4412 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
00:58:28.0508 4412 C:\Windows\System32\drivers\netbt.sys - ok
00:58:28.0508 4412 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
00:58:28.0508 4412 C:\Windows\System32\drivers\pacer.sys - ok
00:58:28.0523 4412 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
00:58:28.0523 4412 C:\Windows\System32\drivers\vwififlt.sys - ok
00:58:28.0523 4412 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
00:58:28.0523 4412 C:\Windows\System32\drivers\wfplwf.sys - ok
00:58:28.0523 4412 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] C:\Windows\System32\drivers\klim6.sys
00:58:28.0523 4412 C:\Windows\System32\drivers\klim6.sys - ok
00:58:28.0523 4412 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
00:58:28.0523 4412 C:\Windows\System32\drivers\netbios.sys - ok
00:58:28.0539 4412 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
00:58:28.0539 4412 C:\Windows\System32\drivers\wanarp.sys - ok
00:58:28.0539 4412 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
00:58:28.0539 4412 C:\Windows\System32\drivers\mssmbios.sys - ok
00:58:28.0539 4412 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
00:58:28.0539 4412 C:\Windows\System32\drivers\nsiproxy.sys - ok
00:58:28.0539 4412 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
00:58:28.0539 4412 C:\Windows\System32\drivers\rdbss.sys - ok
00:58:28.0555 4412 [ BB19E8CDFE4DADE1DDD5825289854E86 ] C:\Windows\System32\drivers\scdemu.sys
00:58:28.0555 4412 C:\Windows\System32\drivers\scdemu.sys - ok
00:58:28.0555 4412 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
00:58:28.0555 4412 C:\Windows\System32\drivers\termdd.sys - ok
00:58:28.0555 4412 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
00:58:28.0555 4412 C:\Windows\System32\drivers\csc.sys - ok
00:58:28.0555 4412 [ 7D7F90460F1309B5205BF8CDFAD63E42 ] C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
00:58:28.0555 4412 C:\Windows\System32\drivers\CSVirtualDiskDrv.sys - ok
00:58:28.0555 4412 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
00:58:28.0555 4412 C:\Windows\System32\drivers\dfsc.sys - ok
00:58:28.0570 4412 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
00:58:28.0570 4412 C:\Windows\System32\drivers\discache.sys - ok
00:58:28.0570 4412 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] C:\Windows\System32\drivers\kneps.sys
00:58:28.0570 4412 C:\Windows\System32\drivers\kneps.sys - ok
00:58:28.0570 4412 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
00:58:28.0570 4412 C:\Windows\System32\drivers\blbdrive.sys - ok
00:58:28.0570 4412 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
00:58:28.0570 4412 C:\Windows\System32\drivers\tunnel.sys - ok
00:58:28.0570 4412 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
00:58:28.0570 4412 C:\Windows\System32\ntdll.dll - ok
00:58:28.0586 4412 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
00:58:28.0586 4412 C:\Windows\System32\smss.exe - ok
00:58:28.0586 4412 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] C:\Windows\System32\drivers\nvlddmkm.sys
00:58:28.0586 4412 C:\Windows\System32\drivers\nvlddmkm.sys - ok
00:58:28.0586 4412 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
00:58:28.0586 4412 C:\Windows\System32\drivers\dxgkrnl.sys - ok
00:58:28.0586 4412 [ 3A0520D2F8ADBA91D978196046A62247 ] C:\Windows\System32\drivers\nvBridge.kmd
00:58:28.0586 4412 C:\Windows\System32\drivers\nvBridge.kmd - ok
00:58:28.0586 4412 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
00:58:28.0586 4412 C:\Windows\System32\autochk.exe - ok
00:58:28.0601 4412 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
00:58:28.0601 4412 C:\Windows\System32\drivers\dxgmms1.sys - ok
00:58:28.0601 4412 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
00:58:28.0601 4412 C:\Windows\System32\advapi32.dll - ok
00:58:28.0601 4412 [ 6383899C5F964D71B0F96B81FBE59BB8 ] C:\Windows\System32\drivers\igdkmd64.sys
00:58:28.0601 4412 C:\Windows\System32\drivers\igdkmd64.sys - ok
00:58:28.0601 4412 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
00:58:28.0601 4412 C:\Windows\System32\normaliz.dll - ok
00:58:28.0601 4412 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
00:58:28.0601 4412 C:\Windows\System32\drivers\HECIx64.sys - ok
00:58:28.0617 4412 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
00:58:28.0617 4412 C:\Windows\System32\drivers\usbport.sys - ok
00:58:28.0617 4412 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
00:58:28.0617 4412 C:\Windows\System32\drivers\hdaudbus.sys - ok
00:58:28.0617 4412 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
00:58:28.0617 4412 C:\Windows\System32\drivers\usbehci.sys - ok
00:58:28.0617 4412 [ B9C587BDAA61A689883439D5AE6FE7F3 ] C:\Windows\System32\drivers\NETwNs64.sys
00:58:28.0617 4412 C:\Windows\System32\drivers\NETwNs64.sys - ok
00:58:28.0633 4412 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
00:58:28.0633 4412 C:\Windows\System32\drivers\vwifibus.sys - ok
00:58:28.0633 4412 [ AFC12DFA4C7B089673AD67402CA19EDB ] C:\Windows\System32\drivers\Rt64win7.sys
00:58:28.0633 4412 C:\Windows\System32\drivers\Rt64win7.sys - ok
00:58:28.0633 4412 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
00:58:28.0633 4412 C:\Windows\System32\drivers\i8042prt.sys - ok
00:58:28.0633 4412 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
00:58:28.0633 4412 C:\Windows\System32\drivers\kbdclass.sys - ok
00:58:28.0633 4412 [ 2C43FD500522EF3B8C283A5846B7FC41 ] C:\Windows\System32\drivers\klkbdflt.sys
00:58:28.0633 4412 C:\Windows\System32\drivers\klkbdflt.sys - ok
00:58:28.0648 4412 [ 70A6D2E292017EC47949696F51ABE18D ] C:\Windows\System32\drivers\klmouflt.sys
00:58:28.0648 4412 C:\Windows\System32\drivers\klmouflt.sys - ok
00:58:28.0648 4412 [ 3C08FB2829A5304825F974B1631DEDFA ] C:\Windows\System32\drivers\SynTP.sys
00:58:28.0648 4412 C:\Windows\System32\drivers\SynTP.sys - ok
00:58:28.0648 4412 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
00:58:28.0648 4412 C:\Windows\System32\drivers\usbd.sys - ok
00:58:28.0648 4412 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
00:58:28.0648 4412 C:\Windows\System32\drivers\CmBatt.sys - ok
00:58:28.0648 4412 [ BA0C1FFDA496D8BCBCAC63F8D98D20E3 ] C:\Windows\System32\drivers\fuj02b1.sys
00:58:28.0648 4412 C:\Windows\System32\drivers\fuj02b1.sys - ok
00:58:28.0664 4412 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
00:58:28.0664 4412 C:\Windows\System32\drivers\intelppm.sys - ok
00:58:28.0664 4412 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
00:58:28.0664 4412 C:\Windows\System32\drivers\mouclass.sys - ok
00:58:28.0664 4412 [ E13A438F9E51DD034730678E33B73290 ] C:\Windows\System32\drivers\clwvd.sys
00:58:28.0664 4412 C:\Windows\System32\drivers\clwvd.sys - ok
00:58:28.0664 4412 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
00:58:28.0664 4412 C:\Windows\System32\drivers\CompositeBus.sys - ok
00:58:28.0679 4412 [ 7135030CBF87D724B6037BB023923730 ] C:\Windows\System32\drivers\fuj02e3.sys
00:58:28.0679 4412 C:\Windows\System32\drivers\fuj02e3.sys - ok
00:58:28.0679 4412 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
00:58:28.0679 4412 C:\Windows\System32\drivers\ks.sys - ok
00:58:28.0679 4412 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
00:58:28.0679 4412 C:\Windows\System32\drivers\ksthunk.sys - ok
00:58:28.0679 4412 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
00:58:28.0679 4412 C:\Windows\System32\drivers\agilevpn.sys - ok
00:58:28.0679 4412 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
00:58:28.0679 4412 C:\Windows\System32\drivers\rasl2tp.sys - ok
00:58:28.0695 4412 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
00:58:28.0695 4412 C:\Windows\System32\drivers\ndistapi.sys - ok
00:58:28.0695 4412 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
00:58:28.0695 4412 C:\Windows\System32\drivers\ndiswan.sys - ok
00:58:28.0695 4412 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
00:58:28.0695 4412 C:\Windows\System32\drivers\raspppoe.sys - ok
00:58:28.0695 4412 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
00:58:28.0695 4412 C:\Windows\System32\drivers\raspptp.sys - ok
00:58:28.0695 4412 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
00:58:28.0695 4412 C:\Windows\System32\drivers\rassstp.sys - ok
00:58:28.0711 4412 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
00:58:28.0711 4412 C:\Windows\System32\drivers\rdpbus.sys - ok
00:58:28.0711 4412 [ 716F66336F10885D935B08174DC54242 ] C:\Windows\System32\drivers\iwdbus.sys
00:58:28.0711 4412 C:\Windows\System32\drivers\iwdbus.sys - ok
00:58:28.0711 4412 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
00:58:28.0711 4412 C:\Windows\System32\drivers\swenum.sys - ok
00:58:28.0711 4412 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
00:58:28.0711 4412 C:\Windows\System32\drivers\umbus.sys - ok
00:58:28.0711 4412 [ 8B892002D7B79312821169A14317AB86 ] C:\Windows\System32\drivers\usbhub.sys
00:58:28.0711 4412 C:\Windows\System32\drivers\usbhub.sys - ok
00:58:28.0726 4412 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
00:58:28.0726 4412 C:\Windows\System32\clbcatq.dll - ok
00:58:28.0726 4412 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
00:58:28.0726 4412 C:\Windows\System32\user32.dll - ok
00:58:28.0726 4412 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
00:58:28.0726 4412 C:\Windows\System32\ws2_32.dll - ok
00:58:28.0726 4412 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
00:58:28.0726 4412 C:\Windows\System32\comdlg32.dll - ok
00:58:28.0726 4412 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
00:58:28.0726 4412 C:\Windows\System32\drivers\ndproxy.sys - ok
00:58:28.0742 4412 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
00:58:28.0742 4412 C:\Windows\System32\Wldap32.dll - ok
00:58:28.0742 4412 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
00:58:28.0742 4412 C:\Windows\System32\imm32.dll - ok
00:58:28.0742 4412 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
00:58:28.0742 4412 C:\Windows\System32\psapi.dll - ok
00:58:28.0742 4412 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
00:58:28.0742 4412 C:\Windows\System32\sechost.dll - ok
00:58:28.0757 4412 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
00:58:28.0757 4412 C:\Windows\System32\kernel32.dll - ok
00:58:28.0757 4412 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
00:58:28.0757 4412 C:\Windows\System32\shell32.dll - ok
00:58:28.0757 4412 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
00:58:28.0757 4412 C:\Windows\System32\lpk.dll - ok
00:58:28.0757 4412 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
00:58:28.0757 4412 C:\Windows\System32\msvcrt.dll - ok
00:58:28.0757 4412 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
00:58:28.0757 4412 C:\Windows\System32\nsi.dll - ok
00:58:28.0773 4412 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
00:58:28.0773 4412 C:\Windows\System32\setupapi.dll - ok
00:58:28.0773 4412 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
00:58:28.0773 4412 C:\Windows\System32\msctf.dll - ok
00:58:28.0773 4412 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
00:58:28.0773 4412 C:\Windows\System32\rpcrt4.dll - ok
00:58:28.0773 4412 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
00:58:28.0773 4412 C:\Windows\System32\usp10.dll - ok
00:58:28.0773 4412 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
00:58:28.0773 4412 C:\Windows\System32\difxapi.dll - ok
00:58:28.0789 4412 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
00:58:28.0789 4412 C:\Windows\System32\imagehlp.dll - ok
00:58:28.0789 4412 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
00:58:28.0789 4412 C:\Windows\System32\gdi32.dll - ok
00:58:28.0789 4412 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
00:58:28.0789 4412 C:\Windows\System32\oleaut32.dll - ok
00:58:28.0789 4412 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
00:58:28.0789 4412 C:\Windows\System32\iertutil.dll - ok
00:58:28.0789 4412 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
00:58:28.0789 4412 C:\Windows\System32\urlmon.dll - ok
00:58:28.0804 4412 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
00:58:28.0804 4412 C:\Windows\System32\wininet.dll - ok
00:58:28.0804 4412 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
00:58:28.0804 4412 C:\Windows\System32\ole32.dll - ok
00:58:28.0804 4412 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
00:58:28.0804 4412 C:\Windows\System32\shlwapi.dll - ok
00:58:28.0804 4412 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
00:58:28.0804 4412 C:\Windows\System32\devobj.dll - ok
00:58:28.0804 4412 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
00:58:28.0804 4412 C:\Windows\System32\KernelBase.dll - ok
00:58:28.0820 4412 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
00:58:28.0820 4412 C:\Windows\System32\crypt32.dll - ok
00:58:28.0820 4412 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
00:58:28.0820 4412 C:\Windows\System32\wintrust.dll - ok
00:58:28.0820 4412 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
00:58:28.0820 4412 C:\Windows\System32\cfgmgr32.dll - ok
00:58:28.0820 4412 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
00:58:28.0820 4412 C:\Windows\System32\comctl32.dll - ok
00:58:28.0820 4412 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
00:58:28.0820 4412 C:\Windows\System32\msasn1.dll - ok
00:58:28.0835 4412 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
00:58:28.0835 4412 C:\Windows\SysWOW64\normaliz.dll - ok
00:58:28.0835 4412 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
00:58:28.0835 4412 C:\Windows\System32\drivers\drmk.sys - ok
00:58:28.0835 4412 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
00:58:28.0835 4412 C:\Windows\System32\drivers\portcls.sys - ok
00:58:28.0835 4412 [ D492D3B5A8DDDE1D6621A8C53855EABF ] C:\Windows\System32\drivers\RTKVHD64.sys
00:58:28.0835 4412 C:\Windows\System32\drivers\RTKVHD64.sys - ok
00:58:28.0851 4412 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
00:58:28.0851 4412 C:\Windows\System32\drivers\IntcDAud.sys - ok
00:58:28.0851 4412 [ 19AD7990C0B67E48DAC5B26F99628223 ] C:\Windows\System32\drivers\usbccgp.sys
00:58:28.0851 4412 C:\Windows\System32\drivers\usbccgp.sys - ok
00:58:28.0851 4412 [ 001CC10FA5E71AE1119115E126C8750D ] C:\Windows\System32\drivers\stream.sys
00:58:28.0851 4412 C:\Windows\System32\drivers\stream.sys - ok
00:58:28.0851 4412 [ 1CDADE078F46F10919F21E08E22D227D ] C:\Windows\System32\drivers\sncduvc.sys
00:58:28.0851 4412 C:\Windows\System32\drivers\sncduvc.sys - ok
00:58:28.0851 4412 [ 9CD1C53490EB5601870A69A8E40F7B12 ] C:\Windows\System32\drivers\snp2uvc.sys
00:58:28.0851 4412 C:\Windows\System32\drivers\snp2uvc.sys - ok
00:58:28.0867 4412 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
00:58:28.0867 4412 C:\Windows\System32\drivers\dxapi.sys - ok
00:58:28.0867 4412 [ 523B9B64F2B6C630A2E0A87116C05F12 ] C:\Windows\System32\win32k.sys
00:58:28.0867 4412 C:\Windows\System32\win32k.sys - ok
00:58:28.0867 4412 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
00:58:28.0867 4412 C:\Windows\System32\csrsrv.dll - ok
00:58:28.0867 4412 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
00:58:28.0867 4412 C:\Windows\System32\csrss.exe - ok
00:58:28.0867 4412 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
00:58:28.0867 4412 C:\Windows\System32\drivers\USBAUDIO.sys - ok
00:58:28.0882 4412 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
00:58:28.0882 4412 C:\Windows\System32\basesrv.dll - ok
00:58:28.0882 4412 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\System32\winsrv.dll
00:58:28.0882 4412 C:\Windows\System32\winsrv.dll - ok
00:58:28.0882 4412 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
00:58:28.0882 4412 C:\Windows\System32\drivers\hidparse.sys - ok
00:58:28.0882 4412 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
00:58:28.0882 4412 C:\Windows\System32\drivers\hidclass.sys - ok
00:58:28.0882 4412 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
00:58:28.0882 4412 C:\Windows\System32\drivers\hidusb.sys - ok
00:58:28.0898 4412 [ DE9E40BAEE2E48FD1E3EB423074C014C ] C:\Windows\System32\drivers\iBtFltCoex.sys
00:58:28.0898 4412 C:\Windows\System32\drivers\iBtFltCoex.sys - ok
00:58:28.0898 4412 [ 0010A54571F525A97EED8C091E96EAA9 ] C:\Windows\System32\drivers\btmhsf.sys
00:58:28.0898 4412 C:\Windows\System32\drivers\btmhsf.sys - ok
00:58:28.0898 4412 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
00:58:28.0898 4412 C:\Windows\System32\drivers\bthport.sys - ok
00:58:28.0898 4412 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
00:58:28.0898 4412 C:\Windows\System32\drivers\BTHUSB.SYS - ok
00:58:28.0913 4412 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
00:58:28.0913 4412 C:\Windows\System32\drivers\monitor.sys - ok
00:58:28.0913 4412 [ 22D6B47D004A6568C500680BE2972854 ] C:\Windows\System32\drivers\RtsUStor.sys
00:58:28.0913 4412 C:\Windows\System32\drivers\RtsUStor.sys - ok
To be contd..
anton_ego
2013-05-31, 19:25
Contd from above..
00:58:28.0913 4412 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
00:58:28.0913 4412 C:\Windows\System32\sxssrv.dll - ok
00:58:28.0913 4412 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
00:58:28.0913 4412 C:\Windows\System32\tsddd.dll - ok
00:58:28.0913 4412 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
00:58:28.0913 4412 C:\Windows\System32\wininit.exe - ok
00:58:28.0929 4412 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
00:58:28.0929 4412 C:\Windows\System32\drivers\rfcomm.sys - ok
00:58:28.0929 4412 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
00:58:28.0929 4412 C:\Windows\System32\profapi.dll - ok
00:58:28.0929 4412 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
00:58:28.0929 4412 C:\Windows\System32\cdd.dll - ok
00:58:28.0929 4412 [ 90B4FDF61459637D9D46C9F91DBCA1D3 ] C:\Windows\System32\nvinitx.dll
00:58:28.0929 4412 C:\Windows\System32\nvinitx.dll - ok
00:58:28.0929 4412 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
00:58:28.0929 4412 C:\Windows\System32\drivers\bthenum.sys - ok
00:58:28.0945 4412 [ EED44628940EF70EF854FDA315D913B7 ] C:\Windows\System32\KBDFI.DLL
00:58:28.0945 4412 C:\Windows\System32\KBDFI.DLL - ok
00:58:28.0945 4412 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
00:58:28.0945 4412 C:\Windows\System32\RpcRtRemote.dll - ok
00:58:28.0945 4412 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
00:58:28.0945 4412 C:\Windows\System32\drivers\bthpan.sys - ok
00:58:28.0945 4412 [ 5A96AFD05FBEC196D9FC531D8238F2FD ] C:\Windows\System32\KBDFI1.DLL
00:58:28.0945 4412 C:\Windows\System32\KBDFI1.DLL - ok
00:58:28.0945 4412 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
00:58:28.0945 4412 C:\Windows\System32\KBDUS.DLL - ok
00:58:28.0960 4412 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
00:58:28.0960 4412 C:\Windows\System32\sxs.dll - ok
00:58:28.0960 4412 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
00:58:28.0960 4412 C:\Windows\System32\WlS0WndH.dll - ok
00:58:28.0960 4412 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
00:58:28.0960 4412 C:\Windows\System32\cryptbase.dll - ok
00:58:28.0960 4412 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] C:\Windows\System32\drivers\bthmodem.sys
00:58:28.0960 4412 C:\Windows\System32\drivers\bthmodem.sys - ok
00:58:28.0960 4412 [ 270FBA230E78E25726D065A924589A72 ] C:\Windows\System32\drivers\btmaux.sys
00:58:28.0960 4412 C:\Windows\System32\drivers\btmaux.sys - ok
00:58:28.0976 4412 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
00:58:28.0976 4412 C:\Windows\System32\apphelp.dll - ok
00:58:28.0976 4412 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
00:58:28.0976 4412 C:\Windows\System32\services.exe - ok
00:58:28.0976 4412 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
00:58:28.0976 4412 C:\Windows\System32\lsasrv.dll - ok
00:58:28.0976 4412 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
00:58:28.0976 4412 C:\Windows\System32\lsass.exe - ok
00:58:28.0991 4412 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
00:58:28.0991 4412 C:\Windows\System32\lsm.exe - ok
00:58:28.0991 4412 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
00:58:28.0991 4412 C:\Windows\System32\sspicli.dll - ok
00:58:28.0991 4412 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
00:58:28.0991 4412 C:\Windows\System32\sspisrv.dll - ok
00:58:28.0991 4412 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
00:58:28.0991 4412 C:\Windows\System32\sysntfy.dll - ok
00:58:28.0991 4412 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
00:58:28.0991 4412 C:\Windows\System32\wmsgapi.dll - ok
00:58:29.0007 4412 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
00:58:29.0007 4412 C:\Windows\System32\samsrv.dll - ok
00:58:29.0007 4412 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
00:58:29.0007 4412 C:\Windows\System32\scesrv.dll - ok
00:58:29.0007 4412 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
00:58:29.0007 4412 C:\Windows\System32\scext.dll - ok
00:58:29.0007 4412 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
00:58:29.0007 4412 C:\Windows\System32\secur32.dll - ok
00:58:29.0007 4412 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
00:58:29.0007 4412 C:\Windows\System32\srvcli.dll - ok
00:58:29.0023 4412 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
00:58:29.0023 4412 C:\Windows\System32\cryptdll.dll - ok
00:58:29.0023 4412 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
00:58:29.0023 4412 C:\Windows\System32\wevtapi.dll - ok
00:58:29.0023 4412 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
00:58:29.0023 4412 C:\Windows\System32\authz.dll - ok
00:58:29.0023 4412 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
00:58:29.0023 4412 C:\Windows\System32\cngaudit.dll - ok
00:58:29.0023 4412 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
00:58:29.0023 4412 C:\Windows\System32\winlogon.exe - ok
00:58:29.0038 4412 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
00:58:29.0038 4412 C:\Windows\System32\ncrypt.dll - ok
00:58:29.0038 4412 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
00:58:29.0038 4412 C:\Windows\System32\winsta.dll - ok
00:58:29.0038 4412 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
00:58:29.0038 4412 C:\Windows\System32\bcrypt.dll - ok
00:58:29.0038 4412 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
00:58:29.0038 4412 C:\Windows\System32\msprivs.dll - ok
00:58:29.0054 4412 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
00:58:29.0054 4412 C:\Windows\System32\netjoin.dll - ok
00:58:29.0054 4412 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
00:58:29.0054 4412 C:\Windows\System32\kerberos.dll - ok
00:58:29.0054 4412 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
00:58:29.0054 4412 C:\Windows\System32\negoexts.dll - ok
00:58:29.0054 4412 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
00:58:29.0054 4412 C:\Windows\System32\atmfd.dll - ok
00:58:29.0054 4412 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
00:58:29.0054 4412 C:\Windows\System32\cryptsp.dll - ok
00:58:29.0069 4412 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
00:58:29.0069 4412 C:\Windows\System32\version.dll - ok
00:58:29.0069 4412 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
00:58:29.0069 4412 C:\Windows\System32\mswsock.dll - ok
00:58:29.0069 4412 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
00:58:29.0069 4412 C:\Windows\System32\msv1_0.dll - ok
00:58:29.0069 4412 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
00:58:29.0069 4412 C:\Windows\System32\wship6.dll - ok
00:58:29.0085 4412 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
00:58:29.0085 4412 C:\Windows\System32\netlogon.dll - ok
00:58:29.0085 4412 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
00:58:29.0085 4412 C:\Windows\System32\dnsapi.dll - ok
00:58:29.0085 4412 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
00:58:29.0085 4412 C:\Windows\System32\logoncli.dll - ok
00:58:29.0085 4412 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
00:58:29.0085 4412 C:\Windows\System32\schannel.dll - ok
00:58:29.0085 4412 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
00:58:29.0085 4412 C:\Windows\System32\wdigest.dll - ok
00:58:29.0101 4412 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
00:58:29.0101 4412 C:\Windows\System32\rsaenh.dll - ok
00:58:29.0101 4412 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
00:58:29.0101 4412 C:\Windows\System32\TSpkg.dll - ok
00:58:29.0101 4412 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
00:58:29.0101 4412 C:\Windows\System32\pku2u.dll - ok
00:58:29.0101 4412 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
00:58:29.0101 4412 C:\Windows\System32\bcryptprimitives.dll - ok
00:58:29.0101 4412 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
00:58:29.0101 4412 C:\Windows\System32\LIVESSP.DLL - ok
00:58:29.0116 4412 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
00:58:29.0116 4412 C:\Windows\System32\efslsaext.dll - ok
00:58:29.0116 4412 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
00:58:29.0116 4412 C:\Windows\System32\credssp.dll - ok
00:58:29.0116 4412 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
00:58:29.0116 4412 C:\Windows\System32\scecli.dll - ok
00:58:29.0116 4412 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
00:58:29.0116 4412 C:\Windows\System32\ubpm.dll - ok
00:58:29.0116 4412 [ 6F68F63794097E54F36474ED4384B759 ] C:\Windows\System32\svchost.exe
00:58:29.0132 4412 C:\Windows\System32\svchost.exe - ok
00:58:29.0132 4412 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
00:58:29.0132 4412 C:\Windows\System32\umpnpmgr.dll - ok
00:58:29.0132 4412 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
00:58:29.0132 4412 C:\Windows\System32\devrtl.dll - ok
00:58:29.0132 4412 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
00:58:29.0132 4412 C:\Windows\System32\SPInf.dll - ok
00:58:29.0132 4412 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
00:58:29.0132 4412 C:\Windows\System32\userenv.dll - ok
00:58:29.0147 4412 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
00:58:29.0147 4412 C:\Windows\System32\gpapi.dll - ok
00:58:29.0147 4412 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
00:58:29.0147 4412 C:\Windows\System32\pcwum.dll - ok
00:58:29.0147 4412 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\Windows\System32\umpo.dll
00:58:29.0147 4412 C:\Windows\System32\umpo.dll - ok
00:58:29.0147 4412 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
00:58:29.0147 4412 C:\Windows\System32\powrprof.dll - ok
00:58:29.0147 4412 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
00:58:29.0147 4412 C:\Windows\System32\drivers\luafv.sys - ok
00:58:29.0163 4412 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] C:\Windows\System32\nvvsvc.exe
00:58:29.0163 4412 C:\Windows\System32\nvvsvc.exe - ok
00:58:29.0163 4412 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
00:58:29.0163 4412 C:\Windows\System32\wtsapi32.dll - ok
00:58:29.0163 4412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
00:58:29.0163 4412 C:\Windows\System32\rpcss.dll - ok
00:58:29.0163 4412 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
00:58:29.0163 4412 C:\Windows\System32\RpcEpMap.dll - ok
00:58:29.0163 4412 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
00:58:29.0163 4412 C:\Windows\System32\wshqos.dll - ok
00:58:29.0179 4412 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
00:58:29.0179 4412 C:\Windows\System32\WSHTCPIP.DLL - ok
00:58:29.0179 4412 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
00:58:29.0179 4412 C:\Windows\System32\FirewallAPI.dll - ok
00:58:29.0179 4412 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
00:58:29.0179 4412 C:\Windows\System32\LogonUI.exe - ok
00:58:29.0179 4412 [ 809E9B9045064D94A71C1F75C9C795E6 ] C:\Windows\System32\authuitu.dll
00:58:29.0179 4412 C:\Windows\System32\authuitu.dll - ok
00:58:29.0179 4412 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
00:58:29.0179 4412 C:\Windows\System32\wevtsvc.dll - ok
00:58:29.0194 4412 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
00:58:29.0194 4412 C:\Windows\System32\dbghelp.dll - ok
00:58:29.0194 4412 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
00:58:29.0194 4412 C:\Windows\System32\authui.dll - ok
00:58:29.0194 4412 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
00:58:29.0194 4412 C:\Windows\System32\audiosrv.dll - ok
00:58:29.0194 4412 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
00:58:29.0194 4412 C:\Windows\System32\adtschema.dll - ok
00:58:29.0194 4412 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
00:58:29.0194 4412 C:\Windows\System32\avrt.dll - ok
00:58:29.0210 4412 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
00:58:29.0210 4412 C:\Windows\System32\mmcss.dll - ok
00:58:29.0210 4412 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
00:58:29.0210 4412 C:\Windows\System32\MMDevAPI.dll - ok
00:58:29.0210 4412 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
00:58:29.0210 4412 C:\Windows\System32\profsvc.dll - ok
00:58:29.0210 4412 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
00:58:29.0210 4412 C:\Windows\System32\propsys.dll - ok
00:58:29.0210 4412 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
00:58:29.0210 4412 C:\Windows\System32\cryptui.dll - ok
00:58:29.0225 4412 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
00:58:29.0225 4412 C:\Windows\System32\wlansvc.dll - ok
00:58:29.0225 4412 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
00:58:29.0225 4412 C:\Windows\System32\drivers\fltMgr.sys - ok
00:58:29.0225 4412 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
00:58:29.0225 4412 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
00:58:29.0225 4412 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
00:58:29.0225 4412 C:\Windows\System32\netprofm.dll - ok
00:58:29.0241 4412 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
00:58:29.0241 4412 C:\Windows\System32\PSHED.DLL - ok
00:58:29.0241 4412 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
00:58:29.0241 4412 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
00:58:29.0241 4412 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
00:58:29.0241 4412 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
00:58:29.0241 4412 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
00:58:29.0241 4412 C:\Windows\System32\samlib.dll - ok
00:58:29.0241 4412 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
00:58:29.0241 4412 C:\Windows\System32\shacct.dll - ok
00:58:29.0257 4412 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
00:58:29.0257 4412 C:\Windows\System32\audiodg.exe - ok
00:58:29.0257 4412 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
00:58:29.0257 4412 C:\Windows\System32\uxtheme.dll - ok
00:58:29.0257 4412 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
00:58:29.0257 4412 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
00:58:29.0257 4412 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
00:58:29.0257 4412 C:\Windows\System32\ntmarta.dll - ok
00:58:29.0257 4412 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
00:58:29.0257 4412 C:\Windows\System32\cscsvc.dll - ok
00:58:29.0272 4412 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
00:58:29.0272 4412 C:\Windows\System32\gpsvc.dll - ok
00:58:29.0272 4412 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
00:58:29.0272 4412 C:\Windows\System32\PeerDist.dll - ok
00:58:29.0272 4412 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
00:58:29.0272 4412 C:\Windows\System32\nlaapi.dll - ok
00:58:29.0272 4412 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
00:58:29.0272 4412 C:\Windows\System32\themeservice.dll - ok
00:58:29.0272 4412 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
00:58:29.0272 4412 C:\Windows\System32\atl.dll - ok
00:58:29.0288 4412 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
00:58:29.0288 4412 C:\Windows\System32\taskschd.dll - ok
00:58:29.0288 4412 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
00:58:29.0288 4412 C:\Windows\System32\dsrole.dll - ok
00:58:29.0288 4412 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
00:58:29.0288 4412 C:\Windows\System32\slc.dll - ok
00:58:29.0288 4412 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
00:58:29.0288 4412 C:\Windows\System32\es.dll - ok
00:58:29.0288 4412 [ 6F10C7FF1F1E3F45D7E20DD6E398682E ] C:\Windows\System32\uxtuneup.dll
00:58:29.0288 4412 C:\Windows\System32\uxtuneup.dll - ok
00:58:29.0303 4412 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
00:58:29.0303 4412 C:\Windows\System32\comres.dll - ok
00:58:29.0303 4412 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
00:58:29.0303 4412 C:\Windows\System32\dui70.dll - ok
00:58:29.0303 4412 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
00:58:29.0303 4412 C:\Windows\System32\Sens.dll - ok
00:58:29.0303 4412 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
00:58:29.0303 4412 C:\Windows\System32\mstask.dll - ok
00:58:29.0303 4412 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
00:58:29.0303 4412 C:\Windows\System32\duser.dll - ok
00:58:29.0319 4412 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
00:58:29.0319 4412 C:\Windows\System32\winmm.dll - ok
00:58:29.0319 4412 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
00:58:29.0319 4412 C:\Windows\System32\uxsms.dll - ok
00:58:29.0319 4412 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
00:58:29.0319 4412 C:\Windows\System32\drivers\lltdio.sys - ok
00:58:29.0319 4412 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
00:58:29.0319 4412 C:\Windows\System32\drivers\ndisuio.sys - ok
00:58:29.0335 4412 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
00:58:29.0335 4412 C:\Windows\System32\drivers\nwifi.sys - ok
00:58:29.0335 4412 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
00:58:29.0335 4412 C:\Windows\System32\drivers\rspndr.sys - ok
00:58:29.0335 4412 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
00:58:29.0335 4412 C:\Windows\System32\SndVolSSO.dll - ok
00:58:29.0335 4412 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
00:58:29.0335 4412 C:\Windows\System32\hid.dll - ok
00:58:29.0335 4412 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
00:58:29.0335 4412 C:\Windows\System32\ksuser.dll - ok
00:58:29.0350 4412 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
00:58:29.0350 4412 C:\Windows\System32\wdmaud.drv - ok
00:58:29.0350 4412 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
00:58:29.0350 4412 C:\Windows\System32\IPHLPAPI.DLL - ok
00:58:29.0350 4412 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
00:58:29.0350 4412 C:\Windows\System32\lmhsvc.dll - ok
00:58:29.0350 4412 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
00:58:29.0350 4412 C:\Windows\System32\nsisvc.dll - ok
00:58:29.0350 4412 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
00:58:29.0350 4412 C:\Windows\System32\dhcpcore.dll - ok
00:58:29.0366 4412 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
00:58:29.0366 4412 C:\Windows\System32\nrpsrv.dll - ok
00:58:29.0366 4412 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
00:58:29.0366 4412 C:\Windows\System32\winnsi.dll - ok
00:58:29.0366 4412 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
00:58:29.0366 4412 C:\Windows\System32\dhcpcore6.dll - ok
00:58:29.0366 4412 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
00:58:29.0366 4412 C:\Windows\System32\dnsrslvr.dll - ok
00:58:29.0366 4412 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
00:58:29.0366 4412 C:\Windows\System32\dwmapi.dll - ok
00:58:29.0381 4412 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
00:58:29.0381 4412 C:\Windows\System32\eapphost.dll - ok
00:58:29.0381 4412 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
00:58:29.0381 4412 C:\Windows\System32\eapsvc.dll - ok
00:58:29.0381 4412 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
00:58:29.0381 4412 C:\Windows\System32\keyiso.dll - ok
00:58:29.0381 4412 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
00:58:29.0381 4412 C:\Windows\System32\FWPUCLNT.DLL - ok
00:58:29.0381 4412 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
00:58:29.0381 4412 C:\Windows\System32\umb.dll - ok
00:58:29.0397 4412 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
00:58:29.0397 4412 C:\Windows\System32\wlanmsm.dll - ok
00:58:29.0397 4412 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
00:58:29.0397 4412 C:\Windows\System32\wlansec.dll - ok
00:58:29.0397 4412 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
00:58:29.0397 4412 C:\Windows\System32\xmllite.dll - ok
00:58:29.0397 4412 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
00:58:29.0397 4412 C:\Windows\System32\AudioSes.dll - ok
00:58:29.0397 4412 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
00:58:29.0397 4412 C:\Windows\System32\dhcpcsvc.dll - ok
00:58:29.0413 4412 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
00:58:29.0413 4412 C:\Windows\System32\dnsext.dll - ok
00:58:29.0413 4412 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
00:58:29.0413 4412 C:\Windows\System32\onex.dll - ok
00:58:29.0413 4412 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
00:58:29.0413 4412 C:\Windows\System32\eappprxy.dll - ok
00:58:29.0413 4412 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
00:58:29.0413 4412 C:\Windows\System32\dhcpcsvc6.dll - ok
00:58:29.0413 4412 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
00:58:29.0413 4412 C:\Windows\System32\eappcfg.dll - ok
00:58:29.0428 4412 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
00:58:29.0428 4412 C:\Windows\System32\l2gpstore.dll - ok
00:58:29.0428 4412 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
00:58:29.0428 4412 C:\Windows\System32\msacm32.dll - ok
00:58:29.0428 4412 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
00:58:29.0428 4412 C:\Windows\System32\msacm32.drv - ok
00:58:29.0428 4412 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
00:58:29.0428 4412 C:\Windows\System32\WinSCard.dll - ok
00:58:29.0428 4412 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
00:58:29.0428 4412 C:\Windows\System32\wlanutil.dll - ok
00:58:29.0444 4412 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
00:58:29.0444 4412 C:\Windows\System32\wlgpclnt.dll - ok
00:58:29.0444 4412 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
00:58:29.0444 4412 C:\Windows\System32\msxml6.dll - ok
00:58:29.0444 4412 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
00:58:29.0444 4412 C:\Windows\System32\WindowsCodecs.dll - ok
00:58:29.0444 4412 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
00:58:29.0444 4412 C:\Windows\System32\midimap.dll - ok
00:58:29.0459 4412 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
00:58:29.0459 4412 C:\Windows\System32\AudioEng.dll - ok
00:58:29.0459 4412 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
00:58:29.0459 4412 C:\Windows\System32\AUDIOKSE.dll - ok
00:58:29.0459 4412 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
00:58:29.0459 4412 C:\Windows\System32\shsvcs.dll - ok
00:58:29.0459 4412 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
00:58:29.0459 4412 C:\Windows\System32\wlanext.exe - ok
00:58:29.0459 4412 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
00:58:29.0459 4412 C:\Windows\System32\WMALFXGFXDSP.dll - ok
00:58:29.0475 4412 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
00:58:29.0475 4412 C:\Windows\System32\winbrand.dll - ok
00:58:29.0475 4412 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
00:58:29.0475 4412 C:\Windows\System32\conhost.exe - ok
00:58:29.0475 4412 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
00:58:29.0475 4412 C:\Windows\System32\VaultCredProvider.dll - ok
00:58:29.0475 4412 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
00:58:29.0475 4412 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
00:58:29.0491 4412 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
00:58:29.0491 4412 C:\Windows\System32\BioCredProv.dll - ok
00:58:29.0491 4412 [ F7A444D7EE44DB8961C54F625B3A713B ] C:\Windows\System32\iwmssvc.dll
00:58:29.0491 4412 C:\Windows\System32\iwmssvc.dll - ok
00:58:29.0491 4412 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
00:58:29.0491 4412 C:\Windows\System32\winbio.dll - ok
00:58:29.0491 4412 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
00:58:29.0491 4412 C:\Windows\System32\credui.dll - ok
00:58:29.0491 4412 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
00:58:29.0491 4412 C:\Windows\System32\netapi32.dll - ok
00:58:29.0506 4412 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
00:58:29.0506 4412 C:\Windows\System32\netutils.dll - ok
00:58:29.0506 4412 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
00:58:29.0506 4412 C:\Windows\System32\vaultcli.dll - ok
00:58:29.0506 4412 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
00:58:29.0506 4412 C:\Windows\System32\wkscli.dll - ok
00:58:29.0506 4412 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
00:58:29.0506 4412 C:\Windows\System32\samcli.dll - ok
00:58:29.0506 4412 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
00:58:29.0506 4412 C:\Windows\System32\certCredProvider.dll - ok
00:58:29.0522 4412 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
00:58:29.0522 4412 C:\Windows\System32\mfplat.dll - ok
00:58:29.0522 4412 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
00:58:29.0522 4412 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
00:58:29.0522 4412 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
00:58:29.0522 4412 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
00:58:29.0522 4412 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
00:58:29.0522 4412 C:\Windows\System32\rasplap.dll - ok
00:58:29.0522 4412 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
00:58:29.0522 4412 C:\Windows\System32\rasapi32.dll - ok
00:58:29.0537 4412 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
00:58:29.0537 4412 C:\Windows\System32\winspool.drv - ok
00:58:29.0537 4412 [ D844B11545F53AA0C10F78763381D9EC ] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
00:58:29.0537 4412 C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll - ok
00:58:29.0537 4412 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
00:58:29.0537 4412 C:\Windows\System32\rasman.dll - ok
00:58:29.0537 4412 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
00:58:29.0537 4412 C:\Windows\System32\wlanapi.dll - ok
00:58:29.0537 4412 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
00:58:29.0537 4412 C:\Windows\System32\rtutils.dll - ok
00:58:29.0553 4412 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
00:58:29.0553 4412 C:\Windows\System32\oleacc.dll - ok
00:58:29.0553 4412 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
00:58:29.0553 4412 C:\Windows\System32\UIAutomationCore.dll - ok
00:58:29.0553 4412 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
00:58:29.0553 4412 C:\Windows\System32\msimg32.dll - ok
00:58:29.0553 4412 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
00:58:29.0553 4412 C:\Windows\System32\wsock32.dll - ok
00:58:29.0553 4412 [ 1104E472C956B0216736CA400D76B4BA ] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
00:58:29.0553 4412 C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll - ok
00:58:29.0569 4412 [ 10D57E1E9CD757C4EB2C05F60EEBE844 ] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
00:58:29.0569 4412 C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll - ok
00:58:29.0569 4412 [ C9C592AE34B7F0A699DEE49BDFFE594F ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll
00:58:29.0569 4412 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll - ok
00:58:29.0569 4412 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
00:58:29.0569 4412 C:\Windows\System32\schedsvc.dll - ok
00:58:29.0569 4412 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
00:58:29.0569 4412 C:\Windows\System32\ktmw32.dll - ok
00:58:29.0569 4412 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
00:58:29.0569 4412 C:\Windows\System32\UXInit.dll - ok
00:58:29.0584 4412 [ DF3E3167B03804F32AD274C33F77B308 ] C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
00:58:29.0584 4412 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe - ok
00:58:29.0584 4412 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
00:58:29.0584 4412 C:\Windows\System32\fveapi.dll - ok
00:58:29.0584 4412 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
00:58:29.0584 4412 C:\Windows\System32\fvecerts.dll - ok
00:58:29.0584 4412 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
00:58:29.0584 4412 C:\Windows\System32\tbs.dll - ok
00:58:29.0600 4412 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
00:58:29.0600 4412 C:\Windows\System32\taskcomp.dll - ok
00:58:29.0600 4412 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
00:58:29.0600 4412 C:\Windows\System32\wiarpc.dll - ok
00:58:29.0600 4412 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
00:58:29.0600 4412 C:\Windows\System32\drivers\http.sys - ok
00:58:29.0600 4412 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
00:58:29.0600 4412 C:\Windows\System32\spoolsv.exe - ok
00:58:29.0600 4412 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
00:58:29.0600 4412 C:\Windows\System32\imageres.dll - ok
00:58:29.0615 4412 [ 4CE5C4F80620D6DBBB054003EAD71F95 ] C:\Windows\System32\nvsvc64.dll
00:58:29.0615 4412 C:\Windows\System32\nvsvc64.dll - ok
00:58:29.0615 4412 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
00:58:29.0615 4412 C:\Windows\System32\mscms.dll - ok
00:58:29.0615 4412 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
00:58:29.0615 4412 C:\Windows\System32\drivers\srvnet.sys - ok
00:58:29.0615 4412 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
00:58:29.0615 4412 C:\Windows\System32\drivers\bowser.sys - ok
00:58:29.0615 4412 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
00:58:29.0615 4412 C:\Windows\System32\drivers\mrxsmb.sys - ok
00:58:29.0631 4412 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
00:58:29.0631 4412 C:\Windows\System32\drivers\mrxsmb10.sys - ok
00:58:29.0631 4412 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
00:58:29.0631 4412 C:\Windows\System32\drivers\mrxsmb20.sys - ok
00:58:29.0631 4412 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
00:58:29.0631 4412 C:\Windows\System32\drivers\srv2.sys - ok
00:58:29.0631 4412 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
00:58:29.0631 4412 C:\Windows\System32\wkssvc.dll - ok
00:58:29.0631 4412 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
00:58:29.0631 4412 C:\Windows\System32\drivers\srv.sys - ok
00:58:29.0647 4412 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
00:58:29.0647 4412 C:\Windows\System32\browser.dll - ok
00:58:29.0647 4412 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
00:58:29.0647 4412 C:\Windows\System32\srvsvc.dll - ok
00:58:29.0647 4412 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
00:58:29.0647 4412 C:\Windows\System32\clusapi.dll - ok
00:58:29.0647 4412 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
00:58:29.0647 4412 C:\Windows\System32\netmsg.dll - ok
00:58:29.0662 4412 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
00:58:29.0662 4412 C:\Windows\System32\sscore.dll - ok
00:58:29.0662 4412 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
00:58:29.0662 4412 C:\Windows\System32\resutils.dll - ok
00:58:29.0662 4412 [ E6E9DC01812ABA16DBAE5EFA4EF63E57 ] C:\Windows\System32\nvapi64.dll
00:58:29.0662 4412 C:\Windows\System32\nvapi64.dll - ok
00:58:29.0662 4412 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
00:58:29.0662 4412 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
00:58:29.0678 4412 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
00:58:29.0678 4412 C:\Windows\System32\rasadhlp.dll - ok
00:58:29.0678 4412 [ 11205381BBBF98F0CA1C672056808B8F ] C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll
00:58:29.0678 4412 C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll - ok
00:58:29.0678 4412 [ 40965B72A0A33DDB8423B85F93E4C136 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
00:58:29.0678 4412 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
00:58:29.0678 4412 [ C946428303FDBD85D6F17C9F104938D7 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
00:58:29.0678 4412 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
00:58:29.0693 4412 [ 47B8B745BFE0A0CB70120C8D08E2492F ] C:\Windows\System32\nvumdshimx.dll
00:58:29.0693 4412 C:\Windows\System32\nvumdshimx.dll - ok
00:58:29.0693 4412 [ C765A8406048E3094501ED8F17BFA4D6 ] C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll
00:58:29.0693 4412 C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll - ok
00:58:29.0693 4412 [ 3B3DE5C189F896A7961A12BA74851BCB ] C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll
00:58:29.0693 4412 C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll - ok
00:58:29.0693 4412 [ D7CA52F89A7F4520610FF3682F0E42EE ] C:\Windows\System32\nvsvcr.dll
00:58:29.0693 4412 C:\Windows\System32\nvsvcr.dll - ok
00:58:29.0709 4412 [ BC2A18841494B3756894627FF279C65E ] C:\Windows\System32\nvcpl.dll
00:58:29.0709 4412 C:\Windows\System32\nvcpl.dll - ok
00:58:29.0709 4412 [ 9CA6B9618B583E76DA2577BAA32A9D39 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll
00:58:29.0709 4412 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll - ok
00:58:29.0709 4412 [ B33CF4DE909A5B30F526D82053A63C8E ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
00:58:29.0709 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe - ok
00:58:29.0709 4412 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
00:58:29.0709 4412 C:\Windows\SysWOW64\ntdll.dll - ok
00:58:29.0725 4412 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
00:58:29.0725 4412 C:\Windows\System32\wow64.dll - ok
00:58:29.0725 4412 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
00:58:29.0725 4412 C:\Windows\System32\wow64win.dll - ok
00:58:29.0725 4412 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
00:58:29.0725 4412 C:\Windows\System32\wow64cpu.dll - ok
00:58:29.0725 4412 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
00:58:29.0725 4412 C:\Windows\SysWOW64\kernel32.dll - ok
00:58:29.0725 4412 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
00:58:29.0725 4412 C:\Windows\SysWOW64\KernelBase.dll - ok
00:58:29.0740 4412 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
00:58:29.0740 4412 C:\Windows\SysWOW64\user32.dll - ok
00:58:29.0740 4412 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
00:58:29.0740 4412 C:\Windows\SysWOW64\gdi32.dll - ok
00:58:29.0740 4412 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
00:58:29.0740 4412 C:\Windows\SysWOW64\lpk.dll - ok
00:58:29.0740 4412 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
00:58:29.0740 4412 C:\Windows\SysWOW64\usp10.dll - ok
00:58:29.0740 4412 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
00:58:29.0740 4412 C:\Windows\SysWOW64\msvcrt.dll - ok
00:58:29.0756 4412 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
00:58:29.0756 4412 C:\Windows\SysWOW64\advapi32.dll - ok
00:58:29.0756 4412 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
00:58:29.0756 4412 C:\Windows\SysWOW64\rpcrt4.dll - ok
00:58:29.0756 4412 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
00:58:29.0756 4412 C:\Windows\SysWOW64\sechost.dll - ok
00:58:29.0756 4412 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
00:58:29.0756 4412 C:\Windows\SysWOW64\cryptbase.dll - ok
00:58:29.0771 4412 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
00:58:29.0771 4412 C:\Windows\SysWOW64\ole32.dll - ok
00:58:29.0771 4412 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
00:58:29.0771 4412 C:\Windows\SysWOW64\sspicli.dll - ok
00:58:29.0771 4412 [ BE8BD75FD8BE17B95365619D0B34CDBC ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\FineObj.dll
00:58:29.0771 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\FineObj.dll - ok
00:58:29.0771 4412 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
00:58:29.0771 4412 C:\Windows\SysWOW64\oleaut32.dll - ok
00:58:29.0771 4412 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
00:58:29.0771 4412 C:\Windows\SysWOW64\shell32.dll - ok
00:58:29.0787 4412 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\msvcr71.dll
00:58:29.0787 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\msvcr71.dll - ok
00:58:29.0787 4412 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
00:58:29.0787 4412 C:\Windows\SysWOW64\shlwapi.dll - ok
00:58:29.0787 4412 [ 39D3E26AC0C684BCBEA6D2EA99035440 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\FineNet.dll
00:58:29.0787 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\FineNet.dll - ok
00:58:29.0787 4412 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
00:58:29.0787 4412 C:\Windows\SysWOW64\netapi32.dll - ok
00:58:29.0803 4412 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
00:58:29.0803 4412 C:\Windows\SysWOW64\netutils.dll - ok
00:58:29.0803 4412 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
00:58:29.0803 4412 C:\Windows\SysWOW64\samcli.dll - ok
00:58:29.0803 4412 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
00:58:29.0803 4412 C:\Windows\SysWOW64\srvcli.dll - ok
00:58:29.0803 4412 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
00:58:29.0803 4412 C:\Windows\SysWOW64\wininet.dll - ok
00:58:29.0803 4412 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
00:58:29.0803 4412 C:\Windows\SysWOW64\wkscli.dll - ok
00:58:29.0818 4412 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
00:58:29.0818 4412 C:\Windows\SysWOW64\iertutil.dll - ok
00:58:29.0818 4412 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
00:58:29.0818 4412 C:\Windows\SysWOW64\urlmon.dll - ok
00:58:29.0818 4412 [ DB8AA8CCA66DBD641C2B942ED5C15CE5 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\AbbyyZlib.dll
00:58:29.0818 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\AbbyyZlib.dll - ok
00:58:29.0818 4412 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
00:58:29.0818 4412 C:\Windows\SysWOW64\imm32.dll - ok
00:58:29.0834 4412 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
00:58:29.0834 4412 C:\Windows\SysWOW64\msctf.dll - ok
00:58:29.0834 4412 [ C205B0FF13FEBFB34312444DBCECE379 ] C:\Windows\SysWOW64\nvinit.dll
00:58:29.0834 4412 C:\Windows\SysWOW64\nvinit.dll - ok
00:58:29.0834 4412 [ 9702BBC4E6A07B6CC44FB706034D63D5 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll
00:58:29.0834 4412 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll - ok
00:58:29.0834 4412 [ FD50B596A5C2FC595AAE0D5A791B939A ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensingShared.dll
00:58:29.0834 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensingShared.dll - ok
00:58:29.0834 4412 [ 2DE87B444AA507D6DD2BA2FE739B047C ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing0.dll
00:58:29.0834 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing0.dll - ok
00:58:29.0849 4412 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
00:58:29.0849 4412 C:\Windows\SysWOW64\profapi.dll - ok
00:58:29.0849 4412 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
00:58:29.0849 4412 C:\Windows\SysWOW64\shfolder.dll - ok
00:58:29.0849 4412 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
00:58:29.0849 4412 C:\Windows\SysWOW64\version.dll - ok
00:58:29.0849 4412 [ 803260C5EE2EE9289C6D53087EC50017 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing1.dll
00:58:29.0849 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing1.dll - ok
00:58:29.0865 4412 [ BEDE8BC1F0FE794829269C115C1A588E ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing13.dll
00:58:29.0865 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing13.dll - ok
00:58:29.0865 4412 [ AEFD4172AAC818D987D26EDAF4A3B7C5 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing14.dll
00:58:29.0865 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing14.dll - ok
00:58:29.0865 4412 [ 81DA9DF8C65BBB4CA871B5E2728674D5 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing15.dll
00:58:29.0865 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing15.dll - ok
00:58:29.0865 4412 [ 08E688BEE5FEF9214B9BB15CFB36E23A ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing16.dll
00:58:29.0865 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing16.dll - ok
00:58:29.0881 4412 [ F5E2D6E3FF6238893215585A04192AD7 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing17.dll
00:58:29.0881 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing17.dll - ok
00:58:29.0881 4412 [ 9EF03D654D3AE8DA10F2D089B859337E ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing2.dll
00:58:29.0881 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing2.dll - ok
00:58:29.0881 4412 [ D7EE31A22CA2781FC6EBD12C831F6B59 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing23.dll
00:58:29.0881 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing23.dll - ok
00:58:29.0881 4412 [ 74BAF2D00BD902B80D69BE42A61F83DD ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing24.dll
00:58:29.0881 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing24.dll - ok
00:58:29.0896 4412 [ 42E2F8798B445F76671C88C155C1F18D ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing26.dll
00:58:29.0896 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing26.dll - ok
00:58:29.0896 4412 [ 239935CF6E2A2D464AB66E51EB067D66 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing3.dll
00:58:29.0896 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing3.dll - ok
00:58:29.0896 4412 [ 1AA94A15B0CE226341F4D731225D924C ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing5.dll
00:58:29.0896 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing5.dll - ok
00:58:29.0896 4412 [ F85AF7D697A2E3C9E69380C7AABA8F69 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing6.dll
00:58:29.0896 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing6.dll - ok
00:58:29.0896 4412 [ 7E13358593468500BDE154C5C497EC1A ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing63.dll
00:58:29.0896 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing63.dll - ok
00:58:29.0912 4412 [ 80D7A6E0EA9845F8D20E932DAFA4AC60 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing64.dll
00:58:29.0912 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing64.dll - ok
00:58:29.0912 4412 [ 28A3EED9BB0A781677E8F28BA4040FF6 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing65.dll
00:58:29.0912 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing65.dll - ok
00:58:29.0912 4412 [ C70FDA0C297D51B0A42E7AA322856541 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing69.dll
00:58:29.0912 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing69.dll - ok
00:58:29.0912 4412 [ F1B54578D13C99842EC23238284162F9 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing7.dll
00:58:29.0912 4412 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing7.dll - ok
00:58:29.0927 4412 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:58:29.0927 4412 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
00:58:29.0927 4412 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
00:58:29.0927 4412 C:\Windows\SysWOW64\crypt32.dll - ok
00:58:29.0927 4412 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
00:58:29.0927 4412 C:\Windows\SysWOW64\msasn1.dll - ok
00:58:29.0927 4412 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
00:58:29.0927 4412 C:\Windows\SysWOW64\wintrust.dll - ok
00:58:29.0943 4412 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
00:58:29.0943 4412 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
00:58:29.0943 4412 [ 7E077309910CE334C3B2B7B8665A55C4 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
00:58:29.0943 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe - ok
00:58:29.0943 4412 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll
00:58:29.0943 4412 C:\Windows\SysWOW64\activeds.dll - ok
00:58:29.0943 4412 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
00:58:29.0943 4412 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
00:58:29.0943 4412 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
00:58:29.0943 4412 C:\Windows\SysWOW64\adsldpc.dll - ok
00:58:29.0959 4412 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
00:58:29.0959 4412 C:\Windows\SysWOW64\Wldap32.dll - ok
00:58:29.0959 4412 [ D7764F1B013C70CC5C4F95CC3C26E45F ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffIpHelper.dll
00:58:29.0959 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffIpHelper.dll - ok
00:58:29.0959 4412 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
00:58:29.0959 4412 C:\Windows\SysWOW64\atl.dll - ok
00:58:29.0959 4412 [ 5963633010616B25503EE126F55E8DE4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll
00:58:29.0959 4412 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll - ok
00:58:29.0974 4412 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
00:58:29.0974 4412 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
00:58:29.0974 4412 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
00:58:29.0974 4412 C:\Windows\SysWOW64\msimg32.dll - ok
00:58:29.0974 4412 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
00:58:29.0974 4412 C:\Windows\SysWOW64\secur32.dll - ok
00:58:29.0974 4412 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
00:58:29.0974 4412 C:\Windows\SysWOW64\ws2_32.dll - ok
00:58:29.0974 4412 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
00:58:29.0974 4412 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
00:58:29.0990 4412 [ 1982452DBA9583A2ED1ED30A7BF19247 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffCrypto.dll
00:58:29.0990 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffCrypto.dll - ok
00:58:29.0990 4412 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
00:58:29.0990 4412 C:\Windows\SysWOW64\nsi.dll - ok
00:58:29.0990 4412 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
00:58:29.0990 4412 C:\Windows\SysWOW64\winspool.drv - ok
00:58:29.0990 4412 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
00:58:29.0990 4412 C:\Windows\SysWOW64\setupapi.dll - ok
00:58:29.0990 4412 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
00:58:29.0990 4412 C:\Windows\SysWOW64\cfgmgr32.dll - ok
00:58:30.0005 4412 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
00:58:30.0005 4412 C:\Windows\SysWOW64\devobj.dll - ok
00:58:30.0005 4412 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
00:58:30.0005 4412 C:\Windows\SysWOW64\dwmapi.dll - ok
00:58:30.0005 4412 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
00:58:30.0005 4412 C:\Windows\SysWOW64\uxtheme.dll - ok
00:58:30.0005 4412 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
00:58:30.0005 4412 C:\Windows\SysWOW64\clbcatq.dll - ok
00:58:30.0005 4412 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
00:58:30.0005 4412 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
00:58:30.0021 4412 [ 55B0C8441DE7D91A819A39D0351154A2 ] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
00:58:30.0021 4412 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe - ok
00:58:30.0021 4412 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
00:58:30.0021 4412 C:\Windows\SysWOW64\bthprops.cpl - ok
00:58:30.0021 4412 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
00:58:30.0021 4412 C:\Windows\SysWOW64\cryptsp.dll - ok
00:58:30.0021 4412 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
00:58:30.0021 4412 C:\Windows\SysWOW64\rsaenh.dll - ok
00:58:30.0037 4412 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
00:58:30.0037 4412 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
00:58:30.0037 4412 [ 73686FE0B2E0469F89FD2075BE724704 ] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
00:58:30.0037 4412 C:\Program Files (x86)\Bonjour\mDNSResponder.exe - ok
00:58:30.0037 4412 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
00:58:30.0037 4412 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
00:58:30.0037 4412 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
00:58:30.0037 4412 C:\Windows\SysWOW64\winnsi.dll - ok
00:58:30.0037 4412 [ 0F9FE82E229C039F0AC1996E44059653 ] C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
00:58:30.0037 4412 C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe - ok
00:58:30.0052 4412 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
00:58:30.0052 4412 C:\Windows\System32\bthserv.dll - ok
00:58:30.0052 4412 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
00:58:30.0052 4412 C:\Windows\System32\cryptnet.dll - ok
00:58:30.0052 4412 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
00:58:30.0052 4412 C:\Windows\System32\cryptsvc.dll - ok
00:58:30.0052 4412 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
00:58:30.0052 4412 C:\Windows\SysWOW64\mswsock.dll - ok
00:58:30.0052 4412 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
00:58:30.0052 4412 C:\Windows\System32\shfolder.dll - ok
00:58:30.0068 4412 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
00:58:30.0068 4412 C:\Windows\System32\vssapi.dll - ok
00:58:30.0068 4412 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
00:58:30.0068 4412 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
00:58:30.0068 4412 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
00:58:30.0068 4412 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
00:58:30.0068 4412 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
00:58:30.0068 4412 C:\Windows\SysWOW64\wship6.dll - ok
00:58:30.0083 4412 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
00:58:30.0083 4412 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
00:58:30.0083 4412 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
00:58:30.0083 4412 C:\Windows\SysWOW64\dnsapi.dll - ok
00:58:30.0083 4412 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
00:58:30.0083 4412 C:\Windows\SysWOW64\userenv.dll - ok
00:58:30.0083 4412 [ 7EE9F35BC1DD0CE1A4976032F9AC5162 ] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:58:30.0083 4412 C:\Program Files\Intel\WiFi\bin\EvtEng.exe - ok
00:58:30.0083 4412 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
00:58:30.0083 4412 C:\Windows\System32\dps.dll - ok
00:58:30.0099 4412 [ 1E854ABA1C20F372B9DBFBA779D20F15 ] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
00:58:30.0099 4412 C:\Program Files\Intel\WiFi\bin\MurocApi.dll - ok
00:58:30.0099 4412 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
00:58:30.0099 4412 C:\Windows\System32\vsstrace.dll - ok
00:58:30.0099 4412 [ 48461DF64F854AD8E53BEE2A051C38A1 ] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
00:58:30.0099 4412 C:\Program Files\Intel\WiFi\bin\IntStngs.dll - ok
00:58:30.0099 4412 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
00:58:30.0099 4412 C:\Windows\System32\FDResPub.dll - ok
00:58:30.0099 4412 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
00:58:30.0099 4412 C:\Windows\System32\ncsi.dll - ok
00:58:30.0115 4412 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
00:58:30.0115 4412 C:\Windows\System32\nlasvc.dll - ok
00:58:30.0115 4412 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
00:58:30.0115 4412 C:\Windows\System32\winhttp.dll - ok
00:58:30.0115 4412 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
00:58:30.0115 4412 C:\Windows\System32\WSDApi.dll - ok
00:58:30.0115 4412 [ B6E56578E167AD7D146F1B316490AC03 ] C:\Windows\SysWOW64\NLSSRV32.EXE
00:58:30.0115 4412 C:\Windows\SysWOW64\NLSSRV32.EXE - ok
00:58:30.0115 4412 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
00:58:30.0115 4412 C:\Windows\System32\webio.dll - ok
00:58:30.0130 4412 [ 1BEE5F8759E49A3E4924C55A33C217E2 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll
00:58:30.0130 4412 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll - ok
00:58:30.0130 4412 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
00:58:30.0130 4412 C:\Windows\System32\pcasvc.dll - ok
00:58:30.0130 4412 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
00:58:30.0130 4412 C:\Windows\SysWOW64\ntmarta.dll - ok
00:58:30.0130 4412 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
00:58:30.0130 4412 C:\Windows\System32\ssdpapi.dll - ok
00:58:30.0146 4412 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
00:58:30.0146 4412 C:\Windows\System32\webservices.dll - ok
00:58:30.0146 4412 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
00:58:30.0146 4412 C:\Windows\System32\aepic.dll - ok
00:58:30.0146 4412 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
00:58:30.0146 4412 C:\Windows\System32\sfc.dll - ok
00:58:30.0146 4412 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
00:58:30.0146 4412 C:\Windows\System32\sfc_os.dll - ok
00:58:30.0146 4412 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
00:58:30.0146 4412 C:\Windows\System32\drivers\PEAuth.sys - ok
00:58:30.0161 4412 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
00:58:30.0161 4412 C:\Windows\System32\fundisc.dll - ok
00:58:30.0161 4412 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
00:58:30.0161 4412 C:\Windows\System32\aeevts.dll - ok
00:58:30.0161 4412 [ 6CE8BB00A615A4F3FA2F36FDB2EF4EFA ] C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
00:58:30.0161 4412 C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe - ok
00:58:30.0161 4412 [ 33197C51C958EC2ED0583183AE074D7C ] C:\Program Files\Fujitsu\Plugfree NETWORK\PFNCOMMON.dll
00:58:30.0161 4412 C:\Program Files\Fujitsu\Plugfree NETWORK\PFNCOMMON.dll - ok
00:58:30.0161 4412 [ 76FF4836EFA78DBF3F39F612D88CA7E7 ] C:\Program Files\Fujitsu\PSUtility\PSUService.exe
00:58:30.0161 4412 C:\Program Files\Fujitsu\PSUtility\PSUService.exe - ok
00:58:30.0177 4412 [ AA9FD849C028CCB441A78061B57DB734 ] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:58:30.0177 4412 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - ok
00:58:30.0177 4412 [ D9AEFD952094069A1174BA40A90BADCC ] C:\Program Files\Fujitsu\PSUtility\PSUWNP.dll
00:58:30.0177 4412 C:\Program Files\Fujitsu\PSUtility\PSUWNP.dll - ok
00:58:30.0177 4412 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
00:58:30.0177 4412 C:\Windows\System32\drivers\secdrv.sys - ok
00:58:30.0177 4412 [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files (x86)\Skype\Updater\Updater.exe
00:58:30.0177 4412 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
00:58:30.0177 4412 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
00:58:30.0177 4412 C:\Windows\SysWOW64\psapi.dll - ok
00:58:30.0193 4412 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
00:58:30.0193 4412 C:\Windows\SysWOW64\wtsapi32.dll - ok
00:58:30.0193 4412 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
00:58:30.0193 4412 C:\Windows\System32\sysmain.dll - ok
00:58:30.0193 4412 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
00:58:30.0193 4412 C:\Windows\System32\wiaservc.dll - ok
To be contd..
anton_ego
2013-05-31, 19:26
Contd from above..
00:58:30.0193 4412 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
00:58:30.0193 4412 C:\Windows\System32\wiatrace.dll - ok
00:58:30.0208 4412 [ 929083F6950E491B1AB78298BC404F41 ] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
00:58:30.0208 4412 C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll - ok
00:58:30.0208 4412 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
00:58:30.0208 4412 C:\Windows\System32\wbemcomn.dll - ok
00:58:30.0208 4412 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
00:58:30.0208 4412 C:\Windows\System32\wbem\wbemprox.dll - ok
00:58:30.0208 4412 [ 80313463C704C102A8B0CC33F926ECCC ] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
00:58:30.0208 4412 C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll - ok
00:58:30.0224 4412 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
00:58:30.0224 4412 C:\Windows\System32\drivers\tcpipreg.sys - ok
00:58:30.0224 4412 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
00:58:30.0224 4412 C:\Windows\System32\netcfgx.dll - ok
00:58:30.0224 4412 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
00:58:30.0224 4412 C:\Windows\System32\trkwks.dll - ok
00:58:30.0224 4412 [ 535A376629A37E03F993D769490E8EED ] C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
00:58:30.0224 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe - ok
00:58:30.0224 4412 [ 9D28D362B7A61663916AF208695EB844 ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
00:58:30.0224 4412 C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
00:58:30.0239 4412 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
00:58:30.0239 4412 C:\Windows\System32\rastls.dll - ok
00:58:30.0239 4412 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
00:58:30.0239 4412 C:\Windows\System32\raschap.dll - ok
00:58:30.0239 4412 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
00:58:30.0239 4412 C:\Windows\System32\drivers\vwifimp.sys - ok
00:58:30.0239 4412 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
00:58:30.0239 4412 C:\Windows\System32\msi.dll - ok
00:58:30.0255 4412 [ 7D110D645030C05A06C3CD08D1E47D0A ] C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
00:58:30.0255 4412 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe - ok
00:58:30.0255 4412 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:58:30.0255 4412 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
00:58:30.0255 4412 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
00:58:30.0255 4412 C:\Windows\System32\wbem\WMIsvc.dll - ok
00:58:30.0255 4412 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
00:58:30.0255 4412 C:\Windows\System32\wbem\WinMgmtR.dll - ok
00:58:30.0255 4412 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
00:58:30.0255 4412 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
00:58:30.0271 4412 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
00:58:30.0271 4412 C:\Windows\System32\wbem\wbemcore.dll - ok
00:58:30.0271 4412 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
00:58:30.0271 4412 C:\Windows\System32\wbem\fastprox.dll - ok
00:58:30.0271 4412 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
00:58:30.0271 4412 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
00:58:30.0271 4412 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
00:58:30.0271 4412 C:\Windows\System32\ntdsapi.dll - ok
00:58:30.0286 4412 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
00:58:30.0286 4412 C:\Windows\System32\SensApi.dll - ok
00:58:30.0286 4412 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
00:58:30.0286 4412 C:\Windows\System32\wer.dll - ok
00:58:30.0286 4412 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
00:58:30.0286 4412 C:\Windows\System32\wbem\esscli.dll - ok
00:58:30.0286 4412 [ 8BF4B9956E13871A88A3810074E2E110 ] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
00:58:30.0286 4412 C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe - ok
00:58:30.0286 4412 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
00:58:30.0286 4412 C:\Windows\System32\wbem\wbemsvc.dll - ok
00:58:30.0302 4412 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
00:58:30.0302 4412 C:\Windows\System32\wbem\wmiutils.dll - ok
00:58:30.0302 4412 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
00:58:30.0302 4412 C:\Windows\System32\wbem\repdrvfs.dll - ok
00:58:30.0302 4412 [ DC1BBA01FFB5745B8862931E7DE7304A ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
00:58:30.0302 4412 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
00:58:30.0302 4412 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
00:58:30.0302 4412 C:\Windows\System32\msxml3.dll - ok
00:58:30.0302 4412 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
00:58:30.0302 4412 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
00:58:30.0317 4412 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
00:58:30.0317 4412 C:\Windows\System32\hidserv.dll - ok
00:58:30.0317 4412 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
00:58:30.0317 4412 C:\Windows\System32\wdi.dll - ok
00:58:30.0317 4412 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
00:58:30.0317 4412 C:\Windows\System32\diagperf.dll - ok
00:58:30.0317 4412 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
00:58:30.0317 4412 C:\Windows\System32\wpdbusenum.dll - ok
00:58:30.0317 4412 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
00:58:30.0317 4412 C:\Windows\System32\Apphlpdm.dll - ok
00:58:30.0333 4412 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
00:58:30.0333 4412 C:\Windows\System32\PortableDeviceApi.dll - ok
00:58:30.0333 4412 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
00:58:30.0333 4412 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
00:58:30.0333 4412 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
00:58:30.0333 4412 C:\Windows\System32\perftrack.dll - ok
00:58:30.0333 4412 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
00:58:30.0333 4412 C:\Windows\System32\pnpts.dll - ok
00:58:30.0349 4412 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
00:58:30.0349 4412 C:\Windows\System32\wdiasqmmodule.dll - ok
00:58:30.0349 4412 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
00:58:30.0349 4412 C:\Windows\SysWOW64\wshbth.dll - ok
00:58:30.0349 4412 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
00:58:30.0349 4412 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
00:58:30.0349 4412 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
00:58:30.0349 4412 C:\Windows\System32\ncobjapi.dll - ok
00:58:30.0349 4412 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
00:58:30.0349 4412 C:\Windows\System32\wbem\wbemess.dll - ok
00:58:30.0364 4412 [ DA1478CBE4CEC560B690861B9DF3CF13 ] C:\Program Files\Intel\WiFi\bin\iWrap.exe
00:58:30.0364 4412 C:\Program Files\Intel\WiFi\bin\iWrap.exe - ok
00:58:30.0364 4412 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
00:58:30.0364 4412 C:\Windows\System32\wbem\unsecapp.exe - ok
00:58:30.0364 4412 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
00:58:30.0364 4412 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
00:58:30.0364 4412 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
00:58:30.0364 4412 C:\Windows\System32\wbem\NCProv.dll - ok
00:58:30.0364 4412 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
00:58:30.0364 4412 C:\Windows\System32\oledlg.dll - ok
00:58:30.0380 4412 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
00:58:30.0380 4412 C:\Windows\System32\dimsjob.dll - ok
00:58:30.0380 4412 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
00:58:30.0380 4412 C:\Windows\System32\taskhost.exe - ok
00:58:30.0380 4412 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
00:58:30.0380 4412 C:\Windows\System32\npmproxy.dll - ok
00:58:30.0380 4412 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
00:58:30.0380 4412 C:\Windows\System32\NapiNSP.dll - ok
00:58:30.0380 4412 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
00:58:30.0380 4412 C:\Windows\System32\netshell.dll - ok
00:58:30.0395 4412 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
00:58:30.0395 4412 C:\Windows\System32\pnrpnsp.dll - ok
00:58:30.0395 4412 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
00:58:30.0395 4412 C:\Windows\System32\winrnr.dll - ok
00:58:30.0395 4412 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
00:58:30.0395 4412 C:\Windows\System32\wshbth.dll - ok
00:58:30.0395 4412 [ C55644F641557A93F93A208E967F7483 ] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
00:58:30.0395 4412 C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll - ok
00:58:30.0411 4412 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
00:58:30.0411 4412 C:\Windows\System32\p2pcollab.dll - ok
00:58:30.0411 4412 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
00:58:30.0411 4412 C:\Windows\System32\QAGENTRT.DLL - ok
00:58:30.0411 4412 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
00:58:30.0411 4412 C:\Windows\System32\fveui.dll - ok
00:58:30.0411 4412 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
00:58:30.0411 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys - ok
00:58:30.0411 4412 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
00:58:30.0411 4412 C:\Windows\System32\dllhost.exe - ok
00:58:30.0427 4412 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
00:58:30.0427 4412 C:\Windows\System32\wbem\wmiprov.dll - ok
00:58:30.0427 4412 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
00:58:30.0427 4412 C:\Windows\System32\IDStore.dll - ok
00:58:30.0427 4412 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
00:58:30.0427 4412 C:\Windows\System32\HotStartUserAgent.dll - ok
00:58:30.0427 4412 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
00:58:30.0427 4412 C:\Windows\System32\taskeng.exe - ok
00:58:30.0427 4412 [ 820655E11009E0EE9E64C1A08F502486 ] C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
00:58:30.0427 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe - ok
00:58:30.0442 4412 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
00:58:30.0442 4412 C:\Windows\System32\drprov.dll - ok
00:58:30.0442 4412 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
00:58:30.0442 4412 C:\Windows\System32\mpr.dll - ok
00:58:30.0442 4412 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
00:58:30.0442 4412 C:\Windows\System32\ntlanman.dll - ok
00:58:30.0442 4412 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
00:58:30.0442 4412 C:\Windows\System32\localspl.dll - ok
00:58:30.0458 4412 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
00:58:30.0458 4412 C:\Windows\System32\davclnt.dll - ok
00:58:30.0458 4412 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
00:58:30.0458 4412 C:\Windows\System32\cscapi.dll - ok
00:58:30.0458 4412 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
00:58:30.0458 4412 C:\Windows\System32\davhlpr.dll - ok
00:58:30.0458 4412 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
00:58:30.0458 4412 C:\Windows\System32\MsCtfMonitor.dll - ok
00:58:30.0458 4412 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
00:58:30.0458 4412 C:\Windows\System32\msutb.dll - ok
00:58:30.0473 4412 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
00:58:30.0473 4412 C:\Windows\System32\spoolss.dll - ok
00:58:30.0473 4412 [ 9459134133FB09BA956A28AAFAE78186 ] C:\Windows\System32\E_ILMHAE.DLL
00:58:30.0473 4412 C:\Windows\System32\E_ILMHAE.DLL - ok
00:58:30.0473 4412 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
00:58:30.0473 4412 C:\Windows\System32\PrintIsolationProxy.dll - ok
00:58:30.0473 4412 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:58:30.0473 4412 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
00:58:30.0473 4412 [ CFF4B5EFAC19893146687EF31B7219C6 ] C:\Program Files\MATLAB\R2011b\bin\win64\MATLABStartupAccelerator.exe
00:58:30.0473 4412 C:\Program Files\MATLAB\R2011b\bin\win64\MATLABStartupAccelerator.exe - ok
00:58:30.0489 4412 [ 9C9FC1683DCE4F3FE24FDE04518E138D ] C:\Windows\System32\enppmon.dll
00:58:30.0489 4412 C:\Windows\System32\enppmon.dll - ok
00:58:30.0489 4412 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
00:58:30.0489 4412 C:\Windows\System32\PlaySndSrv.dll - ok
00:58:30.0489 4412 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
00:58:30.0489 4412 C:\Windows\System32\TSChannel.dll - ok
00:58:30.0489 4412 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
00:58:30.0489 4412 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
00:58:30.0489 4412 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
00:58:30.0489 4412 C:\Windows\System32\dssenh.dll - ok
00:58:30.0505 4412 [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll
00:58:30.0505 4412 C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll - ok
00:58:30.0505 4412 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
00:58:30.0505 4412 C:\Windows\System32\msvcp60.dll - ok
00:58:30.0505 4412 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
00:58:30.0505 4412 C:\Windows\System32\certcli.dll - ok
00:58:30.0505 4412 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
00:58:30.0505 4412 C:\Windows\System32\pautoenr.dll - ok
00:58:30.0520 4412 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
00:58:30.0520 4412 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
00:58:30.0520 4412 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
00:58:30.0520 4412 C:\Windows\SysWOW64\imagehlp.dll - ok
00:58:30.0520 4412 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
00:58:30.0520 4412 C:\Windows\SysWOW64\msi.dll - ok
00:58:30.0520 4412 [ 544482D396F1A0C0337879847032FBB3 ] C:\Windows\System32\enpres.dll
00:58:30.0520 4412 C:\Windows\System32\enpres.dll - ok
00:58:30.0520 4412 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
00:58:30.0520 4412 C:\Windows\System32\CertEnroll.dll - ok
00:58:30.0536 4412 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
00:58:30.0536 4412 C:\Windows\System32\FXSMON.dll - ok
00:58:30.0536 4412 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
00:58:30.0536 4412 C:\Windows\System32\tcpmon.dll - ok
00:58:30.0536 4412 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
00:58:30.0536 4412 C:\Windows\System32\snmpapi.dll - ok
00:58:30.0536 4412 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
00:58:30.0536 4412 C:\Windows\System32\wsnmp32.dll - ok
00:58:30.0536 4412 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
00:58:30.0536 4412 C:\Windows\System32\usbmon.dll - ok
00:58:30.0551 4412 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
00:58:30.0551 4412 C:\Windows\System32\WSDMon.dll - ok
00:58:30.0551 4412 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
00:58:30.0551 4412 C:\Windows\System32\fdPnp.dll - ok
00:58:30.0551 4412 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
00:58:30.0551 4412 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
00:58:30.0551 4412 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
00:58:30.0551 4412 C:\Windows\System32\win32spl.dll - ok
00:58:30.0567 4412 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
00:58:30.0567 4412 C:\Windows\SysWOW64\cscapi.dll - ok
00:58:30.0567 4412 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
00:58:30.0567 4412 C:\Windows\SysWOW64\dbghelp.dll - ok
00:58:30.0567 4412 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
00:58:30.0567 4412 C:\Windows\System32\inetpp.dll - ok
00:58:30.0567 4412 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
00:58:30.0567 4412 C:\Windows\SysWOW64\apphelp.dll - ok
00:58:30.0583 4412 [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
00:58:30.0583 4412 C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
00:58:30.0583 4412 [ 4E252E85E5DC31BD645E809222AFAF27 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
00:58:30.0583 4412 C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe - ok
00:58:30.0583 4412 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
00:58:30.0583 4412 C:\Windows\SysWOW64\mstask.dll - ok
00:58:30.0583 4412 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
00:58:30.0583 4412 C:\Windows\SysWOW64\wbemcomn.dll - ok
00:58:30.0583 4412 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
00:58:30.0583 4412 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
00:58:30.0598 4412 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
00:58:30.0692 4412 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
00:58:30.0692 4412 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
00:58:30.0692 4412 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
00:58:30.0692 4412 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
00:58:30.0692 4412 C:\Windows\SysWOW64\ntdsapi.dll - ok
00:58:30.0692 4412 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
00:58:30.0692 4412 C:\Windows\System32\wbem\cimwin32.dll - ok
00:58:30.0692 4412 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
00:58:30.0692 4412 C:\Windows\System32\framedynos.dll - ok
00:58:30.0707 4412 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
00:58:30.0707 4412 C:\Windows\System32\wmi.dll - ok
00:58:30.0707 4412 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
00:58:30.0707 4412 C:\Windows\System32\userinit.exe - ok
00:58:30.0707 4412 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
00:58:30.0707 4412 C:\Windows\System32\dwm.exe - ok
00:58:30.0723 4412 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
00:58:30.0723 4412 C:\Windows\System32\dwmredir.dll - ok
00:58:30.0723 4412 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
00:58:30.0723 4412 C:\Windows\System32\dwmcore.dll - ok
00:58:30.0723 4412 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
00:58:30.0723 4412 C:\Windows\System32\d3d10_1.dll - ok
00:58:30.0723 4412 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
00:58:30.0723 4412 C:\Windows\System32\d3d10_1core.dll - ok
00:58:30.0739 4412 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
00:58:30.0739 4412 C:\Windows\System32\dxgi.dll - ok
00:58:30.0739 4412 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
00:58:30.0739 4412 C:\Windows\explorer.exe - ok
00:58:30.0739 4412 [ C572D2A4AD9C7A332DFE1C6FD215A8F5 ] C:\Windows\System32\igd10umd64.dll
00:58:30.0739 4412 C:\Windows\System32\igd10umd64.dll - ok
00:58:30.0739 4412 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
00:58:30.0739 4412 C:\Windows\System32\ExplorerFrame.dll - ok
00:58:30.0754 4412 [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
00:58:30.0754 4412 C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
00:58:30.0754 4412 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
00:58:30.0754 4412 C:\Windows\System32\EhStorShell.dll - ok
00:58:30.0754 4412 [ DBA8142819F06A4A401259011EF59530 ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
00:58:30.0754 4412 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
00:58:30.0754 4412 [ EF8857E18BAFF3E4DB9DE20A0491AC31 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll
00:58:30.0754 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll - ok
00:58:30.0770 4412 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\msvcp100.dll
00:58:30.0770 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\msvcp100.dll - ok
00:58:30.0770 4412 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\msvcr100.dll
00:58:30.0770 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\msvcr100.dll - ok
00:58:30.0770 4412 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
00:58:30.0770 4412 C:\Windows\System32\cscui.dll - ok
00:58:30.0770 4412 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
00:58:30.0770 4412 C:\Windows\System32\cscdll.dll - ok
00:58:30.0785 4412 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
00:58:30.0785 4412 C:\Windows\System32\IconCodecService.dll - ok
00:58:30.0785 4412 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
00:58:30.0785 4412 C:\Windows\System32\appinfo.dll - ok
00:58:30.0785 4412 [ 862586AD4B1355F7DCDE111EE0AAF350 ] C:\Windows\System32\d3dx10_40.dll
00:58:30.0785 4412 C:\Windows\System32\d3dx10_40.dll - ok
00:58:30.0785 4412 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
00:58:30.0785 4412 C:\Windows\System32\uDWM.dll - ok
00:58:30.0801 4412 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
00:58:30.0801 4412 C:\Windows\System32\runonce.exe - ok
00:58:30.0801 4412 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
00:58:30.0801 4412 C:\Windows\SysWOW64\runonce.exe - ok
00:58:30.0801 4412 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
00:58:30.0801 4412 C:\Windows\SysWOW64\propsys.dll - ok
00:58:30.0801 4412 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
00:58:30.0801 4412 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
00:58:30.0817 4412 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
00:58:30.0817 4412 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
00:58:30.0817 4412 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
00:58:30.0817 4412 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
00:58:30.0817 4412 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
00:58:30.0817 4412 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
00:58:30.0817 4412 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
00:58:30.0817 4412 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
00:58:30.0832 4412 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
00:58:30.0832 4412 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
00:58:30.0832 4412 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
00:58:30.0832 4412 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
00:58:30.0832 4412 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
00:58:30.0832 4412 C:\Windows\SysWOW64\msxml3.dll - ok
00:58:30.0832 4412 [ 872B54B33A1F80BB7DE3D8DD98CBAECC ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll
00:58:30.0832 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll - ok
00:58:30.0848 4412 [ BC83108B18756547013ED443B8CDB31B ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\msvcp100.dll
00:58:30.0848 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\msvcp100.dll - ok
00:58:30.0848 4412 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\msvcr100.dll
00:58:30.0848 4412 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\msvcr100.dll - ok
00:58:30.0848 4412 [ 987323F0247D023AD1AE52195540ECE0 ] C:\Windows\SysWOW64\mssvp.dll
00:58:30.0848 4412 C:\Windows\SysWOW64\mssvp.dll - ok
00:58:30.0848 4412 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
00:58:30.0848 4412 C:\Windows\SysWOW64\mapi32.dll - ok
00:58:30.0863 4412 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
00:58:30.0863 4412 C:\Windows\SysWOW64\cmd.exe - ok
00:58:30.0863 4412 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
00:58:30.0863 4412 C:\Windows\SysWOW64\winbrand.dll - ok
00:58:30.0863 4412 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
00:58:30.0863 4412 C:\Windows\System32\radardt.dll - ok
00:58:30.0863 4412 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
00:58:30.0863 4412 C:\Windows\System32\tdh.dll - ok
00:58:30.0879 4412 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
00:58:30.0879 4412 C:\Windows\SysWOW64\ieframe.dll - ok
00:58:30.0879 4412 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
00:58:30.0879 4412 C:\Windows\System32\pnidui.dll - ok
00:58:30.0879 4412 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
00:58:30.0879 4412 C:\Windows\System32\wmp.dll - ok
00:58:30.0879 4412 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
00:58:30.0879 4412 C:\Windows\SysWOW64\oleacc.dll - ok
00:58:30.0895 4412 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
00:58:30.0895 4412 C:\Windows\SysWOW64\shdocvw.dll - ok
00:58:30.0895 4412 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Sundhar\AppData\Local\Temp\FBF56925-3374-4278-A169-B62918652FAE.exe
00:58:30.0895 4412 C:\Users\Sundhar\AppData\Local\Temp\FBF56925-3374-4278-A169-B62918652FAE.exe - ok
00:58:30.0895 4412 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
00:58:30.0895 4412 C:\Windows\SysWOW64\ncrypt.dll - ok
00:58:30.0895 4412 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
00:58:30.0895 4412 C:\Windows\SysWOW64\bcrypt.dll - ok
00:58:30.0910 4412 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
00:58:30.0910 4412 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
00:58:30.0910 4412 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
00:58:30.0910 4412 C:\Windows\SysWOW64\gpapi.dll - ok
00:58:30.0910 4412 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
00:58:30.0910 4412 C:\Windows\SysWOW64\cryptnet.dll - ok
00:58:30.0910 4412 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
00:58:30.0910 4412 C:\Windows\SysWOW64\SensApi.dll - ok
00:58:30.0910 4412 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
00:58:30.0910 4412 C:\Windows\SysWOW64\winhttp.dll - ok
00:58:30.0926 4412 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
00:58:30.0926 4412 C:\Windows\System32\aelupsvc.dll - ok
00:58:30.0926 4412 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
00:58:30.0926 4412 C:\Windows\SysWOW64\webio.dll - ok
00:58:30.0926 4412 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
00:58:30.0926 4412 C:\Windows\SysWOW64\credssp.dll - ok
00:58:30.0926 4412 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
00:58:30.0926 4412 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
00:58:30.0941 4412 [ 1F5A570AD942DFCFE4500326ABDD72B2 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
00:58:30.0941 4412 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
00:58:30.0941 4412 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
00:58:30.0941 4412 C:\Windows\SysWOW64\rasadhlp.dll - ok
00:58:30.0941 4412 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
00:58:30.0941 4412 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
00:58:30.0941 4412 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
00:58:30.0941 4412 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
00:58:30.0941 4412 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
00:58:30.0941 4412 C:\Windows\SysWOW64\EhStorShell.dll - ok
00:58:30.0957 4412 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
00:58:30.0957 4412 C:\Windows\SysWOW64\ntshrui.dll - ok
00:58:30.0957 4412 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
00:58:30.0957 4412 C:\Windows\SysWOW64\imageres.dll - ok
00:58:30.0957 4412 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
00:58:30.0957 4412 C:\Windows\SysWOW64\slc.dll - ok
00:58:30.0957 4412 [ 40D5A756685313B1D3AA12233904CC54 ] C:\Program Files (x86)\TuneUp Utilities 2011\OneClickStarter.exe
00:58:30.0957 4412 C:\Program Files (x86)\TuneUp Utilities 2011\OneClickStarter.exe - ok
00:58:30.0973 4412 [ 0400CBB7558638933661984791398CA2 ] C:\Program Files (x86)\TuneUp Utilities 2011\rtl120.bpl
00:58:30.0973 4412 C:\Program Files (x86)\TuneUp Utilities 2011\rtl120.bpl - ok
00:58:30.0973 4412 [ 1DC52112D1E1BE5BFA59BB3FBCA4BA76 ] C:\Program Files (x86)\TuneUp Utilities 2011\ProgramRating.bpl
00:58:30.0973 4412 C:\Program Files (x86)\TuneUp Utilities 2011\ProgramRating.bpl - ok
00:58:30.0973 4412 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
00:58:30.0973 4412 C:\Windows\SysWOW64\mpr.dll - ok
00:58:30.0988 4412 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
00:58:30.0988 4412 C:\Windows\SysWOW64\wsock32.dll - ok
00:58:30.0988 4412 [ 066589820A4A17EA2D0A0D0C070D2E90 ] C:\Program Files (x86)\TuneUp Utilities 2011\vcl120.bpl
00:58:30.0988 4412 C:\Program Files (x86)\TuneUp Utilities 2011\vcl120.bpl - ok
00:58:30.0988 4412 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
00:58:30.0988 4412 C:\Windows\SysWOW64\comdlg32.dll - ok
00:58:31.0004 4412 [ 5102CAE11A2E1894FCD0654FA96BC7A1 ] C:\Program Files (x86)\TuneUp Utilities 2011\MainControls.bpl
00:58:31.0004 4412 C:\Program Files (x86)\TuneUp Utilities 2011\MainControls.bpl - ok
00:58:31.0004 4412 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
00:58:31.0004 4412 C:\Windows\SysWOW64\oledlg.dll - ok
00:58:31.0004 4412 [ 34EE2408D03505BFB05BE890EBE1B8DC ] C:\Program Files (x86)\TuneUp Utilities 2011\GR32_D6.bpl
00:58:31.0004 4412 C:\Program Files (x86)\TuneUp Utilities 2011\GR32_D6.bpl - ok
00:58:31.0004 4412 [ 139EAE714653D55F83C1DD3DDE22A1AA ] C:\Program Files (x86)\TuneUp Utilities 2011\vclimg120.bpl
00:58:31.0004 4412 C:\Program Files (x86)\TuneUp Utilities 2011\vclimg120.bpl - ok
00:58:31.0019 4412 [ 78EBDC780E81E187E0AFD6634506953B ] C:\Program Files (x86)\TuneUp Utilities 2011\RegExp.bpl
00:58:31.0019 4412 C:\Program Files (x86)\TuneUp Utilities 2011\RegExp.bpl - ok
00:58:31.0019 4412 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
00:58:31.0019 4412 C:\Windows\SysWOW64\winmm.dll - ok
00:58:31.0019 4412 [ FF052DEB0F2849B156809DD6CD3DA286 ] C:\Program Files (x86)\TuneUp Utilities 2011\TUTransl.bpl
00:58:31.0019 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUTransl.bpl - ok
00:58:31.0035 4412 [ B08ACD89DDA1C40B855DF29453FD6872 ] C:\Program Files (x86)\TuneUp Utilities 2011\XMLComponents.bpl
00:58:31.0035 4412 C:\Program Files (x86)\TuneUp Utilities 2011\XMLComponents.bpl - ok
00:58:31.0035 4412 [ EC98DDD52676772C0AEF56670A0FD1E1 ] C:\Program Files (x86)\TuneUp Utilities 2011\TUBasic.bpl
00:58:31.0035 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUBasic.bpl - ok
00:58:31.0051 4412 [ 9C905705C28008D633125703382733D4 ] C:\Program Files (x86)\TuneUp Utilities 2011\TUKernel.bpl
00:58:31.0051 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUKernel.bpl - ok
00:58:31.0051 4412 [ 058A1F3A0D2CF86C631AB1E55A6BC1E4 ] C:\Program Files (x86)\TuneUp Utilities 2011\DEC.bpl
00:58:31.0051 4412 C:\Program Files (x86)\TuneUp Utilities 2011\DEC.bpl - ok
00:58:31.0051 4412 [ 5CEABFAE719EF542A0B1922A8B0F7409 ] C:\Program Files (x86)\TuneUp Utilities 2011\TUBase.bpl
00:58:31.0051 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUBase.bpl - ok
00:58:31.0066 4412 [ 65C022648935C8DD321A16298BA1EB2E ] C:\Program Files (x86)\TuneUp Utilities 2011\TUCompression.bpl
00:58:31.0066 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUCompression.bpl - ok
00:58:31.0066 4412 [ 1FC945B2CC6DA97FAFEFB5DB38A6A11E ] C:\Program Files (x86)\TuneUp Utilities 2011\Html.bpl
00:58:31.0066 4412 C:\Program Files (x86)\TuneUp Utilities 2011\Html.bpl - ok
00:58:31.0066 4412 [ 1D7828406C07FA2B4C90BB40CD28FFB2 ] C:\Program Files (x86)\TuneUp Utilities 2011\vclx120.bpl
00:58:31.0066 4412 C:\Program Files (x86)\TuneUp Utilities 2011\vclx120.bpl - ok
00:58:31.0082 4412 [ 34BF4C333C540BBD3ACACC844BFEDFD8 ] C:\Program Files (x86)\TuneUp Utilities 2011\SmallUnits.bpl
00:58:31.0082 4412 C:\Program Files (x86)\TuneUp Utilities 2011\SmallUnits.bpl - ok
00:58:31.0082 4412 [ 1514BADEB01C79997B292D7100746B56 ] C:\Program Files (x86)\TuneUp Utilities 2011\ntrtl60.bpl
00:58:31.0082 4412 C:\Program Files (x86)\TuneUp Utilities 2011\ntrtl60.bpl - ok
00:58:31.0097 4412 [ 3D2219E6033F3D2B0909A2D6F3BF974F ] C:\Program Files (x86)\TuneUp Utilities 2011\SchedAgent_2007.bpl
00:58:31.0097 4412 C:\Program Files (x86)\TuneUp Utilities 2011\SchedAgent_2007.bpl - ok
00:58:31.0097 4412 [ 6E25F80DB404016B00CE25A779111B1F ] C:\Program Files (x86)\TuneUp Utilities 2011\VisControls.bpl
00:58:31.0097 4412 C:\Program Files (x86)\TuneUp Utilities 2011\VisControls.bpl - ok
00:58:31.0097 4412 [ C9229382344600034E9E8FCFA82C2E31 ] C:\Program Files (x86)\TuneUp Utilities 2011\dxBarD12.bpl
00:58:31.0097 4412 C:\Program Files (x86)\TuneUp Utilities 2011\dxBarD12.bpl - ok
00:58:31.0113 4412 [ 36A218739F4C7A8DDFA206DDD8CA31C1 ] C:\Program Files (x86)\TuneUp Utilities 2011\dxCoreD12.bpl
00:58:31.0113 4412 C:\Program Files (x86)\TuneUp Utilities 2011\dxCoreD12.bpl - ok
00:58:31.0113 4412 [ EB196D392C93F72F9089EFBC73BAC495 ] C:\Program Files (x86)\TuneUp Utilities 2011\dxComnD12.bpl
00:58:31.0113 4412 C:\Program Files (x86)\TuneUp Utilities 2011\dxComnD12.bpl - ok
00:58:31.0113 4412 [ 32BA1261FBC1CA44ACAB63BD59F2D2DB ] C:\Program Files (x86)\TuneUp Utilities 2011\dxThemeD12.bpl
00:58:31.0113 4412 C:\Program Files (x86)\TuneUp Utilities 2011\dxThemeD12.bpl - ok
00:58:31.0129 4412 [ 4B24170FF2C7F1F2A26E1243D5C568DB ] C:\Program Files (x86)\TuneUp Utilities 2011\cxLibraryD12.bpl
00:58:31.0129 4412 C:\Program Files (x86)\TuneUp Utilities 2011\cxLibraryD12.bpl - ok
00:58:31.0129 4412 [ 897BE77667D4766AB237059B84735AD6 ] C:\Program Files (x86)\TuneUp Utilities 2011\dxGDIPlusD12.bpl
00:58:31.0129 4412 C:\Program Files (x86)\TuneUp Utilities 2011\dxGDIPlusD12.bpl - ok
00:58:31.0129 4412 [ 8A51EC6F1826E68D260DC0993062B951 ] C:\Program Files (x86)\TuneUp Utilities 2011\SysControls.bpl
00:58:31.0129 4412 C:\Program Files (x86)\TuneUp Utilities 2011\SysControls.bpl - ok
00:58:31.0129 4412 [ 4E7ECD9C25492F6D5C2AB9C92ED1D01E ] C:\Program Files (x86)\TuneUp Utilities 2011\ehs_d6.bpl
00:58:31.0129 4412 C:\Program Files (x86)\TuneUp Utilities 2011\ehs_d6.bpl - ok
00:58:31.0144 4412 [ AEFB476EA69595D4C99DB7F10F6CEA18 ] C:\Program Files (x86)\TuneUp Utilities 2011\xmlrtl120.bpl
00:58:31.0144 4412 C:\Program Files (x86)\TuneUp Utilities 2011\xmlrtl120.bpl - ok
00:58:31.0144 4412 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
00:58:31.0144 4412 C:\Windows\SysWOW64\Faultrep.dll - ok
00:58:31.0144 4412 [ 63FEA8081FFC7264C28D48D7A5AFFBB5 ] C:\Program Files (x86)\TuneUp Utilities 2011\AppInitialization.bpl
00:58:31.0144 4412 C:\Program Files (x86)\TuneUp Utilities 2011\AppInitialization.bpl - ok
00:58:31.0160 4412 [ 044FA8F691D11219B32936F8D16FAACF ] C:\Program Files (x86)\TuneUp Utilities 2011\tulic.dll
00:58:31.0160 4412 C:\Program Files (x86)\TuneUp Utilities 2011\tulic.dll - ok
00:58:31.0160 4412 [ 2AC132DF56D683B03C5A6B6F5A6E76EF ] C:\Program Files (x86)\TuneUp Utilities 2011\TUShell.bpl
00:58:31.0160 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUShell.bpl - ok
00:58:31.0160 4412 [ E8F1F8C7D1D41D9A75B7A0A6339E4526 ] C:\Program Files (x86)\TuneUp Utilities 2011\TUShredder.bpl
00:58:31.0160 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUShredder.bpl - ok
00:58:31.0160 4412 [ 48FBD796C5A4483DDA53DD2ED938C36B ] C:\Program Files (x86)\TuneUp Utilities 2011\TUIcoEngineerDirTree.bpl
00:58:31.0160 4412 C:\Program Files (x86)\TuneUp Utilities 2011\TUIcoEngineerDirTree.bpl - ok
00:58:31.0175 4412 [ ABF094FA1D9372176E8B147187BA5965 ] C:\Program Files (x86)\TuneUp Utilities 2011\SysInfo.bpl
00:58:31.0175 4412 C:\Program Files (x86)\TuneUp Utilities 2011\SysInfo.bpl - ok
00:58:31.0175 4412 [ 20747DA4805037F54A2D377D0C29E3DC ] C:\Program Files (x86)\TuneUp Utilities 2011\MSI_D6.bpl
00:58:31.0175 4412 C:\Program Files (x86)\TuneUp Utilities 2011\MSI_D6.bpl - ok
00:58:31.0175 4412 [ 5480CBEA04AEF4E0871A2F2847AE8C1C ] C:\Program Files (x86)\TuneUp Utilities 2011\VirtualTreesR.bpl
00:58:31.0175 4412 C:\Program Files (x86)\TuneUp Utilities 2011\VirtualTreesR.bpl - ok
00:58:31.0175 4412 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
00:58:31.0175 4412 C:\Windows\SysWOW64\browcli.dll - ok
00:58:31.0191 4412 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
00:58:31.0191 4412 C:\Windows\SysWOW64\wscapi.dll - ok
00:58:31.0191 4412 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
00:58:31.0191 4412 C:\Windows\SysWOW64\logoncli.dll - ok
00:58:31.0191 4412 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
00:58:31.0191 4412 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
00:58:31.0207 4412 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
00:58:31.0207 4412 C:\Windows\System32\security.dll - ok
00:58:31.0207 4412 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
00:58:31.0207 4412 C:\Windows\System32\browcli.dll - ok
00:58:31.0207 4412 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
00:58:31.0207 4412 C:\Windows\System32\schedcli.dll - ok
00:58:31.0207 4412 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
00:58:31.0207 4412 C:\Windows\SysWOW64\olepro32.dll - ok
00:58:31.0222 4412 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
00:58:31.0222 4412 C:\Windows\SysWOW64\schedcli.dll - ok
00:58:31.0222 4412 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
00:58:31.0222 4412 C:\Windows\SysWOW64\winsta.dll - ok
00:58:31.0222 4412 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
00:58:31.0222 4412 C:\Windows\SysWOW64\sxs.dll - ok
00:58:31.0222 4412 [ B6663FC132F0262A5EF48DB2D0187DE3 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
00:58:31.0222 4412 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
00:58:31.0222 4412 [ A77BA10A0D610BBB6101AEA1E633ABE1 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
00:58:31.0222 4412 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
00:58:31.0238 4412 [ AE0A2DE2BB518D204F94DDCF93BBCC4C ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
00:58:31.0238 4412 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
00:58:31.0238 4412 [ B720B4D1C97FBE02BE32812B580F1849 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
00:58:31.0238 4412 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
00:58:31.0238 4412 [ EC248BC9C9C225FD289F250756503146 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
00:58:31.0238 4412 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
00:58:31.0238 4412 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
00:58:31.0238 4412 C:\Windows\SysWOW64\sfc.dll - ok
00:58:31.0253 4412 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
00:58:31.0253 4412 C:\Windows\SysWOW64\sfc_os.dll - ok
00:58:31.0253 4412 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
00:58:31.0253 4412 C:\Windows\SysWOW64\devrtl.dll - ok
00:58:31.0253 4412 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
00:58:31.0253 4412 C:\Windows\System32\ie4uinit.exe - ok
00:58:31.0253 4412 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
00:58:31.0253 4412 C:\Windows\System32\iedkcs32.dll - ok
00:58:31.0253 4412 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
00:58:31.0253 4412 C:\Windows\System32\themeui.dll - ok
00:58:31.0269 4412 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
00:58:31.0269 4412 C:\Windows\System32\timedate.cpl - ok
00:58:31.0269 4412 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
00:58:31.0269 4412 C:\Windows\System32\actxprxy.dll - ok
00:58:31.0269 4412 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
00:58:31.0269 4412 C:\Windows\System32\shdocvw.dll - ok
00:58:31.0269 4412 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
00:58:31.0269 4412 C:\Windows\System32\linkinfo.dll - ok
00:58:31.0285 4412 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
00:58:31.0285 4412 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
00:58:31.0285 4412 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
00:58:31.0285 4412 C:\Windows\System32\msftedit.dll - ok
00:58:31.0285 4412 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
00:58:31.0285 4412 C:\Windows\System32\msls31.dll - ok
00:58:31.0285 4412 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
00:58:31.0285 4412 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
00:58:31.0285 4412 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
00:58:31.0285 4412 C:\Windows\System32\gameux.dll - ok
00:58:31.0300 4412 [ E503E15C88B4BBDA3F6345E34FED3E92 ] C:\Windows\System32\mssvp.dll
00:58:31.0300 4412 C:\Windows\System32\mssvp.dll - ok
00:58:31.0300 4412 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
00:58:31.0300 4412 C:\Windows\System32\mapi32.dll - ok
00:58:31.0300 4412 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
00:58:31.0300 4412 C:\Windows\System32\SyncCenter.dll - ok
00:58:31.0300 4412 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
00:58:31.0300 4412 C:\Windows\System32\msiltcfg.dll - ok
00:58:31.0300 4412 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
00:58:31.0300 4412 C:\Windows\System32\DeviceCenter.dll - ok
00:58:31.0316 4412 [ 587BB0FA7D11F81251539A630C097C8C ] C:\Windows\System32\appwiz.cpl
00:58:31.0316 4412 C:\Windows\System32\appwiz.cpl - ok
00:58:31.0316 4412 [ ECEC505F96DC60024B5C3384B180D07C ] C:\Windows\System32\osbaseln.dll
00:58:31.0316 4412 C:\Windows\System32\osbaseln.dll - ok
00:58:31.0316 4412 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
00:58:31.0316 4412 C:\Windows\System32\thumbcache.dll - ok
00:58:31.0316 4412 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
00:58:31.0316 4412 C:\Windows\System32\networkexplorer.dll - ok
00:58:31.0331 4412 [ 0892837BF89C842D518AC3A323992B47 ] C:\Windows\vsnp2uvc.exe
00:58:31.0331 4412 C:\Windows\vsnp2uvc.exe - ok
00:58:31.0331 4412 [ B765660889FB730A1AC49AC7E5A5493D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
00:58:31.0331 4412 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
00:58:31.0331 4412 [ 39CDCC21F0A1E14AECE38A13049F04E7 ] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
00:58:31.0331 4412 C:\Program Files\Fujitsu\PSUtility\TrayManager.exe - ok
00:58:31.0331 4412 [ C14DDD4BB10BFB9162882453A60326C3 ] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe
00:58:31.0331 4412 C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe - ok
00:58:31.0347 4412 [ 84B6743FF8C82CAA1B72AC0FF031D751 ] C:\Windows\System32\igfxpers.exe
00:58:31.0347 4412 C:\Windows\System32\igfxpers.exe - ok
00:58:31.0347 4412 [ EE73EC3E782DCE640DF2B4CBCF357142 ] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
00:58:31.0347 4412 C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe - ok
00:58:31.0347 4412 [ 816CB97E7BC90FF66F64E6AB36FF47C7 ] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
00:58:31.0347 4412 C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe - ok
00:58:31.0347 4412 [ 7B97E8F22CE577DC891C6FAF16914FE7 ] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
00:58:31.0347 4412 C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe - ok
00:58:31.0363 4412 [ D26F58CAD288E92A45A0F8517179B6A4 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
00:58:31.0363 4412 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe - ok
00:58:31.0363 4412 [ A93F6D00702900137E4C97C17B01A600 ] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
00:58:31.0363 4412 C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe - ok
00:58:31.0363 4412 [ 1E91D7C797290115BB082AD5C1BF6106 ] C:\Windows\System32\hccutils.dll
00:58:31.0363 4412 C:\Windows\System32\hccutils.dll - ok
00:58:31.0363 4412 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
00:58:31.0363 4412 C:\Windows\System32\rundll32.exe - ok
00:58:31.0378 4412 [ 905857049BA3B71AF15EC55B4C6573D7 ] C:\Program Files (x86)\SmartVoip.com\SmartVoip\smartvoip.exe
00:58:31.0378 4412 C:\Program Files (x86)\SmartVoip.com\SmartVoip\smartvoip.exe - ok
00:58:31.0378 4412 [ 6538B56CA1ACD5E2C1CE1E3605E7EE62 ] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
00:58:31.0378 4412 C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll - ok
00:58:31.0378 4412 [ 6F338A5BD1F0C25A25F74652D89A4DD7 ] C:\Windows\System32\igfxsrvc.exe
00:58:31.0378 4412 C:\Windows\System32\igfxsrvc.exe - ok
00:58:31.0394 4412 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
00:58:31.0394 4412 C:\Windows\System32\msvcr100.dll - ok
00:58:31.0394 4412 [ DE5D803E7D598654CBD97663EA89ECF3 ] C:\Program Files\Fujitsu\PSUtility\ODDEg.dll
00:58:31.0394 4412 C:\Program Files\Fujitsu\PSUtility\ODDEg.dll - ok
00:58:31.0394 4412 [ D387677FB0660C7863A8F8A2237B06F0 ] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.dll
00:58:31.0394 4412 C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.dll - ok
00:58:31.0409 4412 [ 05D6C6C15BBA54F0021E997E4A4837E2 ] C:\Windows\System32\igfxsrvc.dll
00:58:31.0409 4412 C:\Windows\System32\igfxsrvc.dll - ok
00:58:31.0409 4412 [ B28D1EE1884D065D791253C4E95D17EC ] C:\Windows\System32\igfxdev.dll
00:58:31.0409 4412 C:\Windows\System32\igfxdev.dll - ok
00:58:31.0409 4412 [ 5D72FDA64EBF95CF0D1F492DF6CCF737 ] C:\Program Files\Fujitsu\Application Panel\BtnHnd.dll
00:58:31.0409 4412 C:\Program Files\Fujitsu\Application Panel\BtnHnd.dll - ok
00:58:31.0409 4412 [ D9DC7F47BBFBF0C9DCC0E15484ECDB92 ] C:\Program Files\Fujitsu\PSUtility\AudioEg4.dll
00:58:31.0409 4412 C:\Program Files\Fujitsu\PSUtility\AudioEg4.dll - ok
00:58:31.0425 4412 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
00:58:31.0425 4412 C:\Windows\System32\msvcp100.dll - ok
00:58:31.0425 4412 [ 3375D9A7A9E5352CEE5DABE9373D5F08 ] C:\Program Files\Fujitsu\PSUtility\AudioEg5.dll
00:58:31.0425 4412 C:\Program Files\Fujitsu\PSUtility\AudioEg5.dll - ok
00:58:31.0425 4412 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
00:58:31.0425 4412 C:\Windows\System32\IccLibDll_x64.dll - ok
00:58:31.0425 4412 [ 46A1BC0203BCCAAAB2741065620E7DD6 ] C:\Program Files\Common Files\Intel\WirelessCommon\CustomUIResource.dll
00:58:31.0425 4412 C:\Program Files\Common Files\Intel\WirelessCommon\CustomUIResource.dll - ok
00:58:31.0441 4412 [ 456F92F73BCE69226DA0A2C7619E08D4 ] C:\Program Files\Fujitsu\PSUtility\WlanEg.dll
00:58:31.0441 4412 C:\Program Files\Fujitsu\PSUtility\WlanEg.dll - ok
00:58:31.0441 4412 [ 12926C4A5337BD528879C22557282C93 ] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
00:58:31.0441 4412 C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll - ok
00:58:31.0441 4412 [ 84EB0014D56AC2A5159A6987A77FFAF3 ] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
00:58:31.0441 4412 C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll - ok
00:58:31.0441 4412 [ FBCE47AFE5F1E93420AF3B68D17421E7 ] C:\Program Files\Fujitsu\PSUtility\WimaxEg.dll
00:58:31.0441 4412 C:\Program Files\Fujitsu\PSUtility\WimaxEg.dll - ok
00:58:31.0456 4412 [ 7FE64B0427D915C78DB3F87D13AF2D67 ] C:\Program Files\Fujitsu\PSUtility\BTEg.dll
00:58:31.0456 4412 C:\Program Files\Fujitsu\PSUtility\BTEg.dll - ok
00:58:31.0456 4412 [ ABC1ACCFC6824882706E6C5FC324FECB ] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
00:58:31.0456 4412 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll - ok
00:58:31.0456 4412 [ B97A2156CCF49A7EDBCE15F04EB4F733 ] C:\Program Files\Fujitsu\PSUtility\PccMemEg.dll
00:58:31.0456 4412 C:\Program Files\Fujitsu\PSUtility\PccMemEg.dll - ok
00:58:31.0456 4412 [ C6108EC61A6BF54CA4CC5DB81A825B87 ] C:\Program Files\Fujitsu\PSUtility\LanEg.dll
00:58:31.0456 4412 C:\Program Files\Fujitsu\PSUtility\LanEg.dll - ok
00:58:31.0456 4412 [ BE45BFBA4BF92CD329E465022A824326 ] C:\Program Files\Fujitsu\PSUtility\ModemVNEg.dll
00:58:31.0456 4412 C:\Program Files\Fujitsu\PSUtility\ModemVNEg.dll - ok
00:58:31.0472 4412 [ EA443DF7435B1A64BA521A2C7ED94029 ] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.DLL
00:58:31.0472 4412 C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.DLL - ok
00:58:31.0472 4412 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
00:58:31.0472 4412 C:\Windows\System32\bthprops.cpl - ok
00:58:31.0472 4412 [ 0186B0A4075C7D51E7E9F2F46C61BA60 ] C:\Program Files\Fujitsu\PSUtility\1394Eg.dll
00:58:31.0472 4412 C:\Program Files\Fujitsu\PSUtility\1394Eg.dll - ok
00:58:31.0472 4412 [ CCCB272857CBA3A53BF3C655AE950082 ] C:\Program Files\Intel\WiFi\bin\PanApi.dll
00:58:31.0472 4412 C:\Program Files\Intel\WiFi\bin\PanApi.dll - ok
00:58:31.0472 4412 [ F2A6F6F0EA41FA528B4B4B66E076D963 ] C:\Program Files\Fujitsu\PSUtility\LcdTpcEg.dll
00:58:31.0472 4412 C:\Program Files\Fujitsu\PSUtility\LcdTpcEg.dll - ok
00:58:31.0487 4412 [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
00:58:31.0487 4412 C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe - ok
00:58:31.0487 4412 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
00:58:31.0487 4412 C:\Windows\System32\dsound.dll - ok
00:58:31.0487 4412 [ 096EA7E7E018B5D0B90B507696664E4F ] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
00:58:31.0487 4412 C:\Program Files\Intel\WiFi\bin\DbEngine.dll - ok
00:58:31.0487 4412 [ 1D32DA14E17007E6C51D0B0B81BE3B2E ] C:\Program Files\Fujitsu\PSUtility\LcdEg.dll
00:58:31.0487 4412 C:\Program Files\Fujitsu\PSUtility\LcdEg.dll - ok
00:58:31.0503 4412 [ 689AC6EF92C0AB58EA673F134681321D ] C:\Program Files\Fujitsu\PSUtility\RefrateEg.dll
00:58:31.0503 4412 C:\Program Files\Fujitsu\PSUtility\RefrateEg.dll - ok
00:58:31.0503 4412 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
00:58:31.0503 4412 C:\Windows\System32\opengl32.dll - ok
00:58:31.0503 4412 [ 3B85790C9F321B4638180C86F4A217E5 ] C:\Windows\System32\igfxext.exe
00:58:31.0503 4412 C:\Windows\System32\igfxext.exe - ok
00:58:31.0503 4412 [ 247BE884EE38EECF1CBC4CC670EFCE60 ] C:\Program Files\Intel\WiFi\bin\LangResources\enu\PanTrENU.dll
00:58:31.0503 4412 C:\Program Files\Intel\WiFi\bin\LangResources\enu\PanTrENU.dll - ok
00:58:31.0503 4412 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
00:58:31.0503 4412 C:\Windows\System32\glu32.dll - ok
00:58:31.0519 4412 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
00:58:31.0519 4412 C:\Windows\System32\ddraw.dll - ok
00:58:31.0519 4412 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
00:58:31.0519 4412 C:\Windows\System32\dciman32.dll - ok
00:58:31.0519 4412 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\05726886.sys
00:58:31.0519 4412 C:\Windows\System32\drivers\05726886.sys - ok
00:58:31.0519 4412 [ 9BEF7CC2CC39916B5EA7FDC5FDC43BF4 ] C:\Program Files\Fujitsu\FDM7\FdmCom.exe
00:58:31.0519 4412 C:\Program Files\Fujitsu\FDM7\FdmCom.exe - ok
00:58:31.0534 4412 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
00:58:31.0534 4412 C:\Windows\System32\RtkCfg64.dll - ok
00:58:31.0534 4412 [ 52395A98E72AB1F48929638BCCEDC873 ] C:\Windows\System32\igfxexps.dll
00:58:31.0534 4412 C:\Windows\System32\igfxexps.dll - ok
00:58:31.0534 4412 [ A7B1ADC8491C55BFBC27B11D65F4B619 ] C:\Program Files\Fujitsu\PSUtility\RefrateEg2.dll
00:58:31.0534 4412 C:\Program Files\Fujitsu\PSUtility\RefrateEg2.dll - ok
00:58:31.0534 4412 [ 3C9D1583EAA991775B5D3671678A19FB ] C:\Windows\System32\RtkAPO64.dll
00:58:31.0534 4412 C:\Windows\System32\RtkAPO64.dll - ok
00:58:31.0550 4412 [ A1E0B1D6D40DDB3D815850A2C138B86F ] C:\Program Files\Fujitsu\PSUtility\HddEg.dll
00:58:31.0550 4412 C:\Program Files\Fujitsu\PSUtility\HddEg.dll - ok
00:58:31.0550 4412 [ 45A80D0407E0E6DE92912C01ED08F7EB ] C:\Program Files\Fujitsu\PSUtility\UmtsEg.dll
00:58:31.0550 4412 C:\Program Files\Fujitsu\PSUtility\UmtsEg.dll - ok
00:58:31.0550 4412 [ 3423A650F47E603C1EDF771A1F94B984 ] C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
00:58:31.0550 4412 C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe - ok
00:58:31.0565 4412 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
00:58:31.0565 4412 C:\Windows\SysWOW64\dsound.dll - ok
00:58:31.0565 4412 [ 7476EF80C782DD264D45FE999A39C099 ] C:\Program Files\Fujitsu\FDM7\EngineWin7Com.dll
00:58:31.0565 4412 C:\Program Files\Fujitsu\FDM7\EngineWin7Com.dll - ok
00:58:31.0565 4412 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
00:58:31.0565 4412 C:\Windows\SysWOW64\powrprof.dll - ok
00:58:31.0565 4412 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
00:58:31.0565 4412 C:\Windows\System32\hnetcfg.dll - ok
00:58:31.0565 4412 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
00:58:31.0565 4412 C:\Windows\System32\netman.dll - ok
00:58:31.0581 4412 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
00:58:31.0581 4412 C:\Windows\System32\mscoree.dll - ok
00:58:31.0581 4412 [ 6EB75D77133B9B42C0EB9D4D0F861CD9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
00:58:31.0581 4412 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
00:58:31.0581 4412 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
00:58:31.0581 4412 C:\Windows\System32\dot3api.dll - ok
00:58:31.0597 4412 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
00:58:31.0597 4412 C:\Windows\System32\wlanhlp.dll - ok
00:58:31.0597 4412 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
00:58:31.0597 4412 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
00:58:31.0597 4412 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
00:58:31.0597 4412 C:\Windows\System32\stobject.dll - ok
00:58:31.0612 4412 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
00:58:31.0612 4412 C:\Windows\System32\batmeter.dll - ok
00:58:31.0612 4412 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
00:58:31.0612 4412 C:\Windows\SysWOW64\riched20.dll - ok
00:58:31.0612 4412 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
00:58:31.0612 4412 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
00:58:31.0628 4412 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
00:58:31.0628 4412 C:\Windows\System32\prnfldr.dll - ok
00:58:31.0628 4412 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
00:58:31.0628 4412 C:\Windows\System32\DXP.dll - ok
00:58:31.0628 4412 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
00:58:31.0628 4412 C:\Windows\SysWOW64\duser.dll - ok
00:58:31.0628 4412 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
00:58:31.0628 4412 C:\Windows\System32\AltTab.dll - ok
00:58:31.0643 4412 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
00:58:31.0643 4412 C:\Windows\System32\Syncreg.dll - ok
00:58:31.0643 4412 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
00:58:31.0643 4412 C:\Windows\SysWOW64\dui70.dll - ok
00:58:31.0643 4412 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
00:58:31.0643 4412 C:\Windows\System32\QUTIL.DLL - ok
00:58:31.0643 4412 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
00:58:31.0643 4412 C:\Windows\ehome\ehSSO.dll - ok
00:58:31.0659 4412 [ 070753E47E04181DD440EA2FEFE3115C ] C:\Program Files (x86)\Skype\Phone\Skype.exe
00:58:31.0659 4412 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
00:58:31.0659 4412 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
00:58:31.0659 4412 C:\Windows\System32\WPDShServiceObj.dll - ok
00:58:31.0659 4412 [ 3C1F89031F2EDA6EAF8765D2CFEC0805 ] C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
00:58:31.0659 4412 C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE - ok
00:58:31.0659 4412 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
00:58:31.0659 4412 C:\Windows\System32\PortableDeviceTypes.dll - ok
00:58:31.0675 4412 [ D9EDC964E0478B08BCF3A04F67526D36 ] C:\Program Files (x86)\Google\Drive\googledrivesync.exe
00:58:31.0675 4412 C:\Program Files (x86)\Google\Drive\googledrivesync.exe - ok
00:58:31.0675 4412 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
00:58:31.0675 4412 C:\Windows\System32\cscobj.dll - ok
00:58:31.0675 4412 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
00:58:31.0675 4412 C:\Windows\System32\rasdlg.dll - ok
00:58:31.0675 4412 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
00:58:31.0675 4412 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
00:58:31.0675 4412 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
00:58:31.0675 4412 C:\Windows\System32\mprapi.dll - ok
00:58:31.0690 4412 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
00:58:31.0690 4412 C:\Windows\System32\ntshrui.dll - ok
00:58:31.0690 4412 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
00:58:31.0690 4412 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
00:58:31.0690 4412 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
00:58:31.0690 4412 C:\Windows\System32\srchadmin.dll - ok
00:58:31.0690 4412 [ 299B03AF6CD4BA85273641A98437F840 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
00:58:31.0690 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe - ok
00:58:31.0706 4412 [ DEBF34BCF45FC4764CFF6F4CEBD1E03C ] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
00:58:31.0706 4412 C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe - ok
00:58:31.0706 4412 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
00:58:31.0706 4412 C:\Windows\SysWOW64\msvcp100.dll - ok
00:58:31.0706 4412 [ D3AC38E80E928CC61A22650E04423BB8 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
00:58:31.0706 4412 C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe - ok
00:58:31.0706 4412 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
00:58:31.0706 4412 C:\Windows\SysWOW64\msvcr100.dll - ok
00:58:31.0706 4412 [ 5E118E606E2AF56419A699210DFCF450 ] C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe
00:58:31.0706 4412 C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
00:58:31.0721 4412 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
00:58:31.0721 4412 C:\Windows\System32\SearchIndexer.exe - ok
To be contd..
anton_ego
2013-05-31, 19:30
Contd from above..
00:58:31.0721 4412 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
00:58:31.0721 4412 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
00:58:31.0721 4412 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
00:58:31.0721 4412 C:\Windows\System32\WWanAPI.dll - ok
00:58:31.0721 4412 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
00:58:31.0721 4412 C:\Windows\System32\tquery.dll - ok
00:58:31.0737 4412 [ 7451774B0E37082DB5F5C7A1A3C896CD ] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\fuj02b1.dll
00:58:31.0737 4412 C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\fuj02b1.dll - ok
00:58:31.0737 4412 [ 6867DD4CE47A815D27907A31C2761421 ] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\VFuj02b1.dll
00:58:31.0737 4412 C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\VFuj02b1.dll - ok
00:58:31.0737 4412 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
00:58:31.0737 4412 C:\Windows\System32\wwapi.dll - ok
00:58:31.0737 4412 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll
00:58:31.0737 4412 C:\Windows\System32\dxtrans.dll - ok
00:58:31.0737 4412 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
00:58:31.0737 4412 C:\Windows\System32\UIAnimation.dll - ok
00:58:31.0753 4412 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
00:58:31.0753 4412 C:\Windows\System32\QAGENT.DLL - ok
00:58:31.0753 4412 [ FD2031A7D5BBB95DC8A763D20B352A46 ] C:\Windows\System32\imgutil.dll
00:58:31.0753 4412 C:\Windows\System32\imgutil.dll - ok
00:58:31.0753 4412 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
00:58:31.0753 4412 C:\Windows\System32\ddrawex.dll - ok
00:58:31.0753 4412 [ 87BA98AD98D6587968AF13A7CDB577A9 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
00:58:31.0753 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll - ok
00:58:31.0753 4412 [ 2031DCC0083A134AF9451CD1402FFCE3 ] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
00:58:31.0753 4412 C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll - ok
00:58:31.0768 4412 [ C6A998D40A2699F1C58BB893B182BD22 ] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\BrightMgr.dll
00:58:31.0768 4412 C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\BrightMgr.dll - ok
00:58:31.0768 4412 [ 2F31597DA72FE328E1F7FEBF8548759C ] C:\Windows\System32\pngfilt.dll
00:58:31.0768 4412 C:\Windows\System32\pngfilt.dll - ok
00:58:31.0768 4412 [ EAFDCD34F5E4DFE1134628B5CF2F2555 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
00:58:31.0768 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll - ok
00:58:31.0768 4412 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
00:58:31.0768 4412 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
00:58:31.0784 4412 [ 730860F0D8032C05453F77A145687C1C ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
00:58:31.0784 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll - ok
00:58:31.0784 4412 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
00:58:31.0784 4412 C:\Windows\System32\mssrch.dll - ok
00:58:31.0784 4412 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
00:58:31.0784 4412 C:\Windows\System32\FXSST.dll - ok
00:58:31.0784 4412 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
00:58:31.0784 4412 C:\Windows\System32\FXSAPI.dll - ok
00:58:31.0784 4412 [ F584BBA1B0D3A7315F95A274134D4ABA ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
00:58:31.0784 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll - ok
00:58:31.0799 4412 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
00:58:31.0799 4412 C:\Windows\System32\FXSRESM.dll - ok
00:58:31.0799 4412 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
00:58:31.0799 4412 C:\Windows\System32\esent.dll - ok
00:58:31.0799 4412 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
00:58:31.0799 4412 C:\Windows\System32\FXSSVC.exe - ok
00:58:31.0799 4412 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll
00:58:31.0799 4412 C:\Windows\SysWOW64\sti.dll - ok
00:58:31.0815 4412 [ CC5CF2F2B39344BEC48259568D2E3617 ] C:\Program Files (x86)\Epson Software\Event Manager\ScanEngine30.dll
00:58:31.0815 4412 C:\Program Files (x86)\Epson Software\Event Manager\ScanEngine30.dll - ok
00:58:31.0815 4412 [ 03627093A13054951A8740D7C55782E5 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qsvg4.dll
00:58:31.0815 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qsvg4.dll - ok
00:58:31.0815 4412 [ 4B61D3ADA18EAE27EAF25FD14802690F ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
00:58:31.0815 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll - ok
00:58:31.0815 4412 [ 9DA048718B2520B419F18E19FDA3CAE9 ] C:\Program Files (x86)\Epson Software\Event Manager\ScnMgr10.dll
00:58:31.0815 4412 C:\Program Files (x86)\Epson Software\Event Manager\ScnMgr10.dll - ok
00:58:31.0815 4412 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
00:58:31.0815 4412 C:\Windows\System32\msidle.dll - ok
00:58:31.0831 4412 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
00:58:31.0831 4412 C:\Windows\System32\mssprxy.dll - ok
00:58:31.0831 4412 [ 167685C47B005B4B4CE8D3E09D576B90 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
00:58:31.0831 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe - ok
00:58:31.0831 4412 [ AA054490174EBD8E422D7AFDB98A83C3 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PfNet\6fa29d9fa053b0c9f2ab562c7cc52a4b\PfNet.ni.exe
00:58:31.0831 4412 C:\Windows\assembly\NativeImages_v2.0.50727_64\PfNet\6fa29d9fa053b0c9f2ab562c7cc52a4b\PfNet.ni.exe - ok
00:58:31.0846 4412 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
00:58:31.0846 4412 C:\Windows\SysWOW64\credui.dll - ok
00:58:31.0846 4412 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
00:58:31.0846 4412 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
00:58:31.0846 4412 [ A0CF76137D2F23C76C860CAD2C605780 ] C:\Windows\AppPatch\AcSpecfc.dll
00:58:31.0846 4412 C:\Windows\AppPatch\AcSpecfc.dll - ok
00:58:31.0846 4412 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
00:58:31.0846 4412 C:\Windows\SysWOW64\mscms.dll - ok
00:58:31.0862 4412 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
00:58:31.0862 4412 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
00:58:31.0862 4412 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
00:58:31.0862 4412 C:\Windows\SysWOW64\ddraw.dll - ok
00:58:31.0862 4412 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
00:58:31.0862 4412 C:\Windows\SysWOW64\dciman32.dll - ok
00:58:31.0877 4412 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
00:58:31.0877 4412 C:\Windows\SysWOW64\security.dll - ok
00:58:31.0877 4412 [ 7043D485AEAE435312659FF1461F1491 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSO.DLL
00:58:31.0877 4412 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSO.DLL - ok
00:58:31.0877 4412 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
00:58:31.0877 4412 C:\Windows\System32\en-US\tquery.dll.mui - ok
00:58:31.0877 4412 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
00:58:31.0877 4412 C:\Windows\System32\drmv2clt.dll - ok
00:58:31.0893 4412 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
00:58:31.0893 4412 C:\Windows\System32\wmdrmdev.dll - ok
00:58:31.0893 4412 [ 63E0B16CEBB27CAAD1D2970AF77934E0 ] C:\Windows\SysWOW64\TWAIN_32.DLL
00:58:31.0893 4412 C:\Windows\SysWOW64\TWAIN_32.DLL - ok
00:58:31.0893 4412 [ B458EB36499704E09EEA90A92C73A0A0 ] C:\Windows\SysWOW64\msvcrt20.dll
00:58:31.0893 4412 C:\Windows\SysWOW64\msvcrt20.dll - ok
00:58:31.0893 4412 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
00:58:31.0893 4412 C:\Windows\System32\wmploc.DLL - ok
00:58:31.0909 4412 [ 4C039E0834C937825264ED002702C7EA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PFNSwMain\07ceed744f89ae5da029d899e1ea79c6\PFNSwMain.ni.dll
00:58:31.0909 4412 C:\Windows\assembly\NativeImages_v2.0.50727_64\PFNSwMain\07ceed744f89ae5da029d899e1ea79c6\PFNSwMain.ni.dll - ok
00:58:31.0909 4412 [ B84FC6B9A1A7C620F3C1ED771125E68D ] C:\Program Files (x86)\Epson Software\Event Manager\EPNSM.dll
00:58:31.0909 4412 C:\Program Files (x86)\Epson Software\Event Manager\EPNSM.dll - ok
00:58:31.0909 4412 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
00:58:31.0909 4412 C:\Windows\SysWOW64\d3d9.dll - ok
00:58:31.0924 4412 [ 637124CDBFF5819CB8A8478838A33048 ] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
00:58:31.0924 4412 C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll - ok
00:58:31.0924 4412 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
00:58:31.0924 4412 C:\Windows\SysWOW64\NapiNSP.dll - ok
00:58:31.0924 4412 [ 2C88B7A18EE8FDB4135B64C603CCBD16 ] C:\Program Files (x86)\Microsoft Office\Office12\OLMAPI32.DLL
00:58:31.0924 4412 C:\Program Files (x86)\Microsoft Office\Office12\OLMAPI32.DLL - ok
00:58:31.0924 4412 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
00:58:31.0924 4412 C:\Windows\SysWOW64\pnrpnsp.dll - ok
00:58:31.0940 4412 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
00:58:31.0940 4412 C:\Windows\SysWOW64\winrnr.dll - ok
00:58:31.0940 4412 [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll
00:58:31.0940 4412 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok
00:58:31.0940 4412 [ 4112A6825D37BC799E9531B194265B4B ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffStateMc.dll
00:58:31.0940 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffStateMc.dll - ok
00:58:31.0955 4412 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
00:58:31.0955 4412 C:\Windows\SysWOW64\d3d8thk.dll - ok
00:58:31.0955 4412 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
00:58:31.0955 4412 C:\Windows\SysWOW64\pdh.dll - ok
00:58:31.0955 4412 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
00:58:31.0955 4412 C:\Windows\SysWOW64\msacm32.dll - ok
00:58:31.0955 4412 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
00:58:31.0955 4412 C:\Windows\SysWOW64\msimtf.dll - ok
00:58:31.0971 4412 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
00:58:31.0971 4412 C:\Windows\SysWOW64\wlanapi.dll - ok
00:58:31.0971 4412 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
00:58:31.0971 4412 C:\Windows\SysWOW64\wlanutil.dll - ok
00:58:31.0971 4412 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
00:58:31.0971 4412 C:\Windows\SysWOW64\avrt.dll - ok
00:58:31.0971 4412 [ E7F9C5D94B47C686CF54B60CB5A08FC3 ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\affNdis.dll
00:58:31.0971 4412 C:\Program Files (x86)\Belkin\Router Setup and Monitor\affNdis.dll - ok
00:58:31.0987 4412 ============================================================
00:58:31.0987 4412 Scan finished
00:58:31.0987 4412 ============================================================
00:58:31.0987 4396 Detected object count: 0
00:58:31.0987 4396 Actual detected object count: 0
00:58:37.0041 4004 Deinitialize success
The new OTL.txt file
OTL logfile created on: 31-05-2013 19:15:38 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sundhar\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
3.91 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 56.07% Memory free
7.83 Gb Paging File | 6.00 Gb Available in Paging File | 76.63% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 120.00 Gb Total Space | 32.29 Gb Free Space | 26.91% Space Free | Partition Type: NTFS
Drive D: | 157.46 Gb Total Space | 56.15 Gb Free Space | 35.66% Space Free | Partition Type: NTFS
Computer Name: SUNDHAR-PC | User Name: Sundhar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Sundhar\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
PRC - C:\Windows\vsnp2uvc.exe (Sonix)
PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
========== Modules (No Company Name) ==========
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._core_.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_ssl.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._windows_.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._gdi_.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._misc_.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_hashlib.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\pythoncom27.dll ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32com.shell.shell.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_elementtree.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._wizard.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32file.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\PyWinTypes27.dll ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32security.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32api.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_ctypes.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._html2.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_socket.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32inet.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32process.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\_multiprocessing.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32pdh.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32ts.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32profile.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32crypt.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\wx._controls_.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\win32event.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\pyexpat.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\unicodedata.pyd ()
MOD - C:\Users\Sundhar\AppData\Local\Temp\_MEI27962\select.pyd ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (NIApplicationWebServer64) -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe File not found
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (PFNService) -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe (FUJITSU LIMITED)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (PowerSavingUtilityService) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (CSObjectsSrv) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AffinegyService) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
DRV:64bit: - (SRS_AE_Service) -- C:\Windows\SysNative\drivers\SRS_AE_amd64.sys ()
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (CSCrySec) -- C:\Windows\SysNative\drivers\CSCrySec.sys (Infowatch)
DRV:64bit: - (CSVirtualDiskDrv) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.sys (FUJITSU LIMITED)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED)
DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ts.fujitsu.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG_enNO487
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
To be contd..
anton_ego
2013-05-31, 19:30
Contd from above..
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Sundhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sundhar\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sundhar\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.2: C:\Users\Sundhar\AppData\Roaming\TorrentStream\player\npts_plugin.dll File not found
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-13 13:06:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-05-21 21:52:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-05-21 21:52:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-05-21 21:52:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-05-21 21:52:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-05-21 21:52:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Sundhar\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
[2013-01-15 19:59:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Extensions
[2013-03-05 10:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Firefox\C\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions
[2013-03-05 10:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Firefox\C\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions\staged
[2013-05-29 20:55:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions
[2013-05-29 20:55:58 | 000,000,000 | ---D | M] (Youtube High Definition) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
[2013-05-22 01:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013-05-22 01:23:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: National Instruments LabVIEW 2010 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2010win32.dll
CHR - plugin: National Instruments LabVIEW 9.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv90win32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Adblock Plus = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google Search = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
CHR - Extension: ESPN Cricinfo = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlklinjgampohhihndkofhhaahoicoip\1.0.0_0\
CHR - Extension: Safe Money = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
CHR - Extension: SimilarWeb = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp\2.0.0.4_0\
CHR - Extension: Virtual Keyboard = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Gmail = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\
O1 HOSTS File: ([2013-05-31 19:10:10 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [SmartVoip] C:\Program Files (x86)\SmartVoip.com\SmartVoip\SmartVoip.exe (SmartVoip)
O4 - Startup: C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07C82958-E9E2-440A-AF17-3FB93F560E1B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA4A2F12-02C0-47B3-A2A7-144E72F460D6}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\RunGame.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\H\Shell\setup\command - "" = H:\setup.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\CDCheck.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\autorun.exe
O33 - MountPoints2\J\Shell\setup\command - "" = J:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-05-31 19:09:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-05-30 16:34:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Performance Trends
[2013-05-26 15:27:02 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013-05-26 05:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2013-05-26 05:35:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2013-05-24 15:48:45 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\Octoshape
[2013-05-24 03:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CricketAcademyBeta
[2013-05-24 03:30:09 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cricket Academy Beta
[2013-05-23 16:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013-05-22 01:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-05-22 00:53:58 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013-05-21 22:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2013-05-21 21:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
[2013-05-21 21:53:14 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013-05-21 21:52:56 | 000,084,536 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2013-05-21 21:52:56 | 000,066,616 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2013-05-21 21:52:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013-05-21 21:52:35 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013-05-21 21:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
[2013-05-21 02:26:49 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\Desktop\rkill
[2013-05-19 15:49:04 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\PDAppFlex
[2013-05-19 15:35:37 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\SolidDocuments
[2013-05-19 15:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013-05-19 15:22:02 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\YCanPDF
[2013-05-19 15:16:13 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013-05-13 12:22:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013-05-13 12:21:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013-05-13 12:19:27 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013-05-11 19:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
[2013-05-11 19:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Video Converter
[2013-05-11 19:14:10 | 015,728,768 | ---- | C] (EffectMatrix Inc. ) -- C:\Users\Sundhar\Desktop\tvc.exe
[2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\DassaultSystemes
[2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\DassaultSystemes
[2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DassaultSystemes
[2013-05-07 20:28:49 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{FFEB5070-73C9-48F6-941F-7530CDDEBC5A}
[2013-05-06 15:35:56 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{E3CCEAA2-634D-482E-AC1D-4CA24CBFE149}
[2013-05-02 19:24:07 | 000,441,104 | ---- | C] (Hide My IP) -- C:\Windows\SysNative\HMIPCore64.dll
[2013-05-02 19:23:56 | 000,342,288 | ---- | C] (Hide My IP) -- C:\Windows\SysWow64\HMIPCore.dll
========== Files - Modified Within 30 Days ==========
[2013-05-31 19:16:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-05-31 19:13:18 | 000,000,550 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
[2013-05-31 19:12:52 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-05-31 19:12:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-05-31 19:12:24 | 3152,506,880 | -HS- | M] () -- C:\hiberfil.sys
[2013-05-31 19:11:52 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-05-31 19:11:52 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-05-31 19:10:10 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013-05-31 19:05:11 | 000,000,121 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013-05-31 18:54:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
[2013-05-31 18:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-05-31 18:26:10 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
[2013-05-31 11:54:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
[2013-05-30 22:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
[2013-05-27 09:40:00 | 000,782,748 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-05-27 09:40:00 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-05-27 09:40:00 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-05-26 17:20:07 | 002,350,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-05-26 15:34:17 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk
[2013-05-26 05:32:01 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2013-05-24 20:16:12 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-05-24 03:30:10 | 000,001,147 | ---- | M] () -- C:\Users\Sundhar\Desktop\Cricket Academy Beta.lnk
[2013-05-23 16:50:18 | 000,001,711 | ---- | M] () -- C:\Users\Sundhar\Desktop\Google Drive.lnk
[2013-05-22 01:45:25 | 000,000,189 | ---- | M] () -- C:\Users\Sundhar\Desktop\register.bat
[2013-05-20 06:59:25 | 000,009,910 | ---- | M] () -- C:\Users\Sundhar\Documents\MEC-3050-56_Tentti31102012.pdf
[2013-05-15 15:31:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-05-15 15:31:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-05-15 15:31:06 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013-05-13 12:20:31 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013-05-11 19:14:30 | 000,001,018 | ---- | M] () -- C:\Users\Sundhar\Desktop\Total Video Converter.lnk
[2013-05-11 19:14:30 | 000,000,987 | ---- | M] () -- C:\Users\Sundhar\Desktop\Total Video Player.lnk
[2013-05-11 19:14:14 | 015,728,768 | ---- | M] (EffectMatrix Inc. ) -- C:\Users\Sundhar\Desktop\tvc.exe
[2013-05-11 01:13:25 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013-05-02 20:41:57 | 000,003,912 | ---- | M] () -- C:\Windows\SysWow64\HideMyIpSRV.ini
[2013-05-02 20:41:57 | 000,002,096 | ---- | M] () -- C:\Windows\SysWow64\HideMyIpSRVOff.ini
[2013-05-02 20:41:57 | 000,002,096 | ---- | M] () -- C:\Windows\SysNative\HideMyIpSRVOff.ini
========== Files Created - No Company Name ==========
[2013-05-31 19:05:03 | 000,000,121 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013-05-26 17:32:01 | 000,001,061 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013-05-26 15:34:17 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk
[2013-05-26 05:32:01 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2013-05-24 03:30:10 | 000,001,147 | ---- | C] () -- C:\Users\Sundhar\Desktop\Cricket Academy Beta.lnk
[2013-05-23 16:50:18 | 000,001,711 | ---- | C] () -- C:\Users\Sundhar\Desktop\Google Drive.lnk
[2013-05-22 01:45:25 | 000,000,189 | ---- | C] () -- C:\Users\Sundhar\Desktop\register.bat
[2013-05-20 06:59:16 | 000,009,910 | ---- | C] () -- C:\Users\Sundhar\Documents\MEC-3050-56_Tentti31102012.pdf
[2013-05-13 12:20:31 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013-05-13 12:19:27 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013-05-13 12:19:27 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013-05-11 19:14:30 | 000,001,018 | ---- | C] () -- C:\Users\Sundhar\Desktop\Total Video Converter.lnk
[2013-05-11 19:14:30 | 000,000,987 | ---- | C] () -- C:\Users\Sundhar\Desktop\Total Video Player.lnk
[2013-05-11 01:13:25 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013-05-11 01:13:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013-05-02 19:23:36 | 000,003,912 | ---- | C] () -- C:\Windows\SysWow64\HideMyIpSRV.ini
[2013-05-02 19:23:36 | 000,002,096 | ---- | C] () -- C:\Windows\SysWow64\HideMyIpSRVOff.ini
[2013-05-02 19:23:36 | 000,002,096 | ---- | C] () -- C:\Windows\SysNative\HideMyIpSRVOff.ini
[2012-12-04 22:57:22 | 000,026,895 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012-08-28 10:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012-08-28 10:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012-08-28 10:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012-08-28 10:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012-08-28 10:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012-08-26 23:46:16 | 000,017,408 | ---- | C] () -- C:\Users\Sundhar\AppData\Local\WebpageIcons.db
[2012-08-26 17:03:35 | 000,012,229 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Comma Separated Values (Windows).CAL
[2012-08-26 13:21:37 | 000,097,792 | ---- | C] () -- C:\Windows\FunambolAddin.dll
[2012-08-25 11:43:42 | 720,432,986 | ---- | C] () -- C:\Users\Sundhar\www.TamilRockers.net - Urumi (2012) Tamil - DVD-Rip - 1CD - Xvid - 700MB.avi
[2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\gettopdirloc.exe
[2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\getstopdirloc.exe
[2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\getruntime.exe
[2012-08-21 23:14:15 | 000,016,384 | ---- | C] () -- C:\Windows\w9xpopen.exe
[2012-06-11 02:04:45 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2012-06-11 02:04:45 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012-06-11 02:04:45 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
========== ZeroAccess Check ==========
[2009-07-14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 08:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 07:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 06:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
I think that's pretty much it.
Awaiting ur reply.
SS
Hi anton_ego,
1. RogueKiller
Download to your desktop RogueKiller (http://tigzy.geekstogo.com/roguekiller.html) (by tigzy)
Right click and select "Run as Administrator"
Quit all programs
Wait until Prescan has finished ...
Click on Scan, Do Not Fix Anything at this point.
Click the Report button, save the report to your desktop
=========================
2. ComboFix
Refer to the ComboFix User's Guide (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)
Download ComboFix from the following location:
Link (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
* IMPORTANT !!! Place ComboFix.exe on your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
You can get help on disabling your protection programs here (http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/490111-how-disable-your-security-applications.html)
Double click on ComboFix.exe & follow the prompts.
Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
When finished, it shall produce a log for you. Post that log in your next reply
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
---------------------------------------------------------------------------------------------
Ensure your AntiVirus and AntiSpyware applications are re-enabled.
---------------------------------------------------------------------------------------------
NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
=========================
In your next post please provide the following:
RKreport[1].txt
ComboFix.txt
anton_ego
2013-06-01, 14:25
Hi. Here are the news log files.
RKReport.txt
RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Sundhar [Admin rights]
Mode : Scan -- Date : 06/01/2013 12:26:09
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
ÿþ1
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543232A7A384 +++++
--- User ---
[MBR] 9d8b5e79b9be8e10e0a7a81af670be43
61182d56c6f82882d08c53cb6ab2c91e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 2117 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 4339712 | Size: 303125 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_06012013_02d1226.txt >>
RKreport[1]_S_06012013_02d1226.txt
[B]ComboFix.txt
ComboFix 13-05-31.02 - Sundhar 01-06-2013 12:31:33.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.358.1033.18.4009.1749 [GMT 3:00]
Sijainti: c:\users\Sundhar\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\programdata\Roaming
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_ctypes.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_elementtree.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_hashlib.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_multiprocessing.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_socket.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\_ssl.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\pyexpat.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\pysqlite2._sqlite.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\python27.dll
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\pythoncom27.dll
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\PyWinTypes27.dll
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\select.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\unicodedata.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32api.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32com.shell.shell.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32crypt.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32event.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32file.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32inet.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32pdh.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32process.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32profile.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32security.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\win32ts.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\windows._cacheinvalidation.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._controls_.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._core_.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._gdi_.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._html2.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._misc_.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._windows_.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wx._wizard.pyd
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxbase294u_net_vc90.dll
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxbase294u_vc90.dll
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxmsw294u_adv_vc90.dll
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxmsw294u_core_vc90.dll
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxmsw294u_html_vc90.dll
c:\users\Sundhar\AppData\Local\Temp\_MEI28522\wxmsw294u_webview_vc90.dll
c:\users\Sundhar\AppData\Roaming\system32
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\drivers\10CF_FUJITSU_FTS_LIFEBOOK AH531 GFO_PI_FUJITSU_FJNBB10_Default System BIOS_FUJ - 1_1.19_Intel(R) HD Graphics Family_NVIDIA GeForce GT 525M .MRK
c:\windows\SysWow64\muzapp.exe
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2013-05-01 to 2013-06-01 )))))))))))))))))
.
.
2013-06-01 09:48 . 2013-06-01 09:48 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-06-01 08:53 . 2013-06-01 08:53 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 21:35 . 2013-05-31 21:35 -------- d-----w- c:\program files\Microsoft Silverlight
2013-05-31 21:35 . 2013-05-31 21:35 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-05-31 19:17 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-31 19:17 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-31 19:17 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-31 19:15 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-31 18:46 . 2013-05-31 18:46 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive
2013-05-31 18:46 . 2013-06-01 09:28 -------- d-----r- c:\users\Sundhar\SkyDrive
2013-05-31 18:45 . 2013-05-31 18:45 -------- d-----w- c:\programdata\Microsoft SkyDrive
2013-05-31 17:43 . 2013-05-31 17:43 -------- d-----w- c:\windows\system32\ms-MY
2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\pl-PL
2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\zh-CN
2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\ja-JP
2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-BR
2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-PT
2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL
2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\it-IT
2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\de-DE
2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\fr-FR
2013-05-31 17:41 . 2013-05-31 17:41 -------- d-----w- c:\windows\system32\drivers\UMDF\es-ES
2013-05-31 17:40 . 2013-05-31 17:42 -------- d-----w- c:\program files\Zune
2013-05-31 16:09 . 2013-05-31 16:09 -------- d-----w- C:\_OTL
2013-05-31 16:05 . 2013-05-31 16:05 121 ----a-w- c:\windows\DeleteOnReboot.bat
2013-05-30 13:34 . 2013-05-30 13:34 -------- d-----w- c:\program files (x86)\Performance Trends
2013-05-26 02:42 . 2013-05-26 02:42 -------- d-----w- c:\programdata\Age of Empires 3
2013-05-26 02:38 . 2006-11-21 17:48 203576 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
2013-05-26 02:35 . 2013-05-26 02:38 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games
2013-05-26 02:35 . 2006-08-30 22:03 34304 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\SetupENU2.dll
2013-05-24 12:48 . 2013-05-26 13:53 -------- d-----w- c:\users\Sundhar\AppData\Roaming\Octoshape
2013-05-24 00:30 . 2013-05-24 00:30 -------- d-----w- c:\program files (x86)\CricketAcademyBeta
2013-05-21 21:53 . 2013-05-21 21:53 -------- d-----w- C:\TDSSKiller_Quarantine
2013-05-21 19:14 . 2013-05-21 19:14 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2013-05-21 18:53 . 2012-07-11 14:09 64856 ----a-w- c:\windows\system32\klfphc.dll
2013-05-21 18:52 . 2013-05-21 18:52 -------- dc----w- c:\windows\system32\DRVSTORE
2013-05-21 18:52 . 2011-06-02 11:39 84536 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
2013-05-21 18:52 . 2011-06-02 11:39 66616 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2013-05-21 18:52 . 2013-05-21 18:52 -------- d-----w- c:\windows\ELAMBKUP
2013-05-21 18:52 . 2013-05-21 18:52 -------- d-----w- c:\program files (x86)\Common Files\InfoWatch
2013-05-19 12:49 . 2013-05-19 12:49 -------- d-----w- c:\users\Sundhar\AppData\Roaming\PDAppFlex
2013-05-19 12:35 . 2013-05-19 12:35 -------- d-----w- c:\users\Sundhar\AppData\Roaming\SolidDocuments
2013-05-19 12:33 . 2013-05-19 12:33 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-05-19 12:22 . 2013-05-19 12:22 -------- d-----w- c:\users\Sundhar\AppData\Roaming\YCanPDF
2013-05-19 12:16 . 2013-05-19 12:16 -------- d-----w- c:\users\Sundhar\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2013-05-13 09:19 . 2013-04-18 10:09 37344 ----a-w- c:\windows\SysWow64\FsUsbExDisk.Sys
2013-05-13 09:19 . 2013-04-18 10:09 233472 ----a-w- c:\windows\SysWow64\FsUsbExService.Exe
2013-05-13 09:19 . 2012-08-28 07:05 110592 ----a-w- c:\windows\SysWow64\FsUsbExDevice.Dll
2013-05-11 16:14 . 2013-05-11 16:14 -------- d-----w- c:\program files (x86)\Total Video Converter
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-10 22:20 . 2013-05-10 22:20 -------- d-----w- c:\users\Sundhar\AppData\Roaming\DassaultSystemes
2013-05-10 22:20 . 2013-05-10 22:20 -------- d-----w- c:\users\Sundhar\AppData\Local\DassaultSystemes
2013-05-10 22:20 . 2013-05-10 22:20 -------- d-----w- c:\programdata\DassaultSystemes
2013-05-02 16:24 . 2012-12-11 09:12 441104 ----a-w- c:\windows\system32\HMIPCore64.dll
2013-05-02 16:23 . 2012-12-11 09:12 342288 ----a-w- c:\windows\SysWow64\HMIPCore.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-18 06:52 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 12:31 . 2012-08-15 07:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 12:31 . 2012-08-15 07:16 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 12:31 . 2013-03-12 19:31 17613192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-03 13:15 . 2012-08-21 15:33 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-04-13 05:49 . 2013-05-31 19:16 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-31 19:16 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-31 19:16 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-31 19:16 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-31 19:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-31 19:16 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-04 02:35 . 2013-04-25 14:46 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-23 01:09 . 2013-03-23 01:09 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2013-03-16 06:30 . 2013-03-16 06:30 4546560 ----a-w- c:\windows\SysWow64\GPhotos.scr
2013-03-14 09:41 . 2013-03-14 09:44 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
2013-03-14 09:41 . 2013-03-14 09:43 83968 ----a-w- c:\windows\system32\E_ID4BHAE.DLL
2013-03-14 09:41 . 2013-03-14 09:43 120320 ----a-w- c:\windows\system32\E_ILMHAE.DLL
2013-03-11 08:59 . 2012-11-06 18:05 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-11 08:59 . 2012-11-06 18:05 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-31 18:45 222808 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-31 18:45 222808 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-31 18:45 222808 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-12-20 15:20 459784 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376]
"Microsoft Office Outlook"="c:\progra~2\MICROS~3\Office12\OUTLOOK.EXE" [2012-10-20 13007440]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-04-16 19662744]
"SmartVoip"="c:\program files (x86)\SmartVoip.com\SmartVoip\SmartVoip.exe" [2013-04-02 19204416]
"SkyDrive"="c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-05-31 256600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\LaunchCenter.exe [2011-4-12 375296]
.
c:\users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\LaunchCenter.exe [2011-4-12 375296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux7"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
"DeskUpdateNotifier"="c:\fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"KiesTrayAgent"=c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCam.exe" /s
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe"
"InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2011-03-08 46592]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS [2013-04-18 37344]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-03-24 34200]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
R3 SRS_AE_Service;SRS Audio;c:\windows\system32\drivers\SRS_AE_amd64.sys [2012-06-21 549704]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-15 1255736]
R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys [2011-06-02 84536]
S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys [2009-06-24 21104]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-08 30568]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2011-06-02 66616]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-10-18 54104]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 CSObjectsSrv;CryptoStorage control service;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2012-05-16 69640]
S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-10-07 331776]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe [2010-06-17 63336]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-12-08 2028864]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2012-02-16 31216]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys [2006-11-01 7296]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-03-24 25496]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-09-03 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-09-03 29528]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-05-07 245792]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-24 17:16 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
'Ajoitetut tehtävät'-kansion sisältö
.
2013-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 12:31]
.
2013-05-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
- c:\users\Sundhar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-16 19:42]
.
2013-06-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
- c:\users\Sundhar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-16 19:42]
.
2013-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16 19:28]
.
2013-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16 19:28]
.
2013-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
- c:\users\Sundhar\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-20 16:33]
.
2013-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
- c:\users\Sundhar\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-20 16:33]
.
2013-06-01 c:\windows\Tasks\MATLAB R2011b Startup Accelerator.job
- c:\program files\MATLAB\R2011b\bin\win64\MATLABStartupAccelerator.exe [2012-06-11 14:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-31 18:45 261704 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-31 18:45 261704 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-31 18:45 261704 ----a-w- c:\users\Sundhar\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Sundhar\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 13:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 13:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 13:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 13:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-12-20 15:22 492040 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-08-13 662016]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-07 11663464]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2010-11-13 199528]
"PfNet"="c:\program files\Fujitsu\Plugfree NETWORK\PfNet.exe" [2010-10-07 6311424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2010-07-16 162416]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2010-06-08 45680]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2010-07-09 21616]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-05 1933584]
"FDM7"="c:\program files\Fujitsu\FDM7\FdmDaemon.exe" [2009-11-26 164712]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Täydentävä tarkistus -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath -
.
- - - - POISTETUT JÄMÄRIVIT - - - -
.
Toolbar-Locked - (no file)
SafeBoot-18173901.sys
SafeBoot-56669000.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-TorrentStream - c:\users\Sundhar\AppData\Roaming\TorrentStream\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BFE]
"ImagePath"="."
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc]
"ImagePath"="."
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Muut prosessit ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Valmistumisajankohta: 2013-06-01 13:02:24 - kone käynnistettiin uudelleen
ComboFix-quarantined-files.txt 2013-06-01 10:02
.
Ennen ajoa: 27,694,460,928 bytes free
Ajon jälkeen: 27,913,506,816 bytes free
.
- - End Of File - - 28CCED48AEBC74BA9D37A55E11D57288
BR,
SS
Hi anton_ego,
1. Re-run OTL (it should be located on your desktop).
Windows Vista and Windows 7 & 8 users Right Click and select "Run as Administrator" on the icon to run it.
Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Uncheck the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open one notepad window. OTL.Txt. (No Extras.txt will be produced)
Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.
=========================
In your next post please provide the following:
OTL.txt
How is the computer running?
anton_ego
2013-06-02, 11:05
Hi OCD,
Here is the new OTL log file.
OTL.txt
OTL logfile created on: 02-06-2013 10:51:32 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sundhar\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
3.91 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 63.38% Memory free
7.83 Gb Paging File | 6.05 Gb Available in Paging File | 77.27% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 120.00 Gb Total Space | 25.32 Gb Free Space | 21.10% Space Free | Partition Type: NTFS
Drive D: | 157.46 Gb Total Space | 55.21 Gb Free Space | 35.06% Space Free | Partition Type: NTFS
Drive F: | 1.02 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: SUNDHAR-PC | User Name: Sundhar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Sundhar\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
PRC - C:\Windows\vsnp2uvc.exe (Sonix)
PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:[b]64bit: - (NIApplicationWebServer64) -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe File not found
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (PFNService) -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe (FUJITSU LIMITED)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (PowerSavingUtilityService) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (CSObjectsSrv) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AffinegyService) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
DRV:64bit: - (SRS_AE_Service) -- C:\Windows\SysNative\drivers\SRS_AE_amd64.sys ()
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (CSCrySec) -- C:\Windows\SysNative\drivers\CSCrySec.sys (Infowatch)
DRV:64bit: - (CSVirtualDiskDrv) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (btmaudio) -- C:\Windows\SysNative\drivers\btmaud.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.sys (FUJITSU LIMITED)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED)
DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{8BF7586B-60A1-4118-920A-5B08B92E1F4F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG_enNO487
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Sundhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Sundhar\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sundhar\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sundhar\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.2: C:\Users\Sundhar\AppData\Roaming\TorrentStream\player\npts_plugin.dll File not found
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-13 13:06:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-05-21 21:52:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-05-21 21:52:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-05-21 21:52:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-05-21 21:52:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-05-21 21:52:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Sundhar\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
[2013-01-15 19:59:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Extensions
[2013-03-05 10:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Firefox\C\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions
[2013-03-05 10:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Firefox\C\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions\staged
[2013-05-29 20:55:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions
[2013-05-29 20:55:58 | 000,000,000 | ---D | M] (Youtube High Definition) -- C:\Users\Sundhar\AppData\Roaming\Mozilla\Profiles\dfxfroit.Default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
[2013-05-22 01:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013-05-22 01:23:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: National Instruments LabVIEW 2010 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2010win32.dll
CHR - plugin: National Instruments LabVIEW 9.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv90win32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Sundhar\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Adblock Plus = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google Search = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
CHR - Extension: ESPN Cricinfo = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlklinjgampohhihndkofhhaahoicoip\1.0.0_0\
CHR - Extension: Safe Money = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
CHR - Extension: SimilarWeb = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp\2.0.0.4_0\
CHR - Extension: Virtual Keyboard = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Gmail = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Sundhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\
O1 HOSTS File: ([2013-06-01 12:50:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [SkyDrive] C:\Users\Sundhar\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SmartVoip] C:\Program Files (x86)\SmartVoip.com\SmartVoip\SmartVoip.exe (SmartVoip)
O4 - Startup: C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sundhar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07C82958-E9E2-440A-AF17-3FB93F560E1B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA4A2F12-02C0-47B3-A2A7-144E72F460D6}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-06-01 12:50:33 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013-06-01 12:48:03 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-06-01 12:28:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013-06-01 12:28:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013-06-01 12:28:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013-06-01 12:28:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-06-01 12:28:19 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013-06-01 12:26:51 | 005,076,038 | R--- | C] (Swearware) -- C:\Users\Sundhar\Desktop\ComboFix.exe
[2013-06-01 11:55:08 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013-06-01 11:55:08 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013-06-01 11:55:08 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013-06-01 11:55:08 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013-06-01 11:55:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013-06-01 11:55:08 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013-06-01 11:55:08 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013-06-01 11:55:08 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013-06-01 11:55:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013-06-01 11:55:07 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-06-01 11:55:07 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-06-01 11:55:07 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013-06-01 11:55:07 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013-06-01 11:55:07 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013-06-01 11:55:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013-06-01 11:55:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013-06-01 11:55:07 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013-06-01 11:55:07 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013-06-01 11:55:07 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013-06-01 11:55:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013-06-01 11:55:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013-06-01 11:55:06 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013-06-01 11:55:06 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013-06-01 11:55:06 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013-06-01 11:55:06 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013-06-01 11:55:06 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013-06-01 11:55:06 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013-06-01 11:55:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013-06-01 11:55:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013-06-01 11:55:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013-06-01 11:55:06 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013-06-01 11:55:05 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013-06-01 11:55:04 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013-06-01 11:55:04 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013-06-01 11:55:04 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013-06-01 11:55:04 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013-06-01 11:55:04 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-06-01 11:55:04 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013-06-01 11:55:04 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013-06-01 11:55:04 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013-06-01 11:55:04 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013-06-01 11:55:04 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013-06-01 11:55:04 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013-06-01 11:55:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013-06-01 11:55:04 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013-06-01 11:55:04 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013-06-01 11:55:04 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013-06-01 11:55:04 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013-06-01 11:55:04 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013-06-01 11:55:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013-06-01 11:55:04 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013-06-01 11:55:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013-06-01 11:55:04 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013-06-01 11:55:03 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-06-01 11:55:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-06-01 11:55:03 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-06-01 11:55:03 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013-06-01 11:55:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013-06-01 11:55:03 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013-06-01 11:55:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013-06-01 11:55:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013-06-01 11:55:03 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013-06-01 11:55:03 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013-06-01 11:55:03 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013-06-01 11:55:03 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013-06-01 11:55:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013-06-01 11:55:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013-06-01 11:55:03 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013-06-01 11:53:49 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013-06-01 11:53:49 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013-06-01 11:53:49 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013-06-01 11:53:49 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013-06-01 11:53:49 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013-06-01 11:53:49 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013-06-01 11:53:49 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013-06-01 11:53:49 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013-06-01 11:53:49 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013-06-01 11:53:49 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013-06-01 11:53:49 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013-06-01 11:53:49 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013-06-01 11:53:49 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013-06-01 11:53:49 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013-06-01 11:53:49 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013-06-01 11:53:49 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013-06-01 11:53:49 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013-06-01 11:53:49 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013-06-01 11:53:49 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013-06-01 11:53:49 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013-06-01 11:53:49 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013-06-01 11:53:49 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013-06-01 11:53:49 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013-06-01 11:53:49 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-06-01 11:53:49 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-06-01 11:53:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-06-01 11:53:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-06-01 11:53:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-06-01 11:53:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-06-01 11:53:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013-06-01 11:53:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013-06-01 11:53:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-06-01 11:53:49 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-06-01 11:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
To be contd..
anton_ego
2013-06-02, 11:06
Contd from above..
[2013-06-01 00:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013-06-01 00:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013-05-31 22:17:01 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013-05-31 22:17:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013-05-31 22:16:54 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013-05-31 22:16:53 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013-05-31 22:16:53 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013-05-31 22:16:53 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013-05-31 22:16:53 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013-05-31 22:16:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013-05-31 22:16:08 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013-05-31 22:16:07 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013-05-31 22:16:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013-05-31 22:16:07 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013-05-31 22:15:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013-05-31 22:15:29 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013-05-31 22:15:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013-05-31 22:15:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013-05-31 22:15:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013-05-31 22:15:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013-05-31 22:15:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013-05-31 22:15:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013-05-31 22:15:19 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013-05-31 22:15:02 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013-05-31 22:15:02 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013-05-31 22:15:01 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013-05-31 22:15:01 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013-05-31 22:15:00 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013-05-31 22:15:00 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013-05-31 21:46:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013-05-31 21:46:01 | 000,000,000 | R--D | C] -- C:\Users\Sundhar\SkyDrive
[2013-05-31 21:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013-05-31 20:43:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ms-MY
[2013-05-31 20:42:16 | 000,000,000 | R--D | C] -- C:\Users\Sundhar\Podcasts
[2013-05-31 20:42:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013-05-31 20:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
[2013-05-31 20:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\Zune
[2013-05-31 20:11:03 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{C7DF535E-9E69-4C15-89E9-8CCAAF66E1F8}
[2013-05-31 19:09:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-05-30 16:34:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Performance Trends
[2013-05-26 15:27:02 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013-05-26 05:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2013-05-26 05:35:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2013-05-24 15:48:45 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\Octoshape
[2013-05-24 03:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CricketAcademyBeta
[2013-05-24 03:30:09 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cricket Academy Beta
[2013-05-23 16:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013-05-22 01:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-05-22 00:53:58 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013-05-21 22:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2013-05-21 21:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
[2013-05-21 21:53:14 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013-05-21 21:52:56 | 000,084,536 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2013-05-21 21:52:56 | 000,066,616 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2013-05-21 21:52:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013-05-21 21:52:35 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013-05-21 21:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
[2013-05-21 02:26:49 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\Desktop\rkill
[2013-05-19 15:49:04 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\PDAppFlex
[2013-05-19 15:35:37 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\SolidDocuments
[2013-05-19 15:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013-05-19 15:22:02 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\YCanPDF
[2013-05-19 15:16:13 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013-05-13 12:22:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013-05-13 12:21:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013-05-13 12:19:27 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013-05-11 19:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
[2013-05-11 19:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Video Converter
[2013-05-11 19:14:10 | 015,728,768 | ---- | C] (EffectMatrix Inc. ) -- C:\Users\Sundhar\Desktop\tvc.exe
[2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Roaming\DassaultSystemes
[2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\DassaultSystemes
[2013-05-11 01:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DassaultSystemes
[2013-05-07 20:28:49 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{FFEB5070-73C9-48F6-941F-7530CDDEBC5A}
[2013-05-06 15:35:56 | 000,000,000 | ---D | C] -- C:\Users\Sundhar\AppData\Local\{E3CCEAA2-634D-482E-AC1D-4CA24CBFE149}
========== Files - Modified Within 30 Days ==========
[2013-06-02 10:54:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
[2013-06-02 10:47:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001UA.job
[2013-06-02 10:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-06-02 10:16:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-06-02 10:09:40 | 000,000,550 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
[2013-06-02 10:08:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-06-02 00:51:07 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
[2013-06-01 13:11:33 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-06-01 13:11:33 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-06-01 13:04:45 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-06-01 13:03:56 | 3152,506,880 | -HS- | M] () -- C:\hiberfil.sys
[2013-06-01 12:50:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013-06-01 12:27:05 | 005,076,038 | R--- | M] (Swearware) -- C:\Users\Sundhar\Desktop\ComboFix.exe
[2013-06-01 12:10:45 | 002,350,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-06-01 11:55:08 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013-06-01 11:55:08 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013-06-01 11:55:08 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013-06-01 11:55:08 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013-06-01 11:55:08 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013-06-01 11:55:08 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013-06-01 11:55:08 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013-06-01 11:55:08 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013-06-01 11:55:08 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013-06-01 11:55:08 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013-06-01 11:55:07 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-06-01 11:55:07 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-06-01 11:55:07 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013-06-01 11:55:07 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013-06-01 11:55:07 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013-06-01 11:55:07 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013-06-01 11:55:07 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013-06-01 11:55:07 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013-06-01 11:55:07 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013-06-01 11:55:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013-06-01 11:55:07 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013-06-01 11:55:06 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013-06-01 11:55:06 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013-06-01 11:55:06 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013-06-01 11:55:06 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013-06-01 11:55:06 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013-06-01 11:55:06 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013-06-01 11:55:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013-06-01 11:55:06 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013-06-01 11:55:06 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013-06-01 11:55:06 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013-06-01 11:55:06 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013-06-01 11:55:05 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013-06-01 11:55:04 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013-06-01 11:55:04 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013-06-01 11:55:04 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013-06-01 11:55:04 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013-06-01 11:55:04 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-06-01 11:55:04 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013-06-01 11:55:04 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013-06-01 11:55:04 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013-06-01 11:55:04 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013-06-01 11:55:04 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013-06-01 11:55:04 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013-06-01 11:55:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013-06-01 11:55:04 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013-06-01 11:55:04 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013-06-01 11:55:04 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013-06-01 11:55:04 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013-06-01 11:55:04 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013-06-01 11:55:04 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013-06-01 11:55:04 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013-06-01 11:55:04 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013-06-01 11:55:04 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013-06-01 11:55:04 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013-06-01 11:55:03 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-06-01 11:55:03 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-06-01 11:55:03 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-06-01 11:55:03 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013-06-01 11:55:03 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013-06-01 11:55:03 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013-06-01 11:55:03 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013-06-01 11:55:03 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013-06-01 11:55:03 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013-06-01 11:55:03 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013-06-01 11:55:03 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013-06-01 11:55:03 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013-06-01 11:55:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013-06-01 11:55:03 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013-06-01 11:55:03 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013-06-01 11:54:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929397922-3892970607-1167041678-1001Core.job
[2013-06-01 11:53:49 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013-06-01 11:53:49 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013-06-01 11:53:49 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013-06-01 11:53:49 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013-06-01 11:53:49 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013-06-01 11:53:49 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013-06-01 11:53:49 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013-06-01 11:53:49 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013-06-01 11:53:49 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013-06-01 11:53:49 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013-06-01 11:53:49 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013-06-01 11:53:49 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013-06-01 11:53:49 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013-06-01 11:53:49 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013-06-01 11:53:49 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013-06-01 11:53:49 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013-06-01 11:53:49 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013-06-01 11:53:49 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013-06-01 11:53:49 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013-06-01 11:53:49 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013-06-01 11:53:49 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013-06-01 11:53:49 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013-06-01 11:53:49 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013-06-01 11:53:49 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-06-01 11:53:49 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-06-01 11:53:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-06-01 11:53:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-06-01 11:53:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-06-01 11:53:49 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-06-01 11:53:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013-06-01 11:53:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013-06-01 11:53:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-06-01 11:53:49 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-06-01 11:53:49 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-06-01 11:50:30 | 000,788,988 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-06-01 11:50:30 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-06-01 11:50:30 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-05-31 20:43:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2013-05-31 20:43:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2013-05-31 20:40:38 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Zune.lnk
[2013-05-31 19:05:11 | 000,000,121 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013-05-26 15:34:17 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk
[2013-05-26 05:32:01 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2013-05-24 20:16:12 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-05-24 03:30:10 | 000,001,147 | ---- | M] () -- C:\Users\Sundhar\Desktop\Cricket Academy Beta.lnk
[2013-05-23 16:50:18 | 000,001,711 | ---- | M] () -- C:\Users\Sundhar\Desktop\Google Drive.lnk
[2013-05-22 01:45:25 | 000,000,189 | ---- | M] () -- C:\Users\Sundhar\Desktop\register.bat
[2013-05-20 06:59:25 | 000,009,910 | ---- | M] () -- C:\Users\Sundhar\Documents\MEC-3050-56_Tentti31102012.pdf
[2013-05-15 15:31:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-05-15 15:31:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-05-15 15:31:06 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013-05-13 12:20:31 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013-05-11 19:14:30 | 000,001,018 | ---- | M] () -- C:\Users\Sundhar\Desktop\Total Video Converter.lnk
[2013-05-11 19:14:30 | 000,000,987 | ---- | M] () -- C:\Users\Sundhar\Desktop\Total Video Player.lnk
[2013-05-11 19:14:14 | 015,728,768 | ---- | M] (EffectMatrix Inc. ) -- C:\Users\Sundhar\Desktop\tvc.exe
[2013-05-11 01:13:25 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
========== Files Created - No Company Name ==========
[2013-06-01 12:28:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-06-01 12:28:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-06-01 12:28:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-06-01 12:28:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-06-01 12:28:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013-06-01 11:55:06 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013-06-01 11:55:04 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013-05-31 21:46:01 | 000,002,176 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2013-05-31 20:43:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2013-05-31 20:43:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2013-05-31 20:40:38 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Zune.lnk
[2013-05-31 19:05:03 | 000,000,121 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013-05-26 17:32:01 | 000,001,061 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013-05-26 15:34:17 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk
[2013-05-26 05:32:01 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2013-05-24 03:30:10 | 000,001,147 | ---- | C] () -- C:\Users\Sundhar\Desktop\Cricket Academy Beta.lnk
[2013-05-23 16:50:18 | 000,001,711 | ---- | C] () -- C:\Users\Sundhar\Desktop\Google Drive.lnk
[2013-05-22 01:45:25 | 000,000,189 | ---- | C] () -- C:\Users\Sundhar\Desktop\register.bat
[2013-05-20 06:59:16 | 000,009,910 | ---- | C] () -- C:\Users\Sundhar\Documents\MEC-3050-56_Tentti31102012.pdf
[2013-05-13 12:20:31 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013-05-13 12:19:27 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013-05-13 12:19:27 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013-05-11 19:14:30 | 000,001,018 | ---- | C] () -- C:\Users\Sundhar\Desktop\Total Video Converter.lnk
[2013-05-11 19:14:30 | 000,000,987 | ---- | C] () -- C:\Users\Sundhar\Desktop\Total Video Player.lnk
[2013-05-11 01:13:25 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013-05-11 01:13:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013-05-02 19:23:36 | 000,003,912 | ---- | C] () -- C:\Windows\SysWow64\HideMyIpSRV.ini
[2013-05-02 19:23:36 | 000,002,096 | ---- | C] () -- C:\Windows\SysWow64\HideMyIpSRVOff.ini
[2012-12-04 22:57:22 | 000,026,895 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012-08-28 10:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012-08-28 10:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012-08-28 10:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012-08-28 10:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012-08-28 10:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012-08-26 23:46:16 | 000,017,408 | ---- | C] () -- C:\Users\Sundhar\AppData\Local\WebpageIcons.db
[2012-08-26 17:03:35 | 000,012,229 | ---- | C] () -- C:\Users\Sundhar\AppData\Roaming\Comma Separated Values (Windows).CAL
[2012-08-26 13:21:37 | 000,097,792 | ---- | C] () -- C:\Windows\FunambolAddin.dll
[2012-08-25 11:43:42 | 720,432,986 | ---- | C] () -- C:\Users\Sundhar\www.TamilRockers.net - Urumi (2012) Tamil - DVD-Rip - 1CD - Xvid - 700MB.avi
[2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\gettopdirloc.exe
[2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\getstopdirloc.exe
[2012-08-21 23:14:15 | 000,020,480 | ---- | C] () -- C:\Windows\getruntime.exe
[2012-08-21 23:14:15 | 000,016,384 | ---- | C] () -- C:\Windows\w9xpopen.exe
[2012-06-11 02:04:45 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2012-06-11 02:04:45 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012-06-11 02:04:45 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
========== ZeroAccess Check ==========
[2009-07-14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 08:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 07:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 06:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
< End of report >
Current response:
The pop up ads are no more appearing in the most common websites I use. I hope it has permanently disappeared. Also the invisible region in the left-bottom side of browser has disappeared.
Am I clear now?
BR,
SS
Hi anton_ego,
1. Uninstall via Programs and Features
Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
TorrentStream
=========================
2. Disable Plug-in
At the top of the Firefox window, click on the Firefox button (Tools menu in Windows XP), and then click Add-ons. The Add-ons Manager tab will open.
In the Add-ons Manager tab, select the Extensions or Appearance panel.
Select the add-on you wish to disable.
TorrentStream
Click the Disable button.
Click Restart now if it pops up. Your tabs will be saved and restored after the restart.
=========================
3. Run OTL.exe
Windows Vista and Windows 7 users Right Click and select "Run as Administrator"
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:OTL
FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.2: C:\Users\Sundhar\AppData\Roaming\TorrentStream\player\npts_plugin.dll File not found
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Sundhar\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
:Files
C:\Users\Sundhar\AppData\Roaming\TorrentStream
:Commands
[purity]
[createrestorepoint]
[emptytemp]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
=========================
In your next post please provide the following:
OTL.txt
Any remaining issues?
anton_ego
2013-06-03, 11:43
Hi OCD.
The new OTL file is attached here.
OTL.txt
All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.2\ deleted successfully.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org deleted successfully.
File C:\Users\Sundhar\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
========== FILES ==========
File\Folder C:\Users\Sundhar\AppData\Roaming\TorrentStream not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 1412370 bytes
->Google Chrome cache emptied: 6600141 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Sundhar
->Temp folder emptied: 721814 bytes
->Temporary Internet Files folder emptied: 11749936 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 349747551 bytes
->Flash cache emptied: 20547 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11166 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42321176 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 393.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 06032013_113731
Files\Folders moved on Reboot...
C:\Users\Sundhar\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sundhar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{366D0227-3958-4876-BD0C-6E6CDDCDB20C}.tmp moved successfully.
C:\Users\Sundhar\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
I think the system is behaving properly now. There are no more of those annoying ads popping up. Is that all or anything else to be done?
BR,
SS
Hi anton_ego,
Still a few steps to be sure we have gotten all of the malware. :bigthumb:
=========================
1. Malwarebytes' Anti-Malware
Locate Malwarebytes' Anti-Malware (it should be on your desktop).
If not, download it here (http://www.malwarebytes.org/mbam-download.php)
Right click and select "Run as Administrator" mbam-setup.exe and follow the prompts to run the program..
Once the program has loaded, select the Update tab to get the latest updates before performing the scan.
Select Perform quick scan, then click Scan.
http://i1224.photobucket.com/albums/ee380/jeffce74/MBAM.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
=========================
2. ESET Online Scanner
*Note:
It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.
** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".
= = = = = = = = = = = = = = = = = = = =
Go here to run ESET Online Scanner (http://www.eset.eu/online-scanner)
(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notfication Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply
Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.
=========================
In your next post please provide the following:
MBAM log
ESET's log.txt
Any remaining issues?
anton_ego
2013-06-04, 00:24
Hi OCD.
It seems like there is no big threat anymore. I am attaching the files you asked for.
MBAM.txt
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.06.03.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Sundhar :: SUNDHAR-PC [administrator]
03-06-2013 22:33:39
mbam-log-2013-06-03 (22-33-39).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 275224
Time elapsed: 4 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
ESETScan.txt
C:\Users\Sundhar\Downloads\cbsidlm-cbsi5_3_0_96-KMPlayer-BP-10659939.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Sundhar\Downloads\cbsidlm-tr1_11-Desktop_Richie-SEO-10382006.exe Win32/DownloadAdmin.G application
C:\Users\Sundhar\Downloads\cbsidlm-tr1_6-LiveCricket-10912597.exe Win32/DownloadAdmin.G application
Those are some apps I downloaded, which I don't need anymore. Thanks a lot anyway. I hope we are finally done. System seems to be clean now. Booting is a little faster than earlier.
If there is anymore check up needed, let me know.
BR,
SS
Hi anton_ego,
1. Run OTL.exe
Windows Vista and Windows 7 users Right Click and select "Run as Administrator"
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:Files
C:\Users\Sundhar\Downloads\cbsidlm-cbsi5_3_0_96-KMPlayer-BP-10659939.exe
C:\Users\Sundhar\Downloads\cbsidlm-tr1_11-Desktop_Richie-SEO-10382006.exe
C:\Users\Sundhar\Downloads\cbsidlm-tr1_6-LiveCricket-10912597.exe
:Commands
[purity]
[createrestorepoint]
[emptyjava]
[emptyflash]
[emptytemp]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then re-run OTL and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
=========================
In your next post please provide the following:
OTL fix log
anton_ego
2013-06-05, 19:42
Hi OCD.
Pardon my late reply. Here are the new log file from OTL.
OTL.txt
All processes killed
========== FILES ==========
File\Folder C:\Users\Sundhar\Downloads\cbsidlm-cbsi5_3_0_96-KMPlayer-BP-10659939.exe not found.
File\Folder C:\Users\Sundhar\Downloads\cbsidlm-tr1_11-Desktop_Richie-SEO-10382006.exe not found.
File\Folder C:\Users\Sundhar\Downloads\cbsidlm-tr1_6-LiveCricket-10912597.exe not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Guest
User: Public
User: Sundhar
->Java cache emptied: 5198183 bytes
User: UpdatusUser
Total Java Files Cleaned = 5.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Guest
User: Public
User: Sundhar
->Flash cache emptied: 6448 bytes
User: UpdatusUser
Total Flash Files Cleaned = 0.00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Sundhar
->Temp folder emptied: 2181523 bytes
->Temporary Internet Files folder emptied: 4804504 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 8259164 bytes
->Flash cache emptied: 0 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3894 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3142041 bytes
Total Files Cleaned = 18.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 06052013_193642
Files\Folders moved on Reboot...
C:\Users\Sundhar\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sundhar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{98E5BDEB-4376-4547-BE41-4D0EADF6D557}.tmp moved successfully.
C:\Users\Sundhar\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
BR,
SS
Hi anton_ego,
Your log appears to be clean. :bigthumb:
We have a few items to take care of before we get to the All Clean Speech.
=========================
1. Uninstall Combofix
The following will implement important cleanup procedures as well as reset System Restore points:
Click on the Start button http://i1269.photobucket.com/albums/jj590/OCD-WTT/start.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/start.jpg.html) and then in the Search field enter combofix /uninstall, as shown in the image below with the blue arrow.
Please note that there is a space between combofix and /uninstall.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/CFwindows-7-start-menu_zps188282d2.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/CFwindows-7-start-menu_zps188282d2.jpg.html)
Once you have typed this in, press Enter on your keyboard. A Open File security warning will appear asking if you are sure you want to run ComboFix. Please click on the Run button to start the program.
ComboFix will now uninstall itself from your computer and remove any backups and quarantined files. When it has finished you will be greeted by a dialog box stating that ComboFix has been uninstalled.
=========================
2. Clean up with OTL:
Right-click OTL.exe select "Run as Administrator" to start the program.
Close all other programs apart from OTL as this step will require a reboot
On the OTL main screen, press the CLEANUP button
Say Yes to the prompt and then allow the program to reboot your computer.
=========================
3. You can now delete any tools and/or logs remaining on your desktop.
=========================
4. Disable Java in Web Browsers
There is a vulnerability with regards to Java and web browsers. Therefore, we recommend to disable java in web browsers.
More information can be found here: http://www.techsupportforum.com/forums/f50/disable-java-in-browsers-683721.html
Click on the Start button and then click on the Control Panel option.
In the Control Panel Search enter Java Control Panel.
Click on the Java icon to open the Java Control Panel.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/javadisable1_zps19e32961.jpg
Disable Java through the Java Control Panel
In the Java Control Panel, click on the Security tab.
Deselect the check box for Enable Java content in the browser. This will disable the Java plug-in in the browser.
Click Apply. When the Windows User Account Control (UAC) dialog appears, allow permissions to make the changes.
Click OK in the Java Plug-in confirmation window.
Restart the browser for changes to take effect.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/javadisable2_zps5a2f5c6d.jpg
=========================
With the above items taken care of let's move on to the All Clean part of the process.
This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.
Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.
Here are some tips to reduce the potential for spyware infection in the future:
Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Make your Mozilla Firefox more secure - This can be done by adding these add-ons:
NoScript (https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=ss)
AdBlockPlus (https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/)
Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.
Free Anti-Virus
Avast Free Antivirus (http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html)
Avira Free Antivirus 2013 (http://download.cnet.com/Avira-Free-Antivirus-2013/3000-2239_4-10322935.html)
PC Tools AntiVirus Free (http://download.cnet.com/PC-Tools-AntiVirus-Free/3000-2239_4-10625067.html)
Ad-Aware Free Antivirus + (http://download.cnet.com/Ad-Aware-Free-Antivirus/3000-8022_4-10045910.html)
Free Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here (http://www.bleepingcomputer.com/forums/tutorial60.html).
Online Armor Free (http://download.cnet.com/Online-Armor-Free/3000-10435_4-10426782.html)
Agnitum Outpost Firewall Free (http://download.cnet.com/Agnitum-Outpost-Firewall-Free/3000-10435_4-10913746.html)
Comodo Firewall (http://download.cnet.com/Comodo-Firewall/3000-10435_4-75181464.html)
Make sure you keep your Windows OS current. Windows XP users can visit Windows update (http://v4.windowsupdate.microsoft.com/en/default.asp) regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.
Consider a custom hosts file such as MVPS HOSTS (http://www.mvps.org/winhelp2002/hosts.htm). This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002 (http://www.mvps.org/winhelp2002/hosts.htm)
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.
WOT (http://www.mywot.com/) (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.
Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place? (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.
anton_ego
2013-06-07, 09:54
Hi OCD.
The issues seem to have resolved. Thanks a lot and I am extremely grateful to you and all other contributors for helping us. You rock!
I have completed the recommendations as suggested by you. Thanks a lot again. Peace out!
BR,
SS
Hi anton_ego,
You're very welcome. Glad I was able to help. :bigthumb: Have a great day.