Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Bluescreen Loop after Virus Removal

Started by KevinVanLear , Mar 07 2013 05:54 PM

Please log in to reply

#1
KevinVanLear

Posted 07 March 2013 - 05:54 PM

New Member

Member
8 posts

Hi all,

I am new here, but it seems like you guys really know what you're doing. I have been in IT for over 18 years, but when it comes to repairing a Windows 7 fs that won't boot, I'm still learning all the tricks. I would love to get some background on how you guys come up with the fix text files for Farbar Recovery Scan Tool. Aside from that, I need help with a clients machine. Let me begin by saying they brought in their machine and it was bluescreening on occasion, but not everytime. I narrowed it down to a conflicting Norton, which is pretty common, and then tried to remove it. Would not un-install, even in safe mode, so I download the uninstall tool for Norton and that seemed to work. Everything good. I then did a malwarebytes scan which removed a Trojan.... Then I booted from Kasperky Recovery Disk and did an offline Virus scan which removed, and may have deleted some system files that were infected. Since then, I'm getting a bluescreen loop on the machine and have tried everything to no avail. I have come across this forum and hopefully you guys can help me out. I ran FRST64 and will attach the FRST.txt. Much thanks in advance, I need to get this squared away and hopefully it's not too hosed yet.

-Kevin

Attached Files

FRST.txt 20.16KB 188 downloads

#2
JSntgRvr

Posted 07 March 2013 - 07:20 PM

Global Moderator

Global Moderator
11,579 posts

I can't teach you how to use FRST, but I can help you with your problem.

Download MBRFix from here.

Save and extract its contents to the working computer's desktop. There are three files in the MBRFix folder. From these, only copy the MBRFix64.exe to the USB drive.

Also download the enclosed file and save it in the USB drive.

Insert the USB drive into the ailing computer.

Now please enter System Recovery Options and run FRST64 as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt). It will also create a file labeled MBRDUMP.txt. Copy and Paste the contents of the Fixlog.txt in your next reply, but attach the MBRDUMP.txt as it is a hex file.

#3
KevinVanLear

Posted 07 March 2013 - 07:41 PM

New Member

Topic Starter
Member
8 posts

Thanks for the quick reply!!

Here is the Fixlog.txt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-03-2013 01
Ran by SYSTEM at 2013-03-07 20:35:50 Run:1
Running from H:\Recovery

==============================================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\*Restore Value deleted successfully.
HKEY_LOCAL_MACHINE\software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR Value deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs Value was restored successfully .
MBRDUMP.txt is made successfully.

==== End of Fixlog ====

I have attached the MBRDUMP.txt and have MBRfix64 ready to go.

I appreciate your assistance.

Attached Files

MBRDUMP.txt 512bytes 173 downloads

Edited by KevinVanLear, 07 March 2013 - 07:42 PM.

#4
JSntgRvr

Posted 07 March 2013 - 07:56 PM

Global Moderator

Global Moderator
11,579 posts

Download the enclosed file and save it in the USB drive overwriting the existing one.

Insert the USB drive into the ailing computer.

Now please enter System Recovery Options and run FRST64 as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt). Copy and Paste the contents of the Fixlog.txt in your next reply.

Attempt to boot in Normal Mode and let me know the outcome.

#5
KevinVanLear

Posted 07 March 2013 - 08:08 PM

New Member

Topic Starter
Member
8 posts

Wow, you guys are good. Normal boot worked like a charm. A Recovery message popped up saying Recovery has completed and asking if I wanted to restore user files, but everything looks to be in order from the desktop. I did try a few system restores prior to all of this happening, so it looks as though Norton is back on, and it wants to do some windows Updates...I won't do anything else until I hear back from you...Here is the fix log file:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-03-2013 01
Ran by SYSTEM at 2013-03-07 21:00:21 Run:2
Running from H:\Recovery

==============================================

The operation completed successfully.
The operation completed successfully.

==== End of Fixlog ====

#6
JSntgRvr

Posted 07 March 2013 - 08:16 PM

Global Moderator

Global Moderator
11,579 posts

Lets scan the computer.

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

#7
KevinVanLear

Posted 07 March 2013 - 08:30 PM

New Member

Topic Starter
Member
8 posts

Ok, only 3 suspicious skipped. Here is the log:

21:22:38.0846 3056 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:22:38.0862 3056 ============================================================
21:22:38.0862 3056 Current date / time: 2013/03/07 21:22:38.0862
21:22:38.0862 3056 SystemInfo:
21:22:38.0862 3056
21:22:38.0862 3056 OS Version: 6.1.7601 ServicePack: 1.0
21:22:38.0862 3056 Product type: Workstation
21:22:38.0862 3056 ComputerName: RAODAY-HP
21:22:38.0862 3056 UserName: raoday
21:22:38.0862 3056 Windows directory: C:\Windows
21:22:38.0862 3056 System windows directory: C:\Windows
21:22:38.0862 3056 Running under WOW64
21:22:38.0862 3056 Processor architecture: Intel x64
21:22:38.0862 3056 Number of processors: 2
21:22:38.0862 3056 Page size: 0x1000
21:22:38.0862 3056 Boot type: Normal boot
21:22:38.0862 3056 ============================================================
21:22:39.0642 3056 BG loaded
21:22:40.0313 3056 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:22:40.0328 3056 ============================================================
21:22:40.0328 3056 \Device\Harddisk0\DR0:
21:22:40.0328 3056 MBR partitions:
21:22:40.0328 3056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:22:40.0328 3056 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37ADE000
21:22:40.0328 3056 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37B42000, BlocksNum 0x2810000
21:22:40.0328 3056 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33800
21:22:40.0328 3056 ============================================================
21:22:40.0359 3056 C: <-> \Device\Harddisk0\DR0\Partition2
21:22:40.0453 3056 D: <-> \Device\Harddisk0\DR0\Partition3
21:22:40.0453 3056 ============================================================
21:22:40.0453 3056 Initialize success
21:22:40.0453 3056 ============================================================
21:23:41.0252 4016 ============================================================
21:23:41.0252 4016 Scan started
21:23:41.0252 4016 Mode: Manual; SigCheck; TDLFS;
21:23:41.0252 4016 ============================================================
21:23:44.0403 4016 ================ Scan system memory ========================
21:23:44.0403 4016 System memory - ok
21:23:44.0403 4016 ================ Scan services =============================
21:23:44.0840 4016 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:23:45.0027 4016 1394ohci - ok
21:23:45.0089 4016 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\drivers\Accelerometer.sys
21:23:45.0120 4016 Accelerometer - ok
21:23:45.0183 4016 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:23:45.0214 4016 ACPI - ok
21:23:45.0261 4016 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:23:45.0339 4016 AcpiPmi - ok
21:23:45.0417 4016 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:23:45.0432 4016 AdobeARMservice - ok
21:23:45.0557 4016 [ 300B79DECEEF4F385523765ACC4F351A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:23:45.0588 4016 AdobeFlashPlayerUpdateSvc - ok
21:23:45.0666 4016 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:23:45.0698 4016 adp94xx - ok
21:23:45.0760 4016 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:23:45.0791 4016 adpahci - ok
21:23:45.0869 4016 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:23:45.0885 4016 adpu320 - ok
21:23:45.0947 4016 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:23:46.0088 4016 AeLookupSvc - ok
21:23:46.0166 4016 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:23:46.0212 4016 AFD - ok
21:23:46.0275 4016 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:23:46.0290 4016 agp440 - ok
21:23:46.0353 4016 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:23:46.0415 4016 ALG - ok
21:23:46.0478 4016 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:23:46.0493 4016 aliide - ok
21:23:46.0571 4016 [ D2A8D3FE8D5EA4B3A631C86E5DD838E5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:23:46.0634 4016 AMD External Events Utility - ok
21:23:46.0696 4016 AMD FUEL Service - ok
21:23:46.0727 4016 [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193 ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys
21:23:46.0758 4016 amdhub30 - ok
21:23:46.0805 4016 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:23:46.0836 4016 amdide - ok
21:23:46.0883 4016 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\drivers\amdiox64.sys
21:23:46.0899 4016 amdiox64 - ok
21:23:46.0977 4016 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:23:47.0008 4016 AmdK8 - ok
21:23:47.0304 4016 [ 90663B2830BB226B67E101A72CFF8383 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:23:47.0601 4016 amdkmdag - ok
21:23:47.0694 4016 [ 9503F413AF5CC1721D58CF1753483C96 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:23:47.0757 4016 amdkmdap - ok
21:23:47.0835 4016 [ 554FB0F28C411FB1EAFD4EA46A8CAAA4 ] amdkmpfd C:\Windows\system32\drivers\amdkmpfd.sys
21:23:47.0866 4016 amdkmpfd - ok
21:23:47.0882 4016 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:23:47.0928 4016 AmdPPM - ok
21:23:47.0975 4016 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:23:48.0006 4016 amdsata - ok
21:23:48.0022 4016 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:23:48.0053 4016 amdsbs - ok
21:23:48.0100 4016 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:23:48.0116 4016 amdxata - ok
21:23:48.0162 4016 [ 541A6C49C792ED71FB3EFF8C815CFE60 ] amdxhc C:\Windows\system32\drivers\amdxhc.sys
21:23:48.0194 4016 amdxhc - ok
21:23:48.0209 4016 [ A1434F35B7B171CB697D74D33F7D029F ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
21:23:48.0240 4016 amd_sata - ok
21:23:48.0256 4016 [ E9B5A82FA268BB2D1B012030D5F4E096 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
21:23:48.0272 4016 amd_xata - ok
21:23:48.0334 4016 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:23:48.0630 4016 AppID - ok
21:23:48.0662 4016 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:23:48.0740 4016 AppIDSvc - ok
21:23:48.0786 4016 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:23:48.0864 4016 Appinfo - ok
21:23:48.0911 4016 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:23:48.0927 4016 arc - ok
21:23:48.0942 4016 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:23:48.0974 4016 arcsas - ok
21:23:49.0036 4016 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:23:49.0114 4016 AsyncMac - ok
21:23:49.0161 4016 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:23:49.0176 4016 atapi - ok
21:23:49.0286 4016 [ 881AF14AD2F1207672873B65ACA6C92F ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:23:49.0395 4016 athr - ok
21:23:49.0457 4016 [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:23:49.0488 4016 AtiHDAudioService - ok
21:23:49.0566 4016 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:23:49.0644 4016 AudioEndpointBuilder - ok
21:23:49.0660 4016 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:23:49.0738 4016 AudioSrv - ok
21:23:49.0785 4016 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:23:49.0878 4016 AxInstSV - ok
21:23:49.0941 4016 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:23:49.0988 4016 b06bdrv - ok
21:23:50.0066 4016 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:23:50.0097 4016 b57nd60a - ok
21:23:50.0159 4016 [ 216EC30BEAA9AE6818B21C969500D308 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
21:23:50.0190 4016 BBSvc - ok
21:23:50.0222 4016 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
21:23:50.0237 4016 BBUpdate - ok
21:23:50.0331 4016 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:23:50.0393 4016 BCM43XX - ok
21:23:50.0409 4016 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:23:50.0471 4016 BDESVC - ok
21:23:50.0502 4016 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:23:50.0612 4016 Beep - ok
21:23:50.0674 4016 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:23:50.0752 4016 BFE - ok
21:23:50.0924 4016 [ 652F4D186325B69FFE80EE18AE9ACC77 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20121030.002\BHDrvx64.sys
21:23:50.0986 4016 BHDrvx64 - ok
21:23:51.0033 4016 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:23:51.0111 4016 BITS - ok
21:23:51.0173 4016 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:23:51.0204 4016 blbdrive - ok
21:23:51.0314 4016 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:23:51.0360 4016 bowser - ok
21:23:51.0407 4016 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:23:51.0454 4016 BrFiltLo - ok
21:23:51.0470 4016 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:23:51.0485 4016 BrFiltUp - ok
21:23:51.0516 4016 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:23:51.0548 4016 Browser - ok
21:23:51.0579 4016 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:23:51.0641 4016 Brserid - ok
21:23:51.0657 4016 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:23:51.0704 4016 BrSerWdm - ok
21:23:51.0750 4016 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:23:51.0782 4016 BrUsbMdm - ok
21:23:51.0813 4016 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:23:51.0844 4016 BrUsbSer - ok
21:23:51.0891 4016 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:23:51.0938 4016 BTHMODEM - ok
21:23:52.0000 4016 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:23:52.0078 4016 bthserv - ok
21:23:52.0172 4016 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys
21:23:52.0203 4016 ccSet_NIS - ok
21:23:52.0218 4016 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:23:52.0296 4016 cdfs - ok
21:23:52.0343 4016 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:23:52.0374 4016 cdrom - ok
21:23:52.0437 4016 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:23:52.0499 4016 CertPropSvc - ok
21:23:52.0562 4016 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:23:52.0593 4016 circlass - ok
21:23:52.0624 4016 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:23:52.0655 4016 CLFS - ok
21:23:52.0718 4016 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:23:52.0733 4016 clr_optimization_v2.0.50727_32 - ok
21:23:52.0780 4016 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:23:52.0796 4016 clr_optimization_v2.0.50727_64 - ok
21:23:52.0889 4016 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:23:52.0998 4016 clr_optimization_v4.0.30319_32 - ok
21:23:53.0076 4016 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:23:53.0092 4016 clr_optimization_v4.0.30319_64 - ok
21:23:53.0154 4016 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
21:23:53.0170 4016 clwvd - ok
21:23:53.0232 4016 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:23:53.0264 4016 CmBatt - ok
21:23:53.0295 4016 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:23:53.0310 4016 cmdide - ok
21:23:53.0342 4016 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:23:53.0388 4016 CNG - ok
21:23:53.0435 4016 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:23:53.0466 4016 Compbatt - ok
21:23:53.0482 4016 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:23:53.0529 4016 CompositeBus - ok
21:23:53.0544 4016 COMSysApp - ok
21:23:53.0591 4016 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:23:53.0607 4016 crcdisk - ok
21:23:53.0669 4016 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:23:53.0716 4016 CryptSvc - ok
21:23:53.0794 4016 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:23:53.0856 4016 DcomLaunch - ok
21:23:53.0903 4016 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:23:53.0981 4016 defragsvc - ok
21:23:54.0028 4016 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:23:54.0090 4016 DfsC - ok
21:23:54.0137 4016 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:23:54.0200 4016 Dhcp - ok
21:23:54.0215 4016 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:23:54.0293 4016 discache - ok
21:23:54.0356 4016 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:23:54.0371 4016 Disk - ok
21:23:54.0496 4016 [ AE39BAFDDDB0B27F1CFE3639423594B5 ] DiskDoctorService C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe
21:23:54.0543 4016 DiskDoctorService - ok
21:23:54.0574 4016 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:23:54.0636 4016 Dnscache - ok
21:23:54.0668 4016 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:23:54.0746 4016 dot3svc - ok
21:23:54.0761 4016 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:23:54.0839 4016 DPS - ok
21:23:54.0902 4016 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:23:54.0933 4016 drmkaud - ok
21:23:54.0980 4016 [ CE7743807258A7D383C427E3C178A49E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:23:55.0026 4016 DXGKrnl - ok
21:23:55.0058 4016 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:23:55.0151 4016 EapHost - ok
21:23:55.0245 4016 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:23:55.0354 4016 ebdrv - ok
21:23:55.0463 4016 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:23:55.0494 4016 eeCtrl - ok
21:23:55.0526 4016 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:23:55.0588 4016 EFS - ok
21:23:55.0666 4016 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:23:55.0744 4016 ehRecvr - ok
21:23:55.0760 4016 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:23:55.0791 4016 ehSched - ok
21:23:55.0869 4016 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:23:55.0900 4016 elxstor - ok
21:23:55.0978 4016 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:23:56.0009 4016 EraserUtilRebootDrv - ok
21:23:56.0040 4016 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:23:56.0072 4016 ErrDev - ok
21:23:56.0165 4016 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:23:56.0243 4016 EventSystem - ok
21:23:56.0274 4016 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:23:56.0352 4016 exfat - ok
21:23:56.0368 4016 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:23:56.0446 4016 fastfat - ok
21:23:56.0508 4016 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:23:56.0555 4016 Fax - ok
21:23:56.0602 4016 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:23:56.0633 4016 fdc - ok
21:23:56.0680 4016 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:23:56.0727 4016 fdPHost - ok
21:23:56.0758 4016 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:23:56.0820 4016 FDResPub - ok
21:23:56.0836 4016 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:23:56.0867 4016 FileInfo - ok
21:23:56.0883 4016 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:23:56.0961 4016 Filetrace - ok
21:23:57.0008 4016 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:23:57.0023 4016 flpydisk - ok
21:23:57.0054 4016 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:23:57.0070 4016 FltMgr - ok
21:23:57.0148 4016 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:23:57.0210 4016 FontCache - ok
21:23:57.0273 4016 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:23:57.0288 4016 FontCache3.0.0.0 - ok
21:23:57.0288 4016 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:23:57.0320 4016 FsDepends - ok
21:23:57.0335 4016 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:23:57.0351 4016 Fs_Rec - ok
21:23:57.0413 4016 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:23:57.0444 4016 fvevol - ok
21:23:57.0507 4016 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:23:57.0522 4016 gagp30kx - ok
21:23:57.0585 4016 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
21:23:57.0600 4016 GamesAppService - ok
21:23:57.0647 4016 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:23:57.0725 4016 gpsvc - ok
21:23:57.0819 4016 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:23:57.0834 4016 gupdate - ok
21:23:57.0850 4016 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:23:57.0866 4016 gupdatem - ok
21:23:57.0881 4016 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:23:57.0912 4016 gusvc - ok
21:23:57.0928 4016 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:23:57.0975 4016 hcw85cir - ok
21:23:58.0022 4016 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:23:58.0068 4016 HdAudAddService - ok
21:23:58.0115 4016 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:23:58.0162 4016 HDAudBus - ok
21:23:58.0178 4016 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:23:58.0224 4016 HidBatt - ok
21:23:58.0256 4016 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:23:58.0287 4016 HidBth - ok
21:23:58.0302 4016 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:23:58.0334 4016 HidIr - ok
21:23:58.0365 4016 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:23:58.0427 4016 hidserv - ok
21:23:58.0474 4016 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:23:58.0505 4016 HidUsb - ok
21:23:58.0521 4016 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:23:58.0614 4016 hkmsvc - ok
21:23:58.0646 4016 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:23:58.0692 4016 HomeGroupListener - ok
21:23:58.0724 4016 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:23:58.0755 4016 HomeGroupProvider - ok
21:23:58.0864 4016 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:23:58.0880 4016 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
21:23:58.0880 4016 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
21:23:58.0926 4016 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
21:23:58.0942 4016 HPClientSvc - ok
21:23:58.0973 4016 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\drivers\hpdskflt.sys
21:23:58.0989 4016 hpdskflt - ok
21:23:59.0082 4016 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:23:59.0114 4016 hpqwmiex - ok
21:23:59.0176 4016 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:23:59.0207 4016 HpSAMD - ok
21:23:59.0254 4016 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
21:23:59.0285 4016 hpsrv - ok
21:23:59.0332 4016 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:23:59.0348 4016 HPWMISVC - ok
21:23:59.0426 4016 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:23:59.0504 4016 HTTP - ok
21:23:59.0535 4016 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:23:59.0550 4016 hwpolicy - ok
21:23:59.0613 4016 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:23:59.0644 4016 i8042prt - ok
21:23:59.0691 4016 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:23:59.0722 4016 iaStorV - ok
21:23:59.0769 4016 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:23:59.0816 4016 idsvc - ok
21:23:59.0909 4016 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121107.001\IDSvia64.sys
21:23:59.0956 4016 IDSVia64 - ok
21:23:59.0987 4016 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:24:00.0018 4016 iirsp - ok
21:24:00.0065 4016 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:24:00.0143 4016 IKEEXT - ok
21:24:00.0190 4016 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:24:00.0206 4016 intelide - ok
21:24:00.0237 4016 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
21:24:00.0268 4016 intelppm - ok
21:24:00.0299 4016 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:24:00.0377 4016 IPBusEnum - ok
21:24:00.0408 4016 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:24:00.0471 4016 IpFilterDriver - ok
21:24:00.0518 4016 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:24:00.0580 4016 iphlpsvc - ok
21:24:00.0611 4016 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:24:00.0658 4016 IPMIDRV - ok
21:24:00.0689 4016 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:24:00.0783 4016 IPNAT - ok
21:24:00.0830 4016 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:24:00.0861 4016 IRENUM - ok
21:24:00.0876 4016 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:24:00.0892 4016 isapnp - ok
21:24:00.0908 4016 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:24:00.0939 4016 iScsiPrt - ok
21:24:00.0986 4016 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:24:01.0017 4016 kbdclass - ok
21:24:01.0064 4016 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:24:01.0095 4016 kbdhid - ok
21:24:01.0110 4016 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:24:01.0126 4016 KeyIso - ok
21:24:01.0157 4016 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:24:01.0173 4016 KSecDD - ok
21:24:01.0204 4016 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:24:01.0220 4016 KSecPkg - ok
21:24:01.0266 4016 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:24:01.0344 4016 ksthunk - ok
21:24:01.0376 4016 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:24:01.0469 4016 KtmRm - ok
21:24:01.0532 4016 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:24:01.0610 4016 LanmanServer - ok
21:24:01.0688 4016 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:24:01.0797 4016 LanmanWorkstation - ok
21:24:01.0906 4016 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:24:02.0046 4016 lltdio - ok
21:24:02.0078 4016 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:24:02.0171 4016 lltdsvc - ok
21:24:02.0218 4016 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:24:02.0265 4016 lmhosts - ok
21:24:02.0343 4016 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:24:02.0358 4016 LSI_FC - ok
21:24:02.0374 4016 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:24:02.0390 4016 LSI_SAS - ok
21:24:02.0421 4016 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:24:02.0436 4016 LSI_SAS2 - ok
21:24:02.0499 4016 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:24:02.0514 4016 LSI_SCSI - ok
21:24:02.0592 4016 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:24:02.0670 4016 luafv - ok
21:24:02.0702 4016 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:24:02.0748 4016 Mcx2Svc - ok
21:24:02.0780 4016 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:24:02.0795 4016 megasas - ok
21:24:02.0858 4016 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:24:02.0873 4016 MegaSR - ok
21:24:02.0904 4016 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:24:02.0998 4016 MMCSS - ok
21:24:03.0029 4016 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:24:03.0092 4016 Modem - ok
21:24:03.0138 4016 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:24:03.0185 4016 monitor - ok
21:24:03.0232 4016 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:24:03.0248 4016 mouclass - ok
21:24:03.0279 4016 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
21:24:03.0310 4016 mouhid - ok
21:24:03.0341 4016 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:24:03.0357 4016 mountmgr - ok
21:24:03.0388 4016 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:24:03.0419 4016 mpio - ok
21:24:03.0435 4016 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:24:03.0482 4016 mpsdrv - ok
21:24:03.0544 4016 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:24:03.0638 4016 MpsSvc - ok
21:24:03.0653 4016 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:24:03.0794 4016 MRxDAV - ok
21:24:03.0918 4016 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:24:04.0028 4016 mrxsmb - ok
21:24:04.0106 4016 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:24:04.0137 4016 mrxsmb10 - ok
21:24:04.0168 4016 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:24:04.0184 4016 mrxsmb20 - ok
21:24:04.0230 4016 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:24:04.0262 4016 msahci - ok
21:24:04.0308 4016 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:24:04.0340 4016 msdsm - ok
21:24:04.0386 4016 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:24:04.0527 4016 MSDTC - ok
21:24:04.0636 4016 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:24:04.0698 4016 Msfs - ok
21:24:04.0730 4016 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:24:04.0823 4016 mshidkmdf - ok
21:24:04.0932 4016 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:24:04.0948 4016 msisadrv - ok
21:24:04.0995 4016 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:24:05.0088 4016 MSiSCSI - ok
21:24:05.0104 4016 msiserver - ok
21:24:05.0182 4016 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:24:05.0276 4016 MSKSSRV - ok
21:24:05.0322 4016 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:24:05.0416 4016 MSPCLOCK - ok
21:24:05.0447 4016 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:24:05.0541 4016 MSPQM - ok
21:24:05.0556 4016 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:24:05.0588 4016 MsRPC - ok
21:24:05.0603 4016 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:24:05.0634 4016 mssmbios - ok
21:24:05.0681 4016 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:24:05.0759 4016 MSTEE - ok
21:24:05.0775 4016 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:24:05.0790 4016 MTConfig - ok
21:24:05.0853 4016 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:24:05.0868 4016 Mup - ok
21:24:05.0900 4016 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:24:05.0978 4016 napagent - ok
21:24:06.0024 4016 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:24:06.0056 4016 NativeWifiP - ok
21:24:06.0149 4016 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121108.002\ENG64.SYS
21:24:06.0180 4016 NAVENG - ok
21:24:06.0258 4016 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121108.002\EX64.SYS
21:24:06.0352 4016 NAVEX15 - ok
21:24:06.0430 4016 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:24:06.0477 4016 NDIS - ok
21:24:06.0539 4016 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:24:06.0617 4016 NdisCap - ok
21:24:06.0680 4016 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:24:06.0742 4016 NdisTapi - ok
21:24:06.0758 4016 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:24:06.0820 4016 Ndisuio - ok
21:24:06.0851 4016 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:24:06.0929 4016 NdisWan - ok
21:24:06.0945 4016 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:24:07.0007 4016 NDProxy - ok
21:24:07.0054 4016 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:24:07.0116 4016 NetBIOS - ok
21:24:07.0148 4016 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:24:07.0210 4016 NetBT - ok
21:24:07.0226 4016 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:24:07.0257 4016 Netlogon - ok
21:24:07.0272 4016 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:24:07.0350 4016 Netman - ok
21:24:07.0382 4016 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:24:07.0475 4016 netprofm - ok
21:24:07.0506 4016 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:24:07.0522 4016 NetTcpPortSharing - ok
21:24:07.0569 4016 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:24:07.0584 4016 nfrd960 - ok
21:24:07.0725 4016 [ E127420B7FEB65C7F279EAAC183BBC0E ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
21:24:07.0756 4016 NIS - ok
21:24:07.0818 4016 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:24:07.0850 4016 NlaSvc - ok
21:24:07.0881 4016 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:24:07.0943 4016 Npfs - ok
21:24:07.0959 4016 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:24:08.0037 4016 nsi - ok
21:24:08.0068 4016 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:24:08.0130 4016 nsiproxy - ok
21:24:08.0208 4016 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:24:08.0271 4016 Ntfs - ok
21:24:08.0380 4016 [ 68E6732D74A74B1FFD386761BC1EB764 ] NU16StartManagerSvc C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
21:24:08.0427 4016 NU16StartManagerSvc - ok
21:24:08.0442 4016 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:24:08.0505 4016 Null - ok
21:24:08.0520 4016 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
21:24:08.0567 4016 NVENETFD - ok
21:24:08.0630 4016 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:24:08.0645 4016 nvraid - ok
21:24:08.0661 4016 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:24:08.0692 4016 nvstor - ok
21:24:08.0723 4016 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:24:08.0739 4016 nv_agp - ok
21:24:08.0754 4016 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:24:08.0786 4016 ohci1394 - ok
21:24:08.0864 4016 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:24:08.0879 4016 ose - ok
21:24:09.0066 4016 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:24:09.0332 4016 osppsvc - ok
21:24:09.0394 4016 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:24:09.0441 4016 p2pimsvc - ok
21:24:09.0472 4016 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:24:09.0503 4016 p2psvc - ok
21:24:09.0534 4016 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:24:09.0550 4016 Parport - ok
21:24:09.0581 4016 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:24:09.0597 4016 partmgr - ok
21:24:09.0628 4016 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:24:09.0675 4016 PcaSvc - ok
21:24:09.0690 4016 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:24:09.0722 4016 pci - ok
21:24:09.0753 4016 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:24:09.0768 4016 pciide - ok
21:24:09.0784 4016 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:24:09.0815 4016 pcmcia - ok
21:24:09.0846 4016 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:24:09.0862 4016 pcw - ok
21:24:09.0893 4016 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:24:09.0971 4016 PEAUTH - ok
21:24:10.0065 4016 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:24:10.0096 4016 PerfHost - ok
21:24:10.0174 4016 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:24:10.0283 4016 pla - ok
21:24:10.0346 4016 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:24:10.0408 4016 PlugPlay - ok
21:24:10.0424 4016 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:24:10.0455 4016 PNRPAutoReg - ok
21:24:10.0486 4016 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:24:10.0502 4016 PNRPsvc - ok
21:24:10.0533 4016 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:24:10.0626 4016 PolicyAgent - ok
21:24:10.0673 4016 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:24:10.0751 4016 Power - ok
21:24:10.0814 4016 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:24:10.0876 4016 PptpMiniport - ok
21:24:10.0907 4016 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:24:10.0938 4016 Processor - ok
21:24:10.0970 4016 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:24:11.0016 4016 ProfSvc - ok
21:24:11.0032 4016 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:24:11.0048 4016 ProtectedStorage - ok
21:24:11.0110 4016 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:24:11.0188 4016 Psched - ok
21:24:11.0235 4016 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:24:11.0313 4016 ql2300 - ok
21:24:11.0328 4016 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:24:11.0360 4016 ql40xx - ok
21:24:11.0375 4016 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:24:11.0406 4016 QWAVE - ok
21:24:11.0453 4016 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:24:11.0500 4016 QWAVEdrv - ok
21:24:11.0516 4016 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:24:11.0578 4016 RasAcd - ok
21:24:11.0625 4016 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:24:11.0687 4016 RasAgileVpn - ok
21:24:11.0703 4016 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:24:11.0781 4016 RasAuto - ok
21:24:11.0812 4016 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:24:11.0890 4016 Rasl2tp - ok
21:24:11.0921 4016 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:24:11.0984 4016 RasMan - ok
21:24:12.0030 4016 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:24:12.0093 4016 RasPppoe - ok
21:24:12.0124 4016 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:24:12.0186 4016 RasSstp - ok
21:24:12.0233 4016 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:24:12.0311 4016 rdbss - ok
21:24:12.0327 4016 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:24:12.0374 4016 rdpbus - ok
21:24:12.0389 4016 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:24:12.0436 4016 RDPCDD - ok
21:24:12.0452 4016 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:24:12.0530 4016 RDPENCDD - ok
21:24:12.0561 4016 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:24:12.0623 4016 RDPREFMP - ok
21:24:12.0654 4016 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:24:12.0686 4016 RDPWD - ok
21:24:12.0732 4016 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:24:12.0748 4016 rdyboost - ok
21:24:12.0779 4016 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:24:12.0857 4016 RemoteAccess - ok
21:24:12.0904 4016 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:24:12.0966 4016 RemoteRegistry - ok
21:24:12.0982 4016 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:24:13.0060 4016 RpcEptMapper - ok
21:24:13.0076 4016 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:24:13.0107 4016 RpcLocator - ok
21:24:13.0122 4016 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:24:13.0200 4016 RpcSs - ok
21:24:13.0232 4016 [ 1BDF0DFB56603888E7BA07A99BFF3C97 ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys
21:24:13.0263 4016 RSP2STOR - ok
21:24:13.0325 4016 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:24:13.0388 4016 rspndr - ok
21:24:13.0450 4016 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:24:13.0497 4016 RTL8167 - ok
21:24:13.0512 4016 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:24:13.0528 4016 SamSs - ok
21:24:13.0575 4016 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:24:13.0590 4016 sbp2port - ok
21:24:13.0622 4016 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:24:13.0700 4016 SCardSvr - ok
21:24:13.0715 4016 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:24:13.0793 4016 scfilter - ok
21:24:13.0840 4016 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:24:13.0934 4016 Schedule - ok
21:24:13.0949 4016 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:24:14.0012 4016 SCPolicySvc - ok
21:24:14.0074 4016 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
21:24:14.0105 4016 sdbus - ok
21:24:14.0152 4016 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:24:14.0199 4016 SDRSVC - ok
21:24:14.0214 4016 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:24:14.0292 4016 secdrv - ok
21:24:14.0324 4016 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:24:14.0370 4016 seclogon - ok
21:24:14.0386 4016 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:24:14.0464 4016 SENS - ok
21:24:14.0526 4016 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:24:14.0573 4016 SensrSvc - ok
21:24:14.0589 4016 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:24:14.0636 4016 Serenum - ok
21:24:14.0714 4016 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:24:14.0760 4016 Serial - ok
21:24:14.0792 4016 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:24:14.0838 4016 sermouse - ok
21:24:14.0870 4016 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:24:14.0948 4016 SessionEnv - ok
21:24:14.0979 4016 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:24:14.0994 4016 sffdisk - ok
21:24:15.0026 4016 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:24:15.0072 4016 sffp_mmc - ok
21:24:15.0104 4016 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:24:15.0135 4016 sffp_sd - ok
21:24:15.0150 4016 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:24:15.0166 4016 sfloppy - ok
21:24:15.0213 4016 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:24:15.0275 4016 SharedAccess - ok
21:24:15.0306 4016 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:24:15.0400 4016 ShellHWDetection - ok
21:24:15.0447 4016 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:24:15.0462 4016 SiSRaid2 - ok
21:24:15.0494 4016 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:24:15.0509 4016 SiSRaid4 - ok
21:24:15.0587 4016 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:24:15.0618 4016 SkypeUpdate - ok
21:24:15.0665 4016 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:24:15.0743 4016 Smb - ok
21:24:15.0790 4016 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:24:15.0821 4016 SNMPTRAP - ok
21:24:15.0993 4016 [ 2BADEF77B26033065B1049EB51F6AE54 ] SpeedDiskService C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe
21:24:16.0040 4016 SpeedDiskService - ok
21:24:16.0086 4016 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:24:16.0133 4016 spldr - ok
21:24:16.0180 4016 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:24:16.0242 4016 Spooler - ok
21:24:16.0430 4016 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:24:16.0632 4016 sppsvc - ok
21:24:16.0664 4016 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:24:16.0742 4016 sppuinotify - ok
21:24:17.0444 4016 [ 1321A6C3C92BBD3F3BBE1292CFF8E91A ] SRTSP C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS
21:24:17.0506 4016 SRTSP - ok
21:24:17.0522 4016 [ BD129C22C3B8C2E584227269DFA77B09 ] SRTSPX C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS
21:24:17.0553 4016 SRTSPX - ok
21:24:17.0600 4016 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:24:17.0678 4016 srv - ok
21:24:17.0709 4016 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:24:17.0756 4016 srv2 - ok
21:24:17.0849 4016 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:24:17.0880 4016 SrvHsfHDA - ok
21:24:17.0974 4016 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:24:18.0068 4016 SrvHsfV92 - ok
21:24:18.0099 4016 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:24:18.0146 4016 SrvHsfWinac - ok
21:24:18.0302 4016 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:24:18.0317 4016 srvnet - ok
21:24:18.0348 4016 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:24:18.0442 4016 SSDPSRV - ok
21:24:18.0473 4016 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:24:18.0536 4016 SstpSvc - ok
21:24:18.0770 4016 [ F452B51D895D894BF5487057E11D44CF ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
21:24:18.0801 4016 STacSV ( UnsignedFile.Multi.Generic ) - warning
21:24:18.0801 4016 STacSV - detected UnsignedFile.Multi.Generic (1)
21:24:18.0894 4016 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:24:18.0910 4016 stexstor - ok
21:24:19.0019 4016 [ B05AEC4014FFDC1793B5CCB6D9BD28D1 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
21:24:19.0082 4016 STHDA - ok
21:24:19.0144 4016 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:24:19.0191 4016 stisvc - ok
21:24:19.0238 4016 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:24:19.0253 4016 swenum - ok
21:24:19.0300 4016 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:24:19.0409 4016 swprv - ok
21:24:19.0503 4016 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS
21:24:19.0534 4016 SymDS - ok
21:24:19.0784 4016 [ FE29B18BF86FFCD55D8733C9B01E5042 ] SymEFA C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS
21:24:19.0877 4016 SymEFA - ok
21:24:19.0924 4016 [ 36B77F5C9E21F88A8C8EC67AD5415819 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:24:19.0971 4016 SymEvent - ok
21:24:20.0018 4016 [ DD70DA422460FDED831D211DF151D560 ] SymIRON C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS
21:24:20.0049 4016 SymIRON - ok
21:24:20.0080 4016 [ BCE4EB2EEF05E388959B46FD21388C2D ] SymNetS C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS
21:24:20.0127 4016 SymNetS - ok
21:24:20.0189 4016 [ 772493A8945495F1A287BF6C4CA25B48 ] SynTP C:\Windows\system32\drivers\SynTP.sys
21:24:20.0220 4016 SynTP - ok
21:24:20.0298 4016 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:24:20.0376 4016 SysMain - ok
21:24:20.0423 4016 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:24:20.0470 4016 TabletInputService - ok
21:24:20.0501 4016 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:24:20.0579 4016 TapiSrv - ok
21:24:20.0610 4016 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:24:20.0688 4016 TBS - ok
21:24:20.0782 4016 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:24:20.0891 4016 Tcpip - ok
21:24:20.0969 4016 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:24:21.0047 4016 TCPIP6 - ok
21:24:21.0125 4016 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:24:21.0156 4016 tcpipreg - ok
21:24:21.0281 4016 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:24:21.0328 4016 TDPIPE - ok
21:24:21.0375 4016 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:24:21.0390 4016 TDTCP - ok
21:24:21.0422 4016 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:24:21.0500 4016 tdx - ok
21:24:21.0515 4016 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:24:21.0546 4016 TermDD - ok
21:24:21.0578 4016 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:24:21.0671 4016 TermService - ok
21:24:21.0702 4016 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:24:21.0734 4016 Themes - ok
21:24:21.0765 4016 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:24:21.0827 4016 THREADORDER - ok
21:24:21.0936 4016 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:24:22.0046 4016 TrkWks - ok
21:24:22.0108 4016 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:24:22.0170 4016 TrustedInstaller - ok
21:24:22.0186 4016 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:24:22.0264 4016 tssecsrv - ok
21:24:22.0342 4016 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:24:22.0373 4016 TsUsbFlt - ok
21:24:22.0389 4016 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:24:22.0420 4016 TsUsbGD - ok
21:24:22.0467 4016 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:24:22.0545 4016 tunnel - ok
21:24:22.0576 4016 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:24:22.0607 4016 uagp35 - ok
21:24:22.0654 4016 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:24:22.0748 4016 udfs - ok
21:24:22.0779 4016 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:24:22.0810 4016 UI0Detect - ok
21:24:22.0841 4016 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:24:22.0857 4016 uliagpkx - ok
21:24:22.0904 4016 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:24:22.0935 4016 umbus - ok
21:24:22.0950 4016 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:24:22.0982 4016 UmPass - ok
21:24:23.0013 4016 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:24:23.0106 4016 upnphost - ok
21:24:23.0122 4016 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
21:24:23.0153 4016 usbccgp - ok
21:24:23.0184 4016 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:24:23.0216 4016 usbcir - ok
21:24:23.0231 4016 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:24:23.0262 4016 usbehci - ok
21:24:23.0309 4016 [ 33A58C5630200E17B51C8D73DD64181B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
21:24:23.0325 4016 usbfilter - ok
21:24:23.0356 4016 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
21:24:23.0403 4016 usbhub - ok
21:24:23.0434 4016 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:24:23.0465 4016 usbohci - ok
21:24:23.0481 4016 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:24:23.0528 4016 usbprint - ok
21:24:23.0559 4016 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:24:23.0621 4016 USBSTOR - ok
21:24:23.0637 4016 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:24:23.0668 4016 usbuhci - ok
21:24:23.0730 4016 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:24:23.0762 4016 usbvideo - ok
21:24:23.0808 4016 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:24:23.0902 4016 UxSms - ok
21:24:23.0918 4016 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:24:23.0933 4016 VaultSvc - ok
21:24:23.0964 4016 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:24:23.0980 4016 vdrvroot - ok
21:24:24.0011 4016 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:24:24.0089 4016 vds - ok
21:24:24.0136 4016 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:24:24.0152 4016 vga - ok
21:24:24.0183 4016 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:24:24.0245 4016 VgaSave - ok
21:24:24.0276 4016 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:24:24.0292 4016 vhdmp - ok
21:24:24.0339 4016 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:24:24.0370 4016 viaide - ok
21:24:24.0417 4016 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:24:24.0432 4016 volmgr - ok
21:24:24.0526 4016 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:24:24.0557 4016 volmgrx - ok
21:24:24.0604 4016 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:24:24.0651 4016 volsnap - ok
21:24:24.0791 4016 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:24:24.0822 4016 vsmraid - ok
21:24:24.0885 4016 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:24:24.0994 4016 VSS - ok
21:24:25.0041 4016 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:24:25.0088 4016 vwifibus - ok
21:24:25.0134 4016 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:24:25.0181 4016 vwififlt - ok
21:24:25.0228 4016 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:24:25.0306 4016 W32Time - ok
21:24:25.0368 4016 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:24:25.0415 4016 WacomPen - ok
21:24:25.0774 4016 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:24:25.0852 4016 WANARP - ok
21:24:25.0883 4016 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:24:25.0930 4016 Wanarpv6 - ok
21:24:26.0648 4016 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:24:26.0710 4016 WatAdminSvc - ok
21:24:26.0788 4016 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:24:26.0928 4016 wbengine - ok
21:24:26.0975 4016 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:24:27.0006 4016 WbioSrvc - ok
21:24:27.0100 4016 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:24:27.0162 4016 wcncsvc - ok
21:24:27.0178 4016 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:24:27.0225 4016 WcsPlugInService - ok
21:24:27.0272 4016 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:24:27.0287 4016 Wd - ok
21:24:27.0350 4016 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:24:27.0396 4016 Wdf01000 - ok
21:24:27.0428 4016 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:24:27.0942 4016 WdiServiceHost - ok
21:24:27.0974 4016 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:24:28.0005 4016 WdiSystemHost - ok
21:24:28.0036 4016 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:24:28.0098 4016 WebClient - ok
21:24:28.0161 4016 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:24:28.0254 4016 Wecsvc - ok
21:24:28.0301 4016 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:24:28.0410 4016 wercplsupport - ok
21:24:28.0442 4016 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:24:28.0504 4016 WerSvc - ok
21:24:28.0598 4016 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:24:28.0660 4016 WfpLwf - ok
21:24:28.0691 4016 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:24:28.0722 4016 WIMMount - ok
21:24:28.0754 4016 WinDefend - ok
21:24:28.0754 4016 WinHttpAutoProxySvc - ok
21:24:28.0863 4016 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:24:28.0925 4016 Winmgmt - ok
21:24:29.0034 4016 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:24:29.0144 4016 WinRM - ok
21:24:29.0253 4016 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:24:29.0284 4016 WinUsb - ok
21:24:29.0346 4016 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:24:29.0409 4016 Wlansvc - ok
21:24:29.0690 4016 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:24:29.0783 4016 wlidsvc - ok
21:24:29.0861 4016 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:24:29.0892 4016 WmiAcpi - ok
21:24:29.0939 4016 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:24:30.0002 4016 wmiApSrv - ok
21:24:30.0064 4016 WMPNetworkSvc - ok
21:24:30.0126 4016 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:24:30.0158 4016 WPCSvc - ok
21:24:30.0189 4016 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:24:30.0204 4016 WPDBusEnum - ok
21:24:30.0251 4016 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:24:30.0392 4016 ws2ifsl - ok
21:24:30.0423 4016 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:24:30.0470 4016 wscsvc - ok
21:24:30.0470 4016 WSearch - ok
21:24:30.0579 4016 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:24:30.0688 4016 wuauserv - ok
21:24:30.0735 4016 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:24:30.0813 4016 WudfPf - ok
21:24:30.0860 4016 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:24:30.0891 4016 WUDFRd - ok
21:24:30.0922 4016 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:24:30.0953 4016 wudfsvc - ok
21:24:30.0984 4016 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
21:24:31.0016 4016 WwanSvc - ok
21:24:31.0047 4016 ================ Scan global ===============================
21:24:31.0078 4016 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:24:31.0140 4016 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:24:31.0172 4016 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:24:31.0250 4016 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:24:31.0312 4016 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:24:31.0328 4016 [Global] - ok
21:24:31.0328 4016 ================ Scan MBR ==================================
21:24:31.0343 4016 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:24:32.0061 4016 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:24:32.0061 4016 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:24:32.0061 4016 ================ Scan VBR ==================================
21:24:32.0092 4016 [ 013083A82AD1A0923658E1172D38DA16 ] \Device\Harddisk0\DR0\Partition1
21:24:32.0092 4016 \Device\Harddisk0\DR0\Partition1 - ok
21:24:32.0108 4016 [ 5B41BABE4E3451F591D3285DDBB5BF0D ] \Device\Harddisk0\DR0\Partition2
21:24:32.0108 4016 \Device\Harddisk0\DR0\Partition2 - ok
21:24:32.0139 4016 [ 837133A48630DEC782562D42E6FC9A4E ] \Device\Harddisk0\DR0\Partition3
21:24:32.0170 4016 \Device\Harddisk0\DR0\Partition3 - ok
21:24:32.0201 4016 [ C8BC3CEF8E0517D175FFF2FF604C7083 ] \Device\Harddisk0\DR0\Partition4
21:24:32.0201 4016 \Device\Harddisk0\DR0\Partition4 - ok
21:24:32.0217 4016 ================ Scan active images ========================
21:24:32.0217 4016 [ A1434F35B7B171CB697D74D33F7D029F ] C:\Windows\System32\drivers\amd_sata.sys
21:24:32.0217 4016 C:\Windows\System32\drivers\amd_sata.sys - ok
21:24:32.0217 4016 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
21:24:32.0217 4016 C:\Windows\System32\drivers\crashdmp.sys - ok
21:24:32.0232 4016 [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
21:24:32.0232 4016 C:\Windows\System32\drivers\Diskdump.sys - ok
21:24:32.0232 4016 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
21:24:32.0232 4016 C:\Windows\System32\drivers\dumpfve.sys - ok
21:24:32.0248 4016 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
21:24:32.0248 4016 C:\Windows\System32\drivers\cdrom.sys - ok
21:24:32.0248 4016 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
21:24:32.0248 4016 C:\Windows\System32\drivers\beep.sys - ok
21:24:32.0264 4016 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
21:24:32.0264 4016 C:\Windows\System32\drivers\null.sys - ok
21:24:32.0279 4016 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
21:24:32.0279 4016 C:\Windows\System32\drivers\RDPCDD.sys - ok
21:24:32.0279 4016 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
21:24:32.0279 4016 C:\Windows\System32\drivers\vga.sys - ok
21:24:32.0295 4016 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
21:24:32.0295 4016 C:\Windows\System32\drivers\videoprt.sys - ok
21:24:32.0295 4016 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
21:24:32.0295 4016 C:\Windows\System32\drivers\watchdog.sys - ok
21:24:32.0310 4016 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
21:24:32.0310 4016 C:\Windows\System32\drivers\msfs.sys - ok
21:24:32.0310 4016 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
21:24:32.0310 4016 C:\Windows\System32\drivers\RDPENCDD.sys - ok
21:24:32.0326 4016 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
21:24:32.0326 4016 C:\Windows\System32\drivers\RDPREFMP.sys - ok
21:24:32.0326 4016 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
21:24:32.0326 4016 C:\Windows\System32\drivers\npfs.sys - ok
21:24:32.0342 4016 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
21:24:32.0342 4016 C:\Windows\System32\drivers\tdi.sys - ok
21:24:32.0342 4016 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
21:24:32.0342 4016 C:\Windows\System32\drivers\tdx.sys - ok
21:24:32.0357 4016 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
21:24:32.0357 4016 C:\Windows\System32\drivers\afd.sys - ok
21:24:32.0373 4016 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
21:24:32.0373 4016 C:\Windows\System32\drivers\netbt.sys - ok
21:24:32.0373 4016 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
21:24:32.0373 4016 C:\Windows\System32\drivers\pacer.sys - ok
21:24:32.0388 4016 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
21:24:32.0388 4016 C:\Windows\System32\drivers\vwififlt.sys - ok
21:24:32.0388 4016 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
21:24:32.0388 4016 C:\Windows\System32\drivers\wfplwf.sys - ok
21:24:32.0404 4016 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
21:24:32.0404 4016 C:\Windows\System32\drivers\netbios.sys - ok
21:24:32.0404 4016 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
21:24:32.0404 4016 C:\Windows\System32\drivers\wanarp.sys - ok
21:24:32.0420 4016 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
21:24:32.0420 4016 C:\Windows\System32\drivers\termdd.sys - ok
21:24:32.0420 4016 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
21:24:32.0420 4016 C:\Windows\System32\drivers\nsiproxy.sys - ok
21:24:32.0435 4016 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
21:24:32.0435 4016 C:\Windows\System32\drivers\rdbss.sys - ok
21:24:32.0451 4016 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
21:24:32.0451 4016 C:\Windows\System32\drivers\mssmbios.sys - ok
21:24:32.0451 4016 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
21:24:32.0451 4016 C:\Windows\System32\drivers\discache.sys - ok
21:24:32.0466 4016 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
21:24:32.0466 4016 C:\Windows\System32\drivers\blbdrive.sys - ok
21:24:32.0466 4016 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
21:24:32.0466 4016 C:\Windows\System32\drivers\dfsc.sys - ok
21:24:32.0482 4016 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
21:24:32.0482 4016 C:\Windows\System32\drivers\tunnel.sys - ok
21:24:32.0482 4016 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
21:24:32.0482 4016 C:\Windows\System32\ntdll.dll - ok
21:24:32.0498 4016 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
21:24:32.0498 4016 C:\Windows\System32\smss.exe - ok
21:24:32.0498 4016 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
21:24:32.0498 4016 C:\Windows\System32\drivers\amdppm.sys - ok
21:24:32.0513 4016 [ 9503F413AF5CC1721D58CF1753483C96 ] C:\Windows\System32\drivers\atikmpag.sys
21:24:32.0513 4016 C:\Windows\System32\drivers\atikmpag.sys - ok
21:24:32.0513 4016 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
21:24:32.0513 4016 C:\Windows\System32\autochk.exe - ok
21:24:32.0529 4016 [ 90663B2830BB226B67E101A72CFF8383 ] C:\Windows\System32\drivers\atikmdag.sys
21:24:32.0529 4016 C:\Windows\System32\drivers\atikmdag.sys - ok
21:24:32.0529 4016 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
21:24:32.0529 4016 C:\Windows\System32\drivers\fastfat.sys - ok
21:24:32.0544 4016 [ CE7743807258A7D383C427E3C178A49E ] C:\Windows\System32\drivers\dxgkrnl.sys
21:24:32.0544 4016 C:\Windows\System32\drivers\dxgkrnl.sys - ok
21:24:32.0560 4016 [ 447C109BB4132767C384A4DB2E11AA30 ] C:\Windows\System32\drivers\dxgmms1.sys
21:24:32.0560 4016 C:\Windows\System32\drivers\dxgmms1.sys - ok
21:24:32.0560 4016 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
21:24:32.0560 4016 C:\Windows\System32\drivers\hdaudbus.sys - ok
21:24:32.0576 4016 [ 881AF14AD2F1207672873B65ACA6C92F ] C:\Windows\System32\drivers\athrx.sys
21:24:32.0576 4016 C:\Windows\System32\drivers\athrx.sys - ok
21:24:32.0576 4016 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
21:24:32.0576 4016 C:\Windows\System32\drivers\usbd.sys - ok
21:24:32.0591 4016 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
21:24:32.0591 4016 C:\Windows\System32\drivers\vwifibus.sys - ok
21:24:32.0591 4016 [ 541A6C49C792ED71FB3EFF8C815CFE60 ] C:\Windows\System32\drivers\amdxhc.sys
21:24:32.0591 4016 C:\Windows\System32\drivers\amdxhc.sys - ok
21:24:32.0607 4016 [ 33A58C5630200E17B51C8D73DD64181B ] C:\Windows\System32\drivers\usbfilter.sys
21:24:32.0607 4016 C:\Windows\System32\drivers\usbfilter.sys - ok
21:24:32.0622 4016 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
21:24:32.0622 4016 C:\Windows\System32\drivers\usbport.sys - ok
21:24:32.0622 4016 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
21:24:32.0622 4016 C:\Windows\System32\drivers\usbehci.sys - ok
21:24:32.0638 4016 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
21:24:32.0638 4016 C:\Windows\System32\drivers\usbohci.sys - ok
21:24:32.0638 4016 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
21:24:32.0638 4016 C:\Windows\System32\drivers\i8042prt.sys - ok
21:24:32.0654 4016 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
21:24:32.0654 4016 C:\Windows\System32\drivers\kbdclass.sys - ok
21:24:32.0654 4016 [ 772493A8945495F1A287BF6C4CA25B48 ] C:\Windows\System32\drivers\SynTP.sys
21:24:32.0654 4016 C:\Windows\System32\drivers\SynTP.sys - ok
21:24:32.0669 4016 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
21:24:32.0669 4016 C:\Windows\System32\imagehlp.dll - ok
21:24:32.0669 4016 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
21:24:32.0669 4016 C:\Windows\System32\gdi32.dll - ok
21:24:32.0685 4016 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
21:24:32.0685 4016 C:\Windows\System32\kernel32.dll - ok
21:24:32.0685 4016 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
21:24:32.0685 4016 C:\Windows\System32\drivers\mouclass.sys - ok
21:24:32.0700 4016 [ 1BDF0DFB56603888E7BA07A99BFF3C97 ] C:\Windows\System32\drivers\RtsP2Stor.sys
21:24:32.0700 4016 C:\Windows\System32\drivers\RtsP2Stor.sys - ok
21:24:32.0700 4016 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] C:\Windows\System32\drivers\Accelerometer.sys
21:24:32.0700 4016 C:\Windows\System32\drivers\Accelerometer.sys - ok
21:24:32.0716 4016 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
21:24:32.0716 4016 C:\Windows\System32\drivers\CmBatt.sys - ok
21:24:32.0716 4016 [ 9140DB0911DE035FED0A9A77A2D156EA ] C:\Windows\System32\drivers\Rt64win7.sys
21:24:32.0716 4016 C:\Windows\System32\drivers\Rt64win7.sys - ok
21:24:32.0732 4016 [ 50F92C943F18B070F166D019DFAB3D9A ] C:\Windows\System32\drivers\clwvd.sys
21:24:32.0732 4016 C:\Windows\System32\drivers\clwvd.sys - ok
21:24:32.0747 4016 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
21:24:32.0747 4016 C:\Windows\System32\drivers\CompositeBus.sys - ok
21:24:32.0747 4016 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
21:24:32.0747 4016 C:\Windows\System32\drivers\ks.sys - ok
21:24:32.0763 4016 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
21:24:32.0763 4016 C:\Windows\System32\drivers\wmiacpi.sys - ok
21:24:32.0763 4016 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
21:24:32.0763 4016 C:\Windows\System32\drivers\agilevpn.sys - ok
21:24:32.0778 4016 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
21:24:32.0778 4016 C:\Windows\System32\drivers\ksthunk.sys - ok
21:24:32.0778 4016 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
21:24:32.0778 4016 C:\Windows\System32\drivers\ndistapi.sys - ok
21:24:32.0794 4016 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
21:24:32.0794 4016 C:\Windows\System32\drivers\rasl2tp.sys - ok
21:24:32.0794 4016 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
21:24:32.0794 4016 C:\Windows\System32\drivers\ndiswan.sys - ok
21:24:32.0810 4016 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
21:24:32.0810 4016 C:\Windows\System32\drivers\raspppoe.sys - ok
21:24:32.0810 4016 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
21:24:32.0810 4016 C:\Windows\System32\drivers\raspptp.sys - ok
21:24:32.0825 4016 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
21:24:32.0825 4016 C:\Windows\System32\drivers\rassstp.sys - ok
21:24:32.0825 4016 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
21:24:32.0825 4016 C:\Windows\System32\drivers\swenum.sys - ok
21:24:32.0841 4016 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] C:\Windows\System32\drivers\amdiox64.sys
21:24:32.0841 4016 C:\Windows\System32\drivers\amdiox64.sys - ok
21:24:32.0841 4016 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
21:24:32.0841 4016 C:\Windows\System32\drivers\umbus.sys - ok
21:24:32.0856 4016 [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193 ] C:\Windows\System32\drivers\amdhub30.sys
21:24:32.0856 4016 C:\Windows\System32\drivers\amdhub30.sys - ok
21:24:32.0856 4016 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
21:24:32.0856 4016 C:\Windows\System32\drivers\usbhub.sys - ok
21:24:32.0872 4016 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
21:24:32.0872 4016 C:\Windows\System32\difxapi.dll - ok
21:24:32.0872 4016 [ 87BEA2616EFDEC6A1CB3BFCFB09D816A ] C:\Windows\System32\urlmon.dll
21:24:32.0872 4016 C:\Windows\System32\urlmon.dll - ok
21:24:32.0888 4016 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
21:24:32.0888 4016 C:\Windows\System32\user32.dll - ok
21:24:32.0888 4016 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
21:24:32.0888 4016 C:\Windows\System32\ole32.dll - ok
21:24:32.0903 4016 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
21:24:32.0903 4016 C:\Windows\System32\psapi.dll - ok
21:24:32.0903 4016 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
21:24:32.0903 4016 C:\Windows\System32\drivers\ndproxy.sys - ok
21:24:32.0919 4016 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
21:24:32.0919 4016 C:\Windows\System32\drivers\drmk.sys - ok
21:24:32.0919 4016 [ 2B3B05C0A7768BF033217EB8F33F9C35 ] C:\Windows\System32\drivers\AtihdW76.sys
21:24:32.0919 4016 C:\Windows\System32\drivers\AtihdW76.sys - ok
21:24:32.0934 4016 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
21:24:32.0934 4016 C:\Windows\System32\drivers\portcls.sys - ok
21:24:32.0934 4016 [ B05AEC4014FFDC1793B5CCB6D9BD28D1 ] C:\Windows\System32\drivers\stwrt64.sys
21:24:32.0934 4016 C:\Windows\System32\drivers\stwrt64.sys - ok
21:24:32.0950 4016 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
21:24:32.0950 4016 C:\Windows\System32\drivers\usbccgp.sys - ok
21:24:32.0950 4016 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
21:24:32.0950 4016 C:\Windows\System32\drivers\usbvideo.sys - ok
21:24:32.0966 4016 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
21:24:32.0966 4016 C:\Windows\System32\imm32.dll - ok
21:24:32.0966 4016 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
21:24:32.0966 4016 C:\Windows\System32\nsi.dll - ok
21:24:32.0981 4016 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
21:24:32.0981 4016 C:\Windows\System32\rpcrt4.dll - ok
21:24:32.0981 4016 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
21:24:32.0981 4016 C:\Windows\System32\normaliz.dll - ok
21:24:32.0997 4016 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
21:24:32.0997 4016 C:\Windows\System32\Wldap32.dll - ok
21:24:32.0997 4016 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
21:24:32.0997 4016 C:\Windows\System32\comdlg32.dll - ok
21:24:33.0012 4016 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
21:24:33.0012 4016 C:\Windows\System32\shlwapi.dll - ok
21:24:33.0012 4016 [ 435E9C764E1EF70058580996452BE6A2 ] C:\Windows\System32\wininet.dll
21:24:33.0012 4016 C:\Windows\System32\wininet.dll - ok
21:24:33.0028 4016 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
21:24:33.0028 4016 C:\Windows\System32\advapi32.dll - ok
21:24:33.0028 4016 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
21:24:33.0028 4016 C:\Windows\System32\clbcatq.dll - ok
21:24:33.0028 4016 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
21:24:33.0028 4016 C:\Windows\System32\lpk.dll - ok
21:24:33.0044 4016 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
21:24:33.0044 4016 C:\Windows\System32\msvcrt.dll - ok
21:24:33.0044 4016 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
21:24:33.0044 4016 C:\Windows\System32\ws2_32.dll - ok
21:24:33.0059 4016 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
21:24:33.0059 4016 C:\Windows\System32\setupapi.dll - ok
21:24:33.0059 4016 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
21:24:33.0059 4016 C:\Windows\System32\sechost.dll - ok
21:24:33.0075 4016 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
21:24:33.0075 4016 C:\Windows\System32\shell32.dll - ok
21:24:33.0075 4016 [ F431C3C86FCCC1C53814F043A6CAD825 ] C:\Windows\System32\iertutil.dll
21:24:33.0075 4016 C:\Windows\System32\iertutil.dll - ok
21:24:33.0090 4016 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
21:24:33.0090 4016 C:\Windows\System32\usp10.dll - ok
21:24:33.0090 4016 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
21:24:33.0090 4016 C:\Windows\System32\msctf.dll - ok
21:24:33.0106 4016 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
21:24:33.0106 4016 C:\Windows\System32\oleaut32.dll - ok
21:24:33.0106 4016 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
21:24:33.0106 4016 C:\Windows\System32\crypt32.dll - ok
21:24:33.0122 4016 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
21:24:33.0122 4016 C:\Windows\System32\devobj.dll - ok
21:24:33.0122 4016 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
21:24:33.0122 4016 C:\Windows\System32\KernelBase.dll - ok
21:24:33.0137 4016 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
21:24:33.0137 4016 C:\Windows\System32\comctl32.dll - ok
21:24:33.0137 4016 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
21:24:33.0137 4016 C:\Windows\System32\wintrust.dll - ok
21:24:33.0153 4016 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
21:24:33.0153 4016 C:\Windows\System32\cfgmgr32.dll - ok
21:24:33.0153 4016 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
21:24:33.0153 4016 C:\Windows\System32\msasn1.dll - ok
21:24:33.0168 4016 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
21:24:33.0168 4016 C:\Windows\SysWOW64\normaliz.dll - ok
21:24:33.0168 4016 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
21:24:33.0168 4016 C:\Windows\System32\drivers\dxapi.sys - ok
21:24:33.0184 4016 [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
21:24:33.0184 4016 C:\Windows\System32\win32k.sys - ok
21:24:33.0184 4016 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
21:24:33.0184 4016 C:\Windows\System32\csrsrv.dll - ok
21:24:33.0200 4016 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
21:24:33.0200 4016 C:\Windows\System32\csrss.exe - ok
21:24:33.0200 4016 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
21:24:33.0200 4016 C:\Windows\System32\basesrv.dll - ok
21:24:33.0200 4016 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
21:24:33.0200 4016 C:\Windows\System32\winsrv.dll - ok
21:24:33.0215 4016 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
21:24:33.0215 4016 C:\Windows\System32\drivers\monitor.sys - ok
21:24:33.0215 4016 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
21:24:33.0215 4016 C:\Windows\System32\sxssrv.dll - ok
21:24:33.0231 4016 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
21:24:33.0231 4016 C:\Windows\System32\tsddd.dll - ok
21:24:33.0231 4016 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
21:24:33.0231 4016 C:\Windows\System32\wininit.exe - ok
21:24:33.0231 4016 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
21:24:33.0231 4016 C:\Windows\System32\cdd.dll - ok
21:24:33.0246 4016 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
21:24:33.0246 4016 C:\Windows\System32\KBDUS.DLL - ok
21:24:33.0246 4016 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
21:24:33.0246 4016 C:\Windows\System32\profapi.dll - ok
21:24:33.0262 4016 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
21:24:33.0262 4016 C:\Windows\System32\RpcRtRemote.dll - ok
21:24:33.0262 4016 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
21:24:33.0262 4016 C:\Windows\System32\sxs.dll - ok
21:24:33.0278 4016 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
21:24:33.0278 4016 C:\Windows\System32\WlS0WndH.dll - ok
21:24:33.0278 4016 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
21:24:33.0278 4016 C:\Windows\System32\cryptbase.dll - ok
21:24:33.0293 4016 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
21:24:33.0293 4016 C:\Windows\System32\apphelp.dll - ok
21:24:33.0293 4016 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
21:24:33.0293 4016 C:\Windows\System32\services.exe - ok
21:24:33.0293 4016 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
21:24:33.0293 4016 C:\Windows\System32\lsass.exe - ok
21:24:33.0309 4016 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
21:24:33.0309 4016 C:\Windows\System32\lsm.exe - ok
21:24:33.0309 4016 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
21:24:33.0309 4016 C:\Windows\System32\sspisrv.dll - ok
21:24:33.0324 4016 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
21:24:33.0324 4016 C:\Windows\System32\lsasrv.dll - ok
21:24:33.0324 4016 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
21:24:33.0324 4016 C:\Windows\System32\sspicli.dll - ok
21:24:33.0340 4016 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
21:24:33.0340 4016 C:\Windows\System32\sysntfy.dll - ok
21:24:33.0340 4016 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
21:24:33.0340 4016 C:\Windows\System32\wmsgapi.dll - ok
21:24:33.0340 4016 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
21:24:33.0340 4016 C:\Windows\System32\samsrv.dll - ok
21:24:33.0356 4016 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
21:24:33.0356 4016 C:\Windows\System32\scext.dll - ok
21:24:33.0356 4016 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
21:24:33.0356 4016 C:\Windows\System32\scesrv.dll - ok
21:24:33.0371 4016 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
21:24:33.0371 4016 C:\Windows\System32\secur32.dll - ok
21:24:33.0371 4016 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
21:24:33.0371 4016 C:\Windows\System32\cryptdll.dll - ok
21:24:33.0387 4016 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
21:24:33.0387 4016 C:\Windows\System32\srvcli.dll - ok
21:24:33.0387 4016 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
21:24:33.0387 4016 C:\Windows\System32\wevtapi.dll - ok
21:24:33.0402 4016 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
21:24:33.0402 4016 C:\Windows\System32\authz.dll - ok
21:24:33.0402 4016 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
21:24:33.0402 4016 C:\Windows\System32\cngaudit.dll - ok
21:24:33.0402 4016 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
21:24:33.0402 4016 C:\Windows\System32\ncrypt.dll - ok
21:24:33.0418 4016 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
21:24:33.0418 4016 C:\Windows\System32\bcrypt.dll - ok
21:24:33.0418 4016 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
21:24:33.0418 4016 C:\Windows\System32\msprivs.dll - ok
21:24:33.0434 4016 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
21:24:33.0434 4016 C:\Windows\System32\netjoin.dll - ok
21:24:33.0434 4016 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
21:24:33.0434 4016 C:\Windows\System32\kerberos.dll - ok
21:24:33.0449 4016 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
21:24:33.0449 4016 C:\Windows\System32\negoexts.dll - ok
21:24:33.0449 4016 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
21:24:33.0449 4016 C:\Windows\System32\cryptsp.dll - ok
21:24:33.0449 4016 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
21:24:33.0449 4016 C:\Windows\System32\mswsock.dll - ok
21:24:33.0465 4016 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
21:24:33.0465 4016 C:\Windows\System32\msv1_0.dll - ok
21:24:33.0465 4016 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
21:24:33.0465 4016 C:\Windows\System32\wship6.dll - ok
21:24:33.0480 4016 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
21:24:33.0480 4016 C:\Windows\System32\netlogon.dll - ok
21:24:33.0480 4016 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
21:24:33.0480 4016 C:\Windows\System32\dnsapi.dll - ok
21:24:33.0496 4016 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
21:24:33.0496 4016 C:\Windows\System32\logoncli.dll - ok
21:24:33.0496 4016 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
21:24:33.0496 4016 C:\Windows\System32\schannel.dll - ok
21:24:33.0496 4016 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
21:24:33.0496 4016 C:\Windows\System32\wdigest.dll - ok
21:24:33.0512 4016 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
21:24:33.0512 4016 C:\Windows\System32\rsaenh.dll - ok
21:24:33.0512 4016 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
21:24:33.0512 4016 C:\Windows\System32\TSpkg.dll - ok
21:24:33.0527 4016 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
21:24:33.0527 4016 C:\Windows\System32\pku2u.dll - ok
21:24:33.0527 4016 [ 94AA2DFFF94DF789AAA0081333A6CADA ] C:\Windows\System32\LIVESSP.DLL
21:24:33.0527 4016 C:\Windows\System32\LIVESSP.DLL - ok
21:24:33.0543 4016 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
21:24:33.0543 4016 C:\Windows\System32\bcryptprimitives.dll - ok
21:24:33.0543 4016 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
21:24:33.0543 4016 C:\Windows\System32\credssp.dll - ok
21:24:33.0558 4016 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
21:24:33.0558 4016 C:\Windows\System32\efslsaext.dll - ok
21:24:33.0558 4016 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
21:24:33.0558 4016 C:\Windows\System32\scecli.dll - ok
21:24:33.0558 4016 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
21:24:33.0558 4016 C:\Windows\System32\ubpm.dll - ok
21:24:33.0574 4016 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
21:24:33.0574 4016 C:\Windows\System32\winsta.dll - ok
21:24:33.0574 4016 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
21:24:33.0574 4016 C:\Windows\System32\svchost.exe - ok
21:24:33.0590 4016 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
21:24:33.0590 4016 C:\Windows\System32\umpnpmgr.dll - ok
21:24:33.0590 4016 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
21:24:33.0590 4016 C:\Windows\System32\SPInf.dll - ok
21:24:33.0605 4016 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
21:24:33.0605 4016 C:\Windows\System32\devrtl.dll - ok
21:24:33.0605 4016 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
21:24:33.0605 4016 C:\Windows\System32\userenv.dll - ok
21:24:33.0605 4016 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
21:24:33.0605 4016 C:\Windows\System32\gpapi.dll - ok
21:24:33.0621 4016 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
21:24:33.0621 4016 C:\Windows\System32\umpo.dll - ok
21:24:33.0621 4016 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
21:24:33.0621 4016 C:\Windows\System32\pcwum.dll - ok
21:24:33.0636 4016 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
21:24:33.0636 4016 C:\Windows\System32\powrprof.dll - ok
21:24:33.0636 4016 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
21:24:33.0636 4016 C:\Windows\System32\drivers\luafv.sys - ok
21:24:33.0652 4016 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
21:24:33.0652 4016 C:\Windows\System32\rpcss.dll - ok
21:24:33.0652 4016 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
21:24:33.0652 4016 C:\Windows\System32\RpcEpMap.dll - ok
21:24:33.0652 4016 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
21:24:33.0652 4016 C:\Windows\System32\wshqos.dll - ok
21:24:33.0668 4016 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
21:24:33.0668 4016 C:\Windows\System32\WSHTCPIP.DLL - ok
21:24:33.0668 4016 [ D2A8D3FE8D5EA4B3A631C86E5DD838E5 ] C:\Windows\System32\atiesrxx.exe
21:24:33.0668 4016 C:\Windows\System32\atiesrxx.exe - ok
21:24:33.0683 4016 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
21:24:33.0683 4016 C:\Windows\System32\FirewallAPI.dll - ok
21:24:33.0683 4016 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
21:24:33.0683 4016 C:\Windows\System32\version.dll - ok
21:24:33.0699 4016 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
21:24:33.0699 4016 C:\Windows\System32\wtsapi32.dll - ok
21:24:33.0699 4016 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
21:24:33.0699 4016 C:\Windows\System32\winlogon.exe - ok
21:24:33.0714 4016 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
21:24:33.0714 4016 C:\Windows\System32\wevtsvc.dll - ok
21:24:33.0714 4016 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
21:24:33.0714 4016 C:\Windows\System32\LogonUI.exe - ok
21:24:33.0730 4016 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
21:24:33.0730 4016 C:\Windows\System32\authui.dll - ok
21:24:33.0730 4016 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
21:24:33.0730 4016 C:\Windows\System32\audiosrv.dll - ok
21:24:33.0746 4016 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
21:24:33.0746 4016 C:\Windows\System32\profsvc.dll - ok
21:24:33.0746 4016 [ F452B51D895D894BF5487057E11D44CF ] C:\Program Files\IDT\WDM\stacsv64.exe
21:24:33.0746 4016 C:\Program Files\IDT\WDM\stacsv64.exe - ok
21:24:33.0761 4016 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
21:24:33.0761 4016 C:\Windows\System32\adtschema.dll - ok
21:24:33.0761 4016 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
21:24:33.0761 4016 C:\Windows\System32\avrt.dll - ok
21:24:33.0777 4016 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
21:24:33.0777 4016 C:\Windows\System32\mmcss.dll - ok
21:24:33.0777 4016 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
21:24:33.0777 4016 C:\Windows\System32\atl.dll - ok
21:24:33.0792 4016 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
21:24:33.0792 4016 C:\Windows\System32\dsound.dll - ok
21:24:33.0792 4016 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
21:24:33.0792 4016 C:\Windows\System32\MMDevAPI.dll - ok
21:24:33.0792 4016 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
21:24:33.0792 4016 C:\Windows\System32\propsys.dll - ok
21:24:33.0808 4016 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
21:24:33.0808 4016 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
21:24:33.0808 4016 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
21:24:33.0808 4016 C:\Windows\System32\winmm.dll - ok
21:24:33.0824 4016 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
21:24:33.0824 4016 C:\Windows\System32\wlansvc.dll - ok
21:24:33.0824 4016 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
21:24:33.0824 4016 C:\Windows\System32\cryptui.dll - ok
21:24:33.0824 4016 [ CCE6519EA7FDFA28C76AA207AEFEADB5 ] C:\Windows\System32\stapi64.dll
21:24:33.0824 4016 C:\Windows\System32\stapi64.dll - ok
21:24:33.0839 4016 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
21:24:33.0839 4016 C:\Windows\System32\AudioSes.dll - ok
21:24:33.0839 4016 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
21:24:33.0839 4016 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
21:24:33.0855 4016 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
21:24:33.0855 4016 C:\Windows\System32\audiodg.exe - ok
21:24:33.0855 4016 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
21:24:33.0855 4016 C:\Windows\System32\ntmarta.dll - ok
21:24:33.0855 4016 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
21:24:33.0855 4016 C:\Windows\System32\gpsvc.dll - ok
21:24:33.0870 4016 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
21:24:33.0870 4016 C:\Windows\servicing\TrustedInstaller.exe - ok
21:24:33.0870 4016 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
21:24:33.0870 4016 C:\Windows\System32\samlib.dll - ok
21:24:33.0886 4016 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
21:24:33.0886 4016 C:\Windows\System32\shacct.dll - ok
21:24:33.0886 4016 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
21:24:33.0886 4016 C:\Windows\System32\nlaapi.dll - ok
21:24:33.0902 4016 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
21:24:33.0902 4016 C:\Windows\System32\themeservice.dll - ok
21:24:33.0902 4016 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
21:24:33.0902 4016 C:\Windows\System32\uxtheme.dll - ok
21:24:33.0902 4016 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
21:24:33.0902 4016 C:\Windows\System32\dsrole.dll - ok
21:24:33.0917 4016 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
21:24:33.0917 4016 C:\Windows\System32\slc.dll - ok
21:24:33.0917 4016 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
21:24:33.0917 4016 C:\Windows\System32\es.dll - ok
21:24:33.0933 4016 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
21:24:33.0933 4016 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
21:24:33.0933 4016 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
21:24:33.0933 4016 C:\Windows\System32\wdscore.dll - ok
21:24:33.0933 4016 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
21:24:33.0933 4016 C:\Windows\System32\comres.dll - ok
21:24:33.0948 4016 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
21:24:33.0948 4016 C:\Windows\System32\Sens.dll - ok
21:24:33.0948 4016 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
21:24:33.0948 4016 C:\Windows\System32\dbghelp.dll - ok
21:24:33.0964 4016 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
21:24:33.0964 4016 C:\Windows\System32\dui70.dll - ok
21:24:33.0964 4016 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
21:24:33.0964 4016 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
21:24:33.0964 4016 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
21:24:33.0964 4016 C:\Windows\System32\duser.dll - ok
21:24:33.0980 4016 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
21:24:33.0980 4016 C:\Windows\System32\SndVolSSO.dll - ok
21:24:33.0980 4016 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
21:24:33.0980 4016 C:\Windows\System32\hid.dll - ok
21:24:33.0995 4016 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
21:24:33.0995 4016 C:\Windows\System32\wdmaud.drv - ok
21:24:33.0995 4016 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
21:24:33.0995 4016 C:\Windows\System32\dwmapi.dll - ok
21:24:33.0995 4016 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
21:24:33.0995 4016 C:\Windows\System32\ksuser.dll - ok
21:24:34.0011 4016 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
21:24:34.0011 4016 C:\Windows\System32\ktmw32.dll - ok
21:24:34.0011 4016 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
21:24:34.0011 4016 C:\Windows\System32\xmllite.dll - ok
21:24:34.0026 4016 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
21:24:34.0026 4016 C:\Windows\System32\dpx.dll - ok
21:24:34.0026 4016 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
21:24:34.0026 4016 C:\Windows\System32\msacm32.dll - ok
21:24:34.0026 4016 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
21:24:34.0026 4016 C:\Windows\System32\msacm32.drv - ok
21:24:34.0042 4016 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
21:24:34.0042 4016 C:\Windows\System32\midimap.dll - ok
21:24:34.0042 4016 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
21:24:34.0042 4016 C:\Windows\System32\AudioEng.dll - ok
21:24:34.0058 4016 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
21:24:34.0058 4016 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
21:24:34.0058 4016 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
21:24:34.0058 4016 C:\Windows\System32\WindowsCodecs.dll - ok
21:24:34.0073 4016 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
21:24:34.0073 4016 C:\Windows\System32\AUDIOKSE.dll - ok
21:24:34.0073 4016 [ 55C83A2C1380B3D9A6D2F6598650EDD8 ] C:\Windows\System32\stapo64.dll
21:24:34.0073 4016 C:\Windows\System32\stapo64.dll - ok
21:24:34.0073 4016 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
21:24:34.0073 4016 C:\Windows\System32\winbrand.dll - ok
21:24:34.0089 4016 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
21:24:34.0089 4016 C:\Windows\System32\VaultCredProvider.dll - ok
21:24:34.0089 4016 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
21:24:34.0089 4016 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
21:24:34.0104 4016 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
21:24:34.0104 4016 C:\Windows\System32\BioCredProv.dll - ok
21:24:34.0104 4016 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
21:24:34.0104 4016 C:\Windows\System32\winbio.dll - ok
21:24:34.0120 4016 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
21:24:34.0120 4016 C:\Windows\System32\credui.dll - ok
21:24:34.0120 4016 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
21:24:34.0120 4016 C:\Windows\System32\netapi32.dll - ok
21:24:34.0136 4016 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
21:24:34.0136 4016 C:\Windows\System32\vaultcli.dll - ok
21:24:34.0136 4016 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
21:24:34.0136 4016 C:\Windows\System32\netutils.dll - ok
21:24:34.0136 4016 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
21:24:34.0136 4016 C:\Windows\System32\wkscli.dll - ok
21:24:34.0151 4016 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
21:24:34.0151 4016 C:\Windows\System32\samcli.dll - ok
21:24:34.0151 4016 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
21:24:34.0151 4016 C:\Windows\System32\certCredProvider.dll - ok
21:24:34.0167 4016 [ 1ECB3FFBF22B8A7C958CCF8F96119FC0 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
21:24:34.0167 4016 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
21:24:34.0167 4016 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
21:24:34.0167 4016 C:\Windows\System32\rasplap.dll - ok
21:24:34.0167 4016 [ B90443404596E62B2E60A9EEA5FAF5CA ] C:\Windows\System32\EED64A.dll
21:24:34.0167 4016 C:\Windows\System32\EED64A.dll - ok
21:24:34.0182 4016 [ E0B4052B55114ACD0BFE627AE050E751 ] C:\Windows\System32\EEL64A.dll
21:24:34.0182 4016 C:\Windows\System32\EEL64A.dll - ok
21:24:34.0182 4016 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
21:24:34.0182 4016 C:\Windows\System32\rasapi32.dll - ok
21:24:34.0198 4016 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
21:24:34.0198 4016 C:\Windows\System32\rasman.dll - ok
21:24:34.0198 4016 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
21:24:34.0198 4016 C:\Windows\System32\rtutils.dll - ok
21:24:34.0198 4016 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
21:24:34.0198 4016 C:\Windows\System32\oleacc.dll - ok
21:24:34.0214 4016 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
21:24:34.0214 4016 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
21:24:34.0214 4016 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
21:24:34.0214 4016 C:\Windows\System32\UIAutomationCore.dll - ok
21:24:34.0229 4016 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
21:24:34.0229 4016 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
21:24:34.0229 4016 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
21:24:34.0229 4016 C:\Windows\System32\mpr.dll - ok
21:24:34.0245 4016 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
21:24:34.0245 4016 C:\Windows\System32\srclient.dll - ok
21:24:34.0245 4016 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
21:24:34.0245 4016 C:\Windows\System32\spp.dll - ok
21:24:34.0245 4016 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
21:24:34.0245 4016 C:\Windows\System32\WUDFPlatform.dll - ok
21:24:34.0260 4016 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
21:24:34.0260 4016 C:\Windows\System32\drivers\fltMgr.sys - ok
21:24:34.0260 4016 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
21:24:34.0260 4016 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
21:24:34.0276 4016 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
21:24:34.0276 4016 C:\Windows\System32\PSHED.DLL - ok
21:24:34.0276 4016 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
21:24:34.0276 4016 C:\Windows\System32\vssapi.dll - ok
21:24:34.0292 4016 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
21:24:34.0292 4016 C:\Windows\System32\vsstrace.dll - ok
21:24:34.0292 4016 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
21:24:34.0292 4016 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
21:24:34.0292 4016 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
21:24:34.0292 4016 C:\Windows\System32\sxsstore.dll - ok
21:24:34.0307 4016 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] C:\Windows\System32\hpservice.exe
21:24:34.0307 4016 C:\Windows\System32\hpservice.exe - ok
21:24:34.0307 4016 [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
21:24:34.0307 4016 C:\Windows\System32\mfc42u.dll - ok
21:24:34.0323 4016 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
21:24:34.0323 4016 C:\Windows\System32\odbc32.dll - ok
21:24:34.0323 4016 [ E83C1989A52459D6D8E143AC9F23C93D ] C:\Windows\System32\accelerometerdll.DLL
21:24:34.0323 4016 C:\Windows\System32\accelerometerdll.DLL - ok
21:24:34.0323 4016 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
21:24:34.0323 4016 C:\Windows\System32\odbcint.dll - ok
21:24:34.0338 4016 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
21:24:34.0338 4016 C:\Windows\System32\uxsms.dll - ok
21:24:34.0338 4016 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
21:24:34.0338 4016 C:\Windows\System32\drivers\lltdio.sys - ok
21:24:34.0338 4016 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
21:24:34.0338 4016 C:\Windows\System32\drivers\nwifi.sys - ok
21:24:34.0354 4016 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
21:24:34.0354 4016 C:\Windows\System32\drivers\ndisuio.sys - ok
21:24:34.0354 4016 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
21:24:34.0354 4016 C:\Windows\System32\drivers\rspndr.sys - ok
21:24:34.0354 4016 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
21:24:34.0354 4016 C:\Windows\System32\IPHLPAPI.DLL - ok
21:24:34.0370 4016 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
21:24:34.0370 4016 C:\Windows\System32\lmhsvc.dll - ok
21:24:34.0370 4016 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
21:24:34.0370 4016 C:\Windows\System32\nsisvc.dll - ok
21:24:34.0385 4016 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
21:24:34.0385 4016 C:\Windows\System32\dhcpcore.dll - ok
21:24:34.0385 4016 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
21:24:34.0385 4016 C:\Windows\System32\nrpsrv.dll - ok
21:24:34.0401 4016 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
21:24:34.0401 4016 C:\Windows\System32\winnsi.dll - ok
21:24:34.0401 4016 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
21:24:34.0401 4016 C:\Windows\System32\dhcpcore6.dll - ok
21:24:34.0416 4016 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
21:24:34.0416 4016 C:\Windows\System32\dnsrslvr.dll - ok
21:24:34.0416 4016 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
21:24:34.0416 4016 C:\Windows\System32\eapphost.dll - ok
21:24:34.0416 4016 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
21:24:34.0416 4016 C:\Windows\System32\eapsvc.dll - ok
21:24:34.0432 4016 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
21:24:34.0432 4016 C:\Windows\System32\keyiso.dll - ok
21:24:34.0432 4016 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
21:24:34.0432 4016 C:\Windows\System32\FWPUCLNT.DLL - ok
21:24:34.0448 4016 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
21:24:34.0448 4016 C:\Windows\System32\umb.dll - ok
21:24:34.0448 4016 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
21:24:34.0448 4016 C:\Windows\System32\wlanmsm.dll - ok
21:24:34.0448 4016 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
21:24:34.0448 4016 C:\Windows\System32\wlansec.dll - ok
21:24:34.0463 4016 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
21:24:34.0463 4016 C:\Windows\System32\dnsext.dll - ok
21:24:34.0463 4016 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
21:24:34.0463 4016 C:\Windows\System32\onex.dll - ok
21:24:34.0463 4016 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
21:24:34.0463 4016 C:\Windows\System32\dhcpcsvc.dll - ok
21:24:34.0479 4016 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
21:24:34.0479 4016 C:\Windows\System32\eappprxy.dll - ok
21:24:34.0479 4016 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
21:24:34.0479 4016 C:\Windows\System32\dhcpcsvc6.dll - ok
21:24:34.0479 4016 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
21:24:34.0479 4016 C:\Windows\System32\eappcfg.dll - ok
21:24:34.0494 4016 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
21:24:34.0494 4016 C:\Windows\System32\l2gpstore.dll - ok
21:24:34.0494 4016 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
21:24:34.0494 4016 C:\Windows\System32\WinSCard.dll - ok
21:24:34.0494 4016 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
21:24:34.0494 4016 C:\Windows\System32\wlanutil.dll - ok
21:24:34.0510 4016 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
21:24:34.0510 4016 C:\Windows\System32\wlgpclnt.dll - ok
21:24:34.0510 4016 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
21:24:34.0510 4016 C:\Windows\System32\msxml6.dll - ok
21:24:34.0526 4016 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
21:24:34.0526 4016 C:\Windows\System32\schedsvc.dll - ok
21:24:34.0526 4016 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
21:24:34.0526 4016 C:\Windows\System32\shsvcs.dll - ok
21:24:34.0526 4016 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
21:24:34.0526 4016 C:\Windows\System32\wlanext.exe - ok
21:24:34.0541 4016 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
21:24:34.0541 4016 C:\Windows\System32\fveapi.dll - ok
21:24:34.0541 4016 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
21:24:34.0541 4016 C:\Windows\System32\fvecerts.dll - ok
21:24:34.0541 4016 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
21:24:34.0541 4016 C:\Windows\System32\tbs.dll - ok
21:24:34.0557 4016 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
21:24:34.0557 4016 C:\Windows\System32\taskcomp.dll - ok
21:24:34.0557 4016 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
21:24:34.0557 4016 C:\Windows\System32\wiarpc.dll - ok
21:24:34.0572 4016 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
21:24:34.0572 4016 C:\Windows\System32\drivers\http.sys - ok
21:24:34.0572 4016 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
21:24:34.0572 4016 C:\Windows\System32\spoolsv.exe - ok
21:24:34.0572 4016 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
21:24:34.0572 4016 C:\Windows\System32\BFE.DLL - ok
21:24:34.0588 4016 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
21:24:34.0588 4016 C:\Windows\System32\drivers\bowser.sys - ok
21:24:34.0588 4016 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
21:24:34.0588 4016 C:\Windows\System32\drivers\mpsdrv.sys - ok
21:24:34.0604 4016 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
21:24:34.0604 4016 C:\Windows\System32\drivers\mrxsmb.sys - ok
21:24:34.0604 4016 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
21:24:34.0604 4016 C:\Windows\System32\MPSSVC.dll - ok
21:24:34.0604 4016 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
21:24:34.0604 4016 C:\Windows\System32\drivers\mrxsmb10.sys - ok
21:24:34.0619 4016 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
21:24:34.0619 4016 C:\Windows\System32\drivers\mrxsmb20.sys - ok
21:24:34.0619 4016 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
21:24:34.0619 4016 C:\Windows\System32\wfapigp.dll - ok
21:24:34.0635 4016 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
21:24:34.0635 4016 C:\Windows\System32\wkssvc.dll - ok
21:24:34.0635 4016 [ 11A52CF7B265631DEEB24C6149309EFF ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:24:34.0635 4016 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
21:24:34.0635 4016 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
21:24:34.0635 4016 C:\Windows\System32\mscms.dll - ok
21:24:34.0650 4016 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
21:24:34.0650 4016 C:\Windows\SysWOW64\ntdll.dll - ok
21:24:34.0650 4016 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
21:24:34.0650 4016 C:\Windows\System32\pcasvc.dll - ok
21:24:34.0650 4016 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
21:24:34.0666 4016 C:\Windows\System32\snmptrap.exe - ok
21:24:34.0666 4016 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
21:24:34.0666 4016 C:\Windows\System32\wow64.dll - ok
21:24:34.0666 4016 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
21:24:34.0666 4016 C:\Windows\System32\wow64win.dll - ok
21:24:34.0682 4016 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
21:24:34.0682 4016 C:\Windows\System32\sstpsvc.dll - ok
21:24:34.0682 4016 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
21:24:34.0682 4016 C:\Windows\System32\wow64cpu.dll - ok
21:24:34.0682 4016 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
21:24:34.0682 4016 C:\Windows\System32\provsvc.dll - ok
21:24:34.0697 4016 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
21:24:34.0697 4016 C:\Windows\SysWOW64\kernel32.dll - ok
21:24:34.0697 4016 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
21:24:34.0697 4016 C:\Windows\SysWOW64\KernelBase.dll - ok
21:24:34.0713 4016 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
21:24:34.0713 4016 C:\Windows\SysWOW64\psapi.dll - ok
21:24:34.0713 4016 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
21:24:34.0713 4016 C:\Windows\SysWOW64\user32.dll - ok
21:24:34.0713 4016 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
21:24:34.0713 4016 C:\Windows\SysWOW64\gdi32.dll - ok
21:24:34.0728 4016 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
21:24:34.0728 4016 C:\Windows\SysWOW64\lpk.dll - ok
21:24:34.0728 4016 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
21:24:34.0728 4016 C:\Windows\SysWOW64\usp10.dll - ok
21:24:34.0728 4016 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
21:24:34.0728 4016 C:\Windows\SysWOW64\msvcrt.dll - ok
21:24:34.0744 4016 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
21:24:34.0744 4016 C:\Windows\SysWOW64\advapi32.dll - ok
21:24:34.0744 4016 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
21:24:34.0744 4016 C:\Windows\SysWOW64\rpcrt4.dll - ok
21:24:34.0744 4016 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
21:24:34.0744 4016 C:\Windows\SysWOW64\sechost.dll - ok
21:24:34.0760 4016 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
21:24:34.0760 4016 C:\Windows\SysWOW64\cryptbase.dll - ok
21:24:34.0760 4016 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
21:24:34.0760 4016 C:\Windows\SysWOW64\shell32.dll - ok
21:24:34.0760 4016 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
21:24:34.0760 4016 C:\Windows\SysWOW64\sspicli.dll - ok
21:24:34.0775 4016 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
21:24:34.0775 4016 C:\Windows\System32\sqmapi.dll - ok
21:24:34.0775 4016 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
21:24:34.0775 4016 C:\Windows\System32\conhost.exe - ok
21:24:34.0791 4016 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
21:24:34.0791 4016 C:\Windows\System32\webio.dll - ok
21:24:34.0791 4016 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
21:24:34.0791 4016 C:\Windows\System32\winhttp.dll - ok
21:24:34.0791 4016 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
21:24:34.0791 4016 C:\Windows\System32\SensApi.dll - ok
21:24:34.0791 4016 [ AE852E9E9028716DF2DEF03B36908359 ] C:\Windows\System32\athihvs.dll
21:24:34.0806 4016 C:\Windows\System32\athihvs.dll - ok
21:24:34.0806 4016 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
21:24:34.0806 4016 C:\Windows\System32\wlanapi.dll - ok
21:24:34.0806 4016 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
21:24:34.0806 4016 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
21:24:34.0822 4016 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
21:24:34.0822 4016 C:\Windows\System32\netcfgx.dll - ok
21:24:34.0822 4016 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
21:24:34.0822 4016 C:\Windows\SysWOW64\shlwapi.dll - ok
21:24:34.0822 4016 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
21:24:34.0822 4016 C:\Windows\SysWOW64\ole32.dll - ok
21:24:34.0838 4016 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
21:24:34.0838 4016 C:\Windows\SysWOW64\oleaut32.dll - ok
21:24:34.0838 4016 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
21:24:34.0838 4016 C:\Windows\SysWOW64\crypt32.dll - ok
21:24:34.0853 4016 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
21:24:34.0853 4016 C:\Windows\SysWOW64\msasn1.dll - ok
21:24:34.0853 4016 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
21:24:34.0853 4016 C:\Windows\SysWOW64\wintrust.dll - ok
21:24:34.0853 4016 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
21:24:34.0853 4016 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
21:24:34.0869 4016 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
21:24:34.0869 4016 C:\Windows\SysWOW64\imm32.dll - ok
21:24:34.0869 4016 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
21:24:34.0869 4016 C:\Windows\SysWOW64\msctf.dll - ok
21:24:34.0869 4016 [ C9685D94298CCFEECA86A32A80F1ACC2 ] C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll
21:24:34.0869 4016 C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll - ok
21:24:34.0884 4016 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
21:24:34.0884 4016 C:\Windows\SysWOW64\dbghelp.dll - ok
21:24:34.0884 4016 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
21:24:34.0884 4016 C:\Windows\SysWOW64\version.dll - ok
21:24:34.0900 4016 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
21:24:34.0900 4016 C:\Windows\SysWOW64\wtsapi32.dll - ok
21:24:34.0900 4016 [ 48D04D179AE30D0062ACA38143389A86 ] C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
21:24:34.0900 4016 C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll - ok
21:24:34.0900 4016 [ E3F5E1E7B7259C367F7B5974CA5A8048 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
21:24:34.0900 4016 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
21:24:34.0916 4016 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
21:24:34.0916 4016 C:\Windows\System32\msvcp100.dll - ok
21:24:34.0916 4016 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
21:24:34.0916 4016 C:\Windows\System32\msvcr100.dll - ok
21:24:34.0916 4016 [ 59BEC755D1E806924A65DE87CE3E1DEE ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll
21:24:34.0916 4016 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll - ok
21:24:34.0931 4016 [ 0D7403813F0A5E6CD9B3FF3188FCEF47 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
21:24:34.0931 4016 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll - ok
21:24:34.0931 4016 [ 785DE7ABDA13309D6065305542829E76 ] C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
21:24:34.0931 4016 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - ok
21:24:34.0947 4016 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
21:24:34.0947 4016 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
21:24:34.0947 4016 [ E3F8BC3376D152FC5E3A4327FE384CCB ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll
21:24:34.0947 4016 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll - ok
21:24:34.0947 4016 [ 8CBB750F070DFC9956BE4D8106B4734A ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
21:24:34.0947 4016 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
21:24:34.0962 4016 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
21:24:34.0962 4016 C:\Windows\SysWOW64\winhttp.dll - ok
21:24:34.0962 4016 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
21:24:34.0962 4016 C:\Windows\SysWOW64\webio.dll - ok
21:24:34.0978 4016 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
21:24:34.0978 4016 C:\Windows\SysWOW64\clbcatq.dll - ok
21:24:34.0978 4016 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
21:24:34.0978 4016 C:\Windows\SysWOW64\profapi.dll - ok
21:24:34.0994 4016 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
21:24:34.0994 4016 C:\Windows\SysWOW64\SensApi.dll - ok
21:24:34.0994 4016 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
21:24:34.0994 4016 C:\Windows\SysWOW64\msxml6.dll - ok
21:24:34.0994 4016 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
21:24:34.0994 4016 C:\Windows\System32\cryptsvc.dll - ok
21:24:35.0009 4016 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
21:24:35.0009 4016 C:\Windows\System32\dps.dll - ok
21:24:35.0009 4016 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
21:24:35.0009 4016 C:\Windows\SysWOW64\cryptsp.dll - ok
21:24:35.0025 4016 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
21:24:35.0025 4016 C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe - ok
21:24:35.0025 4016 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
21:24:35.0025 4016 C:\Windows\System32\FDResPub.dll - ok
21:24:35.0025 4016 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
21:24:35.0025 4016 C:\Windows\System32\WSDApi.dll - ok
21:24:35.0040 4016 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
21:24:35.0040 4016 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
21:24:35.0040 4016 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
21:24:35.0040 4016 C:\Windows\SysWOW64\rsaenh.dll - ok
21:24:35.0040 4016 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
21:24:35.0040 4016 C:\Windows\System32\cryptnet.dll - ok
21:24:35.0056 4016 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
21:24:35.0056 4016 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
21:24:35.0056 4016 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
21:24:35.0056 4016 C:\Windows\System32\taskschd.dll - ok
21:24:35.0056 4016 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
21:24:35.0056 4016 C:\Windows\System32\webservices.dll - ok
21:24:35.0072 4016 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
21:24:35.0072 4016 C:\Windows\System32\fundisc.dll - ok
21:24:35.0072 4016 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
21:24:35.0072 4016 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
21:24:35.0072 4016 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
21:24:35.0072 4016 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
21:24:35.0087 4016 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
21:24:35.0087 4016 C:\Windows\System32\httpapi.dll - ok
21:24:35.0087 4016 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
21:24:35.0087 4016 C:\Windows\System32\msimg32.dll - ok
21:24:35.0103 4016 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
21:24:35.0103 4016 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
21:24:35.0103 4016 [ 2BEC76BDCD1BC080210325E7B5094834 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:24:35.0103 4016 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
21:24:35.0118 4016 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
21:24:35.0118 4016 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
21:24:35.0118 4016 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll
21:24:35.0118 4016 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll - ok
21:24:35.0118 4016 [ 68E6732D74A74B1FFD386761BC1EB764 ] C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
21:24:35.0118 4016 C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe - ok
21:24:35.0134 4016 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
21:24:35.0134 4016 C:\Windows\System32\IKEEXT.DLL - ok
21:24:35.0134 4016 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
21:24:35.0134 4016 C:\Windows\System32\nlasvc.dll - ok
21:24:35.0134 4016 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
21:24:35.0134 4016 C:\Windows\System32\ncsi.dll - ok
21:24:35.0150 4016 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
21:24:35.0150 4016 C:\Windows\System32\ssdpapi.dll - ok
21:24:35.0150 4016 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
21:24:35.0150 4016 C:\Windows\SysWOW64\secur32.dll - ok
21:24:35.0150 4016 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
21:24:35.0150 4016 C:\Windows\System32\aepic.dll - ok
21:24:35.0165 4016 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
21:24:35.0165 4016 C:\Windows\SysWOW64\winsta.dll - ok
21:24:35.0165 4016 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
21:24:35.0165 4016 C:\Windows\System32\drivers\PEAuth.sys - ok
21:24:35.0165 4016 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
21:24:35.0165 4016 C:\Windows\System32\sfc.dll - ok
21:24:35.0165 4016 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
21:24:35.0165 4016 C:\Windows\System32\sfc_os.dll - ok
21:24:35.0181 4016 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
21:24:35.0181 4016 C:\Windows\System32\vpnikeapi.dll - ok
21:24:35.0181 4016 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
21:24:35.0181 4016 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
21:24:35.0181 4016 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
21:24:35.0181 4016 C:\Windows\System32\drivers\secdrv.sys - ok
21:24:35.0196 4016 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
21:24:35.0196 4016 C:\Windows\SysWOW64\userenv.dll - ok
21:24:35.0196 4016 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
21:24:35.0196 4016 C:\Windows\System32\drivers\srvnet.sys - ok
21:24:35.0196 4016 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
21:24:35.0196 4016 C:\Windows\System32\drivers\tcpipreg.sys - ok
21:24:35.0212 4016 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
21:24:35.0212 4016 C:\Windows\System32\sysmain.dll - ok
21:24:35.0212 4016 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
21:24:35.0212 4016 C:\Windows\System32\wiaservc.dll - ok
21:24:35.0212 4016 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
21:24:35.0212 4016 C:\Windows\System32\wiatrace.dll - ok
21:24:35.0228 4016 [ 357CABBF155AFD1D3926E62539D2A3A7 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:24:35.0228 4016 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
21:24:35.0228 4016 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
21:24:35.0228 4016 C:\Windows\System32\trkwks.dll - ok
21:24:35.0228 4016 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
21:24:35.0228 4016 C:\Windows\System32\wbem\WMIsvc.dll - ok
21:24:35.0243 4016 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
21:24:35.0243 4016 C:\Windows\System32\wbemcomn.dll - ok
21:24:35.0243 4016 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
21:24:35.0243 4016 C:\Windows\System32\wbem\WinMgmtR.dll - ok
21:24:35.0243 4016 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
21:24:35.0243 4016 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
21:24:35.0259 4016 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
21:24:35.0259 4016 C:\Windows\System32\wbem\fastprox.dll - ok
21:24:35.0259 4016 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
21:24:35.0259 4016 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
21:24:35.0259 4016 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
21:24:35.0259 4016 C:\Windows\System32\wer.dll - ok
21:24:35.0274 4016 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
21:24:35.0274 4016 C:\Windows\System32\drivers\srv2.sys - ok
21:24:35.0274 4016 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
21:24:35.0274 4016 C:\Windows\System32\iphlpsvc.dll - ok
21:24:35.0274 4016 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
21:24:35.0274 4016 C:\Windows\System32\drivers\srv.sys - ok
21:24:35.0290 4016 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
21:24:35.0290 4016 C:\Windows\System32\srvsvc.dll - ok
21:24:35.0290 4016 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
21:24:35.0290 4016 C:\Windows\System32\browser.dll - ok
21:24:35.0290 4016 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
21:24:35.0290 4016 C:\Windows\System32\nci.dll - ok
21:24:35.0306 4016 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
21:24:35.0306 4016 C:\Windows\System32\netmsg.dll - ok
21:24:35.0306 4016 [ 20A3E587A21A285CBBE060BC3ABEDFA1 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
21:24:35.0306 4016 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
21:24:35.0306 4016 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
21:24:35.0306 4016 C:\Windows\System32\clusapi.dll - ok
21:24:35.0321 4016 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
21:24:35.0321 4016 C:\Windows\System32\msxml3.dll - ok
21:24:35.0321 4016 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
21:24:35.0321 4016 C:\Windows\System32\sscore.dll - ok
21:24:35.0321 4016 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
21:24:35.0321 4016 C:\Windows\System32\resutils.dll - ok
21:24:35.0337 4016 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
21:24:35.0337 4016 C:\Windows\System32\hnetcfg.dll - ok
21:24:35.0337 4016 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
21:24:35.0337 4016 C:\Windows\System32\netprofm.dll - ok
21:24:35.0337 4016 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
21:24:35.0337 4016 C:\Windows\System32\wbem\wbemprox.dll - ok
21:24:35.0337 4016 [ D790CAFEFF0291D0AF8C76F5A1EE2E4E ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
21:24:35.0337 4016 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
21:24:35.0352 4016 [ AF528B4ECA925F63D437F76E87D8971D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
21:24:35.0352 4016 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
21:24:35.0352 4016 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
21:24:35.0352 4016 C:\Windows\System32\wbem\wbemcore.dll - ok
21:24:35.0352 4016 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
21:24:35.0352 4016 C:\Windows\System32\wdi.dll - ok
21:24:35.0368 4016 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
21:24:35.0368 4016 C:\Windows\System32\wpdbusenum.dll - ok
21:24:35.0368 4016 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
21:24:35.0368 4016 C:\Windows\System32\diagperf.dll - ok
21:24:35.0368 4016 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
21:24:35.0368 4016 C:\Windows\System32\perftrack.dll - ok
21:24:35.0384 4016 [ D8585EF6124B0A08387F4E57542C86DE ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\drvstore.dll
21:24:35.0384 4016 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\drvstore.dll - ok
21:24:35.0384 4016 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
21:24:35.0384 4016 C:\Windows\System32\Apphlpdm.dll - ok
21:24:35.0384 4016 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
21:24:35.0384 4016 C:\Windows\System32\pnpts.dll - ok
21:24:35.0399 4016 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
21:24:35.0399 4016 C:\Windows\System32\wdiasqmmodule.dll - ok
21:24:35.0399 4016 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
21:24:35.0399 4016 C:\Windows\System32\PortableDeviceApi.dll - ok
21:24:35.0399 4016 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
21:24:35.0399 4016 C:\Windows\System32\wbem\esscli.dll - ok
21:24:35.0415 4016 [ 5526C01DA71D2CD10ABDA7AE155560E9 ] C:\Windows\System32\WinSATAPI.dll
21:24:35.0415 4016 C:\Windows\System32\WinSATAPI.dll - ok
21:24:35.0415 4016 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
21:24:35.0415 4016 C:\Windows\System32\dxgi.dll - ok
21:24:35.0415 4016 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
21:24:35.0415 4016 C:\Windows\System32\aeevts.dll - ok
21:24:35.0415 4016 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
21:24:35.0415 4016 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
21:24:35.0430 4016 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
21:24:35.0430 4016 C:\Windows\System32\ntdsapi.dll - ok
21:24:35.0430 4016 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
21:24:35.0430 4016 C:\Windows\System32\npmproxy.dll - ok
21:24:35.0446 4016 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
21:24:35.0446 4016 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
21:24:35.0446 4016 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
21:24:35.0446 4016 C:\Windows\System32\wbem\wbemsvc.dll - ok
21:24:35.0446 4016 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
21:24:35.0446 4016 C:\Windows\System32\mprapi.dll - ok
21:24:35.0462 4016 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
21:24:35.0462 4016 C:\Windows\System32\ndiscapCfg.dll - ok
21:24:35.0462 4016 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
21:24:35.0462 4016 C:\Windows\System32\rascfg.dll - ok
21:24:35.0462 4016 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
21:24:35.0462 4016 C:\Windows\System32\mprmsg.dll - ok
21:24:35.0477 4016 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
21:24:35.0477 4016 C:\Windows\System32\rasadhlp.dll - ok
21:24:35.0477 4016 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
21:24:35.0477 4016 C:\Windows\System32\tcpipcfg.dll - ok
21:24:35.0477 4016 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
21:24:35.0477 4016 C:\Windows\System32\UXInit.dll - ok
21:24:35.0493 4016 [ DA962E6301C2B887F545DA88BEB8D5D5 ] C:\Windows\servicing\CbsMsg.dll
21:24:35.0493 4016 C:\Windows\servicing\CbsMsg.dll - ok
21:24:35.0493 4016 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
21:24:35.0493 4016 C:\Windows\System32\wbem\wmiutils.dll - ok
21:24:35.0493 4016 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
21:24:35.0493 4016 C:\Windows\System32\wbem\repdrvfs.dll - ok
21:24:35.0508 4016 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
21:24:35.0508 4016 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
21:24:35.0508 4016 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
21:24:35.0508 4016 C:\Windows\System32\ncobjapi.dll - ok
21:24:35.0508 4016 [ C36404D6123B5C278DE8F758A3FBC4E7 ] C:\Windows\System32\atieclxx.exe
21:24:35.0508 4016 C:\Windows\System32\atieclxx.exe - ok
21:24:35.0508 4016 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
21:24:35.0508 4016 C:\Windows\System32\wbem\wbemess.dll - ok
21:24:35.0524 4016 [ 5AFBC1A598DD665DAA3A74D864FEBA6D ] C:\Windows\System32\atiadlxx.dll
21:24:35.0524 4016 C:\Windows\System32\atiadlxx.dll - ok
21:24:35.0524 4016 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
21:24:35.0524 4016 C:\Windows\System32\imageres.dll - ok
21:24:35.0524 4016 [ 15D563C08B0AE2F7C541BE41D9A9BB80 ] C:\Windows\System32\atimuixx.dll
21:24:35.0524 4016 C:\Windows\System32\atimuixx.dll - ok
21:24:35.0540 4016 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
21:24:35.0540 4016 C:\Windows\SysWOW64\wbemcomn.dll - ok
21:24:35.0540 4016 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
21:24:35.0540 4016 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
21:24:35.0540 4016 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
21:24:35.0540 4016 C:\Windows\SysWOW64\ws2_32.dll - ok
21:24:35.0555 4016 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
21:24:35.0555 4016 C:\Windows\SysWOW64\nsi.dll - ok
21:24:35.0555 4016 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
21:24:35.0555 4016 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
21:24:35.0555 4016 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
21:24:35.0555 4016 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
21:24:35.0555 4016 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
21:24:35.0555 4016 C:\Windows\SysWOW64\ntdsapi.dll - ok
21:24:35.0571 4016 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
21:24:35.0571 4016 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
21:24:35.0571 4016 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
21:24:35.0571 4016 C:\Windows\System32\wbem\cimwin32.dll - ok
21:24:35.0571 4016 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
21:24:35.0571 4016 C:\Windows\System32\framedynos.dll - ok
21:24:35.0586 4016 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
21:24:35.0586 4016 C:\Windows\SysWOW64\msxml3.dll - ok
21:24:35.0586 4016 [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\SysWOW64\urlmon.dll
21:24:35.0586 4016 C:\Windows\SysWOW64\urlmon.dll - ok
21:24:35.0586 4016 [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\SysWOW64\iertutil.dll
21:24:35.0586 4016 C:\Windows\SysWOW64\iertutil.dll - ok
21:24:35.0602 4016 [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\SysWOW64\wininet.dll
21:24:35.0602 4016 C:\Windows\SysWOW64\wininet.dll - ok
21:24:35.0602 4016 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
21:24:35.0602 4016 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
21:24:35.0602 4016 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
21:24:35.0602 4016 C:\Windows\SysWOW64\ntmarta.dll - ok
21:24:35.0602 4016 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
21:24:35.0602 4016 C:\Windows\SysWOW64\Wldap32.dll - ok
21:24:35.0618 4016 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
21:24:35.0618 4016 C:\Windows\SysWOW64\propsys.dll - ok
21:24:35.0618 4016 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
21:24:35.0618 4016 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
21:24:35.0618 4016 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
21:24:35.0618 4016 C:\Windows\SysWOW64\setupapi.dll - ok
21:24:35.0633 4016 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
21:24:35.0633 4016 C:\Windows\SysWOW64\cfgmgr32.dll - ok
21:24:35.0633 4016 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
21:24:35.0633 4016 C:\Windows\SysWOW64\devobj.dll - ok
21:24:35.0633 4016 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
21:24:35.0633 4016 C:\Windows\SysWOW64\apphelp.dll - ok
21:24:35.0649 4016 [ D01219E8AEF371C0668CBFCF81532EAE ] C:\Windows\SysWOW64\tracerpt.exe
21:24:35.0649 4016 C:\Windows\SysWOW64\tracerpt.exe - ok
21:24:35.0649 4016 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
21:24:35.0649 4016 C:\Windows\SysWOW64\sfc.dll - ok
21:24:35.0649 4016 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
21:24:35.0649 4016 C:\Windows\SysWOW64\sfc_os.dll - ok
21:24:35.0664 4016 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
21:24:35.0664 4016 C:\Windows\SysWOW64\devrtl.dll - ok
21:24:35.0664 4016 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
21:24:35.0664 4016 C:\Windows\SysWOW64\mpr.dll - ok
21:24:35.0664 4016 [ DCB84C52EF611EF8923C1FBE1D8C8DBF ] C:\Windows\System32\tracerpt.exe
21:24:35.0664 4016 C:\Windows\System32\tracerpt.exe - ok
21:24:35.0664 4016 [ 8D47D01378347889A662D54037A988CC ] C:\Windows\SysWOW64\tdh.dll
21:24:35.0664 4016 C:\Windows\SysWOW64\tdh.dll - ok
21:24:35.0680 4016 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
21:24:35.0680 4016 C:\Windows\SysWOW64\wevtapi.dll - ok
21:24:35.0680 4016 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
21:24:35.0680 4016 C:\Windows\SysWOW64\xmllite.dll - ok
21:24:35.0680 4016 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
21:24:35.0680 4016 C:\Windows\SysWOW64\pdh.dll - ok
21:24:35.0696 4016 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
21:24:35.0696 4016 C:\Windows\System32\wbem\wmiprov.dll - ok
21:24:35.0696 4016 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
21:24:35.0696 4016 C:\Windows\SysWOW64\ncrypt.dll - ok
21:24:35.0696 4016 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
21:24:35.0696 4016 C:\Windows\SysWOW64\bcrypt.dll - ok
21:24:35.0711 4016 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
21:24:35.0711 4016 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
21:24:35.0711 4016 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
21:24:35.0711 4016 C:\Windows\SysWOW64\gpapi.dll - ok
21:24:35.0711 4016 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
21:24:35.0711 4016 C:\Windows\SysWOW64\cryptnet.dll - ok
21:24:35.0727 4016 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
21:24:35.0727 4016 C:\Windows\System32\aelupsvc.dll - ok
21:24:35.0727 4016 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
21:24:35.0727 4016 C:\Windows\System32\dllhost.exe - ok
21:24:35.0727 4016 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
21:24:35.0727 4016 C:\Windows\System32\IDStore.dll - ok
21:24:35.0742 4016 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
21:24:35.0742 4016 C:\Windows\System32\taskhost.exe - ok
21:24:35.0742 4016 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
21:24:35.0742 4016 C:\Windows\System32\PlaySndSrv.dll - ok
21:24:35.0742 4016 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
21:24:35.0742 4016 C:\Windows\System32\MsCtfMonitor.dll - ok
21:24:35.0742 4016 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
21:24:35.0742 4016 C:\Windows\System32\msutb.dll - ok
21:24:35.0758 4016 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
21:24:35.0758 4016 C:\Windows\System32\userinit.exe - ok
21:24:35.0758 4016 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
21:24:35.0758 4016 C:\Windows\System32\dwm.exe - ok
21:24:35.0758 4016 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
21:24:35.0758 4016 C:\Windows\System32\HotStartUserAgent.dll - ok
21:24:35.0774 4016 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
21:24:35.0774 4016 C:\Windows\System32\taskeng.exe - ok
21:24:35.0774 4016 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
21:24:35.0774 4016 C:\Windows\System32\localspl.dll - ok
21:24:35.0774 4016 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
21:24:35.0774 4016 C:\Windows\System32\dwmredir.dll - ok
21:24:35.0789 4016 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
21:24:35.0789 4016 C:\Windows\System32\dwmcore.dll - ok
21:24:35.0789 4016 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
21:24:35.0789 4016 C:\Windows\System32\dssenh.dll - ok
21:24:35.0789 4016 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
21:24:35.0789 4016 C:\Windows\System32\spoolss.dll - ok
21:24:35.0805 4016 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
21:24:35.0805 4016 C:\Windows\explorer.exe - ok
21:24:35.0805 4016 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
21:24:35.0805 4016 C:\Windows\System32\winspool.drv - ok
21:24:35.0805 4016 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
21:24:35.0805 4016 C:\Windows\System32\TSChannel.dll - ok
21:24:35.0820 4016 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:24:35.0820 4016 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
21:24:35.0820 4016 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
21:24:35.0820 4016 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
21:24:35.0820 4016 [ 16E7F0328F0F4A6235E00645BEE0B33C ] C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe
21:24:35.0820 4016 C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe - ok
21:24:35.0836 4016 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
21:24:35.0836 4016 C:\Windows\System32\FXSMON.dll - ok
21:24:35.0836 4016 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
21:24:35.0836 4016 C:\Windows\System32\PrintIsolationProxy.dll - ok
21:24:35.0852 4016 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
21:24:35.0852 4016 C:\Windows\System32\tcpmon.dll - ok
21:24:35.0852 4016 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
21:24:35.0852 4016 C:\Windows\System32\d3d10_1.dll - ok
21:24:35.0852 4016 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
21:24:35.0852 4016 C:\Windows\System32\d3d10_1core.dll - ok
21:24:35.0867 4016 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
21:24:35.0867 4016 C:\Windows\System32\snmpapi.dll - ok
21:24:35.0867 4016 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
21:24:35.0867 4016 C:\Windows\System32\wsnmp32.dll - ok
21:24:35.0867 4016 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
21:24:35.0867 4016 C:\Windows\System32\usbmon.dll - ok
21:24:35.0883 4016 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
21:24:35.0883 4016 C:\Windows\System32\WSDMon.dll - ok
21:24:35.0883 4016 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
21:24:35.0883 4016 C:\Windows\System32\fdPnp.dll - ok
21:24:35.0883 4016 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
21:24:35.0883 4016 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
21:24:35.0898 4016 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
21:24:35.0898 4016 C:\Windows\System32\win32spl.dll - ok
21:24:35.0898 4016 [ 5343A19C618BC515CEB1695586C6C137 ] C:\Windows\SysWOW64\msvbvm60.dll
21:24:35.0898 4016 C:\Windows\SysWOW64\msvbvm60.dll - ok
21:24:35.0898 4016 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
21:24:35.0898 4016 C:\Windows\SysWOW64\imagehlp.dll - ok
21:24:35.0914 4016 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
21:24:35.0914 4016 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
21:24:35.0914 4016 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
21:24:35.0914 4016 C:\Windows\SysWOW64\netapi32.dll - ok
21:24:35.0914 4016 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
21:24:35.0914 4016 C:\Windows\SysWOW64\netutils.dll - ok
21:24:35.0930 4016 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
21:24:35.0930 4016 C:\Windows\SysWOW64\srvcli.dll - ok
21:24:35.0930 4016 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
21:24:35.0930 4016 C:\Windows\SysWOW64\winnsi.dll - ok
21:24:35.0930 4016 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
21:24:35.0930 4016 C:\Windows\SysWOW64\wkscli.dll - ok
21:24:35.0945 4016 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
21:24:35.0945 4016 C:\Windows\System32\inetpp.dll - ok
21:24:35.0945 4016 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
21:24:35.0945 4016 C:\Windows\System32\radardt.dll - ok
21:24:35.0945 4016 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
21:24:35.0945 4016 C:\Windows\SysWOW64\msi.dll - ok
21:24:35.0961 4016 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
21:24:35.0961 4016 C:\Windows\System32\cscapi.dll - ok
21:24:35.0961 4016 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
21:24:35.0961 4016 C:\Windows\AppPatch\AcLayers.dll - ok
21:24:35.0961 4016 [ 848C5B4E7E40EC9B465871FB553E35BF ] C:\Windows\System32\aticfx64.dll
21:24:35.0961 4016 C:\Windows\System32\aticfx64.dll - ok
21:24:35.0976 4016 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
21:24:35.0976 4016 C:\Windows\SysWOW64\winspool.drv - ok
21:24:35.0976 4016 [ BC75BA0DA362FA9B856B7B33F1AB007D ] C:\Windows\System32\atiuxp64.dll
21:24:35.0976 4016 C:\Windows\System32\atiuxp64.dll - ok
21:24:35.0976 4016 [ 4EF42ACDCDD2109600A435917652BA40 ] C:\Windows\System32\atidxx64.dll
21:24:35.0992 4016 C:\Windows\System32\atidxx64.dll - ok
21:24:35.0992 4016 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
21:24:35.0992 4016 C:\Windows\System32\ExplorerFrame.dll - ok
21:24:35.0992 4016 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
21:24:35.0992 4016 C:\Windows\AppPatch\AcGenral.dll - ok
21:24:36.0008 4016 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
21:24:36.0008 4016 C:\Windows\SysWOW64\cscapi.dll - ok
21:24:36.0008 4016 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
21:24:36.0008 4016 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
21:24:36.0008 4016 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
21:24:36.0008 4016 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
21:24:36.0023 4016 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
21:24:36.0023 4016 C:\Windows\SysWOW64\mstask.dll - ok
21:24:36.0023 4016 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
21:24:36.0023 4016 C:\Windows\SysWOW64\uxtheme.dll - ok
21:24:36.0023 4016 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
21:24:36.0023 4016 C:\Windows\SysWOW64\winmm.dll - ok
21:24:36.0039 4016 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
21:24:36.0039 4016 C:\Windows\SysWOW64\dwmapi.dll - ok
21:24:36.0039 4016 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
21:24:36.0039 4016 C:\Windows\SysWOW64\msacm32.dll - ok
21:24:36.0039 4016 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
21:24:36.0039 4016 C:\Windows\SysWOW64\samcli.dll - ok
21:24:36.0054 4016 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
21:24:36.0054 4016 C:\Windows\SysWOW64\sxs.dll - ok
21:24:36.0054 4016 [ ADBA8A211DEB8EE1B2AC332F05378B1C ] C:\Users\raoday\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
21:24:36.0054 4016 C:\Users\raoday\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll - ok
21:24:36.0054 4016 [ 69A1D7C29CFF256BECBD4E39E2159636 ] C:\Windows\SysWOW64\scrrun.dll
21:24:36.0054 4016 C:\Windows\SysWOW64\scrrun.dll - ok
21:24:36.0070 4016 [ 349B1D5D8D1B5A7B10BCD01470BD5F64 ] C:\Users\raoday\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcp110.dll
21:24:36.0070 4016 C:\Users\raoday\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcp110.dll - ok
21:24:36.0070 4016 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
21:24:36.0070 4016 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
21:24:36.0086 4016 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
21:24:36.0086 4016 C:\Windows\SysWOW64\EhStorShell.dll - ok
21:24:36.0086 4016 [ C72ABC6B7B90A61364B6DD889B5435F3 ] C:\Users\raoday\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcr110.dll
21:24:36.0086 4016 C:\Users\raoday\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcr110.dll - ok
21:24:36.0086 4016 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
21:24:36.0086 4016 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
21:24:36.0101 4016 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
21:24:36.0101 4016 C:\Windows\SysWOW64\ntshrui.dll - ok
21:24:36.0101 4016 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
21:24:36.0101 4016 C:\Windows\System32\EhStorShell.dll - ok
21:24:36.0101 4016 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
21:24:36.0101 4016 C:\Windows\SysWOW64\imageres.dll - ok
21:24:36.0117 4016 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
21:24:36.0117 4016 C:\Windows\SysWOW64\slc.dll - ok
21:24:36.0117 4016 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
21:24:36.0117 4016 C:\Windows\System32\ntshrui.dll - ok
21:24:36.0117 4016 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
21:24:36.0117 4016 C:\Windows\System32\IconCodecService.dll - ok
21:24:36.0132 4016 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
21:24:36.0132 4016 C:\Windows\System32\uDWM.dll - ok
21:24:36.0132 4016 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
21:24:36.0132 4016 C:\Windows\System32\appinfo.dll - ok
21:24:36.0132 4016 [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
21:24:36.0132 4016 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll - ok
21:24:36.0148 4016 [ C56DE8185672B9F17F127EA282DD5E07 ] C:\Program Files (x86)\Google\Update\1.3.21.135\psmachine.dll
21:24:36.0148 4016 C:\Program Files (x86)\Google\Update\1.3.21.135\psmachine.dll - ok
21:24:36.0148 4016 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
21:24:36.0148 4016 C:\Windows\SysWOW64\credssp.dll - ok
21:24:36.0148 4016 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
21:24:36.0148 4016 C:\Windows\System32\runonce.exe - ok
21:24:36.0164 4016 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
21:24:36.0164 4016 C:\Windows\SysWOW64\runonce.exe - ok
21:24:36.0164 4016 [ 5C4AD15B43D772AAE2B2963A84348064 ] C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe
21:24:36.0164 4016 C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe - ok
21:24:36.0179 4016 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
21:24:36.0179 4016 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
21:24:36.0179 4016 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
21:24:36.0179 4016 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
21:24:36.0179 4016 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
21:24:36.0179 4016 C:\Windows\SysWOW64\cmd.exe - ok
21:24:36.0179 4016 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
21:24:36.0179 4016 C:\Windows\SysWOW64\mswsock.dll - ok
21:24:36.0195 4016 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
21:24:36.0195 4016 C:\Windows\SysWOW64\dnsapi.dll - ok
21:24:36.0195 4016 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
21:24:36.0195 4016 C:\Windows\SysWOW64\wship6.dll - ok
21:24:36.0195 4016 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
21:24:36.0195 4016 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
21:24:36.0210 4016 [ 4355CF8BD07B0E48C111FC3D2F36D313 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
21:24:36.0210 4016 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
21:24:36.0210 4016 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
21:24:36.0210 4016 C:\Windows\SysWOW64\rasadhlp.dll - ok
21:24:36.0210 4016 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
21:24:36.0210 4016 C:\Windows\System32\NapiNSP.dll - ok
21:24:36.0226 4016 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
21:24:36.0226 4016 C:\Windows\System32\pnrpnsp.dll - ok
21:24:36.0226 4016 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
21:24:36.0226 4016 C:\Windows\System32\winrnr.dll - ok
21:24:36.0226 4016 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
21:24:36.0226 4016 C:\Windows\SysWOW64\winbrand.dll - ok
21:24:36.0242 4016 [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\Windows\SysWOW64\ieframe.dll
21:24:36.0242 4016 C:\Windows\SysWOW64\ieframe.dll - ok
21:24:36.0242 4016 [ B67E616CCE2D21291937751C6695F7B8 ] C:\Program Files (x86)\Symantec\Norton Utilities 16\LicHelper.dll
21:24:36.0242 4016 C:\Program Files (x86)\Symantec\Norton Utilities 16\LicHelper.dll - ok
21:24:36.0242 4016 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
21:24:36.0242 4016 C:\Windows\SysWOW64\comdlg32.dll - ok
21:24:36.0257 4016 [ BF7DDBE14FA4B68AAB6A3C78EF5C96B8 ] C:\Windows\SysWOW64\inetmib1.dll
21:24:36.0257 4016 C:\Windows\SysWOW64\inetmib1.dll - ok
21:24:36.0257 4016 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
21:24:36.0257 4016 C:\Windows\SysWOW64\snmpapi.dll - ok
21:24:36.0257 4016 [ 04800D943D70FB86838437B37193915F ] C:\Program Files (x86)\Symantec\Norton Utilities 16\Update.exe
21:24:36.0257 4016 C:\Program Files (x86)\Symantec\Norton Utilities 16\Update.exe - ok
21:24:36.0273 4016 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
21:24:36.0273 4016 C:\Windows\SysWOW64\olepro32.dll - ok
21:24:36.0273 4016 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
21:24:36.0273 4016 C:\Windows\SysWOW64\wsock32.dll - ok
21:24:36.0273 4016 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
21:24:36.0273 4016 C:\Windows\SysWOW64\oleacc.dll - ok
21:24:36.0288 4016 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
21:24:36.0288 4016 C:\Windows\SysWOW64\NapiNSP.dll - ok
21:24:36.0288 4016 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
21:24:36.0288 4016 C:\Windows\SysWOW64\nlaapi.dll - ok
21:24:36.0288 4016 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
21:24:36.0288 4016 C:\Windows\SysWOW64\pnrpnsp.dll - ok
21:24:36.0288 4016 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
21:24:36.0288 4016 C:\Windows\SysWOW64\winrnr.dll - ok
21:24:36.0304 4016 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
21:24:36.0304 4016 C:\Windows\SysWOW64\shdocvw.dll - ok
21:24:36.0304 4016 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\raoday\AppData\Local\Temp\EEFF3C64-AA5E-4938-A746-231095E81733.exe
21:24:36.0304 4016 C:\Users\raoday\AppData\Local\Temp\EEFF3C64-AA5E-4938-A746-231095E81733.exe - ok
21:24:36.0304 4016 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
21:24:36.0304 4016 C:\Windows\System32\ie4uinit.exe - ok
21:24:36.0320 4016 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
21:24:36.0320 4016 C:\Windows\System32\iedkcs32.dll - ok
21:24:36.0320 4016 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
21:24:36.0320 4016 C:\Windows\System32\timedate.cpl - ok
21:24:36.0320 4016 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
21:24:36.0320 4016 C:\Windows\System32\actxprxy.dll - ok
21:24:36.0335 4016 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
21:24:36.0335 4016 C:\Windows\System32\shdocvw.dll - ok
21:24:36.0335 4016 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
21:24:36.0335 4016 C:\Windows\System32\linkinfo.dll - ok
21:24:36.0335 4016 [ E37DCCB01E8CDD285006AA18A1AC2717 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll
21:24:36.0335 4016 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll - ok
21:24:36.0351 4016 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
21:24:36.0351 4016 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
21:24:36.0351 4016 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\57385798.sys
21:24:36.0351 4016 C:\Windows\System32\drivers\57385798.sys - ok
21:24:36.0351 4016 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
21:24:36.0351 4016 C:\Windows\System32\msftedit.dll - ok
21:24:36.0366 4016 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
21:24:36.0366 4016 C:\Windows\System32\msls31.dll - ok
21:24:36.0366 4016 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
21:24:36.0366 4016 C:\Windows\System32\gameux.dll - ok
21:24:36.0366 4016 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
21:24:36.0382 4016 C:\Windows\System32\thumbcache.dll - ok
21:24:36.0382 4016 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
21:24:36.0382 4016 C:\Windows\System32\DeviceCenter.dll - ok
21:24:36.0382 4016 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
21:24:36.0382 4016 C:\Windows\System32\networkexplorer.dll - ok
21:24:36.0398 4016 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
21:24:36.0398 4016 C:\Windows\SysWOW64\riched20.dll - ok
21:24:36.0398 4016 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
21:24:36.0398 4016 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
21:24:36.0398 4016 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
21:24:36.0398 4016 C:\Windows\System32\msi.dll - ok
21:24:36.0398 4016 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
21:24:36.0398 4016 C:\Windows\System32\msiltcfg.dll - ok
21:24:36.0413 4016 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
21:24:36.0413 4016 C:\Windows\SysWOW64\duser.dll - ok
21:24:36.0413 4016 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
21:24:36.0413 4016 C:\Windows\SysWOW64\dui70.dll - ok
21:24:36.0413 4016 [ 444AB7BCE6032426FE1443F8C0DBA2FE ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
21:24:36.0413 4016 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
21:24:36.0429 4016 [ C50911A387912D1397E777E24EFD36EB ] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
21:24:36.0429 4016 C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe - ok
21:24:36.0429 4016 [ 21247A9F74DA9C8AF98E6847F82D07A8 ] C:\Program Files\IDT\WDM\sttray64.exe
21:24:36.0429 4016 C:\Program Files\IDT\WDM\sttray64.exe - ok
21:24:36.0429 4016 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
21:24:36.0429 4016 C:\Windows\System32\UIAnimation.dll - ok
21:24:36.0444 4016 [ 1ABD836197E38318A744E5C40C49EC46 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
21:24:36.0444 4016 C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe - ok
21:24:36.0444 4016 [ 6EC8D8BA1E37F89CB127DF8A21FE5566 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
21:24:36.0444 4016 C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe - ok
21:24:36.0444 4016 [ 8E9FEFF971F3679F7D4A122A21901A8A ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar3.exe
21:24:36.0444 4016 C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar3.exe - ok
21:24:36.0460 4016 [ 1E9A60F32D192A75D8BC8C06BBF1DFEC ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:24:36.0460 4016 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
21:24:36.0460 4016 [ 47C1DE0A890613FFCFF1D67648EEDF90 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:24:36.0460 4016 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
21:24:36.0460 4016 [ 8A3B69683E63808719D24E1C68C21CC7 ] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
21:24:36.0460 4016 C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe - ok
21:24:36.0476 4016 [ 10A7BA22BA3054E52FB846A50BEC06EC ] C:\Program Files\IDT\WDM\stlang64.dll
21:24:36.0476 4016 C:\Program Files\IDT\WDM\stlang64.dll - ok
21:24:36.0476 4016 [ AFC6B1133A413417A0D4C7DEFC5EAE87 ] C:\Windows\SysWOW64\atiadlxy.dll
21:24:36.0476 4016 C:\Windows\SysWOW64\atiadlxy.dll - ok
21:24:36.0476 4016 [ 9F3655267BA37004F519ABDDB3AEE244 ] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
21:24:36.0476 4016 C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe - ok
21:24:36.0491 4016 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
21:24:36.0491 4016 C:\Windows\SysWOW64\oledlg.dll - ok
21:24:36.0491 4016 [ 13E7CFE8E269ED15E7FC9C3EBBCB7E2B ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:24:36.0491 4016 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
21:24:36.0507 4016 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
21:24:36.0507 4016 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
21:24:36.0507 4016 [ 8192B2E274607D1D530F5C191698C544 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
21:24:36.0507 4016 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe - ok
21:24:36.0507 4016 [ 579DD3ADCB220C0932BF9F7F4A27F447 ] C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
21:24:36.0507 4016 C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe - ok
21:24:36.0522 4016 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
21:24:36.0522 4016 C:\Windows\SysWOW64\d2d1.dll - ok
21:24:36.0522 4016 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
21:24:36.0522 4016 C:\Windows\SysWOW64\samlib.dll - ok
21:24:36.0522 4016 [ 2B92A88E329F4845D31941967A3BAA90 ] C:\Windows\SysWOW64\msvcr100.dll
21:24:36.0522 4016 C:\Windows\SysWOW64\msvcr100.dll - ok
21:24:36.0538 4016 [ DD123C8B48335B668F5ED17A3FCEE973 ] C:\Windows\System32\SynCOM.dll
21:24:36.0538 4016 C:\Windows\System32\SynCOM.dll - ok
21:24:36.0538 4016 [ 540C61844CCD78C121C3EF48F3A34F0E ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
21:24:36.0538 4016 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
21:24:36.0554 4016 [ C861851A0BBD9903E324487011AA3705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
21:24:36.0554 4016 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
21:24:36.0554 4016 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
21:24:36.0554 4016 C:\Windows\System32\mscoree.dll - ok
21:24:36.0554 4016 [ 4214EBCC2EA861B6F7FA9CD1596879AC ] C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
21:24:36.0554 4016 C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll - ok
21:24:36.0569 4016 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
21:24:36.0569 4016 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
21:24:36.0569 4016 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
21:24:36.0569 4016 C:\Windows\SysWOW64\MMDevAPI.dll - ok
21:24:36.0569 4016 [ 60B097BBC1907688F77D30BAA59B722F ] C:\Windows\System32\SynTPAPI.dll
21:24:36.0569 4016 C:\Windows\System32\SynTPAPI.dll - ok
21:24:36.0585 4016 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
21:24:36.0585 4016 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
21:24:36.0585 4016 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
21:24:36.0585 4016 C:\Windows\System32\wbem\NCProv.dll - ok
21:24:36.0585 4016 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
21:24:36.0585 4016 C:\Windows\System32\wmi.dll - ok
21:24:36.0600 4016 [ E595F220ED529885D8BC0EF42E455E4D ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
21:24:36.0600 4016 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
21:24:36.0600 4016 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
21:24:36.0600 4016 C:\Windows\System32\browcli.dll - ok
21:24:36.0600 4016 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
21:24:36.0600 4016 C:\Windows\System32\schedcli.dll - ok
21:24:36.0616 4016 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
21:24:36.0616 4016 C:\Windows\SysWOW64\d3d10_1.dll - ok
21:24:36.0616 4016 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
21:24:36.0616 4016 C:\Windows\SysWOW64\msimg32.dll - ok
21:24:36.0632 4016 [ 514455F6586473791C5C6B25BA4E1BAB ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:24:36.0632 4016 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
21:24:36.0632 4016 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
21:24:36.0632 4016 C:\Windows\System32\qmgr.dll - ok
21:24:36.0632 4016 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
21:24:36.0632 4016 C:\Windows\SysWOW64\d3d10_1core.dll - ok
21:24:36.0647 4016 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
21:24:36.0647 4016 C:\Windows\System32\bitsigd.dll - ok
21:24:36.0647 4016 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
21:24:36.0647 4016 C:\Windows\System32\bitsperf.dll - ok
21:24:36.0647 4016 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
21:24:36.0647 4016 C:\Windows\System32\upnp.dll - ok
21:24:36.0663 4016 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
21:24:36.0663 4016 C:\Windows\System32\ssdpsrv.dll - ok
21:24:36.0663 4016 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
21:24:36.0663 4016 C:\Windows\SysWOW64\dxgi.dll - ok
21:24:36.0663 4016 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
21:24:36.0663 4016 C:\Windows\SysWOW64\d3d10warp.dll - ok
21:24:36.0678 4016 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
21:24:36.0678 4016 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
21:24:36.0678 4016 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
21:24:36.0678 4016 C:\Windows\System32\qmgrprxy.dll - ok
21:24:36.0678 4016 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
21:24:36.0678 4016 C:\Windows\SysWOW64\qmgrprxy.dll - ok
21:24:36.0694 4016 [ 1EC5E63CF0E0B67B34084557EBAA39CB ] C:\Program Files\Synaptics\SynTP\SynTPRes.dll
21:24:36.0694 4016 C:\Program Files\Synaptics\SynTP\SynTPRes.dll - ok
21:24:36.0694 4016 [ 689EBD0C6D6D28FFCAA7A132F5F988AC ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\WirelessOffMsg.exe
21:24:36.0694 4016 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\WirelessOffMsg.exe - ok
21:24:36.0694 4016 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
21:24:36.0694 4016 C:\Windows\SysWOW64\DWrite.dll - ok
21:24:36.0710 4016 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcp100.dll
21:24:36.0710 4016 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcp100.dll - ok
21:24:36.0710 4016 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
21:24:36.0710 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
21:24:36.0725 4016 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
21:24:36.0725 4016 C:\Windows\System32\stobject.dll - ok
21:24:36.0725 4016 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
21:24:36.0725 4016 C:\Windows\System32\batmeter.dll - ok
21:24:36.0725 4016 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
21:24:36.0725 4016 C:\Windows\SysWOW64\rundll32.exe - ok
21:24:36.0741 4016 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
21:24:36.0741 4016 C:\Windows\SysWOW64\rasapi32.dll - ok
21:24:36.0741 4016 [ BFC68382466436FAE8B7A27966FB98CB ] C:\Windows\AppPatch\acwow64.dll
21:24:36.0741 4016 C:\Windows\AppPatch\acwow64.dll - ok
21:24:36.0741 4016 [ 47C58BA8C7F6B57CDC70ED86E524CFC4 ] C:\Program Files (x86)\Symantec\Norton Utilities 16\UpdateHlpr.dll
21:24:36.0741 4016 C:\Program Files (x86)\Symantec\Norton Utilities 16\UpdateHlpr.dll - ok
21:24:36.0756 4016 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
21:24:36.0756 4016 C:\Windows\SysWOW64\rasman.dll - ok
21:24:36.0756 4016 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
21:24:36.0756 4016 C:\Windows\SysWOW64\rtutils.dll - ok
21:24:36.0756 4016 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
21:24:36.0756 4016 C:\Windows\System32\prnfldr.dll - ok
21:24:36.0772 4016 [ 87F1DF9250D476F7C355B16F24D7D7F9 ] C:\Program Files (x86)\Symantec\Norton Utilities 16\Alert.exe
21:24:36.0772 4016 C:\Program Files (x86)\Symantec\Norton Utilities 16\Alert.exe - ok
21:24:36.0772 4016 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
21:24:36.0772 4016 C:\Windows\System32\DXP.dll - ok
21:24:36.0772 4016 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
21:24:36.0772 4016 C:\Windows\System32\Syncreg.dll - ok
21:24:36.0788 4016 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
21:24:36.0788 4016 C:\Windows\ehome\ehSSO.dll - ok
21:24:36.0788 4016 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
21:24:36.0788 4016 C:\Windows\System32\netshell.dll - ok
21:24:36.0788 4016 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
21:24:36.0788 4016 C:\Windows\System32\AltTab.dll - ok
21:24:36.0803 4016 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
21:24:36.0803 4016 C:\Windows\System32\pnidui.dll - ok
21:24:36.0803 4016 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
21:24:36.0803 4016 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
21:24:36.0819 4016 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
21:24:36.0819 4016 C:\Windows\System32\QUTIL.DLL - ok
21:24:36.0819 4016 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
21:24:36.0819 4016 C:\Windows\System32\WPDShServiceObj.dll - ok
21:24:36.0819 4016 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
21:24:36.0819 4016 C:\Windows\System32\PortableDeviceTypes.dll - ok
21:24:36.0834 4016 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
21:24:36.0834 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
21:24:36.0834 4016 [ 1C1EB95D36C6D5ED8CAE9D29A66028B3 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
21:24:36.0834 4016 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
21:24:36.0834 4016 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
21:24:36.0834 4016 C:\Windows\System32\ActionCenter.dll - ok
21:24:36.0850 4016 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
21:24:36.0850 4016 C:\Windows\System32\consent.exe - ok
21:24:36.0850 4016 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
21:24:36.0850 4016 C:\Windows\System32\srchadmin.dll - ok
21:24:36.0850 4016 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
21:24:36.0850 4016 C:\Windows\System32\bthprops.cpl - ok
21:24:36.0866 4016 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
21:24:36.0866 4016 C:\Windows\System32\SearchIndexer.exe - ok
21:24:36.0866 4016 [ 35126DDDE8241C4C4A5F15F6CDDF4434 ] C:\Windows\System32\ieframe.dll
21:24:36.0866 4016 C:\Windows\System32\ieframe.dll - ok
21:24:36.0866 4016 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
21:24:36.0866 4016 C:\Windows\System32\tquery.dll - ok
21:24:36.0881 4016 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
21:24:36.0881 4016 C:\Windows\System32\mssrch.dll - ok
21:24:36.0881 4016 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
21:24:36.0881 4016 C:\Windows\System32\esent.dll - ok
21:24:36.0897 4016 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
21:24:36.0897 4016 C:\Windows\System32\msidle.dll - ok
21:24:36.0897 4016 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
21:24:36.0897 4016 C:\Windows\System32\mssprxy.dll - ok
21:24:36.0897 4016 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
21:24:36.0897 4016 C:\Windows\System32\en-US\tquery.dll.mui - ok
21:24:36.0912 4016 [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll
21:24:36.0912 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok
21:24:36.0912 4016 [ B78E390C802B8F0D2BAF4F8B181318A0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e644aa1f8f3898d38876168757db0d9b\System.Windows.Forms.ni.dll
21:24:36.0912 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e644aa1f8f3898d38876168757db0d9b\System.Windows.Forms.ni.dll - ok
21:24:36.0912 4016 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
21:24:36.0912 4016 C:\Windows\System32\FXSST.dll - ok
21:24:36.0928 4016 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
21:24:36.0928 4016 C:\Windows\System32\FXSAPI.dll - ok
21:24:36.0928 4016 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
21:24:36.0928 4016 C:\Windows\System32\FXSRESM.dll - ok
21:24:36.0928 4016 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
21:24:36.0928 4016 C:\Windows\System32\FXSSVC.exe - ok
21:24:36.0944 4016 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
21:24:36.0944 4016 C:\Windows\System32\webcheck.dll - ok
21:24:36.0944 4016 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
21:24:36.0944 4016 C:\Windows\System32\mlang.dll - ok
21:24:36.0944 4016 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
21:24:36.0944 4016 C:\Windows\System32\SyncCenter.dll - ok
21:24:36.0959 4016 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
21:24:36.0959 4016 C:\Windows\System32\imapi2.dll - ok
21:24:36.0959 4016 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
21:24:36.0959 4016 C:\Windows\System32\netman.dll - ok
21:24:36.0959 4016 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
21:24:36.0959 4016 C:\Windows\System32\rasdlg.dll - ok
21:24:36.0975 4016 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
21:24:36.0975 4016 C:\Windows\System32\hgcpl.dll - ok
21:24:36.0975 4016 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
21:24:36.0975 4016 C:\Windows\System32\dot3api.dll - ok
21:24:36.0990 4016 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
21:24:36.0990 4016 C:\Windows\System32\wlanhlp.dll - ok
21:24:36.0990 4016 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
21:24:36.0990 4016 C:\Windows\System32\WWanAPI.dll - ok
21:24:36.0990 4016 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
21:24:36.0990 4016 C:\Windows\System32\wwapi.dll - ok
21:24:37.0006 4016 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
21:24:37.0006 4016 C:\Windows\System32\QAGENT.DLL - ok
21:24:37.0006 4016 [ 8965A4CAA8E006F5F32D084CABD3679E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll
21:24:37.0006 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll - ok
21:24:37.0006 4016 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
21:24:37.0006 4016 C:\Windows\System32\shfolder.dll - ok
21:24:37.0022 4016 [ D28C5A1411BB0B47E05E0D6AAF896690 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
21:24:37.0022 4016 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
21:24:37.0022 4016 [ 050E000D89D4FB750B124380020674E9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\09a751d0d4d6e7af82c1d2844eefd34a\System.Web.ni.dll
21:24:37.0022 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\09a751d0d4d6e7af82c1d2844eefd34a\System.Web.ni.dll - ok
21:24:37.0022 4016 [ 5CCD5B62076D4432D4728BB6CB3DEBFD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll
21:24:37.0037 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll - ok
21:24:37.0037 4016 [ 8323B32A6FC3FCD7E5C8BA94B36CE162 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll
21:24:37.0037 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll - ok
21:24:37.0037 4016 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
21:24:37.0037 4016 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
21:24:37.0053 4016 [ 5D2F7DEC5B4615D1A6B55121FD860A83 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
21:24:37.0053 4016 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
21:24:37.0053 4016 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll
21:24:37.0053 4016 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll - ok
21:24:37.0068 4016 [ 89344657836F91640F3DDB235D0E7F73 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll
21:24:37.0068 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll - ok
21:24:37.0068 4016 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
21:24:37.0068 4016 C:\Windows\SysWOW64\quartz.dll - ok
21:24:37.0068 4016 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
21:24:37.0068 4016 C:\Windows\SysWOW64\d3d9.dll - ok
21:24:37.0084 4016 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
21:24:37.0084 4016 C:\Windows\SysWOW64\d3d8thk.dll - ok
21:24:37.0084 4016 [ 43852328063FCF24A1C9E91886E3A607 ] C:\Windows\SysWOW64\aticfx32.dll
21:24:37.0084 4016 C:\Windows\SysWOW64\aticfx32.dll - ok
21:24:37.0084 4016 [ C16269BFCBA5100D4FA2A3F1607CED24 ] C:\Windows\SysWOW64\atiu9pag.dll
21:24:37.0084 4016 C:\Windows\SysWOW64\atiu9pag.dll - ok
21:24:37.0100 4016 [ 1F90168A2219629F719DAD7FFF860A80 ] C:\Windows\SysWOW64\atiumdag.dll
21:24:37.0100 4016 C:\Windows\SysWOW64\atiumdag.dll - ok
21:24:37.0100 4016 [ 017EC80BC4DE4006CF137BDE946E629F ] C:\Windows\SysWOW64\atiumdva.dll
21:24:37.0100 4016 C:\Windows\SysWOW64\atiumdva.dll - ok
21:24:37.0100 4016 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
21:24:37.0100 4016 C:\Windows\SysWOW64\dxva2.dll - ok
21:24:37.0115 4016 [ B7F55E2AE978D3D34F7876EE5D689AAE ] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
21:24:37.0115 4016 C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe - ok
21:24:37.0115 4016 [ 7BB710183AAD6C420A8FAF7C4ABC6384 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll
21:24:37.0115 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll - ok
21:24:37.0115 4016 [ 1D5A06280E3E6C07950FAAA4D153269B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f30de4ac82d4a89c959a7f525ba05aed\PresentationFramework.ni.dll
21:24:37.0115 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f30de4ac82d4a89c959a7f525ba05aed\PresentationFramework.ni.dll - ok
21:24:37.0131 4016 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
21:24:37.0131 4016 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
21:24:37.0131 4016 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
21:24:37.0131 4016 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
21:24:37.0146 4016 [ 86B7E59ABECBB9F4C89AC64B64588A79 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
21:24:37.0146 4016 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll - ok
21:24:37.0146 4016 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
21:24:37.0146 4016 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
21:24:37.0146 4016 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
21:24:37.0146 4016 C:\Windows\SysWOW64\devenum.dll - ok
21:24:37.0162 4016 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
21:24:37.0162 4016 C:\Windows\SysWOW64\msdmo.dll - ok
21:24:37.0162 4016 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
21:24:37.0162 4016 C:\Windows\SysWOW64\avicap32.dll - ok
21:24:37.0162 4016 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
21:24:37.0162 4016 C:\Windows\SysWOW64\msvfw32.dll - ok
21:24:37.0162 4016 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
21:24:37.0162 4016 C:\Windows\SysWOW64\vfwwdm32.dll - ok
21:24:37.0178 4016 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
21:24:37.0178 4016 C:\Windows\System32\d3d9.dll - ok
21:24:37.0178 4016 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
21:24:37.0178 4016 C:\Windows\System32\d3d8thk.dll - ok
21:24:37.0178 4016 [ B8E1EE9C894BC3F6F9519CB8AB252CD5 ] C:\Windows\System32\atiu9p64.dll
21:24:37.0178 4016 C:\Windows\System32\atiu9p64.dll - ok
21:24:37.0193 4016 [ 13911F03E20BFF3C2C38AEF631A43527 ] C:\Windows\System32\atiumd64.dll
21:24:37.0193 4016 C:\Windows\System32\atiumd64.dll - ok
21:24:37.0193 4016 [ 6E9A48E3B452ED423902CD35F5CA7535 ] C:\Windows\System32\atiumd6a.dll
21:24:37.0193 4016 C:\Windows\System32\atiumd6a.dll - ok
21:24:37.0193 4016 [ E5840A20CAB43276A2F58CA6F541D5DF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a50f3d1b7985318568ecec58ba24e409\PresentationFramework.Aero.ni.dll
21:24:37.0193 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a50f3d1b7985318568ecec58ba24e409\PresentationFramework.Aero.ni.dll - ok
21:24:37.0193 4016 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll
21:24:37.0193 4016 C:\Windows\System32\WindowsCodecsExt.dll - ok
21:24:37.0209 4016 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
21:24:37.0209 4016 C:\Windows\System32\icm32.dll - ok
21:24:37.0209 4016 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
21:24:37.0209 4016 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
21:24:37.0209 4016 [ D36AE1B392FAA88FBEF39DE1142DF051 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f5ec8051a7f0dc49a56aa2563039702e\System.ServiceProcess.ni.dll
21:24:37.0209 4016 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f5ec8051a7f0dc49a56aa2563039702e\System.ServiceProcess.ni.dll - ok
21:24:37.0224 4016 [ CCD0214A064CA26B6663E8AAA14EBF93 ] C:\Windows\System32\PresentationNative_v0300.dll
21:24:37.0224 4016 C:\Windows\System32\PresentationNative_v0300.dll - ok
21:24:37.0224 4016 [ 2EFE164449F1C62CEA167B10850CD9F1 ] C:\Windows\System32\msctfui.dll
21:24:37.0224 4016 C:\Windows\System32\msctfui.dll - ok
21:24:37.0224 4016 ============================================================
21:24:37.0224 4016 Scan finished
21:24:37.0224 4016 ============================================================
21:24:37.0240 3928 Detected object count: 3
21:24:37.0240 3928 Actual detected object count: 3
21:25:12.0652 3928 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:12.0652 3928 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:12.0668 3928 STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:12.0668 3928 STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:12.0668 3928 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:25:12.0668 3928 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#8
JSntgRvr

Posted 07 March 2013 - 08:40 PM

Global Moderator

Global Moderator
11,579 posts

No problems. That can remain as it is.

Lets scan for remnants. This one will take a while to complete.

Run adwCleaner.

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please attach that

Malwarebytes' Anti-Malware

Posted Image

Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

First please Disable any Antivirus you have active, as shown in This topic.
Note: Don't forget to re-enable it after the scan.
Next hold down Control then click on the following link to open a new window to ESET online scannner.
Select the option YES, I accept the Terms of Use then click on Start.

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
When prompted allow the Add-On/Active X to install.
Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
Now click on Advanced Settings and select the following:

Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology
Now click on Start.
The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
Now click on Finish.
Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
Copy and paste that log as a reply to this topic.

Security check

Download and run Security Check by screen317 and post its report.

#9
KevinVanLear

Posted 08 March 2013 - 08:17 AM

New Member

Topic Starter
Member
8 posts

Hi! Sorry, I went to bed last night. The ESET took forever. Anyhow, here are the logs:

AdwCleaner:

# AdwCleaner v2.114 - Logfile created 03/07/2013 at 21:48:01
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : raoday - RAODAY-HP
# Boot Mode : Normal
# Running from : C:\Users\raoday\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\search results toolbar
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\raoday\AppData\Local\APN
Folder Deleted : C:\Users\raoday\AppData\Local\Ilivid
Folder Deleted : C:\Users\raoday\AppData\Local\Temp\{f34c9277-6577-4dff-b2d7-7d58092f272f}
Folder Deleted : C:\Users\raoday\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\raoday\AppData\LocalLow\ilividtoolbarguid

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\ilividtoolbarguid
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbarguid
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F34C9277-6577-4DFF-B2D7-7D58092F272F}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.52

File : C:\Users\raoday\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.35] : icon_url = "hxxp://www.ask.com/favicon.ico",
Deleted [l.38] : keyword = "ask.com",
Deleted [l.41] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=86[...]
Deleted [l.42] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

*************************

AdwCleaner[S1].txt - [5979 octets] - [07/03/2013 21:48:01]

########## EOF - C:\AdwCleaner[S1].txt - [6039 octets] ##########

Malwarebytes:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.08.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
raoday :: RAODAY-HP [administrator]

3/7/2013 9:54:31 PM
mbam-log-2013-03-07 (21-54-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210877
Time elapsed: 4 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

ESET:

C:\ProgramData\Microsoft\Windows\DRM\B7D.tmp Win64/Olmarik.AR trojan
C:\ProgramData\Microsoft\Windows\DRM\B7E.tmp Win64/Olmarik.AR trojan
C:\Users\All Users\Microsoft\Windows\DRM\B7D.tmp Win64/Olmarik.AR trojan
C:\Users\All Users\Microsoft\Windows\DRM\B7E.tmp Win64/Olmarik.AR trojan

#10
KevinVanLear

Posted 08 March 2013 - 08:23 AM

New Member

Topic Starter
Member
8 posts

Sorry, here is the Security log:

Results of screen317's Security Check version 0.99.60
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java™ 6 Update 26
Java version out of Date!
Adobe Reader 10.1.0 Adobe Reader out of Date!
Google Chrome 24.0.1312.52
Google Chrome 25.0.1364.160
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````

#11
JSntgRvr

Posted 08 March 2013 - 08:41 AM

Global Moderator

Global Moderator
11,579 posts

Download TFC by OldTimer to your desktop

Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
It will close all programs when run, so make sure you have saved all your work before you begin.
Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Update JAVA (Older versions should be removed) and Adobe Reader.

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
OTL should now start. Change the following settings
- Change Drivers to All
- Change Standard Registry to All
- Under File Scans, change File age to 30
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt (first run only). These are saved in the same location as OTL.
- Please post the contents of the OTL.txt file and attach the Extras.Txt, if any, in your next reply.

How is the computer doing?

#12
KevinVanLear

Posted 08 March 2013 - 09:52 AM

New Member

Topic Starter
Member
8 posts

The machine seems to be running fine. Should I attempt to uninstall Norton again? Here are the OTL Logs:

OTL.txt:

OTL logfile created on: 3/8/2013 10:42:11 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\raoday\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.48 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 66.29% Memory free
6.95 Gb Paging File | 5.63 Gb Available in Paging File | 80.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445.43 Gb Total Space | 396.01 Gb Free Space | 88.90% Space Free | Partition Type: NTFS
Drive D: | 20.03 Gb Total Space | 2.17 Gb Free Space | 10.82% Space Free | Partition Type: NTFS

Computer Name: RAODAY-HP | User Name: raoday | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/08 10:40:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\raoday\Downloads\OTL.exe
PRC - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/29 22:49:24 | 000,792,608 | ---- | M] (Symantec) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
PRC - [2012/09/29 22:49:22 | 000,104,480 | ---- | M] (Symantec) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
PRC - [2012/03/05 12:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/11/28 17:08:00 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/08/26 17:37:18 | 001,342,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2011/08/19 17:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/08/10 07:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
PRC - [2011/07/13 13:05:24 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2012/10/29 09:00:01 | 000,321,536 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/02/10 16:54:58 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/02/10 03:00:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/05/13 15:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010/10/11 05:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/29 22:50:02 | 001,160,224 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe -- (SpeedDiskService)
SRV - [2012/09/29 22:49:46 | 001,147,424 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe -- (DiskDoctorService)
SRV - [2012/09/29 22:49:24 | 000,792,608 | ---- | M] (Symantec) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe -- (NU16StartManagerSvc)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/03/01 14:01:52 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/09/15 12:58:42 | 000,195,320 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/08/10 07:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe -- (NIS)
SRV - [2011/07/13 13:05:24 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (All) ==========

DRV:64bit: - [2013/01/03 01:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:64bit: - [2013/01/03 01:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2012/10/29 09:00:01 | 000,540,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/10/03 11:07:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2012/08/31 13:19:35 | 001,659,760 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2012/08/22 13:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2012/07/29 04:56:41 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/07/29 04:31:19 | 000,498,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2012/07/29 04:29:35 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2012/07/25 23:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2012/07/25 21:26:45 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2012/07/25 21:26:06 | 000,198,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2012/06/02 00:50:10 | 000,458,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2012/06/02 00:48:16 | 000,151,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2012/06/02 00:48:16 | 000,095,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2012/04/27 22:55:21 | 000,210,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2012/03/17 02:58:57 | 000,075,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2012/03/01 13:44:02 | 000,410,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:64bit: - [2012/03/01 13:44:02 | 000,166,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2012/03/01 13:44:02 | 000,148,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2012/03/01 13:44:02 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/03/01 13:44:02 | 000,091,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2012/03/01 13:44:02 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/03/01 13:39:21 | 000,983,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2012/03/01 13:34:17 | 000,288,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2012/03/01 13:34:17 | 000,158,208 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2012/03/01 13:34:17 | 000,128,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2012/03/01 13:34:08 | 000,467,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:64bit: - [2012/03/01 13:34:08 | 000,410,112 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:64bit: - [2012/03/01 13:34:08 | 000,168,448 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:64bit: - [2012/03/01 13:32:32 | 000,343,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:64bit: - [2012/03/01 13:32:32 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2012/03/01 13:32:32 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:64bit: - [2012/03/01 13:32:32 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2012/03/01 13:32:32 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:64bit: - [2012/03/01 13:31:28 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:64bit: - [2012/03/01 13:29:28 | 000,296,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/10 19:26:24 | 010,825,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/02/10 15:54:38 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/02/02 03:54:56 | 000,031,872 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012/01/14 07:05:54 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/01/10 23:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/12/13 07:52:44 | 000,082,048 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/12/13 07:52:44 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/12/06 06:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/10/26 14:16:46 | 000,219,776 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/10/26 14:16:46 | 000,102,528 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011/09/30 21:16:50 | 000,393,264 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/21 18:33:50 | 000,258,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011/08/24 00:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/08 10:38:06 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\ccSetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2011/08/02 13:22:10 | 000,729,720 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/08/02 13:22:10 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/07/28 14:20:02 | 001,084,536 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2011/07/25 13:18:40 | 000,401,016 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/07/25 13:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\SymDS64.sys -- (SymDS)
DRV:64bit: - [2011/07/25 13:15:52 | 000,189,560 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/05/13 15:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 15:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2010/11/20 22:24:39 | 000,223,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2010/11/20 22:24:36 | 000,140,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2010/11/20 22:24:33 | 000,213,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2010/11/20 22:24:33 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp)
DRV:64bit: - [2010/11/20 22:24:33 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:64bit: - [2010/11/20 22:24:32 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2010/11/20 22:24:32 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2010/11/20 22:24:27 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2010/11/20 22:24:25 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2010/11/20 22:24:24 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2010/11/20 22:24:15 | 000,366,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2010/11/20 22:24:15 | 000,363,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2010/11/20 22:24:15 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:64bit: - [2010/11/20 22:24:14 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2010/11/20 22:24:11 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2010/11/20 22:24:11 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)
DRV:64bit: - [2010/11/20 22:24:09 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2010/11/20 22:24:08 | 000,309,248 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:64bit: - [2010/11/20 22:24:08 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2010/11/20 22:24:08 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:64bit: - [2010/11/20 22:24:00 | 000,289,664 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:64bit: - [2010/11/20 22:23:55 | 000,753,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:64bit: - [2010/11/20 22:23:55 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2010/11/20 22:23:53 | 000,094,592 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:64bit: - [2010/11/20 22:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:64bit: - [2010/11/20 22:23:51 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2010/11/20 22:23:48 | 000,273,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2010/11/20 22:23:48 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:64bit: - [2010/11/20 22:23:47 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2010/11/20 22:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2010/11/20 22:23:47 | 000,229,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2010/11/20 22:23:47 | 000,215,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2010/11/20 22:23:47 | 000,184,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2010/11/20 22:23:47 | 000,184,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2010/11/20 22:23:47 | 000,155,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2010/11/20 22:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:64bit: - [2010/11/20 22:23:47 | 000,140,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2010/11/20 22:23:47 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,103,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2010/11/20 22:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2010/11/20 22:23:47 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2010/11/20 22:23:47 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:64bit: - [2010/11/20 22:23:47 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2010/11/20 22:23:47 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 20:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\clfs.sys -- (CLFS)
DRV:64bit: - [2009/07/13 20:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:64bit: - [2009/07/13 20:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2009/07/13 20:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2009/07/13 20:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2009/07/13 20:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2009/07/13 20:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2009/07/13 20:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:64bit: - [2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2009/07/13 20:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2009/07/13 20:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/07/13 20:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:64bit: - [2009/07/13 20:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2009/07/13 20:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2009/07/13 20:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:64bit: - [2009/07/13 20:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2009/07/13 20:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
DRV:64bit: - [2009/07/13 20:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2009/07/13 20:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2009/07/13 20:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2009/07/13 20:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2009/07/13 20:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2009/07/13 20:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2009/07/13 20:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2009/07/13 20:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 20:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2009/07/13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
DRV:64bit: - [2009/07/13 20:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2009/07/13 20:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:64bit: - [2009/07/13 20:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009/07/13 20:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 20:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2009/07/13 20:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:64bit: - [2009/07/13 20:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:64bit: - [2009/07/13 20:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2009/07/13 20:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:64bit: - [2009/07/13 20:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2009/07/13 20:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:64bit: - [2009/07/13 20:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2009/07/13 20:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2009/07/13 20:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2009/07/13 20:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2009/07/13 20:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 20:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2009/07/13 20:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2009/07/13 20:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid)
DRV:64bit: - [2009/07/13 20:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:64bit: - [2009/07/13 19:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:64bit: - [2009/07/13 19:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 19:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 19:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV:64bit: - [2009/07/13 19:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2009/07/13 19:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2009/07/13 19:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2009/07/13 19:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009/07/13 19:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp)
DRV:64bit: - [2009/07/13 19:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn)
DRV:64bit: - [2009/07/13 19:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/07/13 19:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2009/07/13 19:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:64bit: - [2009/07/13 19:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:64bit: - [2009/07/13 19:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2009/07/13 19:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2009/07/13 19:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:64bit: - [2009/07/13 19:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 19:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smb.sys -- (Smb)
DRV:64bit: - [2009/07/13 19:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2009/07/13 19:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:64bit: - [2009/07/13 19:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:64bit: - [2009/07/13 19:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2009/07/13 19:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 19:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/07/13 19:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:64bit: - [2009/07/13 19:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 19:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2009/07/13 19:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2009/07/13 19:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 19:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394)
DRV:64bit: - [2009/07/13 19:06:37 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
DRV:64bit: - [2009/07/13 19:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2009/07/13 19:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 19:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:64bit: - [2009/07/13 19:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2009/07/13 19:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 19:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2009/07/13 19:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2009/07/13 19:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2009/07/13 19:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2009/07/13 19:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:64bit: - [2009/07/13 19:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2009/07/13 19:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2009/07/13 19:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2009/07/13 19:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2009/07/13 19:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:64bit: - [2009/07/13 19:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2009/07/13 19:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2009/07/13 19:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:64bit: - [2009/07/13 19:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:64bit: - [2009/07/13 19:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:64bit: - [2009/07/13 19:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:64bit: - [2009/07/13 19:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 18:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:64bit: - [2009/07/13 18:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2009/07/13 18:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)
DRV:64bit: - [2009/07/13 18:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 18:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2009/07/13 18:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 18:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2009/07/13 18:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 18:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2009/07/13 18:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2009/07/13 18:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2009/07/13 18:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2009/07/13 18:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2009/07/13 18:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2009/07/13 18:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2009/07/13 18:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2009/07/13 18:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009/07/13 18:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2009/07/13 18:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2009/07/13 18:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2009/07/13 18:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:64bit: - [2009/07/13 18:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/13 18:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:64bit: - [2009/06/10 15:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:64bit: - [2009/06/10 15:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:64bit: - [2009/06/10 15:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:64bit: - [2009/06/10 15:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:64bit: - [2009/06/10 15:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/11/08 15:44:36 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121108.002\ex64.sys -- (NAVEX15)
DRV - [2012/11/08 15:44:36 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121108.002\eng64.sys -- (NAVENG)
DRV - [2012/10/05 13:23:26 | 001,385,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20121030.002\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/09/11 14:11:06 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/09/10 13:40:06 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/09/07 15:36:06 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121107.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{0A055CC6-A814-440B-9599-680B71131C36}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{0A055CC6-A814-440B-9599-680B71131C36}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{0A055CC6-A814-440B-9599-680B71131C36}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7RLTB_enUS526
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2013/03/07 14:05:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2013/03/07 14:05:47 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask...q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch....q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\raoday\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.160\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.160\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe (Symantec)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.10.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47025826-8D3D-4C63-BAD3-A7FFA9026DC1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDF860D6-88B1-4B07-9C84-69F95A2FF19B}: DhcpNameServer = 10.1.10.1 8.8.8.8
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/08 10:40:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/03/08 10:39:45 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/08 10:39:34 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/08 10:39:34 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/08 10:39:34 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/07 22:04:47 | 000,000,000 | ---D | C] -- C:\Users\raoday\AppData\Roaming\Google
[2013/03/07 21:52:50 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/03/07 21:30:15 | 000,000,000 | ---D | C] -- C:\FRST
[2013/03/07 21:20:13 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\raoday\Desktop\tdsskiller.exe
[2013/03/07 11:06:19 | 000,000,000 | ---D | C] -- C:\TRK-INFECTED
[2013/03/04 17:46:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/03/04 14:23:47 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2013/03/04 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\raoday\AppData\Roaming\Malwarebytes
[2013/03/04 14:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/04 14:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/04 14:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/03/04 14:03:49 | 000,000,000 | ---D | C] -- C:\Users\raoday\AppData\Local\Programs
[2013/02/15 21:45:05 | 000,000,000 | ---D | C] -- C:\0be73b68f3e1d465cc12dd04
[2013/02/15 20:10:59 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/02/15 20:10:59 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/02/15 20:10:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/02/15 20:10:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/02/15 20:10:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/02/15 20:10:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/02/15 20:10:54 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/02/15 20:10:54 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/02/15 20:10:52 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/02/15 20:10:52 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/02/15 20:10:51 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/02/15 20:10:51 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/02/15 20:10:48 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/02/15 20:10:47 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/02/15 20:10:47 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/02/14 14:50:06 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/02/14 14:50:05 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/02/14 14:50:04 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/02/14 14:49:52 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/02/14 14:49:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/02/14 14:49:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/02/14 14:49:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/02/14 14:49:51 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/02/14 14:49:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/02/14 14:49:47 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/02/14 14:45:23 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[3 C:\Users\raoday\Documents\*.tmp files -> C:\Users\raoday\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/08 10:40:04 | 000,031,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/08 10:40:03 | 000,031,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/08 10:39:30 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013/03/08 10:39:30 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/03/08 10:39:30 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/08 10:39:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/08 10:39:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/08 10:39:30 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/08 10:36:25 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/08 10:36:25 | 000,627,082 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/08 10:36:25 | 000,107,366 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/08 10:35:04 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/03/08 10:31:54 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/08 10:31:45 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/08 10:31:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/08 10:31:38 | 2800,771,072 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/08 10:27:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/07 22:45:22 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForraoday.job
[2013/03/07 22:02:56 | 000,002,279 | ---- | M] () -- C:\Users\raoday\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/07 22:02:56 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/07 21:47:20 | 000,597,667 | ---- | M] () -- C:\Users\raoday\Desktop\AdwCleaner.exe
[2013/03/07 21:18:38 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\raoday\Desktop\tdsskiller.exe
[2013/02/16 09:35:02 | 326,143,478 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/02/15 20:52:40 | 000,416,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[3 C:\Users\raoday\Documents\*.tmp files -> C:\Users\raoday\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/08 10:35:04 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/03/07 22:45:18 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForraoday.job
[2013/03/07 21:47:08 | 000,597,667 | ---- | C] () -- C:\Users\raoday\Desktop\AdwCleaner.exe
[2013/02/20 21:22:35 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/20 21:22:31 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/15 20:31:02 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/19 07:36:56 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/07/29 04:48:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/02/10 16:11:50 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/10 16:11:50 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/02/10 03:24:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/12/13 23:44:10 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/09/13 09:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/06 14:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:792D4CF1

< End of report >

Extras.txt:

OTL Extras logfile created on: 3/8/2013 10:42:11 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\raoday\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.48 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 66.29% Memory free
6.95 Gb Paging File | 5.63 Gb Available in Paging File | 80.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445.43 Gb Total Space | 396.01 Gb Free Space | 88.90% Space Free | Partition Type: NTFS
Drive D: | 20.03 Gb Total Space | 2.17 Gb Free Space | 10.82% Space Free | Partition Type: NTFS

Computer Name: RAODAY-HP | User Name: raoday | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CA2D295-B1CA-47A9-8D7C-525E860D0252}" = rport=138 | protocol=17 | dir=out | app=system |
"{2335DF6D-E7A1-43DD-AC74-39FAC003735A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{23DB717D-D0D6-41A6-B027-71A58942DF5E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F299F2F-F6A1-4294-A3BF-D0E41345B8FA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{39DC787F-B522-4E14-999F-989706A78BB4}" = lport=138 | protocol=17 | dir=in | app=system |
"{3BE4E4B8-40A2-4D00-80CB-E31BAC4A02B8}" = lport=445 | protocol=6 | dir=in | app=system |
"{4D5C6487-651E-4A5B-9092-F266DD1D888E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{60CC5245-AA50-482D-8D6C-681542EB7F0C}" = lport=139 | protocol=6 | dir=in | app=system |
"{684D2926-5B50-4E58-BB44-9C76DF024FE4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{75DCED21-EB8B-4B80-9DF8-51B4860B97B0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7F799791-3AF5-453D-B37C-176D433883BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{911EE894-1D6D-4FA9-AB67-46A356698D04}" = lport=137 | protocol=17 | dir=in | app=system |
"{96ABA665-16CF-4393-A21C-696A4E2AE813}" = rport=137 | protocol=17 | dir=out | app=system |
"{9B505100-7924-415F-A36F-12F82ACCB11D}" = rport=445 | protocol=6 | dir=out | app=system |
"{A8BE62B0-007F-4E5E-9185-4D671CE3EC8F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9CAAACA-A51C-4C26-9B1C-6A4DDA352846}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AC66673C-E759-401D-AFA0-456B50586C18}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{B28A343A-3A45-4175-89CC-642646C4310D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BF490B7F-595E-423D-A5A0-F1DF5A23DF7A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C39111AB-D279-4047-B520-A8AD910C7111}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D0FBE65D-BD27-4237-9882-AE20E0057F27}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{D2B6B3B0-E09C-47AA-A04B-CDF2802DB2D9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4B13D30-2999-4805-A9C1-0E87B1C909C8}" = rport=139 | protocol=6 | dir=out | app=system |
"{DD025227-D991-4003-A6B9-2CA21E5443DF}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05E24C20-9064-4915-8C2C-CBD54D75B675}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{060C3AF3-1E1E-4050-9E76-D4AB6445C09B}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{0CBE2903-D40B-4A34-954E-86827A00CDE8}" = protocol=17 | dir=in | app=c:\program files (x86)\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{0E2FAD20-0A13-44EC-BD9A-F31144353214}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1A00933A-B1B9-4BDF-8307-A0D90F15D779}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1D1C9C43-EC32-4613-A170-CEA965D4A9EC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{22AFAA30-1EFA-461A-B9D1-A4DFCBC8D415}" = protocol=1 | dir=in | [email protected],-28543 |
"{27FDD034-CAAF-4C65-85AF-A53AB1248022}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{2E9CECF9-5AD0-4EEB-B794-71D874DE3217}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2EB08E14-ECEF-4306-AF2F-25482A819C75}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{34A8B042-ABCA-4B99-BE14-C8671B0DD5F6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{372CEFC3-8DBD-4144-A2E1-2ABE65A73906}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{42129053-9AE2-4AAE-9CF4-955366760313}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{42ECEAFE-E1E6-45D6-B1EF-D2D03599DD6B}" = dir=in | app=c:\users\raoday\appdata\local\microsoft\skydrive\skydrive.exe |
"{5A7ED5B2-BFCF-4F59-832C-F7C99D80BF32}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63084431-020C-4E87-A728-E6F115D34D83}" = protocol=6 | dir=out | app=system |
"{874AF4AD-EB25-4AAC-B9CD-9AC5C4D2C3EC}" = protocol=6 | dir=in | app=c:\program files (x86)\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{8793685B-701C-4ABC-8458-27F042B73091}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{913C6A44-FAAD-4697-8808-3DB5DDD4241D}" = protocol=58 | dir=in | [email protected],-28545 |
"{9FEF351F-E470-4C42-AF4A-F7EC47F8D2A1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B62C8E65-EB4D-4817-8101-00BA1D75F015}" = protocol=1 | dir=out | [email protected],-28544 |
"{BB37A0A9-80DD-4CEC-8025-329E66FE352D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6C65AF6-6BEB-4AC2-BD9A-AE426E875F4C}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{CAA3E91E-1A7B-481F-B17D-B7BB5FBCD8D3}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{CFDE410E-D164-4186-8CCE-C3885B0B6699}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D41C1DBE-4FBD-4363-8B35-DD0B5CCAE4D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D55DA543-0D91-4038-BF5B-12B193E92B7C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D9713378-0938-4516-B7D8-C536929371D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DA1AFB01-79B0-44D7-A876-71048F12A4FA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCB5B2FD-51DD-4A3D-B18B-DF5193AF54E4}" = protocol=58 | dir=out | [email protected],-28546 |
"{DDC56119-6335-43C7-9D93-08C601013795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DE98B279-668E-47D4-9250-A7624BD6A2DE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E8F5960D-2F56-474C-90E6-6270119D1D16}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F972E3AE-4C26-4F76-8C28-14EB3ACBCFA4}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{FA914F1D-5EC2-4624-B6AA-35FD9AA1D88C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0AF477CD-37D7-4A38-AF3A-13D15C38DFE5}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{97530596-6B03-43C6-A201-FE5B01A4120B}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{289D263F-1526-945B-1E0D-7E51196337E4}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
"{5E015E15-F7AD-3379-523F-AD63C0CB9E71}" = AMD Steady Video Plug-In
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6032497A-4479-462B-ADB8-A0A372BB9A23}" = HP Application Assistant
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D1400EC-5703-3983-53B7-AEFB8BFD1CFA}" = AMD Catalyst Install Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}" = HP 3D DriveGuard
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F8E65951-694F-5F50-21C2-391B46B26653}" = AMD Accelerated Video Transcoding
"{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}" = HP Security Assistant
"{FEDED942-6D32-06D6-CBE4-02A95758B9E5}" = AMD Fuel
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{026573E8-3808-A622-54E7-41B0D01CC689}" = CCC Help Swedish
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0C592E07-485F-B1C0-43C7-214B3782689E}" = CCC Help Czech
"{0CF102B7-1BD1-868D-7ED6-FF6618615113}" = Catalyst Control Center InstallProxy
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{12F9E5E4-4C6A-8C07-03E9-1C4D8606C7CF}" = CCC Help Italian
"{16652164-D80F-4EE6-90C6-2E8D5D06092A}" = HP Documentation
"{16B7BDA1-B967-4D2D-8B27-E12727C28350}" = HP CoolSense
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2691AB48-CB65-1326-6B16-C65F2D193498}" = CCC Help Russian
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{31BF9CD1-A904-43B5-A236-53E5E908AD0E}" = Catalyst Control Center - Branding
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{3686BD56-4111-A355-F79B-8351DF00FFD0}" = Catalyst Control Center Graphics Previews Common
"{36F19B06-7C5F-F7F0-4B03-C041F9AD0B81}" = CCC Help Hungarian
"{36F55AE9-7C13-2DFD-2A16-13E9B1B591AD}" = CCC Help Turkish
"{393BD31B-4806-2F8C-BFE3-CD3D832B1A07}" = CCC Help German
"{3E2D6F53-FE1E-9685-3147-FE7D6CD241B3}" = CCC Help Greek
"{43287DB3-9A3D-9113-F9EC-E3E2EA83FAD8}" = CCC Help Chinese Standard
"{43837ADC-5558-9855-2258-C57DFE06473D}" = CCC Help Thai
"{46A14B00-8CA7-66CA-773B-78255D9C09E4}" = CCC Help Finnish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{550A8BE3-02DA-9A06-F7F7-782E0B7E16BC}" = CCC Help Danish
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59343305-C394-8581-67E9-192E52936174}" = CCC Help Korean
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{675D093B-815D-47FD-AB2C-192EC751E8E2}" = HP Software Framework
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6CFB80D8-0084-2AA0-5B10-CB528127B3D0}" = CCC Help Norwegian
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74A8E1BE-D438-4C35-ABFF-3A1EAF17526E}" = Blio
"{768A6276-5822-489C-8A2B-67190F745655}" = ESU for Microsoft Windows 7 SP1
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CE152BA-1D16-11E1-867D-984BE15F174E}" = Evernote v. 4.5.2
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97C9CD02-4F58-59DC-53E5-AB9B171CB537}" = CCC Help English
"{98A80C9A-4362-2AEE-B547-6C2E47E8887E}" = CCC Help Polish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A287F545-5139-0235-DCE8-D7598B2D312C}" = Catalyst Control Center Localization All
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7E8CB11-B09E-46F8-9BAE-B2E01EBF7E51}" = Bing Bar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.6) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B1475566-FA49-179A-86B3-C0C9E7122EA2}" = CCC Help French
"{B409B895-940B-A184-478B-5FB129501060}" = AMD VISION Engine Control Center
"{B99494A5-4B47-3923-9350-316B6A12EAAD}" = CCC Help Japanese
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7C45E0E-8963-DFD3-D35F-A4135BDC628E}" = CCC Help Chinese Traditional
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DA028428-3A16-D9CE-61AB-6422DFC40918}" = CCC Help Spanish
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE6BB53E-E91A-6F17-E518-BC4425AA9039}" = CCC Help Dutch
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9ED3FC6-8813-61B6-97FB-F09F296A224F}" = CCC Help Portuguese
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"NIS" = Norton Internet Security
"Norton Utilities 16_is1" = Norton Utilities 16
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-2a842c71-71a3-44a2-b51e-ebd478cd05b0" = Final Drive Fury
"WTA-315f9377-2448-4432-be62-a4daf9ebce51" = Chuzzle Deluxe
"WTA-3831c862-a731-47bd-a901-42ab6d60128e" = RollerCoaster Tycoon 3: Platinum
"WTA-38d9aeca-7341-4273-aa69-08ad7effb055" = Blackhawk Striker 2
"WTA-3cc3969f-f39f-4902-bc8a-3cbcfc9859bf" = Penguins!
"WTA-4b79f137-96cb-4a65-a4d0-fdff70fa01ac" = Jewel Match 3
"WTA-4d0cb297-86a6-4f98-b76f-73db06249604" = FATE
"WTA-5322d311-53ad-4645-bbe9-a1969c8dd6ce" = Polar Bowler
"WTA-55f7c99b-f8aa-4190-823c-13598194422e" = John Deere Drive Green
"WTA-56955c04-8d40-4d79-b5bf-16877305c153" = Letters from Nowhere 2
"WTA-5f70fc28-c9bf-43e0-b975-811bcc9a80f2" = Farm Frenzy
"WTA-67de12a6-7aed-4087-aaf7-6ddfe8b33fc2" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-98e4d6a7-c7d3-4531-80c8-13993d969345" = Dora's World Adventure
"WTA-a4035c0e-33b8-4495-912b-6f9ddf2d763b" = Luxor HD
"WTA-b006f34d-1b7e-44a1-9b86-f94550bcda0a" = Zuma's Revenge
"WTA-b671e4d0-0bcc-4a76-8d33-53b64bb15c54" = Virtual Villagers 4 - The Tree of Life
"WTA-c3bff5da-fa45-4182-a696-24b37b1dd101" = The Treasures of Mystery Island: The Ghost Ship
"WTA-d3ca098f-eb9c-48ae-8ab7-1099303857ad" = Bejeweled 3
"WTA-d564c9aa-6d51-47c4-86d2-042c0842905f" = Hoyle Card Games
"WTA-d6e2f27b-eec7-4bdf-a080-41d46c880018" = Plants vs. Zombies - Game of the Year
"WTA-da490889-8a17-4a44-8044-2a104594460f" = Poker Superstars III
"WTA-e3a32780-24bd-4b68-9500-954010ff61fc" = Torchlight
"WTA-e92dcafc-6b30-4dec-a712-65093a2cc10f" = Cradle of Rome 2
"WTA-ef1ea45a-06f8-449a-8d06-5178a5c226d5" = Farmscapes
"WTA-f1963df3-782e-4dc1-bd9b-617b4c468518" = Mah Jong Medley
"WTA-fef1475e-8b4d-4947-9a66-365ab8002190" = Polar Golfer

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/15/2013 9:04:00 PM | Computer Name = raoday-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/15/2013 9:09:56 PM | Computer Name = raoday-HP | Source = Application Error | ID = 1000
Description = Faulting application name: conhost.exe, version: 6.1.7601.18015, time
stamp: 0x50b826c0 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000009970a Faulting
process id: 0xbec Faulting application start time: 0x01ce0be253db5eee Faulting application
path: C:\Windows\system32\conhost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 9349d44e-77d5-11e2-821b-28924a3eae7d

Error - 2/15/2013 9:46:22 PM | Computer Name = raoday-HP | Source = .NET Runtime Optimization Service | ID = 1107
Description =

Error - 2/15/2013 9:46:22 PM | Computer Name = raoday-HP | Source = .NET Runtime Optimization Service | ID = 1107
Description =

Error - 2/15/2013 9:46:45 PM | Computer Name = raoday-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/15/2013 9:50:10 PM | Computer Name = raoday-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/15/2013 9:53:25 PM | Computer Name = raoday-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/15/2013 9:54:52 PM | Computer Name = raoday-HP | Source = Application Error | ID = 1000
Description = Faulting application name: wmiprvse.exe, version: 6.1.7601.17514,
time stamp: 0x4ce79d42 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000009970a
Faulting
process id: 0x998 Faulting application start time: 0x01ce0be89b9d3170 Faulting application
path: C:\Windows\system32\wbem\wmiprvse.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: da4d324e-77db-11e2-bf05-28924a3eae7d

Error - 2/15/2013 9:58:19 PM | Computer Name = raoday-HP | Source = Application Error | ID = 1000
Description = Faulting application name: conhost.exe, version: 6.1.7601.18015, time
stamp: 0x50b826c0 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000009970a Faulting
process id: 0x614 Faulting application start time: 0x01ce0be9102e5689 Faulting application
path: C:\Windows\system32\conhost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 557be314-77dc-11e2-b542-28924a3eae7d

Error - 2/15/2013 9:59:21 PM | Computer Name = raoday-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/16/2013 10:32:42 AM | Computer Name = raoday-HP | Source = WinMgmt | ID = 10
Description =

[ Hewlett-Packard Events ]
Error - 9/25/2012 7:19:16 AM | Computer Name = raoday-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 9/25/2012 4:33:16 PM | Computer Name = raoday-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 9/25/2012 4:35:37 PM | Computer Name = raoday-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 9/25/2012 4:36:28 PM | Computer Name = raoday-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 9/25/2012 4:37:06 PM | Computer Name = raoday-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 9/25/2012 4:38:05 PM | Computer Name = raoday-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 9/25/2012 4:42:31 PM | Computer Name = raoday-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 10/16/2012 7:15:30 AM | Computer Name = raoday-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 10/29/2012 9:58:52 AM | Computer Name = raoday-HP | Source = HPSF.exe | ID = 4000
Description =

[ HP Software Framework Events ]
Error - 11/11/2012 11:31:11 AM | Computer Name = raoday-HP | Source = hpqWmiEx | ID = 5
Description = 2012/11/11 10:31:11.208|00000C88|Error |ChpqWmiExModule::Start|The
hpqwmiex service failed to start (1063). A system restart may correct this problem.

[ System Events ]
Error - 3/2/2013 8:43:34 AM | Computer Name = raoday-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:36:25 AM on ?3/?2/?2013 was unexpected.

Error - 3/2/2013 8:45:16 AM | Computer Name = raoday-HP | Source = PNRPSvc | ID = 102
Description =

Error - 3/2/2013 8:45:16 AM | Computer Name = raoday-HP | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535

Error - 3/2/2013 8:45:16 AM | Computer Name = raoday-HP | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535

Error - 3/2/2013 8:45:40 AM | Computer Name = raoday-HP | Source = PNRPSvc | ID = 102
Description =

Error - 3/2/2013 8:45:40 AM | Computer Name = raoday-HP | Source = PNRPSvc | ID = 102
Description =

Error - 3/2/2013 8:45:40 AM | Computer Name = raoday-HP | Source = PNRPSvc | ID = 102
Description =

Error - 3/2/2013 8:45:40 AM | Computer Name = raoday-HP | Source = PNRPSvc | ID = 102
Description =

Error - 3/2/2013 8:45:40 AM | Computer Name = raoday-HP | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535

Error - 3/2/2013 8:45:40 AM | Computer Name = raoday-HP | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535

< End of report >

#13
JSntgRvr

Posted 08 March 2013 - 02:58 PM

Global Moderator

Global Moderator
11,579 posts

The log looks clear, Congratulations.

Should I attempt to uninstall Norton again?

By all means. If unable, you may have to download a removal tool from Norton, specifically for that version.

Since the tools we used to scan the computer, as well as tools to delete files and folders, are no longer needed, they should be removed, as well as the folders created by these tools.

Run OTL. Click on the Cleanup button and follow the prompts.

Remove the C:\FRST folder

Manually remove any tool left.

Here are some suggestions.

Always keep your JAVA updated. Older versions will make your computer vulnerable.
Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Miekiemoes.

Best wishes! Posted Image

#14
KevinVanLear

Posted 09 March 2013 - 06:31 AM

New Member

Topic Starter
Member
8 posts

JSntgRvr,

Thank you very much for your time and your help! You were not only knowledgeable and to the point, but very timely in your responses. I will definitely spread the word about this site! Have a good one!