Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan Agent [Closed]

Started by Nana44 , Dec 23 2012 12:22 PM

  • This topic is locked This topic is locked

#16
Nana44
Posted 30 December 2012 - 04:43 PM

Nana44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
17:08:51.0304 4960 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:08:51.0600 4960 ============================================================
17:08:51.0600 4960 Current date / time: 2012/12/30 17:08:51.0600
17:08:51.0600 4960 SystemInfo:
17:08:51.0600 4960
17:08:51.0600 4960 OS Version: 6.1.7601 ServicePack: 1.0
17:08:51.0600 4960 Product type: Workstation
17:08:51.0600 4960 ComputerName: NABILA-HP
17:08:51.0600 4960 UserName: Nabila
17:08:51.0600 4960 Windows directory: C:\Windows
17:08:51.0600 4960 System windows directory: C:\Windows
17:08:51.0600 4960 Running under WOW64
17:08:51.0600 4960 Processor architecture: Intel x64
17:08:51.0600 4960 Number of processors: 4
17:08:51.0600 4960 Page size: 0x1000
17:08:51.0600 4960 Boot type: Normal boot
17:08:51.0600 4960 ============================================================
17:08:54.0471 4960 BG loaded
17:08:56.0546 4960 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:08:56.0561 4960 ============================================================
17:08:56.0561 4960 \Device\Harddisk0\DR0:
17:08:56.0561 4960 MBR partitions:
17:08:56.0561 4960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:08:56.0561 4960 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x386BE800
17:08:56.0561 4960 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38722800, BlocksNum 0x1C2F800
17:08:56.0561 4960 ============================================================
17:08:56.0670 4960 C: <-> \Device\Harddisk0\DR0\Partition2
17:08:58.0041 4960 D: <-> \Device\Harddisk0\DR0\Partition3
17:08:58.0041 4960 ============================================================
17:08:58.0041 4960 Initialize success
17:08:58.0041 4960 ============================================================
17:09:13.0636 5228 ============================================================
17:09:13.0636 5228 Scan started
17:09:13.0636 5228 Mode: Manual; SigCheck; TDLFS;
17:09:13.0636 5228 ============================================================
17:09:28.0175 5228 ================ Scan system memory ========================
17:09:28.0175 5228 System memory - ok
17:09:28.0175 5228 ================ Scan services =============================
17:09:29.0142 5228 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:09:29.0361 5228 1394ohci - ok
17:09:29.0408 5228 [ 7A330A42870EB1FA81F88BE514D2D566 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:09:29.0408 5228 Accelerometer - ok
17:09:29.0532 5228 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:09:29.0579 5228 ACPI - ok
17:09:29.0610 5228 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:09:29.0704 5228 AcpiPmi - ok
17:09:31.0077 5228 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:09:31.0139 5228 AdobeFlashPlayerUpdateSvc - ok
17:09:31.0342 5228 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:09:31.0389 5228 adp94xx - ok
17:09:31.0498 5228 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:09:31.0545 5228 adpahci - ok
17:09:31.0623 5228 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:09:31.0763 5228 adpu320 - ok
17:09:31.0841 5228 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:09:32.0777 5228 AeLookupSvc - ok
17:09:33.0058 5228 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
17:09:33.0557 5228 AESTFilters - ok
17:09:33.0760 5228 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:09:33.0947 5228 AFD - ok
17:09:34.0056 5228 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:09:34.0088 5228 agp440 - ok
17:09:34.0119 5228 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:09:34.0462 5228 ALG - ok
17:09:34.0571 5228 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:09:34.0602 5228 aliide - ok
17:09:34.0634 5228 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:09:34.0634 5228 amdide - ok
17:09:34.0712 5228 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:09:34.0930 5228 AmdK8 - ok
17:09:34.0961 5228 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:09:35.0070 5228 AmdPPM - ok
17:09:35.0148 5228 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:09:35.0180 5228 amdsata - ok
17:09:35.0304 5228 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:09:35.0351 5228 amdsbs - ok
17:09:35.0398 5228 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:09:35.0414 5228 amdxata - ok
17:09:35.0492 5228 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:09:36.0630 5228 AppID - ok
17:09:36.0708 5228 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:09:36.0896 5228 AppIDSvc - ok
17:09:37.0020 5228 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:09:37.0067 5228 Appinfo - ok
17:09:37.0332 5228 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:09:37.0348 5228 Apple Mobile Device - ok
17:09:37.0473 5228 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:09:37.0488 5228 arc - ok
17:09:37.0535 5228 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:09:37.0551 5228 arcsas - ok
17:09:37.0613 5228 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:09:37.0754 5228 AsyncMac - ok
17:09:37.0785 5228 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:09:37.0816 5228 atapi - ok
17:09:37.0956 5228 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:09:38.0034 5228 AudioEndpointBuilder - ok
17:09:38.0128 5228 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:09:38.0206 5228 AudioSrv - ok
17:09:39.0407 5228 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
17:09:39.0719 5228 AVGIDSAgent - ok
17:09:39.0953 5228 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
17:09:40.0078 5228 avgwd - ok
17:09:40.0156 5228 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:09:40.0250 5228 AxInstSV - ok
17:09:40.0452 5228 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:09:40.0640 5228 b06bdrv - ok
17:09:40.0718 5228 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:09:40.0905 5228 b57nd60a - ok
17:09:41.0279 5228 [ 0E7A9264576B40638A3FBC804DE1FF76 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:09:41.0342 5228 BCM43XX - ok
17:09:41.0420 5228 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:09:41.0513 5228 BDESVC - ok
17:09:41.0560 5228 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:09:41.0716 5228 Beep - ok
17:09:41.0903 5228 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:09:41.0997 5228 BFE - ok
17:09:42.0558 5228 [ 1D757A7E020C577C4259A755F21B7152 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120121.002\BHDrvx64.sys
17:09:42.0636 5228 BHDrvx64 - ok
17:09:42.0824 5228 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:09:43.0011 5228 BITS - ok
17:09:43.0058 5228 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:09:43.0104 5228 blbdrive - ok
17:09:43.0276 5228 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:09:43.0323 5228 Bonjour Service - ok
17:09:43.0385 5228 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:09:43.0448 5228 bowser - ok
17:09:43.0526 5228 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:09:43.0572 5228 BrFiltLo - ok
17:09:43.0619 5228 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:09:43.0635 5228 BrFiltUp - ok
17:09:43.0806 5228 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:09:43.0962 5228 BridgeMP - ok
17:09:44.0072 5228 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:09:44.0243 5228 Browser - ok
17:09:44.0384 5228 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:09:44.0508 5228 Brserid - ok
17:09:44.0540 5228 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:09:44.0602 5228 BrSerWdm - ok
17:09:44.0649 5228 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:09:44.0664 5228 BrUsbMdm - ok
17:09:44.0758 5228 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:09:44.0805 5228 BrUsbSer - ok
17:09:44.0914 5228 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:09:44.0976 5228 BTHMODEM - ok
17:09:45.0039 5228 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:09:45.0148 5228 bthserv - ok
17:09:45.0304 5228 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:09:45.0366 5228 cdfs - ok
17:09:45.0507 5228 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:09:45.0554 5228 cdrom - ok
17:09:45.0632 5228 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:09:45.0756 5228 CertPropSvc - ok
17:09:45.0912 5228 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:09:45.0959 5228 circlass - ok
17:09:46.0209 5228 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:09:46.0287 5228 CLFS - ok
17:09:46.0490 5228 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:09:46.0521 5228 clr_optimization_v2.0.50727_32 - ok
17:09:46.0802 5228 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:09:46.0833 5228 clr_optimization_v2.0.50727_64 - ok
17:09:47.0098 5228 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:09:47.0254 5228 clr_optimization_v4.0.30319_32 - ok
17:09:47.0379 5228 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:09:47.0457 5228 clr_optimization_v4.0.30319_64 - ok
17:09:47.0519 5228 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:09:47.0597 5228 clwvd - ok
17:09:47.0644 5228 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:09:47.0753 5228 CmBatt - ok
17:09:47.0769 5228 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:09:47.0784 5228 cmdide - ok
17:09:47.0956 5228 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:09:48.0081 5228 CNG - ok
17:09:48.0112 5228 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:09:48.0112 5228 Compbatt - ok
17:09:48.0159 5228 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:09:48.0206 5228 CompositeBus - ok
17:09:48.0315 5228 COMSysApp - ok
17:09:48.0393 5228 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:09:48.0408 5228 crcdisk - ok
17:09:48.0549 5228 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:09:48.0596 5228 CryptSvc - ok
17:09:48.0798 5228 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:09:48.0830 5228 cvhsvc - ok
17:09:48.0970 5228 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:09:49.0079 5228 DcomLaunch - ok
17:09:49.0298 5228 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:09:49.0438 5228 defragsvc - ok
17:09:49.0547 5228 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:09:49.0672 5228 DfsC - ok
17:09:49.0844 5228 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:09:49.0937 5228 Dhcp - ok
17:09:50.0000 5228 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:09:50.0078 5228 discache - ok
17:09:50.0202 5228 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:09:50.0218 5228 Disk - ok
17:09:50.0343 5228 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:09:50.0546 5228 Dnscache - ok
17:09:50.0686 5228 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:09:50.0842 5228 dot3svc - ok
17:09:50.0920 5228 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:09:51.0014 5228 DPS - ok
17:09:51.0170 5228 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:09:51.0216 5228 drmkaud - ok
17:09:51.0357 5228 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:09:51.0388 5228 DXGKrnl - ok
17:09:51.0482 5228 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:09:51.0528 5228 EapHost - ok
17:09:52.0106 5228 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:09:52.0246 5228 ebdrv - ok
17:09:52.0402 5228 [ 5CCF1BE80930AEB1CDEBF561666325E8 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:09:52.0433 5228 eeCtrl - ok
17:09:52.0496 5228 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:09:52.0823 5228 EFS - ok
17:09:53.0416 5228 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:09:53.0588 5228 ehRecvr - ok
17:09:53.0822 5228 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:09:53.0837 5228 ehSched - ok
17:09:54.0227 5228 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:09:54.0290 5228 elxstor - ok
17:09:54.0555 5228 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:09:54.0648 5228 ErrDev - ok
17:09:54.0711 5228 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:09:54.0773 5228 EventSystem - ok
17:09:54.0898 5228 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:09:54.0960 5228 exfat - ok
17:09:55.0038 5228 ezSharedSvc - ok
17:09:55.0101 5228 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:09:55.0257 5228 fastfat - ok
17:09:55.0553 5228 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:09:55.0709 5228 Fax - ok
17:09:55.0756 5228 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:09:55.0787 5228 fdc - ok
17:09:56.0458 5228 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:09:56.0536 5228 fdPHost - ok
17:09:56.0630 5228 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:09:56.0692 5228 FDResPub - ok
17:09:57.0129 5228 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:09:57.0160 5228 FileInfo - ok
17:09:57.0191 5228 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:09:57.0332 5228 Filetrace - ok
17:09:57.0378 5228 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:09:57.0410 5228 flpydisk - ok
17:09:57.0534 5228 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:09:57.0566 5228 FltMgr - ok
17:09:57.0722 5228 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:09:58.0049 5228 FontCache - ok
17:09:58.0174 5228 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:09:58.0470 5228 FontCache3.0.0.0 - ok
17:09:58.0767 5228 [ 2074A85A6B8F84A5A9C60B915B465FAF ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
17:09:58.0798 5228 FPLService - ok
17:09:58.0860 5228 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:09:58.0892 5228 FsDepends - ok
17:09:58.0954 5228 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:09:59.0001 5228 fssfltr - ok
17:09:59.0406 5228 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:09:59.0500 5228 fsssvc - ok
17:09:59.0531 5228 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:09:59.0562 5228 Fs_Rec - ok
17:10:00.0030 5228 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:10:00.0233 5228 fvevol - ok
17:10:00.0296 5228 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:10:00.0311 5228 gagp30kx - ok
17:10:00.0717 5228 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:10:00.0779 5228 GamesAppService - ok
17:10:00.0842 5228 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:10:00.0842 5228 GEARAspiWDM - ok
17:10:00.0982 5228 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:10:01.0060 5228 gpsvc - ok
17:10:01.0746 5228 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:10:02.0012 5228 gupdate - ok
17:10:02.0261 5228 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:10:02.0308 5228 gupdatem - ok
17:10:02.0526 5228 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:10:02.0558 5228 gusvc - ok
17:10:02.0620 5228 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:10:02.0714 5228 hcw85cir - ok
17:10:02.0870 5228 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:10:03.0026 5228 HdAudAddService - ok
17:10:03.0135 5228 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:10:03.0166 5228 HDAudBus - ok
17:10:03.0525 5228 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:10:03.0634 5228 HidBatt - ok
17:10:03.0915 5228 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:10:03.0993 5228 HidBth - ok
17:10:04.0102 5228 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:10:04.0149 5228 HidIr - ok
17:10:04.0164 5228 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:10:04.0258 5228 hidserv - ok
17:10:05.0132 5228 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:10:05.0163 5228 HidUsb - ok
17:10:05.0288 5228 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:10:05.0381 5228 hkmsvc - ok
17:10:05.0428 5228 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:10:05.0522 5228 HomeGroupListener - ok
17:10:05.0600 5228 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:10:05.0662 5228 HomeGroupProvider - ok
17:10:05.0865 5228 [ 45A12CACB97B4F15858FCFD59355A1E9 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:10:05.0880 5228 HP Health Check Service - ok
17:10:06.0146 5228 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:10:06.0208 5228 HPClientSvc - ok
17:10:06.0411 5228 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
17:10:06.0765 5228 hpCMSrv - ok
17:10:06.0955 5228 [ 18062DF0DCEB4ED88E03A8B161935722 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:10:06.0975 5228 HPDrvMntSvc.exe - ok
17:10:07.0015 5228 [ A4BE23C451ADEB252CD17A0532CAE220 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:10:07.0035 5228 hpdskflt - ok
17:10:07.0385 5228 [ 7B1637E5E0476CE22E8D76AC1203205E ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:10:07.0405 5228 hpqwmiex - ok
17:10:07.0525 5228 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:10:07.0555 5228 HpSAMD - ok
17:10:07.0625 5228 [ A88A45E82BC54BFFB49C63973010226A ] hpsrv C:\Windows\system32\Hpservice.exe
17:10:07.0635 5228 hpsrv - ok
17:10:08.0205 5228 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:10:08.0245 5228 HPWMISVC - ok
17:10:08.0405 5228 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:10:08.0495 5228 HTTP - ok
17:10:08.0525 5228 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:10:08.0545 5228 hwpolicy - ok
17:10:08.0705 5228 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:10:08.0725 5228 i8042prt - ok
17:10:08.0815 5228 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:10:08.0835 5228 iaStor - ok
17:10:09.0345 5228 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:10:09.0385 5228 IAStorDataMgrSvc - ok
17:10:09.0485 5228 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:10:09.0505 5228 iaStorV - ok
17:10:09.0725 5228 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:10:09.0785 5228 idsvc - ok
17:10:09.0916 5228 [ 18C40C3F368323B203ACE403CB430DB1 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120202.002\IDSvia64.sys
17:10:09.0936 5228 IDSVia64 - ok
17:10:11.0286 5228 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:10:11.0566 5228 igfx - ok
17:10:11.0746 5228 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:10:11.0786 5228 iirsp - ok
17:10:12.0517 5228 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:10:12.0687 5228 IKEEXT - ok
17:10:12.0857 5228 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:10:12.0957 5228 IntcDAud - ok
17:10:13.0077 5228 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:10:13.0107 5228 intelide - ok
17:10:13.0137 5228 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:10:13.0157 5228 intelppm - ok
17:10:13.0207 5228 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:10:13.0417 5228 IPBusEnum - ok
17:10:13.0457 5228 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:10:13.0507 5228 IpFilterDriver - ok
17:10:13.0707 5228 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:10:14.0477 5228 iphlpsvc - ok
17:10:14.0517 5228 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:10:14.0737 5228 IPMIDRV - ok
17:10:14.0977 5228 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:10:15.0047 5228 IPNAT - ok
17:10:15.0647 5228 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:10:15.0667 5228 iPod Service - ok
17:10:15.0707 5228 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:10:15.0737 5228 IRENUM - ok
17:10:15.0937 5228 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:10:15.0947 5228 isapnp - ok
17:10:16.0057 5228 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:10:16.0077 5228 iScsiPrt - ok
17:10:16.0097 5228 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:10:16.0107 5228 kbdclass - ok
17:10:16.0197 5228 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:10:16.0267 5228 kbdhid - ok
17:10:16.0377 5228 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:10:16.0397 5228 KeyIso - ok
17:10:16.0487 5228 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:10:16.0497 5228 KSecDD - ok
17:10:16.0517 5228 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:10:16.0527 5228 KSecPkg - ok
17:10:16.0577 5228 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:10:16.0657 5228 ksthunk - ok
17:10:16.0877 5228 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:10:17.0057 5228 KtmRm - ok
17:10:17.0107 5228 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:10:17.0147 5228 LanmanServer - ok
17:10:17.0197 5228 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:10:17.0247 5228 LanmanWorkstation - ok
17:10:17.0447 5228 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:10:17.0567 5228 lltdio - ok
17:10:17.0677 5228 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:10:17.0877 5228 lltdsvc - ok
17:10:17.0907 5228 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:10:17.0937 5228 lmhosts - ok
17:10:18.0077 5228 [ D7E0BED3EA21D7BDDD410ADE51708D90 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:10:18.0137 5228 LMS - ok
17:10:18.0237 5228 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:10:18.0257 5228 LSI_FC - ok
17:10:18.0407 5228 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:10:18.0467 5228 LSI_SAS - ok
17:10:18.0507 5228 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:10:18.0527 5228 LSI_SAS2 - ok
17:10:18.0577 5228 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:10:18.0617 5228 LSI_SCSI - ok
17:10:18.0647 5228 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:10:18.0737 5228 luafv - ok
17:10:18.0857 5228 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:10:18.0877 5228 MBAMProtector - ok
17:10:19.0167 5228 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:10:19.0207 5228 MBAMScheduler - ok
17:10:19.0517 5228 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:10:19.0577 5228 MBAMService - ok
17:10:19.0747 5228 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
17:10:19.0757 5228 McComponentHostService - ok
17:10:19.0908 5228 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:10:19.0938 5228 Mcx2Svc - ok
17:10:19.0968 5228 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:10:19.0988 5228 megasas - ok
17:10:20.0108 5228 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:10:20.0128 5228 MegaSR - ok
17:10:20.0198 5228 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:10:20.0208 5228 MEIx64 - ok
17:10:20.0268 5228 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:10:20.0498 5228 MMCSS - ok
17:10:20.0518 5228 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:10:21.0078 5228 Modem - ok
17:10:21.0148 5228 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:10:21.0188 5228 monitor - ok
17:10:21.0258 5228 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:10:21.0268 5228 mouclass - ok
17:10:21.0378 5228 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
17:10:21.0408 5228 mouhid - ok
17:10:21.0508 5228 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:10:21.0548 5228 mountmgr - ok
17:10:21.0778 5228 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:10:21.0808 5228 MozillaMaintenance - ok
17:10:21.0868 5228 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:10:21.0888 5228 mpio - ok
17:10:22.0078 5228 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:10:22.0098 5228 mpsdrv - ok
17:10:22.0338 5228 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:10:22.0438 5228 MpsSvc - ok
17:10:22.0568 5228 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:10:22.0608 5228 MRxDAV - ok
17:10:22.0738 5228 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:10:22.0778 5228 mrxsmb - ok
17:10:22.0898 5228 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:10:22.0908 5228 mrxsmb10 - ok
17:10:22.0908 5228 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:10:22.0918 5228 mrxsmb20 - ok
17:10:22.0968 5228 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:10:22.0978 5228 msahci - ok
17:10:22.0998 5228 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:10:23.0018 5228 msdsm - ok
17:10:23.0038 5228 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:10:23.0068 5228 MSDTC - ok
17:10:23.0158 5228 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:10:23.0208 5228 Msfs - ok
17:10:23.0248 5228 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:10:23.0398 5228 mshidkmdf - ok
17:10:23.0568 5228 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:10:23.0578 5228 msisadrv - ok
17:10:23.0698 5228 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:10:23.0818 5228 MSiSCSI - ok
17:10:23.0818 5228 msiserver - ok
17:10:23.0918 5228 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:10:23.0988 5228 MSKSSRV - ok
17:10:24.0068 5228 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:10:24.0208 5228 MSPCLOCK - ok
17:10:24.0278 5228 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:10:24.0428 5228 MSPQM - ok
17:10:24.0678 5228 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:10:24.0728 5228 MsRPC - ok
17:10:24.0838 5228 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:10:24.0858 5228 mssmbios - ok
17:10:25.0098 5228 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:10:25.0348 5228 MSTEE - ok
17:10:25.0468 5228 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:10:25.0498 5228 MTConfig - ok
17:10:25.0508 5228 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:10:25.0528 5228 Mup - ok
17:10:25.0698 5228 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:10:25.0828 5228 napagent - ok
17:10:25.0959 5228 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:10:25.0989 5228 NativeWifiP - ok
17:10:26.0229 5228 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120202.018\ENG64.SYS
17:10:26.0269 5228 NAVENG - ok
17:10:26.0489 5228 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120202.018\EX64.SYS
17:10:26.0639 5228 NAVEX15 - ok
17:10:26.0759 5228 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:10:26.0809 5228 NDIS - ok
17:10:26.0839 5228 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:10:26.0919 5228 NdisCap - ok
17:10:26.0969 5228 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:10:26.0999 5228 NdisTapi - ok
17:10:27.0109 5228 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:10:27.0199 5228 Ndisuio - ok
17:10:27.0259 5228 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:10:27.0309 5228 NdisWan - ok
17:10:27.0329 5228 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:10:27.0349 5228 NDProxy - ok
17:10:27.0419 5228 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:10:27.0539 5228 NetBIOS - ok
17:10:27.0579 5228 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:10:27.0609 5228 NetBT - ok
17:10:27.0679 5228 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:10:27.0689 5228 Netlogon - ok
17:10:27.0759 5228 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:10:28.0099 5228 Netman - ok
17:10:28.0179 5228 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:10:28.0239 5228 netprofm - ok
17:10:28.0269 5228 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:10:28.0279 5228 NetTcpPortSharing - ok
17:10:28.0489 5228 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:10:28.0519 5228 nfrd960 - ok
17:10:28.0709 5228 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
17:10:28.0749 5228 NIS - ok
17:10:28.0819 5228 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:10:28.0919 5228 NlaSvc - ok
17:10:28.0999 5228 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:10:29.0049 5228 Npfs - ok
17:10:29.0099 5228 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:10:29.0189 5228 nsi - ok
17:10:29.0229 5228 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:10:29.0269 5228 nsiproxy - ok
17:10:29.0589 5228 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:10:29.0699 5228 Ntfs - ok
17:10:29.0729 5228 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:10:29.0769 5228 Null - ok
17:10:29.0829 5228 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:10:29.0949 5228 nusb3hub - ok
17:10:29.0999 5228 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:10:30.0049 5228 nusb3xhc - ok
17:10:30.0199 5228 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
17:10:30.0269 5228 NVENETFD - ok
17:10:30.0309 5228 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:10:30.0319 5228 nvraid - ok
17:10:30.0389 5228 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:10:30.0449 5228 nvstor - ok
17:10:30.0509 5228 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:10:30.0529 5228 nv_agp - ok
17:10:30.0569 5228 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:10:30.0599 5228 ohci1394 - ok
17:10:30.0659 5228 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:10:30.0679 5228 ose - ok
17:10:31.0080 5228 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:10:31.0280 5228 osppsvc - ok
17:10:31.0340 5228 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:10:31.0380 5228 p2pimsvc - ok
17:10:31.0500 5228 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:10:31.0540 5228 p2psvc - ok
17:10:31.0620 5228 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:10:31.0640 5228 Parport - ok
17:10:31.0670 5228 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:10:31.0690 5228 partmgr - ok
17:10:31.0720 5228 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:10:31.0750 5228 PcaSvc - ok
17:10:31.0810 5228 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:10:31.0840 5228 pci - ok
17:10:31.0860 5228 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:10:31.0870 5228 pciide - ok
17:10:32.0010 5228 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:10:32.0050 5228 pcmcia - ok
17:10:32.0080 5228 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:10:32.0090 5228 pcw - ok
17:10:32.0170 5228 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:10:32.0230 5228 PEAUTH - ok
17:10:32.0560 5228 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:10:32.0610 5228 PerfHost - ok
17:10:32.0720 5228 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:10:32.0820 5228 pla - ok
17:10:32.0930 5228 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:10:32.0990 5228 PlugPlay - ok
17:10:33.0030 5228 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:10:33.0060 5228 PNRPAutoReg - ok
17:10:33.0090 5228 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:10:33.0100 5228 PNRPsvc - ok
17:10:33.0130 5228 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:10:33.0180 5228 PolicyAgent - ok
17:10:33.0210 5228 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:10:33.0260 5228 Power - ok
17:10:33.0320 5228 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:10:33.0410 5228 PptpMiniport - ok
17:10:33.0510 5228 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:10:33.0580 5228 Processor - ok
17:10:33.0610 5228 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:10:33.0640 5228 ProfSvc - ok
17:10:33.0700 5228 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:10:33.0730 5228 ProtectedStorage - ok
17:10:33.0910 5228 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:10:33.0970 5228 Psched - ok
17:10:34.0080 5228 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:10:34.0180 5228 ql2300 - ok
17:10:34.0200 5228 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:10:34.0210 5228 ql40xx - ok
17:10:34.0240 5228 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:10:34.0260 5228 QWAVE - ok
17:10:34.0290 5228 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:10:34.0340 5228 QWAVEdrv - ok
17:10:34.0430 5228 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:10:34.0510 5228 RasAcd - ok
17:10:34.0540 5228 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:10:34.0570 5228 RasAgileVpn - ok
17:10:34.0690 5228 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:10:34.0790 5228 RasAuto - ok
17:10:34.0840 5228 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:10:34.0880 5228 Rasl2tp - ok
17:10:34.0990 5228 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:10:35.0110 5228 RasMan - ok
17:10:35.0160 5228 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:10:35.0230 5228 RasPppoe - ok
17:10:35.0310 5228 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:10:35.0380 5228 RasSstp - ok
17:10:35.0520 5228 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:10:35.0580 5228 rdbss - ok
17:10:35.0610 5228 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:10:35.0640 5228 rdpbus - ok
17:10:35.0660 5228 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:10:35.0700 5228 RDPCDD - ok
17:10:35.0760 5228 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:10:35.0810 5228 RDPENCDD - ok
17:10:35.0820 5228 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:10:35.0850 5228 RDPREFMP - ok
17:10:36.0020 5228 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:10:36.0040 5228 RDPWD - ok
17:10:36.0090 5228 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:10:36.0110 5228 rdyboost - ok
17:10:36.0240 5228 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:10:36.0350 5228 RemoteAccess - ok
17:10:36.0390 5228 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:10:36.0420 5228 RemoteRegistry - ok
17:10:36.0650 5228 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
17:10:36.0680 5228 RoxioNow Service - ok
17:10:36.0760 5228 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:10:36.0870 5228 RpcEptMapper - ok
17:10:36.0900 5228 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:10:36.0910 5228 RpcLocator - ok
17:10:37.0040 5228 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:10:37.0090 5228 RpcSs - ok
17:10:37.0370 5228 [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
17:10:37.0410 5228 RSPCIESTOR - ok
17:10:37.0460 5228 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:10:37.0490 5228 rspndr - ok
17:10:37.0670 5228 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:10:37.0690 5228 RTL8167 - ok
17:10:37.0770 5228 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:10:37.0800 5228 SamSs - ok
17:10:38.0181 5228 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:10:38.0211 5228 sbp2port - ok
17:10:38.0491 5228 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:10:38.0571 5228 SCardSvr - ok
17:10:38.0751 5228 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:10:38.0821 5228 scfilter - ok
17:10:39.0121 5228 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:10:39.0201 5228 Schedule - ok
17:10:39.0251 5228 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:10:39.0281 5228 SCPolicySvc - ok
17:10:39.0471 5228 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:10:39.0531 5228 sdbus - ok
17:10:39.0671 5228 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:10:39.0741 5228 SDRSVC - ok
17:10:39.0801 5228 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:10:39.0861 5228 secdrv - ok
17:10:39.0931 5228 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:10:39.0991 5228 seclogon - ok
17:10:40.0011 5228 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:10:40.0061 5228 SENS - ok
17:10:40.0311 5228 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:10:40.0381 5228 SensrSvc - ok
17:10:40.0401 5228 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:10:40.0431 5228 Serenum - ok
17:10:40.0471 5228 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:10:40.0511 5228 Serial - ok
17:10:40.0531 5228 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:10:40.0561 5228 sermouse - ok
17:10:40.0621 5228 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:10:40.0701 5228 SessionEnv - ok
17:10:40.0731 5228 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:10:40.0751 5228 sffdisk - ok
17:10:40.0831 5228 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:10:40.0881 5228 sffp_mmc - ok
17:10:40.0921 5228 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:10:40.0961 5228 sffp_sd - ok
17:10:40.0981 5228 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:10:41.0001 5228 sfloppy - ok
17:10:41.0161 5228 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:10:41.0171 5228 Sftfs - ok
17:10:41.0291 5228 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:10:41.0301 5228 sftlist - ok
17:10:41.0401 5228 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:10:41.0411 5228 Sftplay - ok
17:10:41.0451 5228 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:10:41.0451 5228 Sftredir - ok
17:10:41.0481 5228 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:10:41.0491 5228 Sftvol - ok
17:10:41.0541 5228 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:10:41.0551 5228 sftvsa - ok
17:10:41.0591 5228 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:10:41.0631 5228 SharedAccess - ok
17:10:41.0691 5228 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:10:41.0791 5228 ShellHWDetection - ok
17:10:41.0851 5228 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:10:41.0861 5228 SiSRaid2 - ok
17:10:41.0901 5228 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:10:41.0911 5228 SiSRaid4 - ok
17:10:42.0042 5228 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:10:42.0072 5228 SkypeUpdate - ok
17:10:42.0112 5228 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:10:42.0192 5228 Smb - ok
17:10:42.0242 5228 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:10:42.0272 5228 SNMPTRAP - ok
17:10:42.0292 5228 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:10:42.0302 5228 spldr - ok
17:10:42.0392 5228 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:10:42.0532 5228 Spooler - ok
17:10:42.0662 5228 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:10:42.0752 5228 sppsvc - ok
17:10:42.0782 5228 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:10:42.0832 5228 sppuinotify - ok
17:10:42.0952 5228 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
17:10:43.0002 5228 SRTSP - ok
17:10:43.0022 5228 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
17:10:43.0022 5228 SRTSPX - ok
17:10:43.0082 5228 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:10:43.0122 5228 srv - ok
17:10:43.0152 5228 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:10:43.0182 5228 srv2 - ok
17:10:43.0222 5228 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:10:43.0242 5228 SrvHsfHDA - ok
17:10:43.0272 5228 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:10:43.0342 5228 SrvHsfV92 - ok
17:10:43.0372 5228 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:10:43.0392 5228 SrvHsfWinac - ok
17:10:43.0462 5228 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:10:43.0482 5228 srvnet - ok
17:10:43.0512 5228 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:10:43.0552 5228 SSDPSRV - ok
17:10:43.0592 5228 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:10:43.0622 5228 SstpSvc - ok
17:10:43.0682 5228 [ 86678C2F5081FEA3517D78E92230B5FF ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:10:43.0692 5228 STacSV - ok
17:10:43.0712 5228 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:10:43.0722 5228 stexstor - ok
17:10:43.0782 5228 [ 74387B34B43F94E380608888C56A5CCD ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:10:43.0812 5228 STHDA - ok
17:10:43.0852 5228 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:10:43.0862 5228 stisvc - ok
17:10:43.0892 5228 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:10:43.0912 5228 swenum - ok
17:10:43.0992 5228 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:10:44.0052 5228 swprv - ok
17:10:44.0162 5228 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
17:10:44.0202 5228 SymDS - ok
17:10:44.0262 5228 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
17:10:44.0322 5228 SymEFA - ok
17:10:44.0352 5228 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:10:44.0362 5228 SymEvent - ok
17:10:44.0412 5228 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
17:10:44.0422 5228 SymIRON - ok
17:10:44.0462 5228 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
17:10:44.0472 5228 SymNetS - ok
17:10:44.0552 5228 [ 33E6A285DAA5134D8EA2247914C86C09 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:10:44.0572 5228 SynTP - ok
17:10:44.0712 5228 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:10:44.0762 5228 SysMain - ok
17:10:44.0792 5228 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:10:44.0812 5228 TabletInputService - ok
17:10:44.0852 5228 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:10:44.0912 5228 TapiSrv - ok
17:10:44.0962 5228 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:10:44.0992 5228 TBS - ok
17:10:45.0072 5228 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:10:45.0142 5228 Tcpip - ok
17:10:45.0232 5228 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:10:45.0262 5228 TCPIP6 - ok
17:10:45.0292 5228 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:10:45.0302 5228 tcpipreg - ok
17:10:45.0332 5228 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:10:45.0362 5228 TDPIPE - ok
17:10:45.0392 5228 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:10:45.0412 5228 TDTCP - ok
17:10:45.0442 5228 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:10:45.0482 5228 tdx - ok
17:10:45.0502 5228 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:10:45.0512 5228 TermDD - ok
17:10:45.0662 5228 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:10:45.0772 5228 TermService - ok
17:10:45.0832 5228 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:10:45.0852 5228 Themes - ok
17:10:45.0882 5228 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:10:45.0922 5228 THREADORDER - ok
17:10:45.0993 5228 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:10:46.0043 5228 TrkWks - ok
17:10:46.0133 5228 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:10:46.0173 5228 TrustedInstaller - ok
17:10:46.0203 5228 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:10:46.0253 5228 tssecsrv - ok
17:10:46.0293 5228 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:10:46.0323 5228 TsUsbFlt - ok
17:10:46.0353 5228 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:10:46.0383 5228 TsUsbGD - ok
17:10:46.0593 5228 [ DD296C78B0D2C3F5E42DC0D2972CD992 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
17:10:46.0643 5228 TuneUp.UtilitiesSvc - ok
17:10:46.0753 5228 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
17:10:46.0753 5228 TuneUpUtilitiesDrv - ok
17:10:46.0793 5228 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:10:46.0863 5228 tunnel - ok
17:10:46.0883 5228 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:10:46.0903 5228 uagp35 - ok
17:10:46.0933 5228 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:10:46.0983 5228 udfs - ok
17:10:47.0023 5228 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:10:47.0033 5228 UI0Detect - ok
17:10:47.0063 5228 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:10:47.0073 5228 uliagpkx - ok
17:10:47.0133 5228 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:10:47.0163 5228 umbus - ok
17:10:47.0193 5228 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:10:47.0223 5228 UmPass - ok
17:10:47.0543 5228 [ A678E5DDD974903DD71F503BDCACA218 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:10:47.0623 5228 UNS - ok
17:10:47.0733 5228 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:10:47.0793 5228 upnphost - ok
17:10:48.0159 5228 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:10:48.0403 5228 USBAAPL64 - ok
17:10:48.0503 5228 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:10:48.0613 5228 usbccgp - ok
17:10:48.0673 5228 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:10:48.0693 5228 usbcir - ok
17:10:48.0773 5228 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:10:48.0813 5228 usbehci - ok
17:10:48.0843 5228 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:10:48.0873 5228 usbhub - ok
17:10:48.0893 5228 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:10:48.0923 5228 usbohci - ok
17:10:48.0943 5228 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:10:49.0003 5228 usbprint - ok
17:10:49.0053 5228 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:10:49.0073 5228 usbscan - ok
17:10:49.0093 5228 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:10:49.0133 5228 USBSTOR - ok
17:10:49.0153 5228 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:10:49.0183 5228 usbuhci - ok
17:10:49.0223 5228 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:10:49.0233 5228 usbvideo - ok
17:10:49.0263 5228 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:10:49.0333 5228 UxSms - ok
17:10:49.0383 5228 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:10:49.0393 5228 VaultSvc - ok
17:10:49.0423 5228 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:10:49.0433 5228 vdrvroot - ok
17:10:49.0503 5228 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:10:49.0563 5228 vds - ok
17:10:49.0623 5228 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:10:49.0643 5228 vga - ok
17:10:49.0673 5228 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:10:49.0733 5228 VgaSave - ok
17:10:49.0873 5228 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:10:49.0883 5228 vhdmp - ok
17:10:49.0893 5228 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:10:49.0903 5228 viaide - ok
17:10:49.0963 5228 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:10:49.0973 5228 volmgr - ok
17:10:50.0023 5228 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:10:50.0033 5228 volmgrx - ok
17:10:50.0093 5228 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:10:50.0133 5228 volsnap - ok
17:10:50.0163 5228 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:10:50.0183 5228 vsmraid - ok
17:10:50.0273 5228 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:10:50.0363 5228 VSS - ok
17:10:50.0383 5228 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:10:50.0413 5228 vwifibus - ok
17:10:50.0453 5228 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:10:50.0483 5228 vwififlt - ok
17:10:50.0563 5228 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:10:50.0623 5228 W32Time - ok
17:10:50.0653 5228 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:10:50.0683 5228 WacomPen - ok
17:10:50.0743 5228 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:10:50.0793 5228 WANARP - ok
17:10:50.0793 5228 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:10:50.0833 5228 Wanarpv6 - ok
17:10:50.0975 5228 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:10:51.0045 5228 WatAdminSvc - ok
17:10:51.0085 5228 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:10:51.0175 5228 wbengine - ok
17:10:51.0205 5228 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:10:51.0225 5228 WbioSrvc - ok
17:10:51.0255 5228 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:10:51.0315 5228 wcncsvc - ok
17:10:51.0385 5228 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:10:51.0425 5228 WcsPlugInService - ok
17:10:51.0455 5228 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:10:51.0475 5228 Wd - ok
17:10:51.0535 5228 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:10:51.0575 5228 Wdf01000 - ok
17:10:51.0605 5228 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:10:52.0155 5228 WdiServiceHost - ok
17:10:52.0205 5228 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:10:52.0225 5228 WdiSystemHost - ok
17:10:52.0255 5228 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:10:52.0295 5228 WebClient - ok
17:10:52.0315 5228 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:10:52.0375 5228 Wecsvc - ok
17:10:52.0395 5228 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:10:52.0445 5228 wercplsupport - ok
17:10:52.0478 5228 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:10:52.0517 5228 WerSvc - ok
17:10:52.0577 5228 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:10:52.0617 5228 WfpLwf - ok
17:10:52.0627 5228 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:10:52.0649 5228 WIMMount - ok
17:10:52.0679 5228 WinDefend - ok
17:10:52.0689 5228 WinHttpAutoProxySvc - ok
17:10:52.0809 5228 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:10:52.0849 5228 Winmgmt - ok
17:10:53.0139 5228 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:10:53.0259 5228 WinRM - ok
17:10:53.0329 5228 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
17:10:53.0349 5228 WinUsb - ok
17:10:53.0389 5228 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:10:53.0419 5228 Wlansvc - ok
17:10:53.0479 5228 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:10:53.0489 5228 wlcrasvc - ok
17:10:53.0709 5228 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:10:53.0759 5228 wlidsvc - ok
17:10:53.0779 5228 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:10:53.0809 5228 WmiAcpi - ok
17:10:53.0899 5228 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:10:53.0979 5228 wmiApSrv - ok
17:10:54.0009 5228 WMPNetworkSvc - ok
17:10:54.0029 5228 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:10:54.0059 5228 WPCSvc - ok
17:10:54.0089 5228 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:10:54.0099 5228 WPDBusEnum - ok
17:10:54.0129 5228 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:10:54.0159 5228 ws2ifsl - ok
17:10:54.0189 5228 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:10:54.0219 5228 wscsvc - ok
17:10:54.0229 5228 WSearch - ok
17:10:54.0439 5228 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:10:54.0489 5228 wuauserv - ok
17:10:54.0519 5228 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:10:54.0569 5228 WudfPf - ok
17:10:54.0599 5228 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:10:54.0619 5228 WUDFRd - ok
17:10:54.0639 5228 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:10:54.0679 5228 wudfsvc - ok
17:10:54.0719 5228 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:10:54.0739 5228 WwanSvc - ok
17:10:54.0759 5228 ================ Scan global ===============================
17:10:54.0789 5228 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:10:54.0839 5228 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:10:54.0849 5228 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:10:54.0899 5228 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:10:54.0939 5228 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:10:54.0950 5228 [Global] - ok
17:10:54.0950 5228 ================ Scan MBR ==================================
17:10:54.0960 5228 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:10:54.0960 5228 Suspicious mbr (Forged): \Device\Harddisk0\DR0
17:10:55.0070 5228 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
17:10:55.0070 5228 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
17:10:55.0490 5228 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:10:55.0490 5228 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:10:55.0490 5228 ================ Scan VBR ==================================
17:10:55.0520 5228 [ 25BC976322E6342F9508BF7BBA6C8521 ] \Device\Harddisk0\DR0\Partition1
17:10:55.0530 5228 \Device\Harddisk0\DR0\Partition1 - ok
17:10:55.0560 5228 [ C5F7EE8AFC170330A17AD4E4113A68ED ] \Device\Harddisk0\DR0\Partition2
17:10:55.0570 5228 \Device\Harddisk0\DR0\Partition2 - ok
17:10:55.0600 5228 [ E51CA9304932061A217F912E281972BE ] \Device\Harddisk0\DR0\Partition3
17:10:55.0620 5228 \Device\Harddisk0\DR0\Partition3 - ok
17:10:55.0620 5228 ================ Scan active images ========================
17:10:55.0620 5228 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
17:10:55.0620 5228 C:\Windows\System32\drivers\crashdmp.sys - ok
17:10:55.0620 5228 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
17:10:55.0620 5228 C:\Windows\System32\drivers\dumpfve.sys - ok
17:10:55.0620 5228 [ D469B77687E12FE43E344806740B624D ] C:\Windows\System32\drivers\iaStor.sys
17:10:55.0620 5228 C:\Windows\System32\drivers\iaStor.sys - ok
17:10:55.0630 5228 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
17:10:55.0630 5228 C:\Windows\System32\drivers\cdrom.sys - ok
17:10:55.0630 5228 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
17:10:55.0630 5228 C:\Windows\System32\drivers\beep.sys - ok
17:10:55.0630 5228 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
17:10:55.0630 5228 C:\Windows\System32\drivers\null.sys - ok
17:10:55.0640 5228 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
17:10:55.0640 5228 C:\Windows\System32\drivers\RDPCDD.sys - ok
17:10:55.0640 5228 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
17:10:55.0640 5228 C:\Windows\System32\drivers\RDPENCDD.sys - ok
17:10:55.0650 5228 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
17:10:55.0650 5228 C:\Windows\System32\drivers\vga.sys - ok
17:10:55.0650 5228 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
17:10:55.0650 5228 C:\Windows\System32\drivers\videoprt.sys - ok
17:10:55.0650 5228 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
17:10:55.0650 5228 C:\Windows\System32\drivers\watchdog.sys - ok
17:10:55.0660 5228 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
17:10:55.0660 5228 C:\Windows\System32\drivers\RDPREFMP.sys - ok
17:10:55.0660 5228 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
17:10:55.0660 5228 C:\Windows\System32\drivers\msfs.sys - ok
17:10:55.0660 5228 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
17:10:55.0660 5228 C:\Windows\System32\drivers\npfs.sys - ok
17:10:55.0670 5228 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
17:10:55.0670 5228 C:\Windows\System32\drivers\tdi.sys - ok
17:10:55.0670 5228 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
17:10:55.0670 5228 C:\Windows\System32\drivers\tdx.sys - ok
17:10:55.0670 5228 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
17:10:55.0670 5228 C:\Windows\System32\drivers\afd.sys - ok
17:10:55.0680 5228 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
17:10:55.0680 5228 C:\Windows\System32\drivers\netbt.sys - ok
17:10:55.0680 5228 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
17:10:55.0680 5228 C:\Windows\System32\drivers\netbios.sys - ok
17:10:55.0680 5228 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
17:10:55.0680 5228 C:\Windows\System32\drivers\pacer.sys - ok
17:10:55.0690 5228 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
17:10:55.0690 5228 C:\Windows\System32\drivers\vwififlt.sys - ok
17:10:55.0690 5228 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
17:10:55.0690 5228 C:\Windows\System32\drivers\wanarp.sys - ok
17:10:55.0690 5228 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
17:10:55.0690 5228 C:\Windows\System32\drivers\wfplwf.sys - ok
17:10:55.0700 5228 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
17:10:55.0700 5228 C:\Windows\System32\drivers\ws2ifsl.sys - ok
17:10:55.0700 5228 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
17:10:55.0700 5228 C:\Windows\System32\drivers\termdd.sys - ok
17:10:55.0700 5228 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] C:\Windows\System32\drivers\NISx64\1207020.003\symnets.sys
17:10:55.0700 5228 C:\Windows\System32\drivers\NISx64\1207020.003\symnets.sys - ok
17:10:55.0710 5228 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS
17:10:55.0710 5228 C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok
17:10:55.0710 5228 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] C:\Windows\System32\drivers\NISx64\1207020.003\ironx64.sys
17:10:55.0710 5228 C:\Windows\System32\drivers\NISx64\1207020.003\ironx64.sys - ok
17:10:55.0720 5228 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
17:10:55.0720 5228 C:\Windows\System32\drivers\mssmbios.sys - ok
17:10:55.0720 5228 [ C513E8A5E7978DA49077F5484344EE1B ] C:\Windows\System32\drivers\NISx64\1207020.003\srtspx64.sys
17:10:55.0720 5228 C:\Windows\System32\drivers\NISx64\1207020.003\srtspx64.sys - ok
17:10:55.0720 5228 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
17:10:55.0720 5228 C:\Windows\System32\drivers\nsiproxy.sys - ok
17:10:55.0730 5228 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
17:10:55.0730 5228 C:\Windows\System32\drivers\rdbss.sys - ok
17:10:55.0730 5228 [ 5CCF1BE80930AEB1CDEBF561666325E8 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:10:55.0730 5228 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok
17:10:55.0740 5228 [ 18C40C3F368323B203ACE403CB430DB1 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120202.002\IDSviA64.sys
17:10:55.0740 5228 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120202.002\IDSviA64.sys - ok
17:10:55.0740 5228 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
17:10:55.0740 5228 C:\Windows\System32\drivers\blbdrive.sys - ok
17:10:55.0740 5228 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
17:10:55.0740 5228 C:\Windows\System32\drivers\dfsc.sys - ok
17:10:55.0750 5228 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
17:10:55.0750 5228 C:\Windows\System32\drivers\discache.sys - ok
17:10:55.0750 5228 [ 1D757A7E020C577C4259A755F21B7152 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120121.002\BHDrvx64.sys
17:10:55.0750 5228 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120121.002\BHDrvx64.sys - ok
17:10:55.0760 5228 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
17:10:55.0760 5228 C:\Windows\System32\drivers\tunnel.sys - ok
17:10:55.0760 5228 [ EFE5A0AF39A8E179624117C521F1E012 ] C:\Windows\System32\drivers\igdkmd64.sys
17:10:55.0760 5228 C:\Windows\System32\drivers\igdkmd64.sys - ok
17:10:55.0770 5228 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
17:10:55.0770 5228 C:\Windows\System32\drivers\dxgkrnl.sys - ok
17:10:55.0770 5228 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
17:10:55.0770 5228 C:\Windows\System32\drivers\dxgmms1.sys - ok
17:10:55.0770 5228 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
17:10:55.0770 5228 C:\Windows\System32\drivers\HECIx64.sys - ok
17:10:55.0780 5228 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
17:10:55.0780 5228 C:\Windows\System32\drivers\hdaudbus.sys - ok
17:10:55.0780 5228 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
17:10:55.0780 5228 C:\Windows\System32\drivers\usbehci.sys - ok
17:10:55.0780 5228 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
17:10:55.0780 5228 C:\Windows\System32\drivers\usbport.sys - ok
17:10:55.0790 5228 [ ED5873F7DFB2F96D37F13322211B6BDC ] C:\Windows\System32\drivers\Rt64win7.sys
17:10:55.0790 5228 C:\Windows\System32\drivers\Rt64win7.sys - ok
17:10:55.0790 5228 [ 0E7A9264576B40638A3FBC804DE1FF76 ] C:\Windows\System32\drivers\BCMWL664.SYS
17:10:55.0790 5228 C:\Windows\System32\drivers\BCMWL664.SYS - ok
17:10:55.0790 5228 [ D40A13B2C0891E218F9523B376955DB6 ] C:\Windows\System32\drivers\nusb3xhc.sys
17:10:55.0790 5228 C:\Windows\System32\drivers\nusb3xhc.sys - ok
17:10:55.0800 5228 [ D5C3E1629A3F7F0857D27949252B94CE ] C:\Windows\System32\drivers\RtsPStor.sys
17:10:55.0800 5228 C:\Windows\System32\drivers\RtsPStor.sys - ok
17:10:55.0800 5228 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
17:10:55.0800 5228 C:\Windows\System32\drivers\usbd.sys - ok
17:10:55.0800 5228 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
17:10:55.0800 5228 C:\Windows\System32\drivers\vwifibus.sys - ok
17:10:55.0810 5228 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
17:10:55.0810 5228 C:\Windows\System32\drivers\i8042prt.sys - ok
17:10:55.0810 5228 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
17:10:55.0810 5228 C:\Windows\System32\drivers\kbdclass.sys - ok
17:10:55.0810 5228 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
17:10:55.0810 5228 C:\Windows\System32\drivers\CmBatt.sys - ok
17:10:55.0820 5228 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
17:10:55.0820 5228 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
17:10:55.0820 5228 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
17:10:55.0820 5228 C:\Windows\System32\drivers\mouclass.sys - ok
17:10:55.0830 5228 [ 33E6A285DAA5134D8EA2247914C86C09 ] C:\Windows\System32\drivers\SynTP.sys
17:10:55.0830 5228 C:\Windows\System32\drivers\SynTP.sys - ok
17:10:55.0830 5228 [ 7A330A42870EB1FA81F88BE514D2D566 ] C:\Windows\System32\drivers\Accelerometer.sys
17:10:55.0830 5228 C:\Windows\System32\drivers\Accelerometer.sys - ok
17:10:55.0830 5228 [ 50F92C943F18B070F166D019DFAB3D9A ] C:\Windows\System32\drivers\clwvd.sys
17:10:55.0830 5228 C:\Windows\System32\drivers\clwvd.sys - ok
17:10:55.0840 5228 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
17:10:55.0840 5228 C:\Windows\System32\drivers\CompositeBus.sys - ok
17:10:55.0840 5228 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
17:10:55.0840 5228 C:\Windows\System32\drivers\intelppm.sys - ok
17:10:55.0840 5228 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
17:10:55.0840 5228 C:\Windows\System32\drivers\ks.sys - ok
17:10:55.0850 5228 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
17:10:55.0850 5228 C:\Windows\System32\drivers\ksthunk.sys - ok
17:10:55.0850 5228 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
17:10:55.0850 5228 C:\Windows\System32\drivers\wmiacpi.sys - ok
17:10:55.0850 5228 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
17:10:55.0850 5228 C:\Windows\System32\drivers\agilevpn.sys - ok
17:10:55.0860 5228 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
17:10:55.0860 5228 C:\Windows\System32\drivers\ndistapi.sys - ok
17:10:55.0860 5228 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
17:10:55.0860 5228 C:\Windows\System32\drivers\ndiswan.sys - ok
17:10:55.0860 5228 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
17:10:55.0860 5228 C:\Windows\System32\drivers\rasl2tp.sys - ok
17:10:55.0870 5228 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
17:10:55.0870 5228 C:\Windows\System32\drivers\raspppoe.sys - ok
17:10:55.0870 5228 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
17:10:55.0870 5228 C:\Windows\System32\drivers\raspptp.sys - ok
17:10:55.0870 5228 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
17:10:55.0870 5228 C:\Windows\System32\drivers\rassstp.sys - ok
17:10:55.0880 5228 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
17:10:55.0880 5228 C:\Windows\System32\drivers\swenum.sys - ok
17:10:55.0880 5228 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
17:10:55.0880 5228 C:\Windows\System32\drivers\umbus.sys - ok
17:10:55.0880 5228 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
17:10:55.0880 5228 C:\Windows\System32\smss.exe - ok
17:10:55.0890 5228 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
17:10:55.0890 5228 C:\Windows\System32\ntdll.dll - ok
17:10:55.0890 5228 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
17:10:55.0890 5228 C:\Windows\System32\autochk.exe - ok
17:10:55.0890 5228 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
17:10:55.0890 5228 C:\Windows\System32\drivers\usbhub.sys - ok
17:10:55.0900 5228 [ 158AD24745BD85BA9BE3C51C38F48C32 ] C:\Windows\System32\drivers\nusb3hub.sys
17:10:55.0900 5228 C:\Windows\System32\drivers\nusb3hub.sys - ok
17:10:55.0900 5228 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
17:10:55.0900 5228 C:\Windows\System32\drivers\ndproxy.sys - ok
17:10:55.0910 5228 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
17:10:55.0910 5228 C:\Windows\System32\drivers\drmk.sys - ok
17:10:55.0910 5228 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
17:10:55.0910 5228 C:\Windows\System32\drivers\portcls.sys - ok
17:10:55.0910 5228 [ 74387B34B43F94E380608888C56A5CCD ] C:\Windows\System32\drivers\stwrt64.sys
17:10:55.0910 5228 C:\Windows\System32\drivers\stwrt64.sys - ok
17:10:55.0910 5228 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
17:10:55.0910 5228 C:\Windows\System32\drivers\IntcDAud.sys - ok
17:10:55.0920 5228 [ FE88B288356E7B47B74B13372ADD906D ] C:\Windows\System32\drivers\winusb.sys
17:10:55.0920 5228 C:\Windows\System32\drivers\winusb.sys - ok
17:10:55.0920 5228 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
17:10:55.0920 5228 C:\Windows\System32\drivers\WUDFRd.sys - ok
17:10:55.0930 5228 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
17:10:55.0930 5228 C:\Windows\System32\drivers\usbccgp.sys - ok
17:10:55.0930 5228 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
17:10:55.0930 5228 C:\Windows\System32\drivers\usbvideo.sys - ok
17:10:55.0930 5228 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
17:10:55.0930 5228 C:\Windows\System32\rpcrt4.dll - ok
17:10:55.0940 5228 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
17:10:55.0940 5228 C:\Windows\System32\msctf.dll - ok
17:10:55.0940 5228 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
17:10:55.0940 5228 C:\Windows\System32\user32.dll - ok
17:10:55.0940 5228 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
17:10:55.0940 5228 C:\Windows\System32\advapi32.dll - ok
17:10:55.0940 5228 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
17:10:55.0950 5228 C:\Windows\System32\urlmon.dll - ok
17:10:55.0950 5228 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
17:10:55.0950 5228 C:\Windows\System32\lpk.dll - ok
17:10:55.0950 5228 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
17:10:55.0950 5228 C:\Windows\System32\nsi.dll - ok
17:10:55.0960 5228 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
17:10:55.0960 5228 C:\Windows\System32\oleaut32.dll - ok
17:10:55.0960 5228 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
17:10:55.0960 5228 C:\Windows\System32\gdi32.dll - ok
17:10:55.0960 5228 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
17:10:55.0960 5228 C:\Windows\System32\comdlg32.dll - ok
17:10:55.0970 5228 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
17:10:55.0970 5228 C:\Windows\System32\ws2_32.dll - ok
17:10:55.0970 5228 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
17:10:55.0970 5228 C:\Windows\System32\psapi.dll - ok
17:10:55.0970 5228 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
17:10:55.0970 5228 C:\Windows\System32\wininet.dll - ok
17:10:55.0980 5228 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
17:10:55.0980 5228 C:\Windows\System32\Wldap32.dll - ok
17:10:55.0980 5228 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
17:10:55.0980 5228 C:\Windows\System32\kernel32.dll - ok
17:10:55.0980 5228 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
17:10:55.0980 5228 C:\Windows\System32\shlwapi.dll - ok
17:10:55.0990 5228 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
17:10:55.0990 5228 C:\Windows\System32\setupapi.dll - ok
17:10:55.0990 5228 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
17:10:55.0990 5228 C:\Windows\System32\msvcrt.dll - ok
17:10:55.0990 5228 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
17:10:55.0990 5228 C:\Windows\System32\imm32.dll - ok
17:10:56.0000 5228 [ 6F6D81F3D513D927EB6D393EEC7FF851 ] C:\Windows\System32\usp10.dll
17:10:56.0000 5228 C:\Windows\System32\usp10.dll - ok
17:10:56.0000 5228 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
17:10:56.0000 5228 C:\Windows\System32\difxapi.dll - ok
17:10:56.0000 5228 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
17:10:56.0000 5228 C:\Windows\System32\clbcatq.dll - ok
17:10:56.0010 5228 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
17:10:56.0010 5228 C:\Windows\System32\ole32.dll - ok
17:10:56.0010 5228 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
17:10:56.0010 5228 C:\Windows\System32\normaliz.dll - ok
17:10:56.0010 5228 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
17:10:56.0010 5228 C:\Windows\System32\sechost.dll - ok
17:10:56.0020 5228 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
17:10:56.0020 5228 C:\Windows\System32\shell32.dll - ok
17:10:56.0020 5228 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
17:10:56.0020 5228 C:\Windows\System32\iertutil.dll - ok
17:10:56.0020 5228 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
17:10:56.0020 5228 C:\Windows\System32\imagehlp.dll - ok
17:10:56.0030 5228 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
17:10:56.0030 5228 C:\Windows\System32\wintrust.dll - ok
17:10:56.0030 5228 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
17:10:56.0030 5228 C:\Windows\System32\cfgmgr32.dll - ok
17:10:56.0030 5228 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
17:10:56.0030 5228 C:\Windows\System32\crypt32.dll - ok
17:10:56.0040 5228 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
17:10:56.0040 5228 C:\Windows\System32\comctl32.dll - ok
17:10:56.0040 5228 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
17:10:56.0040 5228 C:\Windows\System32\KernelBase.dll - ok
17:10:56.0040 5228 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
17:10:56.0040 5228 C:\Windows\System32\devobj.dll - ok
17:10:56.0050 5228 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
17:10:56.0050 5228 C:\Windows\System32\msasn1.dll - ok
17:10:56.0050 5228 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
17:10:56.0050 5228 C:\Windows\SysWOW64\normaliz.dll - ok
17:10:56.0050 5228 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
17:10:56.0050 5228 C:\Windows\System32\drivers\dxapi.sys - ok
17:10:56.0060 5228 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
17:10:56.0060 5228 C:\Windows\System32\win32k.sys - ok
17:10:56.0060 5228 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
17:10:56.0060 5228 C:\Windows\System32\csrsrv.dll - ok
17:10:56.0060 5228 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
17:10:56.0060 5228 C:\Windows\System32\csrss.exe - ok
17:10:56.0070 5228 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
17:10:56.0070 5228 C:\Windows\System32\basesrv.dll - ok
17:10:56.0070 5228 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
17:10:56.0070 5228 C:\Windows\System32\winsrv.dll - ok
17:10:56.0070 5228 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
17:10:56.0070 5228 C:\Windows\System32\drivers\monitor.sys - ok
17:10:56.0080 5228 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
17:10:56.0080 5228 C:\Windows\System32\sxssrv.dll - ok
17:10:56.0080 5228 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
17:10:56.0080 5228 C:\Windows\System32\tsddd.dll - ok
17:10:56.0080 5228 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
17:10:56.0080 5228 C:\Windows\System32\wininit.exe - ok
17:10:56.0090 5228 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
17:10:56.0090 5228 C:\Windows\System32\cdd.dll - ok
17:10:56.0090 5228 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
17:10:56.0090 5228 C:\Windows\System32\KBDUS.DLL - ok
17:10:56.0090 5228 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
17:10:56.0090 5228 C:\Windows\System32\profapi.dll - ok
17:10:56.0100 5228 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
17:10:56.0100 5228 C:\Windows\System32\RpcRtRemote.dll - ok
17:10:56.0100 5228 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
17:10:56.0100 5228 C:\Windows\System32\sxs.dll - ok
17:10:56.0100 5228 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
17:10:56.0100 5228 C:\Windows\System32\WlS0WndH.dll - ok
17:10:56.0110 5228 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
17:10:56.0110 5228 C:\Windows\System32\cryptbase.dll - ok
17:10:56.0110 5228 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
17:10:56.0110 5228 C:\Windows\System32\apphelp.dll - ok
17:10:56.0110 5228 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
17:10:56.0110 5228 C:\Windows\System32\lsass.exe - ok
17:10:56.0120 5228 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
17:10:56.0120 5228 C:\Windows\System32\services.exe - ok
17:10:56.0120 5228 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
17:10:56.0120 5228 C:\Windows\System32\lsm.exe - ok
17:10:56.0120 5228 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
17:10:56.0120 5228 C:\Windows\System32\sspicli.dll - ok
17:10:56.0130 5228 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
17:10:56.0130 5228 C:\Windows\System32\sspisrv.dll - ok
17:10:56.0130 5228 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
17:10:56.0130 5228 C:\Windows\System32\sysntfy.dll - ok
17:10:56.0140 5228 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
17:10:56.0140 5228 C:\Windows\System32\wmsgapi.dll - ok
17:10:56.0140 5228 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
17:10:56.0140 5228 C:\Windows\System32\lsasrv.dll - ok
17:10:56.0150 5228 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
17:10:56.0150 5228 C:\Windows\System32\scext.dll - ok
17:10:56.0150 5228 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
17:10:56.0150 5228 C:\Windows\System32\secur32.dll - ok
17:10:56.0150 5228 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
17:10:56.0150 5228 C:\Windows\System32\samsrv.dll - ok
17:10:56.0160 5228 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
17:10:56.0160 5228 C:\Windows\System32\scesrv.dll - ok
17:10:56.0160 5228 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
17:10:56.0160 5228 C:\Windows\System32\cryptdll.dll - ok
17:10:56.0170 5228 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
17:10:56.0170 5228 C:\Windows\System32\srvcli.dll - ok
17:10:56.0170 5228 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
17:10:56.0170 5228 C:\Windows\System32\wevtapi.dll - ok
17:10:56.0180 5228 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
17:10:56.0180 5228 C:\Windows\System32\authz.dll - ok
17:10:56.0180 5228 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
17:10:56.0180 5228 C:\Windows\System32\cngaudit.dll - ok
17:10:56.0190 5228 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
17:10:56.0190 5228 C:\Windows\System32\ncrypt.dll - ok
17:10:56.0190 5228 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
17:10:56.0190 5228 C:\Windows\System32\bcrypt.dll - ok
17:10:56.0190 5228 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
17:10:56.0190 5228 C:\Windows\System32\msprivs.dll - ok
17:10:56.0200 5228 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
17:10:56.0200 5228 C:\Windows\System32\netjoin.dll - ok
17:10:56.0200 5228 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
17:10:56.0200 5228 C:\Windows\System32\atmfd.dll - ok
17:10:56.0210 5228 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
17:10:56.0210 5228 C:\Windows\System32\negoexts.dll - ok
17:10:56.0210 5228 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
17:10:56.0210 5228 C:\Windows\System32\kerberos.dll - ok
17:10:56.0220 5228 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
17:10:56.0220 5228 C:\Windows\System32\winlogon.exe - ok
17:10:56.0220 5228 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
17:10:56.0220 5228 C:\Windows\System32\cryptsp.dll - ok
17:10:56.0230 5228 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
17:10:56.0230 5228 C:\Windows\System32\mswsock.dll - ok
17:10:56.0230 5228 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
17:10:56.0230 5228 C:\Windows\System32\msv1_0.dll - ok
17:10:56.0240 5228 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
17:10:56.0240 5228 C:\Windows\System32\wship6.dll - ok
17:10:56.0240 5228 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
17:10:56.0240 5228 C:\Windows\System32\netlogon.dll - ok
17:10:56.0240 5228 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
17:10:56.0240 5228 C:\Windows\System32\winsta.dll - ok
17:10:56.0250 5228 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
17:10:56.0250 5228 C:\Windows\System32\dnsapi.dll - ok
17:10:56.0250 5228 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
17:10:56.0250 5228 C:\Windows\System32\logoncli.dll - ok
17:10:56.0260 5228 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
17:10:56.0260 5228 C:\Windows\System32\schannel.dll - ok
17:10:56.0260 5228 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
17:10:56.0260 5228 C:\Windows\System32\wdigest.dll - ok
17:10:56.0270 5228 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
17:10:56.0270 5228 C:\Windows\System32\rsaenh.dll - ok
17:10:56.0270 5228 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
17:10:56.0270 5228 C:\Windows\System32\TSpkg.dll - ok
17:10:56.0270 5228 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
17:10:56.0270 5228 C:\Windows\System32\pku2u.dll - ok
17:10:56.0280 5228 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
17:10:56.0280 5228 C:\Windows\System32\LIVESSP.DLL - ok
17:10:56.0280 5228 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
17:10:56.0280 5228 C:\Windows\System32\bcryptprimitives.dll - ok
17:10:56.0290 5228 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
17:10:56.0290 5228 C:\Windows\System32\credssp.dll - ok
17:10:56.0290 5228 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
17:10:56.0290 5228 C:\Windows\System32\efslsaext.dll - ok
17:10:56.0300 5228 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
17:10:56.0300 5228 C:\Windows\System32\scecli.dll - ok
17:10:56.0300 5228 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
17:10:56.0300 5228 C:\Windows\System32\ubpm.dll - ok
17:10:56.0300 5228 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
17:10:56.0300 5228 C:\Windows\System32\svchost.exe - ok
17:10:56.0310 5228 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
17:10:56.0310 5228 C:\Windows\System32\umpnpmgr.dll - ok
17:10:56.0310 5228 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
17:10:56.0310 5228 C:\Windows\System32\devrtl.dll - ok
17:10:56.0320 5228 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
17:10:56.0320 5228 C:\Windows\System32\SPInf.dll - ok
17:10:56.0320 5228 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
17:10:56.0320 5228 C:\Windows\System32\userenv.dll - ok
17:10:56.0330 5228 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
17:10:56.0330 5228 C:\Windows\System32\gpapi.dll - ok
17:10:56.0330 5228 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
17:10:56.0330 5228 C:\Windows\System32\umpo.dll - ok
17:10:56.0330 5228 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
17:10:56.0330 5228 C:\Windows\System32\pcwum.dll - ok
17:10:56.0340 5228 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
17:10:56.0340 5228 C:\Windows\System32\powrprof.dll - ok
17:10:56.0340 5228 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
17:10:56.0340 5228 C:\Windows\System32\drivers\luafv.sys - ok
17:10:56.0340 5228 [ 92EB844D90615CB266F84C3202B8786E ] C:\Windows\System32\drivers\mbam.sys
17:10:56.0340 5228 C:\Windows\System32\drivers\mbam.sys - ok
17:10:56.0350 5228 [ 2074A85A6B8F84A5A9C60B915B465FAF ] C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
17:10:56.0350 5228 C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe - ok
17:10:56.0350 5228 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
17:10:56.0350 5228 C:\Windows\SysWOW64\ntdll.dll - ok
17:10:56.0350 5228 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
17:10:56.0350 5228 C:\Windows\System32\wow64.dll - ok
17:10:56.0360 5228 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
17:10:56.0360 5228 C:\Windows\System32\wow64win.dll - ok
17:10:56.0360 5228 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
17:10:56.0360 5228 C:\Windows\System32\wow64cpu.dll - ok
17:10:56.0370 5228 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
17:10:56.0370 5228 C:\Windows\SysWOW64\kernel32.dll - ok
17:10:56.0370 5228 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
17:10:56.0370 5228 C:\Windows\SysWOW64\KernelBase.dll - ok
17:10:56.0380 5228 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
17:10:56.0380 5228 C:\Windows\SysWOW64\msvcrt.dll - ok
17:10:56.0380 5228 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
17:10:56.0380 5228 C:\Windows\SysWOW64\wtsapi32.dll - ok
17:10:56.0390 5228 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
17:10:56.0390 5228 C:\Windows\SysWOW64\rpcrt4.dll - ok
17:10:56.0390 5228 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
17:10:56.0390 5228 C:\Windows\SysWOW64\userenv.dll - ok
17:10:56.0400 5228 [ 74F6A254AE81A8D886601968CEBF5057 ] C:\Program Files (x86)\HP SimplePass 2011\TSLog.dll
17:10:56.0400 5228 C:\Program Files (x86)\HP SimplePass 2011\TSLog.dll - ok
17:10:56.0400 5228 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
17:10:56.0400 5228 C:\Windows\SysWOW64\cryptbase.dll - ok
17:10:56.0410 5228 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
17:10:56.0410 5228 C:\Windows\SysWOW64\profapi.dll - ok
17:10:56.0410 5228 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
17:10:56.0410 5228 C:\Windows\SysWOW64\sechost.dll - ok
17:10:56.0410 5228 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
17:10:56.0410 5228 C:\Windows\SysWOW64\sspicli.dll - ok
17:10:56.0420 5228 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
17:10:56.0420 5228 C:\Windows\SysWOW64\user32.dll - ok
17:10:56.0420 5228 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
17:10:56.0420 5228 C:\Windows\SysWOW64\gdi32.dll - ok
17:10:56.0430 5228 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
17:10:56.0430 5228 C:\Windows\SysWOW64\lpk.dll - ok
17:10:56.0430 5228 [ CC19A4AE696C2191E965A9835F1E6399 ] C:\Windows\SysWOW64\usp10.dll
17:10:56.0430 5228 C:\Windows\SysWOW64\usp10.dll - ok
17:10:56.0440 5228 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
17:10:56.0440 5228 C:\Windows\SysWOW64\advapi32.dll - ok
17:10:56.0440 5228 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
17:10:56.0440 5228 C:\Windows\SysWOW64\shell32.dll - ok
17:10:56.0450 5228 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
17:10:56.0450 5228 C:\Windows\SysWOW64\shlwapi.dll - ok
17:10:56.0450 5228 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
17:10:56.0450 5228 C:\Windows\SysWOW64\winspool.drv - ok
17:10:56.0460 5228 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
17:10:56.0460 5228 C:\Windows\SysWOW64\ole32.dll - ok
17:10:56.0460 5228 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
17:10:56.0460 5228 C:\Windows\SysWOW64\oleaut32.dll - ok
17:10:56.0460 5228 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
17:10:56.0460 5228 C:\Windows\SysWOW64\imm32.dll - ok
17:10:56.0470 5228 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
17:10:56.0470 5228 C:\Windows\SysWOW64\msctf.dll - ok
17:10:56.0470 5228 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
17:10:56.0470 5228 C:\Windows\SysWOW64\oleacc.dll - ok
17:10:56.0480 5228 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
17:10:56.0480 5228 C:\Windows\SysWOW64\ntmarta.dll - ok
17:10:56.0480 5228 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
17:10:56.0480 5228 C:\Windows\SysWOW64\Wldap32.dll - ok
17:10:56.0490 5228 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
17:10:56.0490 5228 C:\Windows\SysWOW64\nsi.dll - ok
17:10:56.0490 5228 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
17:10:56.0490 5228 C:\Windows\SysWOW64\ws2_32.dll - ok
17:10:56.0500 5228 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
17:10:56.0500 5228 C:\Windows\SysWOW64\atl.dll - ok
17:10:56.0500 5228 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
17:10:56.0500 5228 C:\Windows\SysWOW64\wininet.dll - ok
17:10:56.0500 5228 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
17:10:56.0500 5228 C:\Windows\SysWOW64\iertutil.dll - ok
17:10:56.0510 5228 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
17:10:56.0510 5228 C:\Windows\SysWOW64\urlmon.dll - ok
17:10:56.0510 5228 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
17:10:56.0510 5228 C:\Windows\SysWOW64\winmm.dll - ok
17:10:56.0520 5228 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
17:10:56.0520 5228 C:\Windows\System32\drivers\Sftvollh.sys - ok
17:10:56.0520 5228 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
17:10:56.0520 5228 C:\Windows\System32\drivers\WUDFPf.sys - ok
17:10:56.0530 5228 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
17:10:56.0530 5228 C:\Windows\SysWOW64\winsta.dll - ok
17:10:56.0530 5228 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
17:10:56.0530 5228 C:\Windows\System32\rpcss.dll - ok
17:10:56.0530 5228 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
17:10:56.0530 5228 C:\Windows\System32\RpcEpMap.dll - ok
17:10:56.0540 5228 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
17:10:56.0540 5228 C:\Windows\System32\wshqos.dll - ok
17:10:56.0540 5228 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
17:10:56.0540 5228 C:\Windows\System32\WSHTCPIP.DLL - ok
17:10:56.0550 5228 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
17:10:56.0550 5228 C:\Windows\System32\FirewallAPI.dll - ok
17:10:56.0550 5228 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
17:10:56.0550 5228 C:\Windows\System32\version.dll - ok
17:10:56.0550 5228 [ A1D2F7804188302ADEB12DB1DC674C1F ] C:\Windows\System32\authuitu.dll
17:10:56.0550 5228 C:\Windows\System32\authuitu.dll - ok
17:10:56.0560 5228 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
17:10:56.0560 5228 C:\Windows\System32\LogonUI.exe - ok
17:10:56.0560 5228 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
17:10:56.0560 5228 C:\Windows\System32\dbghelp.dll - ok
17:10:56.0570 5228 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
17:10:56.0570 5228 C:\Windows\System32\wevtsvc.dll - ok
17:10:56.0570 5228 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
17:10:56.0570 5228 C:\Windows\System32\profsvc.dll - ok
17:10:56.0570 5228 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
17:10:56.0580 5228 C:\Windows\System32\adtschema.dll - ok
17:10:56.0580 5228 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
17:10:56.0580 5228 C:\Windows\System32\audiosrv.dll - ok
17:10:56.0580 5228 [ 86678C2F5081FEA3517D78E92230B5FF ] C:\Program Files\IDT\WDM\stacsv64.exe
17:10:56.0580 5228 C:\Program Files\IDT\WDM\stacsv64.exe - ok
17:10:56.0590 5228 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
17:10:56.0590 5228 C:\Windows\System32\avrt.dll - ok
17:10:56.0590 5228 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
17:10:56.0590 5228 C:\Windows\System32\mmcss.dll - ok
17:10:56.0590 5228 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
17:10:56.0590 5228 C:\Windows\System32\MMDevAPI.dll - ok
17:10:56.0600 5228 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
17:10:56.0600 5228 C:\Windows\System32\atl.dll - ok
17:10:56.0600 5228 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
17:10:56.0600 5228 C:\Windows\System32\dsound.dll - ok
17:10:56.0600 5228 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
17:10:56.0600 5228 C:\Windows\System32\propsys.dll - ok
17:10:56.0610 5228 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
17:10:56.0610 5228 C:\Windows\System32\authui.dll - ok
17:10:56.0610 5228 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
17:10:56.0610 5228 C:\Windows\System32\winmm.dll - ok
17:10:56.0610 5228 [ 82DDC598E7C2FF78D8E0A65C9AC081F9 ] C:\Windows\System32\stapi64.dll
17:10:56.0610 5228 C:\Windows\System32\stapi64.dll - ok
17:10:56.0620 5228 [ 5F9479B2BD3575E789F06F4DEB86C9E0 ] C:\Program Files\IDT\WDM\AESTCo64.dll
17:10:56.0620 5228 C:\Program Files\IDT\WDM\AESTCo64.dll - ok
17:10:56.0620 5228 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
17:10:56.0620 5228 C:\Windows\System32\audiodg.exe - ok
17:10:56.0620 5228 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
17:10:56.0620 5228 C:\Windows\System32\cryptui.dll - ok
17:10:56.0630 5228 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
17:10:56.0630 5228 C:\Windows\System32\AudioSes.dll - ok
17:10:56.0630 5228 [ 7E80D85C2C3785B404203A7CDD38D749 ] C:\Windows\System32\stapo64.dll
17:10:56.0630 5228 C:\Windows\System32\stapo64.dll - ok
17:10:56.0640 5228 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
17:10:56.0640 5228 C:\Windows\System32\ntmarta.dll - ok
17:10:56.0640 5228 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
17:10:56.0640 5228 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
17:10:56.0640 5228 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
17:10:56.0640 5228 C:\Windows\System32\AudioEng.dll - ok
17:10:56.0650 5228 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
17:10:56.0650 5228 C:\Windows\System32\WMALFXGFXDSP.dll - ok
17:10:56.0650 5228 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
17:10:56.0650 5228 C:\Windows\System32\samlib.dll - ok
17:10:56.0660 5228 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
17:10:56.0660 5228 C:\Windows\System32\shacct.dll - ok
17:10:56.0660 5228 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
17:10:56.0660 5228 C:\Windows\System32\uxtheme.dll - ok
17:10:56.0660 5228 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
17:10:56.0660 5228 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
17:10:56.0670 5228 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
17:10:56.0670 5228 C:\Windows\System32\mfplat.dll - ok
17:10:56.0670 5228 [ C469893743E18BA547DB3C7ED98B32F5 ] C:\Windows\System32\AESTAR64.dll
17:10:56.0670 5228 C:\Windows\System32\AESTAR64.dll - ok
17:10:56.0680 5228 [ 3D9FC44CA93001B423F89876369F1348 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll
17:10:56.0680 5228 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll - ok
17:10:56.0680 5228 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
17:10:56.0680 5228 C:\Windows\System32\dui70.dll - ok
17:10:56.0690 5228 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
17:10:56.0690 5228 C:\Windows\System32\AUDIOKSE.dll - ok
17:10:56.0690 5228 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
17:10:56.0690 5228 C:\Windows\System32\duser.dll - ok
17:10:56.0700 5228 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
17:10:56.0700 5228 C:\Windows\System32\SndVolSSO.dll - ok
17:10:56.0700 5228 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
17:10:56.0700 5228 C:\Windows\System32\ksuser.dll - ok
17:10:56.0700 5228 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
17:10:56.0700 5228 C:\Windows\System32\hid.dll - ok
17:10:56.0710 5228 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
17:10:56.0710 5228 C:\Windows\System32\wdmaud.drv - ok
17:10:56.0710 5228 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
17:10:56.0710 5228 C:\Windows\System32\dwmapi.dll - ok
17:10:56.0720 5228 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
17:10:56.0720 5228 C:\Windows\System32\xmllite.dll - ok
17:10:56.0720 5228 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
17:10:56.0720 5228 C:\Windows\System32\msacm32.dll - ok
17:10:56.0730 5228 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
17:10:56.0730 5228 C:\Windows\System32\msacm32.drv - ok
17:10:56.0730 5228 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
17:10:56.0730 5228 C:\Windows\System32\midimap.dll - ok
17:10:56.0740 5228 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
17:10:56.0740 5228 C:\Windows\System32\WindowsCodecs.dll - ok
17:10:56.0740 5228 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
17:10:56.0740 5228 C:\Windows\System32\winbrand.dll - ok
17:10:56.0750 5228 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
17:10:56.0750 5228 C:\Windows\System32\VaultCredProvider.dll - ok
17:10:56.0750 5228 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
17:10:56.0750 5228 C:\Windows\System32\wtsapi32.dll - ok
17:10:56.0750 5228 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
17:10:56.0750 5228 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
17:10:56.0760 5228 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
17:10:56.0760 5228 C:\Windows\System32\BioCredProv.dll - ok
17:10:56.0760 5228 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
17:10:56.0760 5228 C:\Windows\System32\winbio.dll - ok
17:10:56.0770 5228 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
17:10:56.0770 5228 C:\Windows\System32\credui.dll - ok
17:10:56.0770 5228 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
17:10:56.0770 5228 C:\Windows\System32\certCredProvider.dll - ok
17:10:56.0770 5228 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
17:10:56.0770 5228 C:\Windows\System32\netapi32.dll - ok
17:10:56.0780 5228 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
17:10:56.0780 5228 C:\Windows\System32\netutils.dll - ok
17:10:56.0780 5228 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
17:10:56.0780 5228 C:\Windows\System32\samcli.dll - ok
17:10:56.0780 5228 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
17:10:56.0780 5228 C:\Windows\System32\vaultcli.dll - ok
17:10:56.0790 5228 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
17:10:56.0790 5228 C:\Windows\System32\wkscli.dll - ok
17:10:56.0790 5228 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
17:10:56.0790 5228 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
17:10:56.0790 5228 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
17:10:56.0790 5228 C:\Windows\System32\rasplap.dll - ok
17:10:56.0800 5228 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
17:10:56.0800 5228 C:\Windows\System32\rasapi32.dll - ok
17:10:56.0800 5228 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
17:10:56.0800 5228 C:\Windows\System32\rasman.dll - ok
17:10:56.0810 5228 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
17:10:56.0810 5228 C:\Windows\System32\rtutils.dll - ok
17:10:56.0810 5228 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
17:10:56.0810 5228 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
17:10:56.0810 5228 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
17:10:56.0810 5228 C:\Windows\System32\netprofm.dll - ok
17:10:56.0820 5228 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
17:10:56.0820 5228 C:\Windows\System32\MPSSVC.dll - ok
17:10:56.0820 5228 [ 5E65E90DA3A478C377F7332A9386B023 ] C:\Windows\System32\AESTAC64.dll
17:10:56.0820 5228 C:\Windows\System32\AESTAC64.dll - ok
17:10:56.0820 5228 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
17:10:56.0820 5228 C:\Windows\System32\wlansvc.dll - ok
17:10:56.0830 5228 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
17:10:56.0830 5228 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
17:10:56.0830 5228 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
17:10:56.0830 5228 C:\Windows\System32\WUDFPlatform.dll - ok
17:10:56.0830 5228 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
17:10:56.0830 5228 C:\Windows\System32\drivers\fltMgr.sys - ok
17:10:56.0840 5228 [ B6F0676FC23D543452FE81D8B71D24E7 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll
17:10:56.0840 5228 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll - ok
17:10:56.0840 5228 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
17:10:56.0840 5228 C:\Windows\System32\PSHED.DLL - ok
17:10:56.0840 5228 [ F7BA79CEFBD9DF4AF781E00356FBF48E ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll
17:10:56.0840 5228 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll - ok
17:10:56.0850 5228 [ 79E25E0628A2FF7A74356EAEF5011C26 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll
17:10:56.0850 5228 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll - ok
17:10:56.0850 5228 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
17:10:56.0850 5228 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
17:10:56.0850 5228 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
17:10:56.0850 5228 C:\Windows\System32\gpsvc.dll - ok
17:10:56.0860 5228 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
17:10:56.0860 5228 C:\Windows\System32\nlaapi.dll - ok
17:10:56.0860 5228 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
17:10:56.0860 5228 C:\Windows\System32\themeservice.dll - ok
17:10:56.0860 5228 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
17:10:56.0860 5228 C:\Windows\System32\dsrole.dll - ok
17:10:56.0870 5228 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
17:10:56.0870 5228 C:\Windows\System32\slc.dll - ok
17:10:56.0870 5228 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
17:10:56.0870 5228 C:\Windows\System32\es.dll - ok
17:10:56.0870 5228 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
17:10:56.0870 5228 C:\Windows\System32\UXInit.dll - ok
17:10:56.0880 5228 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
17:10:56.0880 5228 C:\Windows\System32\comres.dll - ok
17:10:56.0880 5228 [ A88A45E82BC54BFFB49C63973010226A ] C:\Windows\System32\hpservice.exe
17:10:56.0880 5228 C:\Windows\System32\hpservice.exe - ok
17:10:56.0880 5228 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
17:10:56.0880 5228 C:\Windows\System32\Sens.dll - ok
17:10:56.0890 5228 [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
17:10:56.0890 5228 C:\Windows\System32\mfc42u.dll - ok
17:10:56.0890 5228 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
17:10:56.0890 5228 C:\Windows\System32\imageres.dll - ok
17:10:56.0890 5228 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
17:10:56.0890 5228 C:\Windows\System32\odbc32.dll - ok
17:10:56.0890 5228 [ D1B0A3589CD47C14FACBE4895E1D1574 ] C:\Windows\System32\accelerometerdll.DLL
17:10:56.0890 5228 C:\Windows\System32\accelerometerdll.DLL - ok
17:10:56.0900 5228 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
17:10:56.0900 5228 C:\Windows\System32\odbcint.dll - ok
17:10:56.0900 5228 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
17:10:56.0900 5228 C:\Windows\System32\uxsms.dll - ok
17:10:56.0900 5228 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
17:10:56.0900 5228 C:\Windows\System32\WUDFSvc.dll - ok
17:10:56.0910 5228 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
17:10:56.0910 5228 C:\Windows\System32\WUDFHost.exe - ok
17:10:56.0910 5228 [ 5D0F03EEF3205F66ECFBE72A7CBBAD1F ] C:\Windows\System32\winusb.dll
17:10:56.0910 5228 C:\Windows\System32\winusb.dll - ok
17:10:56.0910 5228 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
17:10:56.0910 5228 C:\Windows\System32\WUDFx.dll - ok
17:10:56.0920 5228 [ 9F44D068601CF29D7E8AD514ABADB633 ] C:\Windows\System32\drivers\UMDF\wbf_vfs_0018.dll
17:10:56.0920 5228 C:\Windows\System32\drivers\UMDF\wbf_vfs_0018.dll - ok
17:10:56.0920 5228 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
17:10:56.0920 5228 C:\Windows\System32\drivers\lltdio.sys - ok
17:10:56.0920 5228 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
17:10:56.0920 5228 C:\Windows\System32\drivers\nwifi.sys - ok
17:10:56.0930 5228 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
17:10:56.0930 5228 C:\Windows\System32\drivers\ndisuio.sys - ok
17:10:56.0930 5228 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
17:10:56.0930 5228 C:\Windows\System32\drivers\rspndr.sys - ok
17:10:56.0930 5228 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
17:10:56.0930 5228 C:\Windows\System32\IPHLPAPI.DLL - ok
17:10:56.0940 5228 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
17:10:56.0940 5228 C:\Windows\System32\lmhsvc.dll - ok
17:10:56.0940 5228 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
17:10:56.0940 5228 C:\Windows\System32\nsisvc.dll - ok
17:10:56.0940 5228 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
17:10:56.0940 5228 C:\Windows\System32\nrpsrv.dll - ok
17:10:56.0950 5228 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
17:10:56.0950 5228 C:\Windows\System32\winnsi.dll - ok
17:10:56.0950 5228 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
17:10:56.0950 5228 C:\Windows\System32\dhcpcore.dll - ok
17:10:56.0950 5228 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
17:10:56.0950 5228 C:\Windows\System32\keyiso.dll - ok
17:10:56.0960 5228 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
17:10:56.0960 5228 C:\Windows\System32\dhcpcore6.dll - ok
17:10:56.0960 5228 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
17:10:56.0960 5228 C:\Windows\System32\dnsrslvr.dll - ok
17:10:56.0960 5228 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
17:10:56.0960 5228 C:\Windows\System32\eapphost.dll - ok
17:10:56.0970 5228 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
17:10:56.0970 5228 C:\Windows\System32\eapsvc.dll - ok
17:10:56.0970 5228 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
17:10:56.0970 5228 C:\Windows\System32\umb.dll - ok
17:10:56.0980 5228 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
17:10:56.0980 5228 C:\Windows\System32\FWPUCLNT.DLL - ok
17:10:56.0980 5228 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
17:10:56.0980 5228 C:\Windows\System32\wlanmsm.dll - ok
17:10:56.0980 5228 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
17:10:56.0980 5228 C:\Windows\System32\wlansec.dll - ok
17:10:56.0990 5228 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
17:10:56.0990 5228 C:\Windows\System32\dnsext.dll - ok
17:10:56.0990 5228 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
17:10:56.0990 5228 C:\Windows\System32\dhcpcsvc.dll - ok
17:10:57.0000 5228 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
17:10:57.0000 5228 C:\Windows\System32\dhcpcsvc6.dll - ok
17:10:57.0000 5228 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
17:10:57.0000 5228 C:\Windows\System32\onex.dll - ok
17:10:57.0010 5228 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
17:10:57.0010 5228 C:\Windows\System32\eappcfg.dll - ok
17:10:57.0010 5228 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
17:10:57.0010 5228 C:\Windows\System32\eappprxy.dll - ok
17:10:57.0010 5228 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
17:10:57.0010 5228 C:\Windows\System32\l2gpstore.dll - ok
17:10:57.0020 5228 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
17:10:57.0020 5228 C:\Windows\System32\WinSCard.dll - ok
17:10:57.0020 5228 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
17:10:57.0020 5228 C:\Windows\System32\wlanutil.dll - ok
17:10:57.0030 5228 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
17:10:57.0030 5228 C:\Windows\System32\wlgpclnt.dll - ok
17:10:57.0030 5228 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
17:10:57.0030 5228 C:\Windows\System32\msxml6.dll - ok
17:10:57.0030 5228 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
17:10:57.0030 5228 C:\Windows\System32\shsvcs.dll - ok
17:10:57.0040 5228 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
17:10:57.0040 5228 C:\Windows\System32\wlanext.exe - ok
17:10:57.0040 5228 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
17:10:57.0040 5228 C:\Windows\System32\conhost.exe - ok
17:10:57.0050 5228 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
17:10:57.0050 5228 C:\Windows\System32\schedsvc.dll - ok
17:10:57.0050 5228 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
17:10:57.0050 5228 C:\Windows\System32\ktmw32.dll - ok
17:10:57.0060 5228 [ D7C4197F40DC7F877F975D329F036322 ] C:\Windows\System32\bcmihvsrv64.dll
17:10:57.0060 5228 C:\Windows\System32\bcmihvsrv64.dll - ok
17:10:57.0060 5228 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
17:10:57.0060 5228 C:\Windows\System32\fveapi.dll - ok
17:10:57.0070 5228 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
17:10:57.0070 5228 C:\Windows\System32\wlanapi.dll - ok
17:10:57.0070 5228 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
17:10:57.0070 5228 C:\Windows\System32\fvecerts.dll - ok
17:10:57.0070 5228 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
17:10:57.0070 5228 C:\Windows\System32\tbs.dll - ok
17:10:57.0080 5228 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
17:10:57.0080 5228 C:\Windows\System32\taskcomp.dll - ok
17:10:57.0080 5228 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
17:10:57.0080 5228 C:\Windows\System32\drivers\http.sys - ok
17:10:57.0080 5228 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
17:10:57.0080 5228 C:\Windows\System32\wiarpc.dll - ok
17:10:57.0090 5228 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
17:10:57.0090 5228 C:\Windows\System32\netcfgx.dll - ok
17:10:57.0090 5228 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
17:10:57.0090 5228 C:\Windows\System32\spoolsv.exe - ok
17:10:57.0100 5228 [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
17:10:57.0100 5228 C:\Windows\System32\vaultsvc.dll - ok
17:10:57.0100 5228 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
17:10:57.0100 5228 C:\Windows\System32\wbiosrvc.dll - ok
17:10:57.0100 5228 [ 1561FADB6BEC6B8DC1025FEF5C75799B ] C:\Windows\System32\WinBioPlugIns\vcsWBFEngineAdapter.dll
17:10:57.0100 5228 C:\Windows\System32\WinBioPlugIns\vcsWBFEngineAdapter.dll - ok
17:10:57.0110 5228 [ 056D5D304B880AD099DA6D0E7A0C138D ] C:\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll
17:10:57.0110 5228 C:\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll - ok
17:10:57.0110 5228 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
17:10:57.0110 5228 C:\Windows\System32\BFE.DLL - ok
17:10:57.0110 5228 [ 21EE912784A013DC44071ECC4F932388 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80u.dll
17:10:57.0110 5228 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80u.dll - ok
17:10:57.0120 5228 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
17:10:57.0120 5228 C:\Windows\System32\drivers\bowser.sys - ok
17:10:57.0120 5228 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
17:10:57.0120 5228 C:\Windows\System32\drivers\mpsdrv.sys - ok
17:10:57.0130 5228 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
17:10:57.0130 5228 C:\Windows\System32\drivers\mrxsmb.sys - ok
17:10:57.0130 5228 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
17:10:57.0130 5228 C:\Windows\System32\drivers\mrxsmb10.sys - ok
17:10:57.0130 5228 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
17:10:57.0130 5228 C:\Windows\System32\drivers\mrxsmb20.sys - ok
17:10:57.0140 5228 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
17:10:57.0140 5228 C:\Windows\System32\wkssvc.dll - ok
17:10:57.0140 5228 [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\Program Files\IDT\WDM\AESTSr64.exe
17:10:57.0140 5228 C:\Program Files\IDT\WDM\AESTSr64.exe - ok
17:10:57.0150 5228 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
17:10:57.0150 5228 C:\Windows\System32\wfapigp.dll - ok
17:10:57.0150 5228 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:10:57.0150 5228 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
17:10:57.0150 5228 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
17:10:57.0150 5228 C:\Windows\System32\mscms.dll - ok
17:10:57.0160 5228 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
17:10:57.0160 5228 C:\Windows\System32\pcasvc.dll - ok
17:10:57.0160 5228 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
17:10:57.0160 5228 C:\Windows\System32\snmptrap.exe - ok
17:10:57.0160 5228 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
17:10:57.0160 5228 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
17:10:57.0170 5228 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
17:10:57.0170 5228 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
17:10:57.0170 5228 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
17:10:57.0170 5228 C:\Windows\System32\sstpsvc.dll - ok
17:10:57.0180 5228 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
17:10:57.0180 5228 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
17:10:57.0180 5228 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
17:10:57.0180 5228 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
17:10:57.0190 5228 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
17:10:57.0190 5228 C:\Windows\System32\provsvc.dll - ok
17:10:57.0190 5228 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
17:10:57.0190 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
17:10:57.0190 5228 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
17:10:57.0190 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
17:10:57.0200 5228 [ D41526C0E9214BD8AB239B2C02541B18 ] C:\Windows\System32\WinBioPlugIns\winbiostorageadapter.dll
17:10:57.0200 5228 C:\Windows\System32\WinBioPlugIns\winbiostorageadapter.dll - ok
17:10:57.0200 5228 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
17:10:57.0200 5228 C:\Windows\SysWOW64\version.dll - ok
17:10:57.0210 5228 [ 9935F595C9B80BC40723042B43086549 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\mfc80ENU.dll
17:10:57.0210 5228 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\mfc80ENU.dll - ok
17:10:57.0210 5228 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
17:10:57.0210 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
17:10:57.0220 5228 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
17:10:57.0220 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
17:10:57.0220 5228 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
17:10:57.0220 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
17:10:57.0220 5228 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
17:10:57.0220 5228 C:\Windows\SysWOW64\wsock32.dll - ok
17:10:57.0230 5228 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
17:10:57.0230 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
17:10:57.0230 5228 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
17:10:57.0230 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
17:10:57.0240 5228 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
17:10:57.0240 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
17:10:57.0240 5228 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
17:10:57.0240 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
17:10:57.0240 5228 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
17:10:57.0240 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
17:10:57.0250 5228 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
17:10:57.0250 5228 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
17:10:57.0250 5228 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
17:10:57.0250 5228 C:\Windows\SysWOW64\setupapi.dll - ok
17:10:57.0260 5228 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
17:10:57.0260 5228 C:\Windows\SysWOW64\cfgmgr32.dll - ok
17:10:57.0260 5228 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
17:10:57.0260 5228 C:\Windows\SysWOW64\devobj.dll - ok
17:10:57.0260 5228 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
17:10:57.0260 5228 C:\Windows\SysWOW64\dnssd.dll - ok
17:10:57.0270 5228 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
17:10:57.0270 5228 C:\Windows\SysWOW64\mswsock.dll - ok
17:10:57.0270 5228 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
17:10:57.0270 5228 C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe - ok
17:10:57.0270 5228 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
17:10:57.0270 5228 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
17:10:57.0280 5228 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
17:10:57.0280 5228 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
17:10:57.0280 5228 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
17:10:57.0280 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
17:10:57.0290 5228 [ 40D70FDA37369916B6078EC4DF4BE49F ] C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll
17:10:57.0290 5228 C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll - ok
17:10:57.0290 5228 [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
17:10:57.0290 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
17:10:57.0290 5228 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
17:10:57.0290 5228 C:\Windows\SysWOW64\msvcr100.dll - ok
17:10:57.0300 5228 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
17:10:57.0300 5228 C:\Windows\SysWOW64\crypt32.dll - ok
17:10:57.0300 5228 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
17:10:57.0300 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
17:10:57.0310 5228 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
17:10:57.0310 5228 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
17:10:57.0310 5228 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
17:10:57.0310 5228 C:\Windows\SysWOW64\msasn1.dll - ok
17:10:57.0310 5228 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
17:10:57.0310 5228 C:\Windows\SysWOW64\winnsi.dll - ok
17:10:57.0320 5228 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
17:10:57.0320 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
17:10:57.0320 5228 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
17:10:57.0320 5228 C:\Windows\SysWOW64\wintrust.dll - ok
17:10:57.0320 5228 [ 42836D10270B1940F9A2FF77AE679537 ] C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll
17:10:57.0320 5228 C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll - ok
17:10:57.0330 5228 [ 1C2E1FC9F8ED794CC191E92F27D1391C ] C:\Program Files (x86)\AVG\AVG2013\avglogx.dll
17:10:57.0330 5228 C:\Program Files (x86)\AVG\AVG2013\avglogx.dll - ok
17:10:57.0330 5228 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
17:10:57.0330 5228 C:\Program Files\Bonjour\mDNSResponder.exe - ok
17:10:57.0340 5228 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
17:10:57.0340 5228 C:\Windows\System32\cryptsvc.dll - ok
17:10:57.0340 5228 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
17:10:57.0340 5228 C:\Windows\System32\dps.dll - ok
17:10:57.0340 5228 [ CA793DCC1D5F619021EF1D37CC7A831E ] C:\Windows\SysWOW64\ezSharedSvcHost.exe
17:10:57.0340 5228 C:\Windows\SysWOW64\ezSharedSvcHost.exe - ok
17:10:57.0350 5228 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
17:10:57.0350 5228 C:\Windows\System32\taskschd.dll - ok
17:10:57.0350 5228 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
17:10:57.0350 5228 C:\Windows\System32\cryptnet.dll - ok
17:10:57.0350 5228 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
17:10:57.0350 5228 C:\Windows\System32\vssapi.dll - ok
17:10:57.0360 5228 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
17:10:57.0360 5228 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
17:10:57.0360 5228 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
17:10:57.0360 5228 C:\Windows\System32\vsstrace.dll - ok
17:10:57.0370 5228 [ 63B85A580D21AF9BC788FE69854FABD7 ] C:\Windows\SysWOW64\ezsvc7x.dll
17:10:57.0370 5228 C:\Windows\SysWOW64\ezsvc7x.dll - ok
17:10:57.0370 5228 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:10:57.0370 5228 C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe - ok
17:10:57.0370 5228 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
17:10:57.0370 5228 C:\Windows\System32\FDResPub.dll - ok
17:10:57.0380 5228 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
17:10:57.0380 5228 C:\Windows\System32\WSDApi.dll - ok
17:10:57.0380 5228 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
17:10:57.0380 5228 C:\Windows\System32\webservices.dll - ok
17:10:57.0380 5228 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
17:10:57.0380 5228 C:\Windows\System32\fundisc.dll - ok
17:10:57.0390 5228 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
17:10:57.0390 5228 C:\Windows\System32\winhttp.dll - ok
17:10:57.0390 5228 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
17:10:57.0390 5228 C:\Windows\System32\webio.dll - ok
17:10:57.0400 5228 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
17:10:57.0400 5228 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
17:10:57.0400 5228 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
17:10:57.0400 5228 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
17:10:57.0410 5228 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
17:10:57.0410 5228 C:\Windows\System32\httpapi.dll - ok
17:10:57.0410 5228 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
17:10:57.0410 5228 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
17:10:57.0410 5228 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
17:10:57.0410 5228 C:\Windows\System32\msimg32.dll - ok
17:10:57.0420 5228 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
17:10:57.0420 5228 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
17:10:57.0420 5228 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
17:10:57.0420 5228 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
17:10:57.0430 5228 [ 18062DF0DCEB4ED88E03A8B161935722 ] C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:10:57.0430 5228 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe - ok
17:10:57.0430 5228 [ F630DD7564EBB7248A13B1CC774D9EA6 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:10:57.0430 5228 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
17:10:57.0440 5228 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll
17:10:57.0440 5228 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll - ok
17:10:57.0440 5228 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
17:10:57.0440 5228 C:\Windows\System32\IKEEXT.DLL - ok
17:10:57.0450 5228 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:10:57.0450 5228 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
17:10:57.0450 5228 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
17:10:57.0450 5228 C:\Windows\System32\vpnikeapi.dll - ok
17:10:57.0450 5228 [ 8F2AE8122F98E20549165F9D526E4430 ] C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
17:10:57.0460 5228 C:\Program Files (x86)\AVG\AVG2013\avgwd.dll - ok
17:10:57.0460 5228 [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
17:10:57.0460 5228 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
17:10:57.0460 5228 [ F59BEDB7C098DAE90DC5C9EB5296621A ] C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll
17:10:57.0460 5228 C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll - ok
17:10:57.0470 5228 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
17:10:57.0470 5228 C:\Windows\SysWOW64\apphelp.dll - ok
17:10:57.0470 5228 [ A207399E698B1AE761300218A5C6C997 ] C:\Program Files (x86)\AVG\AVG2013\fixcfg.exe
17:10:57.0470 5228 C:\Program Files (x86)\AVG\AVG2013\fixcfg.exe - ok
17:10:57.0480 5228 [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
17:10:57.0480 5228 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
17:10:57.0480 5228 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:10:57.0480 5228 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
17:10:57.0490 5228 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
17:10:57.0490 5228 C:\Windows\SysWOW64\cryptsp.dll - ok
17:10:57.0490 5228 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
17:10:57.0490 5228 C:\Windows\SysWOW64\rsaenh.dll - ok
17:10:57.0500 5228 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
17:10:57.0500 5228 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
17:10:57.0500 5228 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
17:10:57.0500 5228 C:\Windows\SysWOW64\mpr.dll - ok
17:10:57.0500 5228 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
17:10:57.0500 5228 C:\Windows\SysWOW64\psapi.dll - ok
17:10:57.0510 5228 [ E78A365CC3E0FBFC018A33DCE01909F8 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
17:10:57.0510 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe - ok
17:10:57.0510 5228 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
17:10:57.0510 5228 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
17:10:57.0520 5228 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
17:10:57.0520 5228 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
17:10:57.0520 5228 [ 7A03683FDEC05543A5CF7AA968129A1F ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccl100u.dll
17:10:57.0520 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccl100u.dll - ok
17:10:57.0520 5228 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
17:10:57.0520 5228 C:\Windows\SysWOW64\dbghelp.dll - ok
17:10:57.0530 5228 [ ABFF5F1E970DBC68E2CAE682378DC717 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccvrtrst.dll
17:10:57.0530 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccvrtrst.dll - ok
17:10:57.0530 5228 [ 177364F26F682529220AF4906131DC2A ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\efacli.dll
17:10:57.0530 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\efacli.dll - ok
17:10:57.0540 5228 [ 1286F9939CC963D379F87A0FB05F6184 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\symneti.dll
17:10:57.0540 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\symneti.dll - ok
17:10:57.0540 5228 [ 2CA0B0C4460898ED5371E4988954F466 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvc.dll
17:10:57.0540 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvc.dll - ok
17:10:57.0550 5228 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
17:10:57.0550 5228 C:\Windows\System32\drivers\PEAuth.sys - ok
17:10:57.0550 5228 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
17:10:57.0550 5228 C:\Windows\System32\nlasvc.dll - ok
17:10:57.0550 5228 [ 39D6403ADF3E02248C42F8AB6D940AF5 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\srtsp32.dll
17:10:57.0550 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\srtsp32.dll - ok
17:10:57.0560 5228 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
17:10:57.0560 5228 C:\Windows\System32\ncsi.dll - ok
17:10:57.0560 5228 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
17:10:57.0560 5228 C:\Windows\System32\aepic.dll - ok
17:10:57.0570 5228 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
17:10:57.0570 5228 C:\Windows\System32\sfc.dll - ok
17:10:57.0570 5228 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
17:10:57.0570 5228 C:\Windows\System32\sfc_os.dll - ok
17:10:57.0570 5228 [ 085D18C71AB2611A3D61528132B6501E ] C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
17:10:57.0570 5228 C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe - ok
17:10:57.0580 5228 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
17:10:57.0580 5228 C:\Windows\System32\ssdpapi.dll - ok
17:10:57.0580 5228 [ DB7951146CA1E218E1D3BCFF115848A3 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccipc.dll
17:10:57.0580 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccipc.dll - ok
17:10:57.0590 5228 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
17:10:57.0590 5228 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
17:10:57.0590 5228 [ 972E0F9D74FA23C0F5B0044A77C6C37E ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\dimaster.dll
17:10:57.0590 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\dimaster.dll - ok
17:10:57.0600 5228 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
17:10:57.0600 5228 C:\Windows\SysWOW64\secur32.dll - ok
17:10:57.0600 5228 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
17:10:57.0600 5228 C:\Windows\SysWOW64\clbcatq.dll - ok
17:10:57.0610 5228 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
17:10:57.0610 5228 C:\Windows\System32\drivers\secdrv.sys - ok
17:10:57.0610 5228 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys
17:10:57.0610 5228 C:\Windows\System32\drivers\Sftfslh.sys - ok
17:10:57.0620 5228 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
17:10:57.0620 5228 C:\Windows\System32\seclogon.dll - ok
17:10:57.0620 5228 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:10:57.0620 5228 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
17:10:57.0630 5228 [ 6FEE15B53D624E06D86759258E1F6A9C ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccset.dll
17:10:57.0630 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccset.dll - ok
17:10:57.0630 5228 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys
17:10:57.0630 5228 C:\Windows\System32\drivers\Sftplaylh.sys - ok
17:10:57.0640 5228 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
17:10:57.0640 5228 C:\Windows\SysWOW64\wbemcomn.dll - ok
17:10:57.0640 5228 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
17:10:57.0640 5228 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
17:10:57.0640 5228 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
17:10:57.0640 5228 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
17:10:57.0650 5228 [ 79128EF15A21117F4423230F08B1CB38 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\distrptr.dll
17:10:57.0650 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\distrptr.dll - ok
17:10:57.0650 5228 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
17:10:57.0650 5228 C:\Windows\SysWOW64\winhttp.dll - ok
17:10:57.0660 5228 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
17:10:57.0660 5228 C:\Windows\SysWOW64\webio.dll - ok
17:10:57.0660 5228 [ 2E5A72F5CF986088081B84ADD6AD458C ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cosvcplg.dll
17:10:57.0660 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cosvcplg.dll - ok
17:10:57.0670 5228 [ A37740568718F245E818D0C5575B9AA9 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
17:10:57.0670 5228 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
17:10:57.0670 5228 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
17:10:57.0670 5228 C:\Windows\SysWOW64\credssp.dll - ok
17:10:57.0680 5228 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
17:10:57.0680 5228 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
17:10:57.0680 5228 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
17:10:57.0680 5228 C:\Windows\System32\drivers\srvnet.sys - ok
17:10:57.0680 5228 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
17:10:57.0680 5228 C:\Windows\System32\drivers\tcpipreg.sys - ok
17:10:57.0690 5228 [ DD296C78B0D2C3F5E42DC0D2972CD992 ] C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
17:10:57.0690 5228 C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe - ok
17:10:57.0690 5228 [ EF4E4231057F9887CDA435A0697A8334 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccgevt.dll
17:10:57.0690 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccgevt.dll - ok
17:10:57.0700 5228 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
17:10:57.0700 5228 C:\Windows\System32\sysmain.dll - ok
17:10:57.0700 5228 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
17:10:57.0700 5228 C:\Windows\System32\wiaservc.dll - ok
17:10:57.0700 5228 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
17:10:57.0700 5228 C:\Windows\System32\wiatrace.dll - ok
17:10:57.0710 5228 [ F9AC3D7E84F7A996E921D9B2DA084F7D ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccglog.dll
17:10:57.0710 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccglog.dll - ok
17:10:57.0710 5228 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
17:10:57.0710 5228 C:\Windows\System32\trkwks.dll - ok
17:10:57.0720 5228 [ 2F33AF526667313ECC13D85DA103CC2E ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccjobmgr.dll
17:10:57.0720 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccjobmgr.dll - ok
17:10:57.0720 5228 [ C59F4FC0C28C236BDDE2FD35167DE054 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsubeng.dll
17:10:57.0720 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsubeng.dll - ok
17:10:57.0720 5228 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
17:10:57.0720 5228 C:\Windows\SysWOW64\powrprof.dll - ok
17:10:57.0730 5228 [ 01BFDFE6F0B272133E23AD148F1078FF ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coFFPlgn.dll
17:10:57.0730 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coFFPlgn.dll - ok
17:10:57.0730 5228 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
17:10:57.0730 5228 C:\Windows\System32\aeevts.dll - ok
17:10:57.0740 5228 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
17:10:57.0740 5228 C:\Windows\System32\msi.dll - ok
17:10:57.0740 5228 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
17:10:57.0740 5228 C:\Windows\System32\wbem\WMIsvc.dll - ok
17:10:57.0750 5228 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
17:10:57.0750 5228 C:\Windows\System32\wbemcomn.dll - ok
17:10:57.0750 5228 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
17:10:57.0750 5228 C:\Windows\System32\wbem\WinMgmtR.dll - ok
17:10:57.0750 5228 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
17:10:57.0750 5228 C:\Program Files\Windows Defender\MpClient.dll - ok
17:10:57.0760 5228 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
17:10:57.0760 5228 C:\Program Files\Windows Defender\MpSvc.dll - ok
17:10:57.0760 5228 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:10:57.0760 5228 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
17:10:57.0770 5228 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
17:10:57.0770 5228 C:\Windows\System32\SensApi.dll - ok
17:10:57.0770 5228 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
17:10:57.0770 5228 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
17:10:57.0770 5228 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
17:10:57.0770 5228 C:\Windows\System32\wer.dll - ok
17:10:57.0780 5228 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:10:57.0780 5228 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
17:10:57.0780 5228 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
17:10:57.0780 5228 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
17:10:57.0790 5228 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
17:10:57.0790 5228 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
17:10:57.0790 5228 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
17:10:57.0790 5228 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
17:10:57.0790 5228 [ 939F327171B94A14D43A54D4BBF2129B ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccemlpxy.dll
17:10:57.0790 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccemlpxy.dll - ok
17:10:57.0800 5228 [ 291FF480EE525B23575FE9D4DED60FAE ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\iron.dll
17:10:57.0800 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\iron.dll - ok
17:10:57.0800 5228 [ A4A6CC47F54E193D3610D422669FF995 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\sndsvc.dll
17:10:57.0800 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\sndsvc.dll - ok
17:10:57.0810 5228 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
17:10:57.0810 5228 C:\Windows\SysWOW64\propsys.dll - ok
17:10:57.0810 5228 [ 721487B5FE3D97D54D36122DB2FE8E1B ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\symrdrsv.dll
17:10:57.0810 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\symrdrsv.dll - ok
17:10:57.0820 5228 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
17:10:57.0820 5228 C:\Windows\SysWOW64\rasapi32.dll - ok
17:10:57.0820 5228 [ 266AA534FDB2224395B4C9BE6F5BD7F0 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\symredir.dll
17:10:57.0820 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\symredir.dll - ok
17:10:57.0820 5228 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
17:10:57.0820 5228 C:\Windows\SysWOW64\rasman.dll - ok
17:10:57.0830 5228 [ 436B0D62726D579B409F5C5AF4BC747A ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\hncore.dll
17:10:57.0830 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\hncore.dll - ok
17:10:57.0830 5228 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
17:10:57.0830 5228 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
17:10:57.0840 5228 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
17:10:57.0840 5228 C:\Windows\SysWOW64\actxprxy.dll - ok
17:10:57.0840 5228 [ 782CB63CA75FFEF178B0BBD7F8BAC17B ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\appmgr32.dll
17:10:57.0840 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\appmgr32.dll - ok
17:10:57.0850 5228 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
17:10:57.0850 5228 C:\Windows\SysWOW64\wship6.dll - ok
17:10:57.0850 5228 [ 935F3CB0C17C661D103570BA361B5DD9 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\isdatapr.dll
17:10:57.0850 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\isdatapr.dll - ok
17:10:57.0850 5228 [ 451A47AC3AF27DAC986B3C18267E2C2F ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\avmodule.dll
17:10:57.0850 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\avmodule.dll - ok
17:10:57.0860 5228 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
17:10:57.0860 5228 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
17:10:57.0860 5228 [ 2F5D445AB96764D0A9EB26DFA0D0F5A3 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\defutdcd.dll
17:10:57.0860 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\defutdcd.dll - ok
17:10:57.0870 5228 [ 20429EBE00CD72682860F7F00CD50354 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ducclib.dll
17:10:57.0870 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ducclib.dll - ok
17:10:57.0870 5228 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
17:10:57.0870 5228 C:\Windows\SysWOW64\ntshrui.dll - ok
17:10:57.0870 5228 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
17:10:57.0870 5228 C:\Windows\SysWOW64\rtutils.dll - ok
17:10:57.0880 5228 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
17:10:57.0880 5228 C:\Windows\SysWOW64\cscapi.dll - ok
17:10:57.0880 5228 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
17:10:57.0880 5228 C:\Windows\SysWOW64\slc.dll - ok
17:10:57.0890 5228 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
17:10:57.0890 5228 C:\Windows\SysWOW64\srvcli.dll - ok
17:10:57.0890 5228 [ 69D7A6CA044CD44AF388D05B540F73EC ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ncw.dll
17:10:57.0890 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ncw.dll - ok
17:10:57.0890 5228 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
17:10:57.0890 5228 C:\Windows\System32\esent.dll - ok
17:10:57.0900 5228 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
17:10:57.0900 5228 C:\Windows\System32\wbem\wbemcore.dll - ok
17:10:57.0900 5228 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
17:10:57.0900 5228 C:\Windows\SysWOW64\wshqos.dll - ok
17:10:57.0900 5228 [ 44C71034567D1D98C49281F28B8D2BA4 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\avpsvc32.dll
17:10:57.0900 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\avpsvc32.dll - ok
17:10:57.0910 5228 [ 73EC60501FE247C811B640F69E0FAE6B ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltlmc.dll
17:10:57.0910 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltlmc.dll - ok
17:10:57.0910 5228 [ 2D62FF2B999A0A38E6438691C246481F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
17:10:57.0910 5228 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
17:10:57.0920 5228 [ 37F1F5CCD06334EE9D9C1E8FC986DD72 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\iserror.dll
17:10:57.0920 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\iserror.dll - ok
17:10:57.0920 5228 [ FCB82479AE5DC880AD85B9DFCA4C2D45 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltlms.dll
17:10:57.0920 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltlms.dll - ok
17:10:57.0930 5228 [ 33C3A5CD1D4F95AED46D6C6081EDD3F3 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\bhclient.dll
17:10:57.0930 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\bhclient.dll - ok
17:10:57.0930 5228 [ 1D340BF30C4BA80D86C4FBAEC5D582E9 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120202.018\NAVENG32.DLL
17:10:57.0930 5228 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120202.018\NAVENG32.DLL - ok
17:10:57.0940 5228 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
17:10:57.0940 5228 C:\Windows\System32\wbem\esscli.dll - ok
17:10:57.0940 5228 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
17:10:57.0940 5228 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
17:10:57.0940 5228 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
17:10:57.0940 5228 C:\Windows\System32\msxml3.dll - ok
17:10:57.0950 5228 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
17:10:57.0950 5228 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
17:10:57.0950 5228 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
17:10:57.0950 5228 C:\Windows\SysWOW64\netapi32.dll - ok
17:10:57.0950 5228 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
17:10:57.0950 5228 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
17:10:57.0961 5228 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
17:10:57.0961 5228 C:\Windows\SysWOW64\netutils.dll - ok
17:10:57.0961 5228 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
17:10:57.0961 5228 C:\Windows\SysWOW64\wkscli.dll - ok
17:10:57.0971 5228 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
17:10:57.0971 5228 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
17:10:57.0971 5228 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
17:10:57.0971 5228 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
17:10:57.0971 5228 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
17:10:57.0971 5228 C:\Windows\SysWOW64\SensApi.dll - ok
17:10:57.0981 5228 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
17:10:57.0981 5228 C:\Windows\SysWOW64\logoncli.dll - ok
17:10:57.0981 5228 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
17:10:57.0981 5228 C:\Windows\SysWOW64\msi.dll - ok
17:10:57.0991 5228 [ 757DD68F6010AA31FA87C93C942FDC37 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\asengine.dll
17:10:57.0991 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\asengine.dll - ok
17:10:57.0991 5228 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
17:10:57.0991 5228 C:\Windows\System32\drivers\srv2.sys - ok
17:10:57.0991 5228 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
17:10:57.0991 5228 C:\Windows\System32\drivers\srv.sys - ok
17:10:58.0001 5228 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
17:10:58.0001 5228 C:\Windows\System32\wbem\fastprox.dll - ok
17:10:58.0001 5228 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
17:10:58.0001 5228 C:\Windows\System32\ntdsapi.dll - ok
17:10:58.0011 5228 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
17:10:58.0011 5228 C:\Windows\System32\iphlpsvc.dll - ok
17:10:58.0011 5228 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
17:10:58.0011 5228 C:\Windows\System32\wbem\wbemprox.dll - ok
17:10:58.0011 5228 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
17:10:58.0011 5228 C:\Windows\System32\wbem\wbemsvc.dll - ok
17:10:58.0021 5228 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
17:10:58.0021 5228 C:\Windows\System32\sqmapi.dll - ok
17:10:58.0021 5228 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
17:10:58.0021 5228 C:\Windows\System32\wdscore.dll - ok
17:10:58.0031 5228 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
17:10:58.0031 5228 C:\Windows\System32\browser.dll - ok
17:10:58.0031 5228 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
17:10:58.0031 5228 C:\Windows\System32\netmsg.dll - ok
17:10:58.0031 5228 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
17:10:58.0031 5228 C:\Windows\System32\srvsvc.dll - ok
17:10:58.0041 5228 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
17:10:58.0041 5228 C:\Windows\System32\wbem\wmiutils.dll - ok
17:10:58.0041 5228 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
17:10:58.0041 5228 C:\Windows\System32\hnetcfg.dll - ok
17:10:58.0051 5228 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
17:10:58.0051 5228 C:\Windows\System32\wbem\repdrvfs.dll - ok
17:10:58.0051 5228 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
17:10:58.0051 5228 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
17:10:58.0051 5228 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
17:10:58.0051 5228 C:\Windows\System32\ncobjapi.dll - ok
17:10:58.0061 5228 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
17:10:58.0061 5228 C:\Windows\System32\wbem\wbemess.dll - ok
17:10:58.0061 5228 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys
17:10:58.0061 5228 C:\Windows\System32\drivers\Sftredirlh.sys - ok
17:10:58.0071 5228 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
17:10:58.0071 5228 C:\Windows\SysWOW64\fltLib.dll - ok
17:10:58.0071 5228 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
17:10:58.0071 5228 C:\Windows\SysWOW64\schannel.dll - ok
17:10:58.0081 5228 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
17:10:58.0081 5228 C:\Windows\System32\dssenh.dll - ok
17:10:58.0081 5228 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
17:10:58.0081 5228 C:\Program Files\Windows Defender\MpRTP.dll - ok
17:10:58.0091 5228 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
17:10:58.0091 5228 C:\Windows\System32\tdh.dll - ok
17:10:58.0091 5228 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7162E910-69D5-468E-BF16-3EABA034C93F}\mpengine.dll
17:10:58.0091 5228 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7162E910-69D5-468E-BF16-3EABA034C93F}\mpengine.dll - ok
17:10:58.0091 5228 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
17:10:58.0091 5228 C:\Windows\System32\sscore.dll - ok
17:10:58.0101 5228 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
17:10:58.0101 5228 C:\Windows\System32\clusapi.dll - ok
17:10:58.0101 5228 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
17:10:58.0101 5228 C:\Windows\System32\resutils.dll - ok
17:10:58.0111 5228 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
17:10:58.0111 5228 C:\Windows\System32\winspool.drv - ok
17:10:58.0111 5228 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
17:10:58.0111 5228 C:\Program Files\Bonjour\mdnsNSP.dll - ok
17:10:58.0111 5228 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
17:10:58.0111 5228 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
17:10:58.0121 5228 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
17:10:58.0121 5228 C:\Windows\System32\localspl.dll - ok
17:10:58.0121 5228 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
17:10:58.0121 5228 C:\Windows\System32\rasadhlp.dll - ok
17:10:58.0131 5228 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
17:10:58.0131 5228 C:\Windows\System32\spoolss.dll - ok
17:10:58.0131 5228 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
17:10:58.0131 5228 C:\Windows\System32\FXSMON.dll - ok
17:10:58.0141 5228 [ 62A0ED06E9FF55EEF51B27EC4839EE0B ] C:\Windows\System32\hpz3lw71.dll
17:10:58.0141 5228 C:\Windows\System32\hpz3lw71.dll - ok
17:10:58.0141 5228 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
17:10:58.0141 5228 C:\Windows\System32\PrintIsolationProxy.dll - ok
17:10:58.0141 5228 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
17:10:58.0141 5228 C:\Windows\System32\tcpmon.dll - ok
17:10:58.0151 5228 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
17:10:58.0151 5228 C:\Windows\System32\snmpapi.dll - ok
17:10:58.0151 5228 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
17:10:58.0151 5228 C:\Windows\System32\usbmon.dll - ok
17:10:58.0151 5228 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
17:10:58.0151 5228 C:\Windows\System32\WSDMon.dll - ok
17:10:58.0161 5228 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
17:10:58.0161 5228 C:\Windows\System32\wsnmp32.dll - ok
17:10:58.0161 5228 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
17:10:58.0161 5228 C:\Windows\System32\fdPnp.dll - ok
17:10:58.0171 5228 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
17:10:58.0171 5228 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
17:10:58.0171 5228 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
17:10:58.0171 5228 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
17:10:58.0171 5228 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
17:10:58.0171 5228 C:\Windows\System32\win32spl.dll - ok
17:10:58.0181 5228 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
17:10:58.0181 5228 C:\Windows\System32\inetpp.dll - ok
17:10:58.0181 5228 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
17:10:58.0181 5228 C:\Windows\System32\cscapi.dll - ok
17:10:58.0181 5228 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
17:10:58.0181 5228 C:\Windows\SysWOW64\msxml6.dll - ok
17:10:58.0191 5228 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7162E910-69D5-468E-BF16-3EABA034C93F}\mpasbase.vdm
17:10:58.0191 5228 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7162E910-69D5-468E-BF16-3EABA034C93F}\mpasbase.vdm - ok
17:10:58.0191 5228 [ 9092F57AFC5328F9F98F0936CB4AD391 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7162E910-69D5-468E-BF16-3EABA034C93F}\mpasdlta.vdm
17:10:58.0191 5228 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7162E910-69D5-468E-BF16-3EABA034C93F}\mpasdlta.vdm - ok
17:10:58.0191 5228 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
17:10:58.0191 5228 C:\Program Files\Windows Defender\MsMpLics.dll - ok
17:10:58.0201 5228 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
17:10:58.0201 5228 C:\Windows\System32\wscapi.dll - ok
17:10:58.0201 5228 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
17:10:58.0201 5228 C:\Windows\SysWOW64\dnsapi.dll - ok
17:10:58.0211 5228 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
17:10:58.0211 5228 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
17:10:58.0211 5228 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
17:10:58.0211 5228 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
17:10:58.0221 5228 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
17:10:58.0221 5228 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
17:10:58.0221 5228 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
17:10:58.0221 5228 C:\Windows\SysWOW64\credui.dll - ok
17:10:58.0221 5228 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
17:10:58.0221 5228 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
17:10:58.0231 5228 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
17:10:58.0231 5228 C:\Windows\System32\wscisvif.dll - ok
17:10:58.0231 5228 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
17:10:58.0231 5228 C:\Windows\System32\wscproxystub.dll - ok
17:10:58.0241 5228 [ 3AB96E38084CAFC4C113BC3FD085B3DC ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\avmail.dll
17:10:58.0241 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\avmail.dll - ok
17:10:58.0241 5228 [ A78018F2AD2E501E380320264883784C ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\CLT\cltLMSx.dll
17:10:58.0241 5228 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\CLT\cltLMSx.dll - ok
17:10:58.0251 5228 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
17:10:58.0251 5228 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
17:10:58.0251 5228 [ BECAE02803277EFEC3FFB6C31FECA370 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\bhsvcplg.dll
17:10:58.0251 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\bhsvcplg.dll - ok
17:10:58.0251 5228 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
17:10:58.0251 5228 C:\Windows\SysWOW64\ntdsapi.dll - ok
17:10:58.0261 5228 [ EDBDE5BE736E77A64D8D47069B536299 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ipsplug.dll
17:10:58.0261 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ipsplug.dll - ok
17:10:58.0261 5228 [ D724A1367B79F9BDD150BA0DC11DEDF1 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\isdatasv.dll
17:10:58.0261 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\isdatasv.dll - ok
17:10:58.0271 5228 [ 0137C7150F01DB5C2C36C3D98841BE07 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\dscli.dll
17:10:58.0271 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\dscli.dll - ok
17:10:58.0271 5228 [ 6BB2C959F9D33C468856E603E785905D ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120202.002\IDSxpx86.dll
17:10:58.0271 5228 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120202.002\IDSxpx86.dll - ok
17:10:58.0281 5228 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
17:10:58.0281 5228 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
17:10:58.0281 5228 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
17:10:58.0281 5228 C:\Windows\SysWOW64\ncrypt.dll - ok
17:10:58.0281 5228 [ 4F44EE5DCC36A26E02A9235D69CDE359 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\fwcore.dll
17:10:58.0281 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\fwcore.dll - ok
17:10:58.0291 5228 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
17:10:58.0291 5228 C:\Windows\SysWOW64\bcrypt.dll - ok
17:10:58.0291 5228 [ 82C519ED383B337CFC8F998A06C57AC5 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\idsaux.dll
17:10:58.0291 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\idsaux.dll - ok
17:10:58.0291 5228 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
17:10:58.0291 5228 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
17:10:58.0301 5228 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
17:10:58.0301 5228 C:\Windows\System32\wbem\cimwin32.dll - ok
17:10:58.0301 5228 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
17:10:58.0301 5228 C:\Windows\System32\wbem\wmiprov.dll - ok
17:10:58.0301 5228 [ A4ADF68950E010EDD6A643C2F4EC436B ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\fwgenplg.dll
17:10:58.0301 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\fwgenplg.dll - ok
17:10:58.0311 5228 [ B0988A09EC029F1EADA7C4BBC6383335 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120202.002\IPSFFPl.dll
17:10:58.0311 5228 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120202.002\IPSFFPl.dll - ok
17:10:58.0311 5228 [ B0988A09EC029F1EADA7C4BBC6383335 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\components\IPSFFPl.dll
17:10:58.0311 5228 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\components\IPSFFPl.dll - ok
17:10:58.0321 5228 [ C52F26B8A20847D79F59FCC03D62696E ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120121.002\BHEngine.dll
17:10:58.0321 5228 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120121.002\BHEngine.dll - ok
17:10:58.0321 5228 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
17:10:58.0321 5228 C:\Windows\System32\framedynos.dll - ok
17:10:58.0331 5228 [ 169EFEBE66BD1041A9D5B518E8D71687 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\avifc.dll
17:10:58.0331 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\avifc.dll - ok
17:10:58.0331 5228 [ 9046CB953A6F4FBEDD399C87E31D1A0E ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\fwsetup.dll
17:10:58.0331 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\fwsetup.dll - ok
17:10:58.0331 5228 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
17:10:58.0331 5228 C:\Windows\SysWOW64\hlink.dll - ok
17:10:58.0341 5228 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
17:10:58.0341 5228 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
17:10:58.0341 5228 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
17:10:58.0341 5228 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
17:10:58.0341 5228 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
17:10:58.0341 5228 C:\Windows\SysWOW64\msv1_0.dll - ok
17:10:58.0351 5228 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
17:10:58.0351 5228 C:\Windows\SysWOW64\cryptdll.dll - ok
17:10:58.0351 5228 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
17:10:58.0351 5228 C:\Windows\SysWOW64\msxml3.dll - ok
17:10:58.0361 5228 [ 7BC3381C0713F613B31ACDE38B71CB53 ] C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
17:10:58.0361 5228 C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys - ok
17:10:58.0361 5228 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
17:10:58.0361 5228 C:\Windows\System32\npmproxy.dll - ok
17:10:58.0361 5228 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
17:10:58.0361 5228 C:\Windows\System32\SearchIndexer.exe - ok
17:10:58.0371 5228 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
17:10:58.0371 5228 C:\Windows\System32\mprapi.dll - ok
17:10:58.0371 5228 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
17:10:58.0371 5228 C:\Windows\System32\ndiscapCfg.dll - ok
17:10:58.0371 5228 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
17:10:58.0371 5228 C:\Windows\System32\rascfg.dll - ok
17:10:58.0381 5228 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
17:10:58.0381 5228 C:\Windows\System32\tquery.dll - ok
17:10:58.0381 5228 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
17:10:58.0381 5228 C:\Windows\System32\mprmsg.dll - ok
17:10:58.0381 5228 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
17:10:58.0381 5228 C:\Windows\System32\tcpipcfg.dll - ok
17:10:58.0391 5228 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
17:10:58.0391 5228 C:\Windows\System32\mssrch.dll - ok
17:10:58.0391 5228 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
17:10:58.0391 5228 C:\Windows\System32\nci.dll - ok
17:10:58.0391 5228 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
17:10:58.0391 5228 C:\Windows\System32\wlaninst.dll - ok
17:10:58.0401 5228 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
17:10:58.0401 5228 C:\Windows\System32\wwaninst.dll - ok
17:10:58.0401 5228 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
17:10:58.0401 5228 C:\Windows\System32\Apphlpdm.dll - ok
17:10:58.0411 5228 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
17:10:58.0411 5228 C:\Windows\System32\msidle.dll - ok
17:10:58.0411 5228 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
17:10:58.0411 5228 C:\Windows\System32\wdi.dll - ok
17:10:58.0421 5228 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
17:10:58.0421 5228 C:\Windows\System32\wpdbusenum.dll - ok
17:10:58.0421 5228 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
17:10:58.0421 5228 C:\Windows\System32\diagperf.dll - ok
17:10:58.0431 5228 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
17:10:58.0431 5228 C:\Windows\System32\mssprxy.dll - ok
17:10:58.0431 5228 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
17:10:58.0431 5228 C:\Windows\System32\perftrack.dll - ok
17:10:58.0441 5228 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
17:10:58.0441 5228 C:\Windows\System32\PortableDeviceApi.dll - ok
17:10:58.0441 5228 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
17:10:58.0441 5228 C:\Windows\SysWOW64\mssprxy.dll - ok
17:10:58.0441 5228 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
17:10:58.0441 5228 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
17:10:58.0451 5228 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
17:10:58.0451 5228 C:\Windows\System32\en-US\tquery.dll.mui - ok
17:10:58.0451 5228 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
17:10:58.0451 5228 C:\Windows\System32\pnpts.dll - ok
17:10:58.0451 5228 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
17:10:58.0451 5228 C:\Windows\System32\wdiasqmmodule.dll - ok
17:10:58.0461 5228 [ 33DBBF33E684C3876145A26196A50620 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\fwhelper.dll
17:10:58.0461 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\fwhelper.dll - ok
17:10:58.0461 5228 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
17:10:58.0461 5228 C:\Windows\System32\aelupsvc.dll - ok
17:10:58.0461 5228 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
17:10:58.0461 5228 C:\Windows\System32\SearchProtocolHost.exe - ok
17:10:58.0471 5228 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
17:10:58.0471 5228 C:\Windows\System32\msshooks.dll - ok
17:10:58.0471 5228 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
17:10:58.0471 5228 C:\Windows\System32\SearchFilterHost.exe - ok
17:10:58.0481 5228 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
17:10:58.0481 5228 C:\Windows\System32\mscoree.dll - ok
17:10:58.0481 5228 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
17:10:58.0481 5228 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
17:10:58.0491 5228 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
17:10:58.0491 5228 C:\Windows\System32\mssph.dll - ok
17:10:58.0491 5228 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
17:10:58.0491 5228 C:\Windows\System32\mapi32.dll - ok
17:10:58.0491 5228 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
17:10:58.0491 5228 C:\Windows\System32\NaturalLanguage6.dll - ok
17:10:58.0501 5228 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
17:10:58.0501 5228 C:\Windows\System32\NlsData0009.dll - ok
17:10:58.0501 5228 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
17:10:58.0501 5228 C:\Windows\System32\NlsLexicons0009.dll - ok
17:10:58.0501 5228 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
17:10:58.0501 5228 C:\Windows\System32\dllhost.exe - ok
17:10:58.0511 5228 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
17:10:58.0511 5228 C:\Windows\System32\IDStore.dll - ok
17:10:58.0511 5228 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
17:10:58.0511 5228 C:\Windows\System32\taskhost.exe - ok
17:10:58.0511 5228 [ F24FC0B2456186E35C51FEF5FD55E853 ] C:\Windows\SysWOW64\ezUPBHook.dll
17:10:58.0511 5228 C:\Windows\SysWOW64\ezUPBHook.dll - ok
17:10:58.0521 5228 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
17:10:58.0521 5228 C:\Windows\System32\AtBroker.exe - ok
17:10:58.0521 5228 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
17:10:58.0521 5228 C:\Windows\System32\mpr.dll - ok
17:10:58.0531 5228 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
17:10:58.0531 5228 C:\Windows\System32\userinit.exe - ok
17:10:58.0531 5228 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
17:10:58.0531 5228 C:\Windows\System32\dwm.exe - ok
17:10:58.0541 5228 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
17:10:58.0541 5228 C:\Windows\explorer.exe - ok
17:10:58.0541 5228 [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
17:10:58.0541 5228 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
17:10:58.0551 5228 [ 2CF497C586D50F7D402BEC33156E0AF4 ] C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
17:10:58.0551 5228 C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe - ok
17:10:58.0551 5228 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
17:10:58.0551 5228 C:\Windows\System32\radardt.dll - ok
17:10:58.0551 5228 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
17:10:58.0551 5228 C:\Windows\System32\dwmredir.dll - ok
17:10:58.0561 5228 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
17:10:58.0561 5228 C:\Windows\System32\dwmcore.dll - ok
17:10:58.0561 5228 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
17:10:58.0561 5228 C:\Windows\System32\PlaySndSrv.dll - ok
17:10:58.0561 5228 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
17:10:58.0561 5228 C:\Windows\SysWOW64\uxtheme.dll - ok
17:10:58.0571 5228 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
17:10:58.0571 5228 C:\Windows\SysWOW64\dwmapi.dll - ok
17:10:58.0571 5228 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
17:10:58.0571 5228 C:\Windows\SysWOW64\comdlg32.dll - ok
17:10:58.0581 5228 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
17:10:58.0581 5228 C:\Windows\SysWOW64\msimg32.dll - ok
17:10:58.0581 5228 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
17:10:58.0581 5228 C:\Windows\System32\d3d10_1.dll - ok
17:10:58.0581 5228 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
17:10:58.0581 5228 C:\Windows\System32\MsCtfMonitor.dll - ok
17:10:58.0591 5228 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
17:10:58.0591 5228 C:\Windows\System32\msutb.dll - ok
17:10:58.0591 5228 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
17:10:58.0591 5228 C:\Windows\System32\HotStartUserAgent.dll - ok
17:10:58.0591 5228 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
17:10:58.0591 5228 C:\Windows\System32\d3d10_1core.dll - ok
17:10:58.0601 5228 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
17:10:58.0601 5228 C:\Windows\SysWOW64\oledlg.dll - ok
17:10:58.0601 5228 [ C1A23BE255D97AF1E6AAEB028D604A60 ] C:\Program Files (x86)\HP SimplePass 2011\BioLayer.dll
17:10:58.0601 5228 C:\Program Files (x86)\HP SimplePass 2011\BioLayer.dll - ok
17:10:58.0601 5228 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
17:10:58.0601 5228 C:\Windows\System32\dxgi.dll - ok
17:10:58.0611 5228 [ 41B78C8E46B08F5A6F740D5ADAB298C9 ] C:\Program Files (x86)\HP SimplePass 2011\TokenMachine.dll
17:10:58.0611 5228 C:\Program Files (x86)\HP SimplePass 2011\TokenMachine.dll - ok
17:10:58.0611 5228 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\SysWOW64\winbio.dll
17:10:58.0611 5228 C:\Windows\SysWOW64\winbio.dll - ok
17:10:58.0611 5228 [ 7D6D810C7A6B7A37F9F61687AFC5F9A0 ] C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
17:10:58.0611 5228 C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe - ok
17:10:58.0621 5228 [ CE291A12090CBB2A4BCB1F7A547DEC37 ] C:\Windows\System32\igd10umd64.dll
17:10:58.0621 5228 C:\Windows\System32\igd10umd64.dll - ok
17:10:58.0621 5228 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
17:10:58.0621 5228 C:\Windows\System32\uDWM.dll - ok
17:10:58.0631 5228 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
17:10:58.0631 5228 C:\Windows\SysWOW64\sxs.dll - ok
17:10:58.0631 5228 [ 25DC2E1120CDC041273B91325B9092A4 ] C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll
17:10:58.0631 5228 C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll - ok
17:10:58.0641 5228 [ CDA9EFE673DAEBAAA3E615BD0B027157 ] C:\Program Files (x86)\HP SimplePass 2011\DataManager.dll
17:10:58.0641 5228 C:\Program Files (x86)\HP SimplePass 2011\DataManager.dll - ok
17:10:58.0641 5228 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
17:10:58.0641 5228 C:\Windows\SysWOW64\imagehlp.dll - ok
17:10:58.0641 5228 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
17:10:58.0641 5228 C:\Windows\SysWOW64\samcli.dll - ok
17:10:58.0651 5228 [ 3656CEB53172661E261C95EC71944FB4 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
17:10:58.0651 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll - ok
17:10:58.0651 5228 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
17:10:58.0651 5228 C:\Windows\SysWOW64\gpapi.dll - ok
17:10:58.0661 5228 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
17:10:58.0661 5228 C:\Windows\SysWOW64\riched20.dll - ok
17:10:58.0661 5228 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
17:10:58.0661 5228 C:\Windows\SysWOW64\cryptnet.dll - ok
17:10:58.0661 5228 [ 0A828405EDC5A4FB8558BB685356B1E8 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\npctray.dll
17:10:58.0661 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\npctray.dll - ok
17:10:58.0671 5228 [ FC2D39C9111D353BE4A32AED1D6D2FF4 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\npcstats.dll
17:10:58.0671 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\npcstats.dll - ok
17:10:58.0671 5228 [ 58E4954BF382E2CF03B9A2AEA2DF0914 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\symhtml.dll
17:10:58.0671 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\symhtml.dll - ok
17:10:58.0681 5228 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
17:10:58.0681 5228 C:\Windows\SysWOW64\ieframe.dll - ok
17:10:58.0681 5228 [ 0881FAF791DB7CE3182B13F967D54104 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ashelper.dll
17:10:58.0681 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ashelper.dll - ok
17:10:58.0691 5228 [ 6ACE34A451E8C5BB5379790D9FB1B60A ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\asoehook.dll
17:10:58.0691 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\asoehook.dll - ok
17:10:58.0691 5228 [ 5815E0AFC8C671C26D1516C30E0887C6 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltelprv.dll
17:10:58.0691 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltelprv.dll - ok
17:10:58.0701 5228 [ A82D845911458D37E5643334EA246DC2 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\hsui.dll
17:10:58.0701 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\hsui.dll - ok
17:10:58.0701 5228 [ C003991FCE02E03FAC432378F28084DC ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\codatapr.dll
17:10:58.0701 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\codatapr.dll - ok
17:10:58.0701 5228 [ BF2AD535B7BC7CCC0CF96CD422286E60 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\avpapp32.dll
17:10:58.0701 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\avpapp32.dll - ok
17:10:58.0711 5228 [ E9F81031963175D9270923C7350F2A8C ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ispwd.dll
17:10:58.0711 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ispwd.dll - ok
17:10:58.0711 5228 [ F5879CC8C94CB87E0B9E3A7EAD4E5DC8 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltaldis.dll
17:10:58.0711 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltaldis.dll - ok
17:10:58.0721 5228 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
17:10:58.0721 5228 C:\Windows\System32\ExplorerFrame.dll - ok
17:10:58.0721 5228 [ DA40159AB82A2E9AF64F4E30B1BF05F0 ] C:\Program Files (x86)\Norton Internet Security\MUI\18.7.2.3\09\01\cltres.loc
17:10:58.0721 5228 C:\Program Files (x86)\Norton Internet Security\MUI\18.7.2.3\09\01\cltres.loc - ok
17:10:58.0731 5228 [ 9A7EAFFBC2BFDB27608BE7E417764FE3 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\fwsesal.dll
17:10:58.0731 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\fwsesal.dll - ok
17:10:58.0731 5228 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
17:10:58.0731 5228 C:\Windows\SysWOW64\samlib.dll - ok
17:10:58.0741 5228 [ 169193C626E22A1C215E9C370CDF8E3C ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\acctmgr.dll
17:10:58.0741 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\acctmgr.dll - ok
17:10:58.0741 5228 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
17:10:58.0741 5228 C:\Windows\System32\EhStorShell.dll - ok
17:10:58.0751 5228 [ D2BBC72E0CDF8639C8274EDB395C9103 ] C:\Windows\SysWOW64\dinput.dll
17:10:58.0751 5228 C:\Windows\SysWOW64\dinput.dll - ok
17:10:58.0751 5228 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
17:10:58.0751 5228 C:\Windows\System32\ntshrui.dll - ok
17:10:58.0751 5228 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
17:10:58.0751 5228 C:\Windows\System32\wbem\unsecapp.exe - ok
17:10:58.0761 5228 [ 70512B221F1A69DD768C8555B0967F70 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\sdkcmn.dll
17:10:58.0761 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\sdkcmn.dll - ok
17:10:58.0761 5228 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
17:10:58.0761 5228 C:\Windows\System32\IconCodecService.dll - ok
17:10:58.0771 5228 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
17:10:58.0771 5228 C:\Windows\System32\appinfo.dll - ok
17:10:58.0771 5228 [ 42A1455259C73A84903FE7D1574920F4 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\uialert.dll
17:10:58.0771 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\uialert.dll - ok
17:10:58.0781 5228 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
17:10:58.0781 5228 C:\Windows\System32\wbem\NCProv.dll - ok
17:10:58.0781 5228 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
17:10:58.0781 5228 C:\Windows\SysWOW64\prnfldr.dll - ok
17:10:58.0781 5228 [ 79F0E458E5B79C1EB51535E8B990BEAD ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltnahd.dll
17:10:58.0781 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltnahd.dll - ok
17:10:58.0791 5228 [ F8A6AC9ED41D4F79F49759762126C1F9 ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltwzhlp.dll
17:10:58.0791 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltwzhlp.dll - ok
17:10:58.0791 5228 [ 845360521E44B93913FBA4FBAD58A63B ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltrdurl.dll
17:10:58.0791 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltrdurl.dll - ok
17:10:58.0801 5228 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
17:10:58.0801 5228 C:\Windows\SysWOW64\linkinfo.dll - ok
17:10:58.0801 5228 [ ABB81D0A091D87876951AD9F0CB8BD4A ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ruleui.dll
17:10:58.0801 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ruleui.dll - ok
17:10:58.0801 5228 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
17:10:58.0801 5228 C:\Windows\System32\runonce.exe - ok
17:10:58.0811 5228 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
17:10:58.0811 5228 C:\Windows\SysWOW64\runonce.exe - ok
17:10:58.0811 5228 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
17:10:58.0811 5228 C:\Windows\SysWOW64\cmd.exe - ok
17:10:58.0811 5228 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
17:10:58.0811 5228 C:\Windows\SysWOW64\winbrand.dll - ok
17:10:58.0821 5228 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
17:10:58.0821 5228 C:\Windows\SysWOW64\shdocvw.dll - ok
17:10:58.0821 5228 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Nabila\AppData\Local\Temp\717DD0ED-3843-4ADF-AAF3-38F8E0D4B8FD.exe
17:10:58.0821 5228 C:\Users\Nabila\AppData\Local\Temp\717DD0ED-3843-4ADF-AAF3-38F8E0D4B8FD.exe - ok
17:10:58.0831 5228 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
17:10:58.0831 5228 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
17:10:58.0831 5228 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
17:10:58.0831 5228 C:\Windows\SysWOW64\EhStorShell.dll - ok
17:10:58.0831 5228 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
17:10:58.0831 5228 C:\Windows\SysWOW64\imageres.dll - ok
17:10:58.0841 5228 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
17:10:58.0841 5228 C:\Windows\System32\taskeng.exe - ok
17:10:58.0841 5228 [ 30825B784F44B45610DBCAF6B131784B ] C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
17:10:58.0841 5228 C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe - ok
17:10:58.0841 5228 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:10:58.0841 5228 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
17:10:58.0851 5228 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
17:10:58.0851 5228 C:\Windows\System32\TSChannel.dll - ok
17:10:58.0851 5228 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
17:10:58.0851 5228 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
17:10:58.0861 5228 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
17:10:58.0861 5228 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
17:10:58.0861 5228 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
17:10:58.0861 5228 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
17:10:58.0861 5228 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
17:10:58.0861 5228 C:\Windows\SysWOW64\mstask.dll - ok
17:10:58.0871 5228 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
17:10:58.0871 5228 C:\Windows\System32\NapiNSP.dll - ok
17:10:58.0871 5228 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
17:10:58.0871 5228 C:\Windows\System32\pnrpnsp.dll - ok
17:10:58.0871 5228 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
17:10:58.0871 5228 C:\Windows\System32\winrnr.dll - ok
17:10:58.0881 5228 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe
17:10:58.0881 5228 C:\Windows\svchost.exe - ok
17:10:58.0881 5228 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
17:10:58.0881 5228 C:\Windows\SysWOW64\dsound.dll - ok
17:10:58.0881 5228 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\SysWOW64\mshtml.dll
17:10:58.0881 5228 C:\Windows\SysWOW64\mshtml.dll - ok
17:10:58.0891 5228 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
17:10:58.0891 5228 C:\Windows\SysWOW64\nlaapi.dll - ok
17:10:58.0891 5228 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
17:10:58.0891 5228 C:\Windows\SysWOW64\rasadhlp.dll - ok
17:10:58.0901 5228 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
17:10:58.0901 5228 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
17:10:58.0901 5228 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
17:10:58.0901 5228 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
17:10:58.0911 5228 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
17:10:58.0911 5228 C:\Windows\System32\dimsjob.dll - ok
17:10:58.0911 5228 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
17:10:58.0911 5228 C:\Windows\System32\pautoenr.dll - ok
17:10:58.0911 5228 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
17:10:58.0911 5228 C:\Windows\System32\certcli.dll - ok
17:10:58.0921 5228 [ B7F55E2AE978D3D34F7876EE5D689AAE ] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
17:10:58.0921 5228 C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe - ok
17:10:58.0921 5228 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
17:10:58.0921 5228 C:\Windows\System32\CertEnroll.dll - ok
17:10:58.0931 5228 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
17:10:58.0931 5228 C:\Windows\SysWOW64\pdh.dll - ok
17:10:58.0931 5228 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
17:10:58.0931 5228 C:\Windows\System32\IPSECSVC.DLL - ok
17:10:58.0931 5228 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
17:10:58.0931 5228 C:\Windows\System32\FwRemoteSvr.dll - ok
17:10:58.0941 5228 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
17:10:58.0941 5228 C:\Windows\SysWOW64\perfos.dll - ok
17:10:58.0941 5228 [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
17:10:58.0941 5228 C:\Windows\SysWOW64\perfdisk.dll - ok
17:10:58.0941 5228 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
17:10:58.0941 5228 C:\Windows\SysWOW64\devenum.dll - ok
17:10:58.0951 5228 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
17:10:58.0951 5228 C:\Windows\SysWOW64\msdmo.dll - ok
17:10:58.0951 5228 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
17:10:58.0951 5228 C:\Windows\SysWOW64\avicap32.dll - ok
17:10:58.0961 5228 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
17:10:58.0961 5228 C:\Windows\SysWOW64\msvfw32.dll - ok
17:10:58.0961 5228 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
17:10:58.0961 5228 C:\Windows\SysWOW64\vfwwdm32.dll - ok
17:10:58.0971 5228 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
17:10:58.0971 5228 C:\Windows\System32\spfileq.dll - ok
17:10:58.0971 5228 [ 93065308C1B237A9C4A021A0C5AA65CA ] C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\qbackup.dll
17:10:58.0971 5228 C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\qbackup.dll - ok
17:10:58.0971 5228 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
17:10:58.0971 5228 C:\Windows\SysWOW64\netprofm.dll - ok
17:10:58.0981 5228 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
17:10:58.0981 5228 C:\Windows\SysWOW64\npmproxy.dll - ok
17:10:58.0981 5228 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
17:10:58.0981 5228 C:\Windows\SysWOW64\sfc.dll - ok
17:10:58.0981 5228 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
17:10:58.0981 5228 C:\Windows\SysWOW64\sfc_os.dll - ok
17:10:58.0991 5228 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
17:10:58.0991 5228 C:\Windows\SysWOW64\devrtl.dll - ok
17:10:58.0991 5228 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
17:10:58.0991 5228 C:\Windows\System32\ie4uinit.exe - ok
17:10:58.0991 5228 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
17:10:58.0991 5228 C:\Windows\System32\iedkcs32.dll - ok
17:10:59.0001 5228 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
17:10:59.0001 5228 C:\Windows\System32\timedate.cpl - ok
17:10:59.0001 5228 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
17:10:59.0001 5228 C:\Windows\System32\actxprxy.dll - ok
17:10:59.0011 5228 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
17:10:59.0011 5228 C:\Windows\System32\shdocvw.dll - ok
17:10:59.0011 5228 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
17:10:59.0011 5228 C:\Windows\System32\linkinfo.dll - ok
17:10:59.0021 5228 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
17:10:59.0021 5228 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
17:10:59.0021 5228 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
17:10:59.0021 5228 C:\Windows\System32\msftedit.dll - ok
17:10:59.0021 5228 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
17:10:59.0021 5228 C:\Windows\System32\msls31.dll - ok
17:10:59.0031 5228 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
17:10:59.0031 5228 C:\Windows\System32\gameux.dll - ok
17:10:59.0031 5228 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
17:10:59.0031 5228 C:\Windows\System32\DeviceCenter.dll - ok
17:10:59.0031 5228 [ B3252A04A0FF11053CA2119A893F3EAB ] C:\Windows\System32\igfxtray.exe
17:10:59.0031 5228 C:\Windows\System32\igfxtray.exe - ok
17:10:59.0041 5228 [ 4CF861C276BE49CF411E6C05582C8D41 ] C:\Windows\System32\hkcmd.exe
17:10:59.0041 5228 C:\Windows\System32\hkcmd.exe - ok
17:10:59.0041 5228 [ 9019A27FD6B8BEF1D1487E77AB880809 ] C:\Windows\System32\igfxpers.exe
17:10:59.0041 5228 C:\Windows\System32\igfxpers.exe - ok
17:10:59.0041 5228 [ 5C430B3C872BD82E728ABB8C1821689F ] C:\Program Files\IDT\WDM\sttray64.exe
17:10:59.0041 5228 C:\Program Files\IDT\WDM\sttray64.exe - ok
17:10:59.0051 5228 [ 2205A0FC17F2006F085B2A372C036058 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
17:10:59.0051 5228 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
17:10:59.0051 5228 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
17:10:59.0051 5228 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
17:10:59.0061 5228 [ 89F7C30A91E5581BDF14C62AB46A2B2D ] C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
17:10:59.0061 5228 C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe - ok
17:10:59.0061 5228 [ F7DCE54077EE9D8A351C4B1FFA866EE7 ] C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
17:10:59.0061 5228 C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe - ok
17:10:59.0061 5228 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
17:10:59.0061 5228 C:\Windows\System32\thumbcache.dll - ok
17:10:59.0071 5228 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
17:10:59.0071 5228 C:\Windows\System32\msiltcfg.dll - ok
17:10:59.0071 5228 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
17:10:59.0071 5228 C:\Windows\System32\networkexplorer.dll - ok
17:10:59.0081 5228 [ 947668826E32E4502CEFF9B2D06431B2 ] C:\Windows\System32\hccutils.dll
17:10:59.0081 5228 C:\Windows\System32\hccutils.dll - ok
17:10:59.0081 5228 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\13492915.sys
17:10:59.0081 5228 C:\Windows\System32\drivers\13492915.sys - ok
17:10:59.0081 5228 [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
17:10:59.0081 5228 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
17:10:59.0091 5228 [ 41D1214B86A06FD29423A797EBDA17E4 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
17:10:59.0091 5228 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
17:10:59.0091 5228 [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
17:10:59.0091 5228 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
17:10:59.0101 5228 [ DFF56B7F51EB7C98E1AC2B19F164EC4A ] C:\Windows\System32\igfxsrvc.exe
17:10:59.0101 5228 C:\Windows\System32\igfxsrvc.exe - ok
17:10:59.0101 5228 [ 9D51EA92A612B37E76E5E4621650C50A ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
17:10:59.0101 5228 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe - ok
17:10:59.0101 5228 [ 0D286C0FE561D1A7EB30E83A0FF305B2 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
17:10:59.0101 5228 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
17:10:59.0111 5228 [ E8A16EF3D77F38CC49A381F4C721716E ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
17:10:59.0111 5228 C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe - ok
17:10:59.0111 5228 [ 11E8D8272FDBE213ADE3DAD91427CE35 ] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
17:10:59.0111 5228 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe - ok
17:10:59.0111 5228 [ 954B39082F2806EF2E9DD728DB1D0DD1 ] C:\Program Files\IDT\WDM\stlang64.dll
17:10:59.0111 5228 C:\Program Files\IDT\WDM\stlang64.dll - ok
17:10:59.0121 5228 [ D59ABED205F424BD4C52419479930BE9 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
17:10:59.0121 5228 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe - ok
17:10:59.0131 5228 [ EE4846DCEEB2ED9DB4D98AEA08604F1F ] C:\Windows\System32\SynCOM.dll
17:10:59.0131 5228 C:\Windows\System32\SynCOM.dll - ok
17:10:59.0131 5228 [ 30D7BB258A97BDA7C7E2EC63C23554AA ] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
17:10:59.0131 5228 C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe - ok
17:10:59.0131 5228 [ 894CE4301565675306C05BC50B9523DE ] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
17:10:59.0131 5228 C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe - ok
17:10:59.0141 5228 [ B64940157E5FD9AB37376A656A491ACC ] C:\Windows\System32\SynTPAPI.dll
17:10:59.0141 5228 C:\Windows\System32\SynTPAPI.dll - ok
17:10:59.0141 5228 [ B8BE76D777578B3D55823643A8183371 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
17:10:59.0141 5228 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
17:10:59.0141 5228 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
17:10:59.0141 5228 C:\Windows\SysWOW64\mscoree.dll - ok
17:10:59.0151 5228 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:10:59.0151 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
17:10:59.0151 5228 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
17:10:59.0151 5228 C:\Windows\System32\consent.exe - ok
17:10:59.0161 5228 [ 1F36981C4DEEAA88858317C1642CE160 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
17:10:59.0161 5228 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll - ok
17:10:59.0161 5228 [ 1D2B51E5291448DA123644A41250F6D6 ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe
17:10:59.0161 5228 C:\Program Files (x86)\AVG\AVG2013\avgui.exe - ok
17:10:59.0171 5228 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
17:10:59.0171 5228 C:\Windows\System32\stobject.dll - ok
17:10:59.0171 5228 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
17:10:59.0171 5228 C:\Windows\System32\batmeter.dll - ok
17:10:59.0171 5228 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
17:10:59.0171 5228 C:\Windows\System32\prnfldr.dll - ok
17:10:59.0181 5228 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
17:10:59.0181 5228 C:\Windows\System32\DXP.dll - ok
17:10:59.0181 5228 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
17:10:59.0181 5228 C:\Windows\System32\Syncreg.dll - ok
17:10:59.0181 5228 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
17:10:59.0181 5228 C:\Windows\ehome\ehSSO.dll - ok
17:10:59.0191 5228 [ E4401CF27225C1D6E664E86195978562 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
17:10:59.0191 5228 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
17:10:59.0191 5228 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
17:10:59.0191 5228 C:\Windows\System32\netshell.dll - ok
17:10:59.0201 5228 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
17:10:59.0201 5228 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
17:10:59.0201 5228 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:10:59.0201 5228 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
17:10:59.0201 5228 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
17:10:59.0201 5228 C:\Windows\SysWOW64\duser.dll - ok
17:10:59.0201 5228 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
17:10:59.0201 5228 C:\Windows\SysWOW64\dui70.dll - ok
17:10:59.0211 5228 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
17:10:59.0211 5228 C:\Windows\SysWOW64\mlang.dll - ok
17:10:59.0211 5228 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
17:10:59.0211 5228 C:\Windows\System32\WPDShServiceObj.dll - ok
17:10:59.0221 5228 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
17:10:59.0221 5228 C:\Windows\System32\PortableDeviceTypes.dll - ok
17:10:59.0221 5228 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
17:10:59.0221 5228 C:\Windows\System32\AltTab.dll - ok
17:10:59.0221 5228 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
17:10:59.0221 5228 C:\Windows\SysWOW64\msimtf.dll - ok
17:10:59.0231 5228 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
17:10:59.0231 5228 C:\Windows\System32\pnidui.dll - ok
17:10:59.0231 5228 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
17:10:59.0231 5228 C:\Windows\SysWOW64\msls31.dll - ok
17:10:59.0241 5228 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\SysWOW64\jscript9.dll
17:10:59.0241 5228 C:\Windows\SysWOW64\jscript9.dll - ok
17:10:59.0241 5228 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
17:10:59.0241 5228 C:\Windows\System32\QUTIL.DLL - ok
17:10:59.0241 5228 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
17:10:59.0241 5228 C:\Windows\System32\UIAnimation.dll - ok
17:10:59.0251 5228 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
17:10:59.0251 5228 C:\Windows\System32\srchadmin.dll - ok
17:10:59.0251 5228 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
17:10:59.0251 5228 C:\Windows\System32\ActionCenter.dll - ok
17:10:59.0261 5228 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
17:10:59.0261 5228 C:\Windows\System32\bthprops.cpl - ok
17:10:59.0261 5228 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
17:10:59.0261 5228 C:\Windows\SysWOW64\d2d1.dll - ok
17:10:59.0261 5228 [ 8E94B88F3209F4783CE606FA8B7261A6 ] C:\Program Files (x86)\Ask.com\Updater\Updater.exe
17:10:59.0261 5228 C:\Program Files (x86)\Ask.com\Updater\Updater.exe - ok
17:10:59.0271 5228 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
17:10:59.0271 5228 C:\Windows\System32\ieframe.dll - ok
17:10:59.0271 5228 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
17:10:59.0271 5228 C:\Windows\SysWOW64\DWrite.dll - ok
17:10:59.0281 5228 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
17:10:59.0281 5228 C:\Windows\System32\FntCache.dll - ok
17:10:59.0281 5228 [ 0DCD17C9A3B135C61834C716A412A5BF ] C:\Windows\SysWOW64\rtl70.bpl
17:10:59.0281 5228 C:\Windows\SysWOW64\rtl70.bpl - ok
17:10:59.0281 5228 [ 4EDAB955D60E7204B550786D7CB40A84 ] C:\Windows\System32\igfxsrvc.dll
17:10:59.0281 5228 C:\Windows\System32\igfxsrvc.dll - ok
17:10:59.0291 5228 [ 385C96439C95672F01C3EECDFB92FC96 ] C:\Windows\System32\igfxdev.dll
17:10:59.0291 5228 C:\Windows\System32\igfxdev.dll - ok
17:10:59.0291 5228 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
17:10:59.0291 5228 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
17:10:59.0301 5228 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
17:10:59.0301 5228 C:\Windows\SysWOW64\MMDevAPI.dll - ok
17:10:59.0301 5228 [ A61CABBF31ECBE3ECF8F228E334D6983 ] C:\Windows\System32\igfxrenu.lrc
17:10:59.0301 5228 C:\Windows\System32\igfxrenu.lrc - ok
17:10:59.0311 5228 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
17:10:59.0311 5228 C:\Windows\System32\IccLibDll_x64.dll - ok
17:10:59.0311 5228 [ 599DABD485B83B3DDBFCACFD60AC8774 ] C:\Windows\SysWOW64\vcl70.bpl
17:10:59.0311 5228 C:\Windows\SysWOW64\vcl70.bpl - ok
17:10:59.0311 5228 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
17:10:59.0311 5228 C:\Windows\System32\wmi.dll - ok
17:10:59.0321 5228 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
17:10:59.0321 5228 C:\Windows\System32\browcli.dll - ok
17:10:59.0321 5228 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
17:10:59.0321 5228 C:\Windows\System32\schedcli.dll - ok
17:10:59.0331 5228 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
17:10:59.0331 5228 C:\Windows\SysWOW64\AudioSes.dll - ok
17:10:59.0331 5228 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
17:10:59.0331 5228 C:\Windows\SysWOW64\d3d10_1.dll - ok
17:10:59.0341 5228 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
17:10:59.0341 5228 C:\Windows\SysWOW64\d3d10_1core.dll - ok
17:10:59.0341 5228 [ A6B48C2889D665DFF27A3019B64306EB ] C:\Windows\SysWOW64\ezShell7.dll
17:10:59.0341 5228 C:\Windows\SysWOW64\ezShell7.dll - ok
17:10:59.0341 5228 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
17:10:59.0341 5228 C:\Windows\SysWOW64\dxgi.dll - ok
17:10:59.0351 5228 [ 6F4E7BCCD81E3106466701489CA95308 ] C:\Windows\System32\igfxress.dll
17:10:59.0351 5228 C:\Windows\System32\igfxress.dll - ok
17:10:59.0351 5228 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
17:10:59.0351 5228 C:\Windows\System32\oleacc.dll - ok
17:10:59.0361 5228 [ 334355C134EDB2AE88BC65059AB7B17E ] C:\Windows\SysWOW64\vcljpg70.bpl
17:10:59.0361 5228 C:\Windows\SysWOW64\vcljpg70.bpl - ok
17:10:59.0361 5228 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
17:10:59.0361 5228 C:\Windows\SysWOW64\d3d10warp.dll - ok
17:10:59.0361 5228 [ E12C66FFD510C78731D5400EDDECD8C8 ] C:\Windows\SysWOW64\vclx70.bpl
17:10:59.0361 5228 C:\Windows\SysWOW64\vclx70.bpl - ok
17:10:59.0371 5228 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
17:10:59.0371 5228 C:\Windows\SysWOW64\olepro32.dll - ok
17:10:59.0371 5228 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
17:10:59.0371 5228 C:\Windows\System32\FXSST.dll - ok
17:10:59.0381 5228 [ A56780B567AC061EC5FC7BAE0B286737 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
17:10:59.0381 5228 C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll - ok
17:10:59.0381 5228 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
17:10:59.0381 5228 C:\Windows\System32\FXSAPI.dll - ok
17:10:59.0381 5228 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
17:10:59.0381 5228 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
17:10:59.0391 5228 [ 7B1637E5E0476CE22E8D76AC1203205E ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:10:59.0391 5228 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
17:10:59.0391 5228 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
17:10:59.0391 5228 C:\Windows\System32\FXSRESM.dll - ok
17:10:59.0391 5228 [ 9613BEA1E1509884EC472A10858EC61D ] C:\Windows\System32\fontext.dll
17:10:59.0391 5228 C:\Windows\System32\fontext.dll - ok
17:10:59.0401 5228 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
17:10:59.0401 5228 C:\Windows\System32\webcheck.dll - ok
17:10:59.0401 5228 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
17:10:59.0401 5228 C:\Windows\System32\FXSSVC.exe - ok
17:10:59.0411 5228 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
17:10:59.0411 5228 C:\Windows\System32\mlang.dll - ok
17:10:59.0411 5228 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
17:10:59.0411 5228 C:\Windows\System32\SyncCenter.dll - ok
17:10:59.0421 5228 [ C85ECCBAA179719E658FFDBF99221E1E ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
17:10:59.0421 5228 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
17:10:59.0421 5228 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
17:10:59.0421 5228 C:\Windows\System32\imapi2.dll - ok
17:10:59.0431 5228 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
17:10:59.0431 5228 C:\Windows\SysWOW64\mfc100u.dll - ok
17:10:59.0431 5228 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
17:10:59.0431 5228 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
17:10:59.0441 5228 [ 814A169C40B55178BD8E1F79D1ADA649 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
17:10:59.0441 5228 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
17:10:59.0441 5228 [ 9DF319F1C2D4B80D8CE8214EA4899ADF ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
17:10:59.0441 5228 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
17:10:59.0441 5228 [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
17:10:59.0441 5228 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok
17:10:59.0451 5228 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
17:10:59.0451 5228 C:\Windows\System32\hgcpl.dll - ok
17:10:59.0451 5228 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
17:10:59.0451 5228 C:\Windows\SysWOW64\mfc100enu.dll - ok
17:10:59.0451 5228 [ DCA3940E902C2C90C5639505B77BFD1B ] C:\Windows\SysWOW64\igdumdx32.dll
17:10:59.0451 5228 C:\Windows\SysWOW64\igdumdx32.dll - ok
17:10:59.0461 5228 [ EC8771B7E50FEF948A57A1C065AC944B ] C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll
17:10:59.0461 5228 C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll - ok
17:10:59.0461 5228 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
17:10:59.0461 5228 C:\Windows\System32\netman.dll - ok
17:10:59.0471 5228 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
17:10:59.0471 5228 C:\Windows\System32\fdPHost.dll - ok
17:10:59.0471 5228 [ 2337EC951C4AF6E1AF65D10BD9615BEB ] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
17:10:59.0471 5228 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin - ok
17:10:59.0471 5228 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
17:10:59.0471 5228 C:\Windows\System32\fdWSD.dll - ok
17:10:59.0481 5228 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
17:10:59.0481 5228 C:\Windows\System32\fdSSDP.dll - ok
17:10:59.0481 5228 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
17:10:59.0481 5228 C:\Windows\System32\rasdlg.dll - ok
17:10:59.0491 5228 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
17:10:59.0491 5228 C:\Windows\System32\fdProxy.dll - ok
17:10:59.0491 5228 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
17:10:59.0491 5228 C:\Windows\System32\dot3api.dll - ok
17:10:59.0501 5228 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
17:10:59.0501 5228 C:\Windows\System32\P2P.dll - ok
17:10:59.0501 5228 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
17:10:59.0501 5228 C:\Windows\System32\ListSvc.dll - ok
17:10:59.0501 5228 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
17:10:59.0501 5228 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
17:10:59.0511 5228 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
17:10:59.0511 5228 C:\Windows\System32\wlanhlp.dll - ok
17:10:59.0511 5228 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
17:10:59.0511 5228 C:\Windows\System32\p2pcollab.dll - ok
17:10:59.0511 5228 [ A6251155B7017D4B4A77A3531A8DA6D8 ] C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll
17:10:59.0511 5228 C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll - ok
17:10:59.0521 5228 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
17:10:59.0521 5228 C:\Windows\System32\IdListen.dll - ok
17:10:59.0521 5228 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
17:10:59.0521 5228 C:\Windows\System32\hgprint.dll - ok
17:10:59.0531 5228 [ DFDF919265139FF792D42DEC0899397E ] C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
17:10:59.0531 5228 C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe - ok
17:10:59.0531 5228 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
17:10:59.0531 5228 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
17:10:59.0541 5228 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
17:10:59.0541 5228 C:\Windows\System32\WWanAPI.dll - ok
17:10:59.0541 5228 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
17:10:59.0541 5228 C:\Windows\System32\pnrpsvc.dll - ok
17:10:59.0541 5228 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
17:10:59.0541 5228 C:\Windows\System32\wwapi.dll - ok
17:10:59.0551 5228 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
17:10:59.0551 5228 C:\Windows\System32\QAGENT.DLL - ok
17:10:59.0551 5228 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
17:10:59.0551 5228 C:\Program Files\Internet Explorer\ieproxy.dll - ok
17:10:59.0561 5228 [ 25DEF2EF843275862FFBF55487CEFDDD ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx
17:10:59.0561 5228 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx - ok
17:10:59.0561 5228 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
17:10:59.0561 5228 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
17:10:59.0561 5228 [ B78B6459C2DCCA129489A86F7D63B359 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
17:10:59.0561 5228 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
17:10:59.0571 5228 [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
17:10:59.0571 5228 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok
17:10:59.0571 5228 [ 0F261EC4F514926177C70C1832374231 ] C:\Program Files\iPod\bin\iPodService.exe
17:10:59.0571 5228 C:\Program Files\iPod\bin\iPodService.exe - ok
17:10:59.0581 5228 [ 190E647AEA2B3D41BAF380267CCBB471 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll
17:10:59.0581 5228 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll - ok
17:10:59.0581 5228 [ A89026C9200ADEABF95CAF8A8B3A5CBE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6735246d68993bee06abd24deeb32983\IAStorUtil.ni.dll
17:10:59.0581 5228 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6735246d68993bee06abd24deeb32983\IAStorUtil.ni.dll - ok
17:10:59.0591 5228 [ 2A72853494912BB034AF7AC1C86EC04E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
17:10:59.0591 5228 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll - ok
17:10:59.0591 5228 [ AC6A3801F3CDE7EB41B3F52E9B0A1C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
17:10:59.0591 5228 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll - ok
17:10:59.0591 5228 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
17:10:59.0591 5228 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
17:10:59.0601 5228 [ 796CDF65A946AB04A6E2D42917714CE1 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll
17:10:59.0601 5228 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll - ok
17:10:59.0601 5228 [ 5EF8A000C7927E87332D8CB6B7970067 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
17:10:59.0601 5228 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
17:10:59.0611 5228 [ 763E2BBEFCD523AB3B7163A5671BF5EF ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
17:10:59.0611 5228 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
17:10:59.0611 5228 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
17:10:59.0611 5228 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
17:10:59.0611 5228 [ A10C03579F4220CEFFA2B0AE5DE94F55 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll
17:10:59.0611 5228 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll - ok
17:10:59.0621 5228 [ AC341C8CBA3873D3408113F32EE73A46 ] C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll
17:10:59.0621 5228 C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll - ok
17:10:59.0621 5228 [ 7A21CC869C4C06DA366C60A9F7944FF4 ] C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll
17:10:59.0621 5228 C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll - ok
17:10:59.0631 5228 [ A223192474911A9FAED534283A70BE84 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
17:10:59.0631 5228 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll - ok
17:10:59.0631 5228 [ AA8D335D29D8237517B981302E287895 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
17:10:59.0631 5228 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll - ok
17:10:59.0641 5228 [ C7A34CB22EA4A3436DCADD4B4045303F ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll
17:10:59.0641 5228 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll - ok
17:10:59.0641 5228 [ 0EEA855A38F9E632EC07CAA7849B4213 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
17:10:59.0641 5228 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll - ok
17:10:59.0641 5228 [ C43821F28277518AD83E5EC6C77D62C3 ] C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll
17:10:59.0641 5228 C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll - ok
17:10:59.0651 5228 [ 459123E5272CF0C01B0740BF68973868 ] C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll
17:10:59.0651 5228 C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll - ok
17:10:59.0651 5228 [ 9138747B04D844BF35F857DCD2DCB369 ] C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll
17:10:59.0651 5228 C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll - ok
17:10:59.0661 5228 [ B8591627C424D640D2064D75FFF50DF5 ] C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll
17:10:59.0661 5228 C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll - ok
17:10:59.0661 5228 [ FDD146150AD00E1590FA1FCE1664BC2D ] C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll
17:10:59.0661 5228 C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll - ok
17:10:59.0671 5228 [ C5D13D551F00559D695BFF603E859376 ] C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll
17:10:59.0671 5228 C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll - ok
17:10:59.0671 5228 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
17:10:59.0671 5228 C:\Windows\System32\wsock32.dll - ok
17:10:59.0671 5228 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
17:10:59.0671 5228 C:\Windows\System32\wmdrmdev.dll - ok
17:10:59.0681 5228 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
17:10:59.0681 5228 C:\Windows\System32\drmv2clt.dll - ok
17:10:59.0681 5228 [ EBE546B0D75B0A07B0E5A7B2965E88E5 ] C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll
17:10:59.0681 5228 C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll - ok
17:10:59.0691 5228 [ DC85EEA911394935CE64BAD4AC6FD8C0 ] C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll
17:10:59.0691 5228 C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll - ok
17:10:59.0691 5228 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
17:10:59.0691 5228 C:\Windows\System32\blackbox.dll - ok
17:10:59.0701 5228 [ 7221E380FB8BFCF0160B9D4E704E7E77 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
17:10:59.0701 5228 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll - ok
17:10:59.0701 5228 [ 26F582823BFD830640CF83BCA7C04DAE ] C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll
17:10:59.0701 5228 C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll - ok
17:10:59.0701 5228 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
17:10:59.0701 5228 C:\Windows\System32\upnp.dll - ok
17:10:59.0711 5228 [ 3464D326F658493D76F437492A0F78A7 ] C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll
17:10:59.0711 5228 C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll - ok
17:10:59.0711 5228 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
17:10:59.0711 5228 C:\Windows\System32\ssdpsrv.dll - ok
17:10:59.0721 5228 [ 43104328E99680FCF282E71CC45CB5D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
17:10:59.0721 5228 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll - ok
17:10:59.0721 5228 [ 223C3DEB4D3FD91985AE00E951ABED9D ] C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll
17:10:59.0721 5228 C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll - ok
17:10:59.0721 5228 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
17:10:59.0721 5228 C:\Windows\System32\wmp.dll - ok
17:10:59.0731 5228 [ AC4186AB8B17BE594DCEDCC4F15292F3 ] C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll
17:10:59.0731 5228 C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll - ok
17:10:59.0731 5228 [ D24EB2FC096B3D20C7DFCC1806B0F08B ] C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll
17:10:59.0731 5228 C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll - ok
17:10:59.0741 5228 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
17:10:59.0741 5228 C:\Windows\SysWOW64\mscms.dll - ok
17:10:59.0741 5228 [ 131E30CC18B82416ADD0ACB63B913F1B ] C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll
17:10:59.0741 5228 C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll - ok
17:10:59.0751 5228 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
17:10:59.0751 5228 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
17:10:59.0751 5228 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
17:10:59.0751 5228 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
17:10:59.0761 5228 [ A5CADD8ADF77C525ADE11B501CA6083C ] C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll
17:10:59.0761 5228 C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll - ok
17:10:59.0761 5228 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
17:10:59.0761 5228 C:\Windows\System32\wmploc.DLL - ok
17:10:59.0761 5228 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
17:10:59.0761 5228 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
17:10:59.0771 5228 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
17:10:59.0771 5228 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
17:10:59.0771 5228 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
17:10:59.0771 5228 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
17:10:59.0771 5228 [ F97A138171CF72C60D5ED77943EE6D15 ] C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll
17:10:59.0771 5228 C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll - ok
17:10:59.0781 5228 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
17:10:59.0781 5228 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
17:10:59.0781 5228 [ BAFE816F24B185429FD39D6231F7CC64 ] C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll
17:10:59.0781 5228 C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll - ok
17:10:59.0791 5228 [ 8EEC3B3AD9DCCFABCCA896F64EED4848 ] C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll
17:10:59.0791 5228 C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll - ok
17:10:59.0791 5228 [ 3F2C946EB62EAEE92474157C4C38CE1D ] C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll
17:10:59.0791 5228 C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll - ok
17:10:59.0791 5228 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
17:10:59.0791 5228 C:\Windows\SysWOW64\shfolder.dll - ok
17:10:59.0801 5228 [ 58299D95B1CD0F7CCCE54460543B1512 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
17:10:59.0801 5228 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
17:10:59.0801 5228 [ 4071D132E66ACDA3776F1FEAD19E6E01 ] C:\Windows\SysWOW64\vbscript.dll
17:10:59.0801 5228 C:\Windows\SysWOW64\vbscript.dll - ok
17:10:59.0811 5228 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
17:10:59.0811 5228 C:\Windows\System32\wmpps.dll - ok
17:10:59.0811 5228 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
17:10:59.0811 5228 C:\Windows\System32\wmpmde.dll - ok
17:10:59.0821 5228 [ 78B476DB024D3245E1E159E50DBB305F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
17:10:59.0821 5228 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll - ok
17:10:59.0821 5228 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
17:10:59.0821 5228 C:\Windows\System32\WinSATAPI.dll - ok
17:10:59.0821 5228 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
17:10:59.0821 5228 C:\Windows\System32\MSMPEG2ENC.DLL - ok
17:10:59.0831 5228 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
17:10:59.0831 5228 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
17:10:59.0831 5228 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
17:10:59.0831 5228 C:\Windows\System32\devenum.dll - ok
17:10:59.0841 5228 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
17:10:59.0841 5228 C:\Windows\System32\msdmo.dll - ok
17:10:59.0841 5228 ============================================================
17:10:59.0841 5228 Scan finished
17:10:59.0841 5228 ============================================================
17:10:59.0851 5220 Detected object count: 2
17:10:59.0851 5220 Actual detected object count: 2
17:12:44.0570 5220 \Device\Harddisk0\DR0\# - copied to quarantine
17:12:44.0570 5220 \Device\Harddisk0\DR0 - copied to quarantine
17:12:44.0850 5220 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
17:12:44.0850 5220 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:12:44.0944 5220 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:12:44.0960 5220 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:12:44.0960 5220 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
17:12:44.0960 5220 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
17:12:44.0975 5220 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:12:44.0975 5220 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:12:44.0991 5220 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:12:44.0991 5220 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
17:12:44.0991 5220 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
17:12:45.0038 5220 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
17:12:45.0131 5220 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
17:12:45.0178 5220 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
17:12:45.0225 5220 \Device\Harddisk0\DR0 - ok
17:12:45.0490 5220 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
17:12:45.0490 5220 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:12:45.0490 5220 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
17:13:02.0011 4916 Deinitialize success


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-30 17:17:51
-----------------------------
17:17:51.809 OS Version: Windows x64 6.1.7601 Service Pack 1
17:17:51.809 Number of processors: 4 586 0x2A07
17:17:51.809 ComputerName: NABILA-HP UserName: Nabila
17:18:05.527 Initialize success
17:19:32.487 The log file has been saved successfully to "C:\Users\Nabila\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-30 17:17:51
-----------------------------
17:17:51.809 OS Version: Windows x64 6.1.7601 Service Pack 1
17:17:51.809 Number of processors: 4 586 0x2A07
17:17:51.809 ComputerName: NABILA-HP UserName: Nabila
17:18:05.527 Initialize success
17:20:22.007 AVAST engine defs: 12123000
17:20:52.105 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:20:52.121 Disk 0 Vendor: ST950032 0005 Size: 476940MB BusType: 3
17:20:52.121 Disk 0 MBR read successfully
17:20:52.137 Disk 0 MBR scan
17:20:52.137 Disk 0 Windows 7 default MBR code
17:20:52.152 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
17:20:52.199 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 462205 MB offset 409600
17:20:52.261 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14431 MB offset 947005440
17:20:52.324 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
17:20:52.371 Disk 0 scanning C:\Windows\system32\drivers
17:21:08.491 Service scanning
17:21:38.532 Modules scanning
17:21:38.547 Disk 0 trace - called modules:
17:21:39.078 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
17:21:39.078 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006670790]
17:21:39.078 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> [0xfffffa800647db10]
17:21:39.093 5 hpdskflt.sys[fffff88001d90361] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006243050]
17:21:40.731 AVAST engine scan C:\Windows
17:22:00.710 AVAST engine scan C:\Windows\system32
17:25:17.504 AVAST engine scan C:\Windows\system32\drivers
17:25:35.477 AVAST engine scan C:\Users\Nabila
17:28:47.300 AVAST engine scan C:\ProgramData
17:31:33.148 Scan finished successfully
17:42:31.578 Disk 0 MBR has been saved successfully to "C:\Users\Nabila\Desktop\MBR.dat"
17:42:31.594 The log file has been saved successfully to "C:\Users\Nabila\Desktop\aswMBR.txt"
  • 0

Advertisements

#17
gringo_pr
Posted 30 December 2012 - 07:56 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#18
Nana44
Posted 31 December 2012 - 02:03 PM

Nana44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
ComboFix 12-12-31.01 - Nabila 12/31/2012 14:45:08.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.4279 [GMT -5:00]
Running from: c:\users\Nabila\Desktop\ComboFix1.exe
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Nabila\AppData\Roaming\Evdoa
c:\users\Nabila\AppData\Roaming\Evdoa\byda.sux
c:\users\Nabila\Documents\~WRL0003.tmp
c:\users\Nabila\Documents\~WRL1030.tmp
c:\windows\svchost.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-31 )))))))))))))))))))))))))))))))
.
.
2012-12-31 19:51 . 2012-12-31 19:51 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-31 19:51 . 2012-12-31 19:51 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-12-31 19:51 . 2012-12-31 19:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-31 19:51 . 2012-12-31 19:51 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-12-31 19:51 . 2012-12-31 19:51 -------- d-----w- c:\users\Nabila Islam 2\AppData\Local\temp
2012-12-31 19:51 . 2012-12-31 19:51 -------- d-----w- c:\users\Nabila Islam 1\AppData\Local\temp
2012-12-31 19:18 . 2012-12-31 19:18 -------- d-----w- c:\users\Nabila\AppData\Local\Avg2013
2012-12-30 21:14 . 2012-12-30 21:14 -------- d-----w- c:\users\Nabila\AppData\Local\Programs
2012-12-30 21:10 . 2012-12-30 21:10 -------- d-----w- c:\program files (x86)\Ask.com
2012-12-30 21:10 . 2012-12-30 21:10 -------- d-----w- c:\users\Nabila\AppData\Local\APN
2012-12-30 21:05 . 2012-12-30 21:05 -------- d-----w- c:\program files\CCleaner
2012-12-30 20:59 . 2012-12-30 20:59 -------- d-----w- c:\programdata\Ask
2012-12-30 20:59 . 2012-12-30 20:59 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-12-30 20:59 . 2012-12-30 20:59 95184 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-30 20:59 . 2012-12-30 20:59 -------- d-----w- c:\program files (x86)\Java
2012-12-29 01:58 . 2012-11-19 06:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7162E910-69D5-468E-BF16-3EABA034C93F}\mpengine.dll
2012-12-22 23:33 . 2012-12-22 23:33 -------- d-----w- c:\users\Guest\AppData\Roaming\AVG
2012-12-21 22:15 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 22:15 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 22:15 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 22:15 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-19 21:41 . 2012-08-21 18:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-19 21:40 . 2012-12-19 21:41 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-19 21:40 . 2012-12-19 21:41 -------- d-----w- c:\program files\iTunes
2012-12-16 20:33 . 2012-12-16 20:35 -------- d-----w- c:\users\Nabila\AppData\Roaming\Uzfiur
2012-12-16 20:33 . 2012-12-16 20:33 -------- d-----w- c:\users\Nabila\AppData\Roaming\Irku
2012-12-16 20:33 . 2012-12-16 20:33 282768 ----a-w- c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tayf.exe
2012-12-16 18:38 . 2012-12-16 18:38 -------- d-----w- c:\users\Nabila\AppData\Roaming\AVG
2012-12-16 18:36 . 2012-12-16 18:39 -------- d-----w- c:\programdata\AVG
2012-12-16 18:36 . 2012-12-16 18:36 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2012-12-14 03:29 . 2012-12-14 03:29 -------- d-----w- c:\users\Default\AppData\Roaming\Apple Computer
2012-12-14 03:29 . 2012-12-14 03:29 -------- d-----w- c:\users\Default\AppData\Local\Apple Computer
2012-12-12 22:31 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 22:31 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-12 22:31 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 22:31 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-12 22:31 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-09 17:28 . 2012-12-09 17:28 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2012-12-08 23:25 . 2012-12-08 23:25 -------- d-----w- c:\users\Nabila\AppData\Roaming\TuneUp Software
2012-12-08 23:19 . 2012-12-31 19:18 -------- d-----w- C:\$AVG
2012-12-08 23:03 . 2012-12-31 19:18 -------- d-----w- c:\programdata\MFAData
2012-12-08 23:03 . 2012-12-08 23:03 -------- d--h--w- c:\programdata\Common Files
2012-12-08 23:03 . 2012-12-08 23:03 -------- d-----w- c:\users\Nabila\AppData\Local\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-30 20:59 . 2012-08-09 02:03 859072 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-30 20:59 . 2011-06-21 19:44 779704 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-14 21:49 . 2012-03-31 20:39 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-12 00:27 . 2012-04-01 15:24 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 00:27 . 2011-12-23 23:16 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-16 08:38 . 2012-11-29 22:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-29 22:53 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-29 22:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-29 22:54 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-29 22:54 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-29 22:54 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-29 22:54 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-12 22:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-29 22:54 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-29 22:54 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-29 22:54 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-29 22:54 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-29 22:54 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-29 22:54 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-29 22:54 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-29 22:54 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-29 22:54 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-29 22:54 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-29 22:54 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-11 1520840]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-12-11 00:32 1520840 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-11 1520840]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-23 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-12-11 1573576]
.
c:\users\Nabila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
tayf.exe [2012-12-16 282768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-05 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120121.002\BHDrvx64.sys [2011-12-01 1157240]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120202.002\IDSvia64.sys [2011-12-15 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-18 265544]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-28 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-01-26 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 00:27]
.
2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-23 23:16]
.
2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-23 23:16]
.
2012-12-18 c:\windows\Tasks\HPCeeScheduleForNabila.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-11 1128448]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Nabila\AppData\Roaming\Mozilla\Firefox\Profiles\vnndr1hs.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=2A67D570-0F85-4BF9-B8B9-1020996F0B4E&apn_ptnrs=TV&apn_sauid=A4DCF81A-28D0-4B73-A10D-6DF34E32F823&apn_dtid=OSJ000YYUS&&q=
FF - ExtSQL: 2012-12-12 16:42; {b4536962-9ca9-4764-b925-7f5c1d4770c5}; c:\users\Nabila\AppData\Roaming\Mozilla\Firefox\Profiles\vnndr1hs.default\extensions\{b4536962-9ca9-4764-b925-7f5c1d4770c5}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-17777574.sys
SafeBoot-60965503.sys
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"=hex:51,66,7a,6c,4c,1d,38,12,e6,58,38,
83,87,d3,7e,06,c2,c6,ef,58,90,09,a1,e1
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}"=hex:51,66,7a,6c,4c,1d,38,12,00,8b,83,
81,be,a2,af,06,dc,3a,a7,82,b5,e8,7d,4f
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}"=hex:51,66,7a,6c,4c,1d,38,12,b0,f3,37,
dc,52,73,39,0a,e1,a7,25,43,3b,93,ce,af
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:6f,69,21,a3,d5,d0,cd,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-31 14:53:39
ComboFix-quarantined-files.txt 2012-12-31 19:53
.
Pre-Run: 420,106,371,072 bytes free
Post-Run: 420,225,495,040 bytes free
.
- - End Of File - - FEF82F665A78A5D15D53E629F3935220
  • 0

#19
gringo_pr
Posted 31 December 2012 - 02:09 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
  • 0

#20
gringo_pr
Posted 02 January 2013 - 11:22 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
  • 0

#21
Nana44
Posted 05 January 2013 - 02:08 PM

Nana44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
14:30:04.0671 6296 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:30:04.0931 6296 ============================================================
14:30:04.0931 6296 Current date / time: 2013/01/05 14:30:04.0931
14:30:04.0931 6296 SystemInfo:
14:30:04.0931 6296
14:30:04.0931 6296 OS Version: 6.1.7601 ServicePack: 1.0
14:30:04.0931 6296 Product type: Workstation
14:30:04.0931 6296 ComputerName: NABILA-HP
14:30:04.0932 6296 UserName: Nabila
14:30:04.0932 6296 Windows directory: C:\Windows
14:30:04.0932 6296 System windows directory: C:\Windows
14:30:04.0932 6296 Running under WOW64
14:30:04.0932 6296 Processor architecture: Intel x64
14:30:04.0932 6296 Number of processors: 4
14:30:04.0932 6296 Page size: 0x1000
14:30:04.0932 6296 Boot type: Normal boot
14:30:04.0932 6296 ============================================================
14:30:05.0513 6296 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:30:05.0518 6296 ============================================================
14:30:05.0518 6296 \Device\Harddisk0\DR0:
14:30:05.0518 6296 MBR partitions:
14:30:05.0518 6296 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:30:05.0518 6296 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x386BE800
14:30:05.0518 6296 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38722800, BlocksNum 0x1C2F800
14:30:05.0518 6296 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
14:30:05.0518 6296 ============================================================
14:30:05.0550 6296 C: <-> \Device\Harddisk0\DR0\Partition2
14:30:05.0600 6296 D: <-> \Device\Harddisk0\DR0\Partition3
14:30:05.0600 6296 ============================================================
14:30:05.0600 6296 Initialize success
14:30:05.0600 6296 ============================================================
14:30:21.0630 6292 Deinitialize success

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-30 17:17:51
-----------------------------
17:17:51.809 OS Version: Windows x64 6.1.7601 Service Pack 1
17:17:51.809 Number of processors: 4 586 0x2A07
17:17:51.809 ComputerName: NABILA-HP UserName: Nabila
17:18:05.527 Initialize success
17:19:32.487 The log file has been saved successfully to "C:\Users\Nabila\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-30 17:17:51
-----------------------------
17:17:51.809 OS Version: Windows x64 6.1.7601 Service Pack 1
17:17:51.809 Number of processors: 4 586 0x2A07
17:17:51.809 ComputerName: NABILA-HP UserName: Nabila
17:18:05.527 Initialize success
17:20:22.007 AVAST engine defs: 12123000
17:20:52.105 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:20:52.121 Disk 0 Vendor: ST950032 0005 Size: 476940MB BusType: 3
17:20:52.121 Disk 0 MBR read successfully
17:20:52.137 Disk 0 MBR scan
17:20:52.137 Disk 0 Windows 7 default MBR code
17:20:52.152 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
17:20:52.199 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 462205 MB offset 409600
17:20:52.261 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14431 MB offset 947005440
17:20:52.324 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
17:20:52.371 Disk 0 scanning C:\Windows\system32\drivers
17:21:08.491 Service scanning
17:21:38.532 Modules scanning
17:21:38.547 Disk 0 trace - called modules:
17:21:39.078 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
17:21:39.078 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006670790]
17:21:39.078 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> [0xfffffa800647db10]
17:21:39.093 5 hpdskflt.sys[fffff88001d90361] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006243050]
17:21:40.731 AVAST engine scan C:\Windows
17:22:00.710 AVAST engine scan C:\Windows\system32
17:25:17.504 AVAST engine scan C:\Windows\system32\drivers
17:25:35.477 AVAST engine scan C:\Users\Nabila
17:28:47.300 AVAST engine scan C:\ProgramData
17:31:33.148 Scan finished successfully
17:42:31.578 Disk 0 MBR has been saved successfully to "C:\Users\Nabila\Desktop\MBR.dat"
17:42:31.594 The log file has been saved successfully to "C:\Users\Nabila\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-05 14:39:15
-----------------------------
14:39:15.793 OS Version: Windows x64 6.1.7601 Service Pack 1
14:39:15.793 Number of processors: 4 586 0x2A07
14:39:15.793 ComputerName: NABILA-HP UserName: Nabila
14:39:17.852 Initialize success
14:41:55.843 AVAST engine defs: 13010500
14:44:48.414 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:44:48.425 Disk 0 Vendor: ST950032 0005 Size: 476940MB BusType: 3
14:44:48.449 Disk 0 MBR read successfully
14:44:48.456 Disk 0 MBR scan
14:44:48.467 Disk 0 Windows 7 default MBR code
14:44:48.480 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
14:44:48.505 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 462205 MB offset 409600
14:44:48.553 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14431 MB offset 947005440
14:44:48.614 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
14:44:48.709 Disk 0 scanning C:\Windows\system32\drivers
14:45:01.575 Service scanning
14:45:27.439 Modules scanning
14:45:27.459 Disk 0 trace - called modules:
14:45:27.862 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
14:45:27.867 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008135790]
14:45:27.874 3 CLASSPNP.SYS[fffff88001a1743f] -> nt!IofCallDriver -> [0xfffffa8007fa9960]
14:45:27.879 5 hpdskflt.sys[fffff88001db7361] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80062ed050]
14:45:32.381 AVAST engine scan C:\Windows
14:45:35.341 AVAST engine scan C:\Windows\system32
14:48:30.357 AVAST engine scan C:\Windows\system32\drivers
14:48:50.330 AVAST engine scan C:\Users\Nabila
14:53:12.483 AVAST engine scan C:\ProgramData
14:56:14.743 Scan finished successfully
15:05:42.401 Disk 0 MBR has been saved successfully to "C:\Users\Nabila\Desktop\MBR.dat"
15:05:42.408 The log file has been saved successfully to "C:\Users\Nabila\Desktop\aswMBR.txt"
  • 0

#22
gringo_pr
Posted 06 January 2013 - 03:29 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\program files (x86)\Ask.com

Firefox::
FF - ProfilePath - c:\users\Nabila\AppData\Roaming\Mozilla\Firefox\Profiles\vnndr1hs.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=2A67D570-0F85-4BF9-B8B9-1020996F0B4E&apn_ptnrs=TV&apn_sauid=A4DCF81A-28D0-4B73-A10D-6DF34E32F823&apn_dtid=OSJ000YYUS&&q=

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo
  • 0

#23
gringo_pr
Posted 08 January 2013 - 10:37 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0

#24
Nana44
Posted 09 January 2013 - 05:19 PM

Nana44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
ComboFix 13-01-08.01 - Nabila 01/09/2013 17:30:02.6.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.3996 [GMT -5:00]
Running from: c:\users\Nabila\Desktop\ComboFix1.exe
Command switches used :: c:\users\Nabila\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\assets\oobe\b.png
c:\program files (x86)\Ask.com\assets\oobe\bl.png
c:\program files (x86)\Ask.com\assets\oobe\br.png
c:\program files (x86)\Ask.com\assets\oobe\l.png
c:\program files (x86)\Ask.com\assets\oobe\pointer.png
c:\program files (x86)\Ask.com\assets\oobe\r.png
c:\program files (x86)\Ask.com\assets\oobe\t.png
c:\program files (x86)\Ask.com\assets\oobe\tl.png
c:\program files (x86)\Ask.com\assets\oobe\tr.png
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\precache.exe
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\Updater\config.xml
c:\program files (x86)\Ask.com\Updater\Updater.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\users\Guest\AppData\Roaming\Fayw
c:\users\Guest\AppData\Roaming\Fayw\woruy.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-12-09 to 2013-01-09 )))))))))))))))))))))))))))))))
.
.
2013-01-09 22:43 . 2013-01-09 22:43 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-01-09 22:43 . 2013-01-09 22:43 -------- d-----w- c:\users\Nabila Islam 2\AppData\Local\temp
2013-01-09 22:43 . 2013-01-09 22:43 -------- d-----w- c:\users\Nabila Islam 1\AppData\Local\temp
2013-01-09 22:43 . 2013-01-09 22:43 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-01-09 22:43 . 2013-01-09 22:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-09 22:43 . 2013-01-09 22:43 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-01-08 23:54 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-08 23:53 . 2012-11-19 06:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A877114-2E25-4DE7-9107-89ACEF3219B3}\mpengine.dll
2013-01-06 17:03 . 2013-01-06 17:04 -------- d-----w- c:\users\Guest\AppData\Roaming\Ahwam
2013-01-06 17:03 . 2013-01-06 17:03 -------- d-----w- c:\users\Guest\AppData\Roaming\Urmayr
2012-12-31 19:18 . 2012-12-31 19:18 -------- d-----w- c:\users\Nabila\AppData\Local\Avg2013
2012-12-30 21:14 . 2012-12-30 21:14 -------- d-----w- c:\users\Nabila\AppData\Local\Programs
2012-12-30 21:10 . 2012-12-30 21:10 -------- d-----w- c:\users\Nabila\AppData\Local\APN
2012-12-30 21:05 . 2012-12-30 21:05 -------- d-----w- c:\program files\CCleaner
2012-12-30 20:59 . 2012-12-30 20:59 -------- d-----w- c:\programdata\Ask
2012-12-30 20:59 . 2012-12-30 20:59 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-12-30 20:59 . 2012-12-30 20:59 95184 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-30 20:59 . 2012-12-30 20:59 -------- d-----w- c:\program files (x86)\Java
2012-12-22 23:33 . 2012-12-22 23:33 -------- d-----w- c:\users\Guest\AppData\Roaming\AVG
2012-12-21 22:15 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 22:15 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 22:15 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 22:15 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-19 21:41 . 2012-08-21 18:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-19 21:40 . 2012-12-19 21:41 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-19 21:40 . 2012-12-19 21:41 -------- d-----w- c:\program files\iTunes
2012-12-16 20:33 . 2012-12-16 20:35 -------- d-----w- c:\users\Nabila\AppData\Roaming\Uzfiur
2012-12-16 20:33 . 2012-12-16 20:33 -------- d-----w- c:\users\Nabila\AppData\Roaming\Irku
2012-12-16 18:38 . 2012-12-16 18:38 -------- d-----w- c:\users\Nabila\AppData\Roaming\AVG
2012-12-16 18:36 . 2012-12-16 18:39 -------- d-----w- c:\programdata\AVG
2012-12-16 18:36 . 2012-12-16 18:36 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2012-12-14 03:29 . 2012-12-14 03:29 -------- d-----w- c:\users\Default\AppData\Roaming\Apple Computer
2012-12-14 03:29 . 2012-12-14 03:29 -------- d-----w- c:\users\Default\AppData\Local\Apple Computer
2012-12-12 22:31 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 22:31 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-12 22:31 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 22:31 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 01:27 . 2012-04-01 15:24 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 01:27 . 2011-12-23 23:16 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-30 20:59 . 2012-08-09 02:03 859072 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-30 20:59 . 2011-06-21 19:44 779704 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-14 21:49 . 2012-03-31 20:39 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-30 04:45 . 2013-01-08 23:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-16 08:38 . 2012-11-29 22:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-29 22:53 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-29 22:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-23 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Nabila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-05 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120121.002\BHDrvx64.sys [2011-12-01 1157240]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120202.002\IDSvia64.sys [2011-12-15 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-18 265544]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-28 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-01-26 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-12-04 138360]
S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 01:27]
.
2013-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-23 23:16]
.
2013-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-23 23:16]
.
2013-01-08 c:\windows\Tasks\HPCeeScheduleForNabila.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-11 1128448]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Nabila\AppData\Roaming\Mozilla\Firefox\Profiles\vnndr1hs.default\
FF - ExtSQL: 2012-12-12 16:42; {b4536962-9ca9-4764-b925-7f5c1d4770c5}; c:\users\Nabila\AppData\Roaming\Mozilla\Firefox\Profiles\vnndr1hs.default\extensions\{b4536962-9ca9-4764-b925-7f5c1d4770c5}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-ApnUpdater - c:\program files (x86)\Ask.com\Updater\Updater.exe
SafeBoot-31307716.sys
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files (x86)\Ask.com\Updater\Updater.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"=hex:51,66,7a,6c,4c,1d,38,12,e6,58,38,
83,87,d3,7e,06,c2,c6,ef,58,90,09,a1,e1
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}"=hex:51,66,7a,6c,4c,1d,38,12,00,8b,83,
81,be,a2,af,06,dc,3a,a7,82,b5,e8,7d,4f
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}"=hex:51,66,7a,6c,4c,1d,38,12,b0,f3,37,
dc,52,73,39,0a,e1,a7,25,43,3b,93,ce,af
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:6f,69,21,a3,d5,d0,cd,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-09 18:03:00
ComboFix-quarantined-files.txt 2013-01-09 23:02
ComboFix2.txt 2012-12-31 19:53
.
Pre-Run: 414,240,231,424 bytes free
Post-Run: 414,120,890,368 bytes free
.
- - End Of File - - 474A47777AB0226A49E8D1413DCBEA5B
  • 0

#25
gringo_pr
Posted 10 January 2013 - 03:25 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

Bing Bar
Java™ 6 Update 22
Java™ 6 Update 24

 [/list]

Please download and install Revo Uninstaller Free

  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.

Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. default settings are fine
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

I see that you have MBAM installed - That is great!! and at this time I would like you to update it and run me a quick scan

  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

Advertisements

#26
gringo_pr
Posted 14 January 2013 - 09:50 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
  • 0

#27
gringo_pr
Posted 17 January 2013 - 06:45 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0

#28
gringo_pr
Posted 19 January 2013 - 10:20 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP