Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

google redirect - origin attempt to install on startup [Closed]


  • This topic is locked This topic is locked

#1
medic

medic

    Member

  • Member
  • PipPip
  • 66 posts
Google redirect and this program keeps on trying to get me to install it on start up.

OTL log file prior to running goored fix and tdsskiller

All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Dana\Downloads\cmd.bat deleted successfully.
C:\Users\Dana\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: All Users

User: Brent
->Temp folder emptied: 787557 bytes
->Temporary Internet Files folder emptied: 103297265 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 87404461 bytes
->Flash cache emptied: 45940 bytes

User: Bruce
->Temp folder emptied: 33886 bytes
->Temporary Internet Files folder emptied: 36364 bytes
->Flash cache emptied: 41620 bytes

User: Dana
->Temp folder emptied: 960453220 bytes
->Temporary Internet Files folder emptied: 144840996 bytes
->Java cache emptied: 326279 bytes
->FireFox cache emptied: 84854091 bytes
->Google Chrome cache emptied: 107184021 bytes
->Flash cache emptied: 49308 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Dotti
->Temp folder emptied: 81448600 bytes
->Temporary Internet Files folder emptied: 593688858 bytes
->Java cache emptied: 741570 bytes
->FireFox cache emptied: 217305631 bytes
->Google Chrome cache emptied: 40207286 bytes
->Flash cache emptied: 77418 bytes

User: Owner
->Temp folder emptied: 1288736 bytes
->Temporary Internet Files folder emptied: 41923177 bytes
->Flash cache emptied: 43423 bytes

User: Public

%systemdrive% .tmp files removed: 285749 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 175172778 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 322263500 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36028370 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,861.00 mb

Restore point Set: OTM Restore Point

[EMPTYFLASH]

User: Administrator

User: All Users

User: Brent
->Flash cache emptied: 0 bytes

User: Bruce
->Flash cache emptied: 0 bytes

User: Dana
->Flash cache emptied: 492 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Dotti
->Flash cache emptied: 0 bytes

User: Owner
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 03262013_150114

Files moved on Reboot...
C:\Users\Dana\AppData\Local\Temp\PowerCinema\sukhh.dll moved successfully.
C:\Users\Dana\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File C:\Users\Dotti\AppData\Local\Temp\OICE_DFF33570-A563-4B82-85B8-E2CDE951DA1C.0\C0F1B18B. not found!
File C:\Users\Dotti\AppData\Local\Temp\OICE_68FE1C48-69E5-45FB-8362-131ADDFBDE4D.0\E9B0EAA7. not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\366108[4].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\366108[6].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\ab[4].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\adsAdClient31[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\afr[11].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\arj[2] not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\audmeasure[1].gif moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\audmeasure[2].gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\b39ea43d-527a-40b6-9da0-97a10dc44469[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\B7218615[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\big-fears-on-health-care-point-to-same-old-rises-in-payments[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\channels[2].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\comScore[1].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\emily[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\emily[2].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\fashionbeauty[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\follow_button[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\fpiCA2389QE.htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\fpi[11].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\index.c2670ee4b52a2b88a02bd11172df6393[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\jquery-1.8.0.min[1].js moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\like[3].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\p-01-0VIaSjnOLgCAZVB3JJ.gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\p-01-0VIaSjnOLg[11].gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\pd[4].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\pd[5].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\pingCAJ7NJZJ.gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\PortalServe[3].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\ps[2].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\quickdraw[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\ts=20130326151602%3Bui=bH9jGsKesh5wUwb07_UAJ-bpJbyMTLksrhhkK6UeJFSlX9y8ROTDFI-myq6W-pFhYXUlwqe1UiA6Aapw4HgT2A%3Bdct=;ord=1364325362[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\videos[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z554HOXE\video[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\1[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\1[2].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\366108[4].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\366108[5].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\audmeasure[5].gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\ddcCAOXDW79.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\ddcCAOZZQNN.htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\ddcCAWM8G93.htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\emily[3].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\fastbutton[5].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\fastbutton[6].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\fpi[11].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\hub[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\likeCAWAQ8XC.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\like[10].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\like[11].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\like[7].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\like[9].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\nicki-minaj[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\p-01-0VIaSjnOLg[6].gif not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\pd[2].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\pd[4].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\pd[5].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\pd[6].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\pd[8].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\ps[2].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\web[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\web[2].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8YMONYE\xd_arbiter[2].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\01[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\0[1].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\1049525132[5].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\1049525132[6].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\300x250[3].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\365938[1].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\audience-science[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\B7419940[1].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\beacon[9].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\ddcCA3131YE.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\ddcCAUU2ZN0.htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\ffiad[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\ffiad[2].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\fpiCAR0E6BN.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\fpi[10].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\fpi[11].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\getAds[1].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\hub[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\ifCAR1YYW1.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\ifCARIX1SV.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\if[10].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\likebox[7].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\like[7].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\pd[7].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\pd[9].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\sh114[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAKFPOKN\showad[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\01[5].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\4651[2].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\emily[3].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\emily[4].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\fpi[11].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\fun[1].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\hqwwyzflqv-tiger-woods[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\iframe[2].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\must-see-videos[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\pd[7].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\serve[2].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0XIZQJY\statstracker[2].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\2303085[2].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\afrCA1J3YWL.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\afrCALD76E0.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\api[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\creative2200[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\crossdomain[1].xml not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\ddc[10].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\dest2[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\emily[5].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\emily[8].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\fastbutton[5].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\ffiad[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\ffiad[2].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\fishlogy_com[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\getSegment[2].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\ifCA3LNQIS.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\ifCAWYDV3E.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\if[11].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\likebox[3].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\likeCA2RBOC8.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\likeCA69PZPL.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\likeCAAH23DR.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\likeCAINVBBO.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\likeCAOFBTZ9.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\likeCAUKMECY.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\likeCAVDU792.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\likeCAWTMGRT.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\like[10].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\like[5].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\like[6].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\like[7].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\like[8].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\like[9].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\pd[8].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\pingCAL9VRLY.gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\ps[4].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\tt[2].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX8H31RX\um[3].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\1364079339320_54267352534056[3].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\4651[2].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\api[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\beaconCA4BBH36.htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\ddcCA6R848C.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\fastbutton[10].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\fertility[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\ffiad[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\iframe[3].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\if[10].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\if[11].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\if[9].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\likebox[5].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\pd[5].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\ps[2].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\rubicon_728_90_atf-ros[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\serve[4].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\sign_up[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEU0IZPL\statstracker[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\1GyHepBNg3c[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\365938[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\4651[1].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\api[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\bet-awards-12-nicki-minaj[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\blogs[1].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\celebs_menu[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\cholesterol-lowering-diet[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\custom[1].js moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\emily[3].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\follow_button.1363148939[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\fpiCA770TZ8.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\f[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\if[11].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\jot05db6532[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\likebox[3].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\likebox[6].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\like[10].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\like[11].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\login_button[3].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\lvjmYqxJMVE[1].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\megan-fox-quiere-tener-m%C3%A1s-beb%C3%A9s[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\oauth[2].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\oauth[3].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\p-01-0VIaSjnOLgCACTWXP2.gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\p-01-0VIaSjnOLgCAED1LYW.gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\p-01-0VIaSjnOLgCAKMSAAX.gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\p-01-0VIaSjnOLg[10].gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\p-01-0VIaSjnOLg[11].gif not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\pork-feet-and-cheek-with-cepe-mushrooms[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VCBC1\rubicon_300_250_atf-ros[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\01[3].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\366108[4].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\366108[5].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\api[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\beacon[10].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\blogs[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\ddcCABM7UXG.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\ddcCAE040UG.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\fastbutton[4].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\fastbutton[5].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\fpi[4].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\getSegment[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\hcounter[2].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\ifCA6Z30DE.htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\if[10].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\jquery.prettyPhoto[1].js moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\like[6].htm not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\net[1].htm moved successfully.
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\p-01-0VIaSjnOLg[10].gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\p-01-0VIaSjnOLg[9].gif not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\pd[1].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\pd[5].htm not found!
File C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\pingCAM28ISI.gif not found!
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\ppibfi_pinterest[1].css moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\pulse-iframe[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\site-130588[1].js moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\tweet_button.1363148939[1].htm moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\062J8P7Y\xd_arbiter[1].htm moved successfully.

Registry entries deleted on Reboot...
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello medic

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.





I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3


    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following

  • both reports from DDS
  • report from security check
  • let me know of any problems you may have had

Gringo

  • 0

#3
medic

medic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 01:24 on 27/03/2013 (Dana)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-


Results of screen317's Security Check version 0.99.61
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java™ 6 Update 25
Java version out of Date!
Adobe Flash Player 11.6.602.180
Adobe Reader 10.1.3 Adobe Reader out of Date!
Mozilla Firefox (19.0.2)
Google Chrome 25.0.1364.172
Google Chrome 25.0.1364.97
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Dana Desktop virus SecurityCheck.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 10%
````````````````````End of Log``````````````````````


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 1.6.0_25
Run by Dana at 1:31:12 on 2013-03-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2074 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~2\MYSCRA~2\bar\1.bin\12barsvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\vssvc.exe
C:\PROGRA~2\WEATHE~2\bar\1.bin\gcbarsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12brmon.exe
C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcbrmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
uURLSearchHooks: <No Name>: {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcSrcAs.dll
uURLSearchHooks: <No Name>: {b3b5c47e-61f7-4d81-af06-461fc86686ce} - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12SrcAs.dll
mURLSearchHooks: AOL Mail Toolbar Search Class: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files (x86)\AOL Mail Toolbar\aolmailtb.dll
mURLSearchHooks: Productivity 3.1 Toolbar: {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files (x86)\Productivity_3.1\prxtbProd.dll
BHO: Toolbar BHO: {0214754e-4e7d-4589-829d-e2523e6a3085} - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12bar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
BHO: Search Assistant BHO: {65f159fb-5f5e-46f4-b45d-ccfa236d2073} - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12SrcAs.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll
BHO: AppGraffiti: {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Productivity 3.1 Toolbar: {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files (x86)\Productivity_3.1\prxtbProd.dll
BHO: Search Assistant BHO: {9b9dcae3-be34-424c-8d73-75e305a9e091} - C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcSrcAs.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Inbox Toolbar: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Toolbar BHO: {dc9051c2-8f55-479a-97a4-747980d9047f} - C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcbar.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: ShopAtHomeIEHelper Class: {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: AOL Mail Toolbar Loader: {fbea8524-8c72-4208-9d12-7fb73e9926eb} - C:\Program Files (x86)\AOL Mail Toolbar\aolmailtb.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: ShopAtHome.com Toolbar: {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: AOL Mail Toolbar: {a3704fa3-dbf6-46b5-b95e-0677dfd39577} - C:\Program Files (x86)\AOL Mail Toolbar\aolmailtb.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
TB: Productivity 3.1 Toolbar: {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files (x86)\Productivity_3.1\prxtbProd.dll
TB: My Scrap Nook: {fe6f06fb-0fc0-4499-828f-ee48088f504f} - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12bar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: WeatherBlink: {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcbar.dll
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
uRun: [Akamai NetSession Interface] C:\Users\Dana\AppData\Local\Akamai\netsession_win.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [PowerCinema] rundll32 "C:\Users\Dana\AppData\Local\Temp\PowerCinema\sukhh.dll",D3DXSHEvalHemisphereLight
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [InboxToolbar] "C:\PROGRA~2\INBOXT~1\Inbox.exe" /STARTUP
mRun: [My Scrap Nook Search Scope Monitor] "C:\PROGRA~2\MYSCRA~2\bar\1.bin\12srchmn.exe" /m=2 /w /h
mRun: [MyScrapNook_12 Browser Plugin Loader] C:\PROGRA~2\MYSCRA~2\bar\1.bin\12brmon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [WeatherBlink Search Scope Monitor] "C:\PROGRA~2\WEATHE~2\bar\1.bin\gcsrchmn.exe" /m=2 /w /h
mRun: [WeatherBlink Browser Plugin Loader] C:\PROGRA~2\WEATHE~2\bar\1.bin\gcbrmon.exe
dRun: [PowerCinema] rundll32 "C:\Users\Dana\AppData\Local\Temp\PowerCinema\sukhh.dll",D3DXSHEvalHemisphereLight
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-System: DisableRegedit = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableRegedit = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
TCP: NameServer = 167.206.251.130 167.206.251.129 192.168.1.1
TCP: Interfaces\{66AB48E3-1DC6-4FC5-891D-A97287A17432} : NameServer = 198.153.192.1,198.153.194.1
TCP: Interfaces\{66AB48E3-1DC6-4FC5-891D-A97287A17432} : DHCPNameServer = 167.206.251.130 167.206.251.129 192.168.1.1
TCP: Interfaces\{66AB48E3-1DC6-4FC5-891D-A97287A17432}\34963736F62463931343 : NameServer = 198.153.192.1,198.153.194.1
TCP: Interfaces\{66AB48E3-1DC6-4FC5-891D-A97287A17432}\34963736F62463931343 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{ADE2892E-59B2-45E6-B60D-B5388822DC6C} : NameServer = 198.153.192.1,198.153.194.1
TCP: Interfaces\{ADE2892E-59B2-45E6-B60D-B5388822DC6C} : DHCPNameServer = 167.206.251.130 167.206.251.129 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\j12bwqda.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\NP12Stub.dll
FF - plugin: C:\Program Files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\NP14EISb.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - ExtSQL: !HIDDEN! 2012-11-07 17:39; [email protected]_12.com; C:\Program Files (x86)\MyScrapNook_12\bar\1.bin
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-2-6 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-2-6 1129120]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\BASHDefs\20130301.001_adb\BHDrvx64.sys [2013-3-1 1388120]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-2-6 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\IPSDefs\20130326.001\IDSviA64.sys [2013-3-26 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-2-6 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-2-6 405624]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-7-30 203264]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-12-28 354304]
R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 MyScrapNook_12Service;My Scrap NookService;C:\PROGRA~2\MYSCRA~2\bar\1.bin\12barsvc.exe [2012-11-7 42504]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-2-6 138272]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-7-30 635416]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 WeatherBlinkService;WeatherBlinkService;C:\PROGRA~2\WEATHE~2\bar\1.bin\gcbarsvc.exe [2013-3-19 42504]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-5-13 46136]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-3-22 138912]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-7-30 852256]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-30 346144]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-7-30 38456]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;C:\Windows\System32\drivers\libusb0.sys [2011-11-23 29184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-28 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-27 1255736]
.
=============== File Associations ===============
.
ShellExec: pdfvista.exe: Open="C:\Program Files (x86)\PDF Complete\pdfvista.exe"
ShellExec: pdfvista.exe: Read="C:\Program Files (x86)\PDF Complete\pdfvista.exe"
.
=============== Created Last 30 ================
.
2013-03-26 19:40:35 -------- d-----w- C:\TDSSKiller_Quarantine
2013-03-26 19:01:14 -------- d-----w- C:\_OTM
2013-03-26 18:03:32 -------- d-----w- C:\Users\Dana\AppData\Local\Programs
2013-03-26 18:02:49 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-26 18:02:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-26 00:01:20 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-24 17:42:44 -------- d-----w- C:\Users\Dana\AppData\Local\Northcode Inc
2013-03-23 22:49:49 20480 ----a-w- C:\Windows\svchost.exe
2013-03-19 17:53:51 -------- d-----w- C:\Program Files (x86)\WeatherBlink
.
==================== Find3M ====================
.
2013-03-13 04:06:14 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-13 04:06:13 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
.
============= FINISH: 1:31:43.43 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/14/2011 11:42:35 PM
System Uptime: 3/26/2013 4:05:44 PM (9 hours ago)
.
Motherboard: FOXCONN | | 2AB1
Processor: AMD Athlon™ II X4 635 Processor | CPU 1 | 2900/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 687 GiB total, 583.814 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.464 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP96: 2/14/2013 3:00:17 AM - Windows Update
RP97: 2/27/2013 3:00:14 AM - Windows Update
RP98: 3/14/2013 3:00:26 AM - Windows Update
RP99: 3/26/2013 3:00:19 AM - Windows Update
RP100: 3/26/2013 3:26:08 PM - OTM Restore Point
RP101: 3/26/2013 4:04:24 PM - OTM Restore Point
.
==== Installed Programs ======================
.
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Digital Editions 2.0
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.5
Akamai NetSession Interface Service
AMD Fuel
AOL Mail Toolbar
AppGraffiti
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
ATI Problem Report Wizard
ATI Stream SDK v2 Developer
Bejeweled 2 Deluxe
Blackhawk Striker 2
Bonjour
Build-a-lot 2
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
Chuzzle Deluxe
CinemaNow Media Manager
Cisco Connect
Coupon Printer for Windows
CyberLink DVD Suite Deluxe
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Democracy
Diner Dash 2 Restaurant Rescue
Dora's Carnival Adventure
Download Updater (AOL Inc.)
DVD Menu Pack for HP MediaSmart Video
EA Download Manager
ERUNT 1.1j
Escape Rosecliff Island
FATE
Final Drive Nitro
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GreenPC
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.2.1.1
HomeNet Manager
HP Advisor
HP Customer Experience Enhancements
HP Game Console
HP Games
HP MediaSmart CinemaNow 2.0
HP MediaSmart DVD
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart SmartMenu
HP MediaSmart Video
HP MediaSmart/TouchSmart Netflix
HP Odometer
HP Product Detection
HP Support Assistant
HP Support Information
HP Update
HP Vision Hardware Diagnostics
Hulu Desktop
HydraVision
Inbox Toolbar
iTunes
Java Auto Updater
Java™ 6 Update 25
Jewel Quest 3
Jewel Quest Solitaire 2
Junk Mail filter update
Kobo
LabelPrint
LightScribe System Software
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 19.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Scrap Nook Toolbar
Norton Internet Security
PDF Complete Special Edition
Penguins!
PhotoNow!
PictureMover
Plants vs. Zombies
PlayReady PC Runtime amd64
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
PressReader
Prison Tycoon 3
Productivity 3.1 Toolbar
QuickTime
Ralink RT2860 Wireless LAN Card
Realtek High Definition Audio Driver
Recovery Manager
RollerCoaster Tycoon
Roxio CinemaNow 2.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
ShopAtHome.com Toolbar
The Sims™ 3
The Weather Channel App
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Virtual Families
Virtual Patient Encounters ALS
Virtual Villagers - The Secret City
WeatherBlink Toolbar
Westward 3 Gold Rush
Wheel of Fortune 2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Wizard101
Yahoo! Messenger
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
3/26/2013 4:03:29 PM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
3/26/2013 2:55:07 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
3/25/2013 12:11:00 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002c5b26b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\Minidump\032513-41402-01.dmp. Report Id: 032513-41402-01.
3/24/2013 3:51:10 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD FUEL Service service.
3/24/2013 2:49:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000040, 0x0000000000000002, 0x0000000000000001, 0xfffff80002cd81c8). A dump was saved in: C:\Windows\Minidump\032413-35973-01.dmp. Report Id: 032413-35973-01.
3/24/2013 2:45:22 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8004f3bbb0, 0x0000000000000000, 0x000000007ef88000). A dump was saved in: C:\Windows\Minidump\032413-28158-01.dmp. Report Id: 032413-28158-01.
.
==== End Of File ===========================
  • 0

#4
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello medic


These are the programs I would like you to run next, if you have any problems with these just skip it and move on to the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#5
medic

medic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
The mouse and keyboard are usb can I leave them connected when I run rouguekiller?
  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
yes you can - that is for external drives
  • 0

#7
medic

medic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
# AdwCleaner v2.115 - Logfile created 03/27/2013 at 02:21:07
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Dana - OWNER-HP
# Boot Mode : Normal
# Running from : C:\Users\Dana\Desktop\virus\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
Folder Deleted : C:\Program Files (x86)\AppGraffiti
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DailyBibleGuideEI
Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
Folder Deleted : C:\Program Files (x86)\Productivity_3.1
Folder Deleted : C:\Program Files (x86)\SelectRebates
Folder Deleted : C:\Program Files (x86)\TotalRecipeSearch_14EI
Folder Deleted : C:\Program Files (x86)\Upromise
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Brent\AppData\Roaming\Mozilla\Firefox\Profiles\uv7yw65c.default\extensions\[email protected]_12.com
Folder Deleted : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\j12bwqda.default\extensions\[email protected]_12.com
Folder Deleted : C:\Users\Dotti\AppData\Local\Conduit
Folder Deleted : C:\Users\Dotti\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\Dotti\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Dotti\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Dotti\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Dotti\AppData\LocalLow\Productivity_3.1
Folder Deleted : C:\Users\Dotti\AppData\Roaming\Mozilla\Firefox\Profiles\kujxhqwp.default\extensions\[email protected]_12.com
Folder Deleted : C:\Users\Dotti\AppData\Roaming\Mozilla\Firefox\Profiles\kujxhqwp.default\extensions\[email protected]
Folder Deleted : C:\Users\Dotti\AppData\Roaming\Upromise
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Owner\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Productivity_3.1
Folder Deleted : C:\Users\Owner\AppData\LocalLow\RebateInformer

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\I Want This
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9427041A-A8DC-4D06-9A68-93873486E957}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9427041A-A8DC-4D06-9A68-93873486E957}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\Software\AppGraffiti
Key Deleted : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.AppServer
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.IBX404
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.JSServer
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3008668
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\TotalRecipeSearch_14Installer.Start
Key Deleted : HKLM\SOFTWARE\Classes\TotalRecipeSearch_14Installer.Start.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E5B29C2-BC6E-40BE-B881-AEE35B1F4035}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DailyBibleGuideEI
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Inbox Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2273BD45-9747-41D0-B552-6CE3A3ED94DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@ei.TotalRecipeSearch_14.com/Plugin
Key Deleted : HKLM\Software\Productivity_3.1
Key Deleted : HKLM\Software\TotalRecipeSearch_14EI
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2273BD45-9747-41D0-B552-6CE3A3ED94DA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9427041A-A8DC-4D06-9A68-93873486E957}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3B181CF2-878B-4758-8FBD-59D8AC5AB12D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{490A5A0F-1471-47FF-8BB5-719F1F5238AD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C868DEA4-1A4C-4DEB-B31B-0868DEEF16C7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDCDE672-45D3-4611-B5F6-706FA8DB3B4E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9427041A-A8DC-4D06-9A68-93873486E957}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Productivity_3.1 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B181CF2-878B-4758-8FBD-59D8AC5AB12D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{490A5A0F-1471-47FF-8BB5-719F1F5238AD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{9427041A-A8DC-4D06-9A68-93873486E957}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxToolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{9427041A-A8DC-4D06-9A68-93873486E957}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\j12bwqda.default\prefs.js

[OK] File is clean.

File : C:\Users\Brent\AppData\Roaming\Mozilla\Firefox\Profiles\uv7yw65c.default\prefs.js

[OK] File is clean.

File : C:\Users\Dotti\AppData\Roaming\Mozilla\Firefox\Profiles\kujxhqwp.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.172

File : C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Dotti\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [13998 octets] - [27/03/2013 02:21:07]

########## EOF - C:\AdwCleaner[S1].txt - [14059 octets] ##########




RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Dana [Admin rights]
Mode : Scan -- Date : 03/27/2013 02:27:00
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 23 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : PowerCinema (rundll32 "C:\Users\Dana\AppData\Local\Temp\PowerCinema\sukhh.dll",D3DXSHEvalHemisphereLight) [x] -> FOUND
[RUN][SUSP PATH] HKUS\.DEFAULT[...]\Run : PowerCinema (rundll32 "C:\Users\Dana\AppData\Local\Temp\PowerCinema\sukhh.dll",D3DXSHEvalHemisphereLight) [x] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-19[...]\Run : PowerCinema (rundll32 "C:\Users\Dana\AppData\Local\Temp\PowerCinema\sukhh.dll",D3DXSHEvalHemisphereLight) [x] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-20[...]\Run : PowerCinema (rundll32 "C:\Users\Dana\AppData\Local\Temp\PowerCinema\sukhh.dll",D3DXSHEvalHemisphereLight) [x] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-1015054256-2377368507-1928368229-1003[...]\Run : PowerCinema (rundll32 "C:\Users\Dana\AppData\Local\Temp\PowerCinema\sukhh.dll",D3DXSHEvalHemisphereLight) [x] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-1015054256-2377368507-1928368229-1003_Classes[...]\Run : PowerCinema (rundll32 "C:\Users\Dana\AppData\Local\Temp\PowerCinema\sukhh.dll",D3DXSHEvalHemisphereLight) [x] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-18[...]\Run : PowerCinema (rundll32 "C:\Users\Dana\AppData\Local\Temp\PowerCinema\sukhh.dll",D3DXSHEvalHemisphereLight) [x] -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{66AB48E3-1DC6-4FC5-891D-A97287A17432} : NameServer (198.153.192.1,198.153.194.1) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{ADE2892E-59B2-45E6-B60D-B5388822DC6C} : NameServer (198.153.192.1,198.153.194.1) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{66AB48E3-1DC6-4FC5-891D-A97287A17432} : NameServer (198.153.192.1,198.153.194.1) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{ADE2892E-59B2-45E6-B60D-B5388822DC6C} : NameServer (198.153.192.1,198.153.194.1) -> FOUND
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorUser (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

˙ţ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST375052 8AS SATA Disk Device +++++
--- User ---
[MBR] 3a5aa8d89c97a161a6fbc32544af99c7
[BSP] feeb2de66810fa5add8183a6e2d5e77e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 703028 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1440008192 | Size: 12274 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] dc3a7f84dee8ed311ff9bd24af9d3e9b
[BSP] 92d7d423999dec0a6fed32c8bc6e5506 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 264071168 | Size: 300 Mo

Finished : << RKreport[1]_S_03272013_02d0227.txt >>
RKreport[1]_S_03272013_02d0227.txt
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello medic

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#9
medic

medic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
had to do the restart.... still getting redirects but not getting prompted to install anything at startup, machine also is running a bit faster.


ComboFix 13-03-26.01 - Dana 03/27/2013 3:38.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2475 [GMT -4:00]
Running from: c:\users\Dana\Desktop\virus\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\WeatherBlink
c:\program files (x86)\WeatherBlink\bar\1.bin\BOOTSTRAP.JS
c:\program files (x86)\WeatherBlink\bar\1.bin\CREXT.DLL
c:\program files (x86)\WeatherBlink\bar\1.bin\CrExtPgc.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gcauxstb.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcbar.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcbarsvc.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gcbprtct.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcbrmon.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gcbrstub.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcdatact.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcdlghk.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcdyn.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcfeedmg.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gchighin.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gchkstub.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gchtmlmu.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gchttpct.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcidle.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcieovr.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcimpipe.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gcmedint.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gcmlbtn.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcmsg.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcradio.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcreghk.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcregiet.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcscript.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcskin.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcsknlcr.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcskplay.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gcSrcAs.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcSrchMn.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gctpinst.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcuabtn.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\LOGO.BMP
c:\program files (x86)\WeatherBlink\bar\1.bin\T8EXTEX.DLL
c:\program files (x86)\WeatherBlink\bar\1.bin\T8EXTPEX.DLL
c:\program files (x86)\WeatherBlink\bar\1.bin\T8HTML.DLL
c:\program files (x86)\WeatherBlink\bar\1.bin\T8RES.DLL
c:\program files (x86)\WeatherBlink\bar\1.bin\T8TICKER.DLL
c:\program files (x86)\WeatherBlink\bar\gen1\COMMON.T8S
c:\program files (x86)\WeatherBlink\bar\IE9Mesg\COMMON.T8S
c:\program files (x86)\WeatherBlink\bar\Message\COMMON.T8S
c:\program files (x86)\WeatherBlink\bar\Settings\s_pid.dat
c:\programdata\pcdfdata
c:\users\Dana\GoToAssistDownloadHelper.exe
c:\users\Dotti\AppData\Roaming\Dyymz
c:\users\Dotti\AppData\Roaming\Dyymz\ecmo.zyu
c:\users\Dotti\AppData\Roaming\Okok
c:\users\Dotti\AppData\Roaming\Okok\igik.yhi
c:\users\Dotti\AppData\Roaming\Qekuku
c:\users\Dotti\AppData\Roaming\Qekuku\orgi.koc
c:\users\Dotti\AppData\Roaming\Ucypfa
c:\users\Dotti\AppData\Roaming\Ucypfa\hiono.hol
c:\users\Dotti\AppData\Roaming\Yclai
c:\users\Dotti\AppData\Roaming\Yclai\fuwak.nou
c:\users\Dotti\AppData\Roaming\Yraqi
c:\users\Dotti\AppData\Roaming\Yraqi\ekygy.ecs
c:\users\Dotti\Documents\~WRL0003.tmp
c:\users\Dotti\Documents\~WRL0860.tmp
c:\windows\svchost.exe
c:\windows\tmp
c:\windows\tmp\dd_vcredistMSI67B0.txt
c:\windows\tmp\dd_vcredistMSI6F57.txt
c:\windows\tmp\dd_vcredistUI67B0.txt
c:\windows\tmp\dd_vcredistUI6F57.txt
c:\windows\tmp\qtsingleapp-koboex-7d5-1-lockfile
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WeatherBlinkService
.
.
((((((((((((((((((((((((( Files Created from 2013-02-27 to 2013-03-27 )))))))))))))))))))))))))))))))
.
.
2013-03-27 07:46 . 2013-03-27 07:46 -------- d-----w- c:\users\Owner\AppData\Local\temp
2013-03-27 07:46 . 2013-03-27 07:46 -------- d-----w- c:\users\Dotti\AppData\Local\temp
2013-03-27 07:46 . 2013-03-27 07:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-27 07:46 . 2013-03-27 07:46 -------- d-----w- c:\users\Bruce\AppData\Local\temp
2013-03-27 07:46 . 2013-03-27 07:46 -------- d-----w- c:\users\Brent\AppData\Local\temp
2013-03-26 19:40 . 2013-03-26 19:40 -------- d-----w- C:\TDSSKiller_Quarantine
2013-03-26 19:01 . 2013-03-26 19:01 -------- d-----w- C:\_OTM
2013-03-26 18:48 . 2013-03-26 18:49 -------- d-----w- c:\program files (x86)\ERUNT
2013-03-26 18:03 . 2013-03-26 18:03 -------- d-----w- c:\users\Dana\AppData\Local\Programs
2013-03-26 18:02 . 2013-03-26 18:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-26 18:02 . 2012-12-14 20:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-26 00:01 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-24 17:42 . 2013-03-26 18:52 -------- d-----w- c:\users\Dana\AppData\Local\Northcode Inc
2013-03-23 22:47 . 2013-03-23 22:53 -------- d-----w- c:\users\Dotti\AppData\Local\NPE
2013-03-14 07:04 . 2013-03-14 07:04 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-14 07:04 . 2013-03-14 07:04 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-10 22:28 . 2013-03-10 22:28 -------- d-----w- c:\users\Owner\AppData\Local\AOL Mail Toolbar
2013-03-10 22:28 . 2013-03-10 22:28 -------- d-----w- c:\users\Owner\AppData\Local\Google
2013-03-10 22:28 . 2013-03-10 22:28 -------- d-----w- c:\users\Owner\AppData\Local\AMD
2013-03-10 22:27 . 2013-03-10 22:27 -------- d-----w- c:\users\Owner\AppData\Local\CrashDumps
2013-03-10 22:27 . 2013-03-10 22:27 -------- d-----w- c:\users\Owner\AppData\Roaming\Apple Computer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 07:08 . 2011-03-27 20:44 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-13 04:06 . 2012-08-21 14:21 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 04:06 . 2012-02-02 01:33 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 05:45 . 2013-03-13 13:02 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 13:02 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 13:02 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 13:02 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 13:02 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 13:02 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-01 05:25 . 2013-02-01 05:26 489712 ----a-w- c:\users\Dotti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp\UninstallCouponActivator.exe
2013-01-05 05:53 . 2013-02-13 13:34 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-13 13:34 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-13 13:34 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-13 13:34 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-13 13:34 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-13 13:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-13 13:34 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-13 13:34 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-13 13:34 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-13 13:34 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-13 13:34 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-13 13:34 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-13 13:34 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0214754e-4e7d-4589-829d-e2523e6a3085}]
2012-11-07 22:39 707728 ----a-w- c:\progra~2\MYSCRA~2\bar\1.bin\12bar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{65f159fb-5f5e-46f4-b45d-ccfa236d2073}]
2012-11-07 22:39 62864 ----a-w- c:\program files (x86)\MyScrapNook_12\bar\1.bin\12SrcAs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{fe6f06fb-0fc0-4499-828f-ee48088f504f}"= "c:\program files (x86)\MyScrapNook_12\bar\1.bin\12bar.dll" [2012-11-07 707728]
.
[HKEY_CLASSES_ROOT\clsid\{fe6f06fb-0fc0-4499-828f-ee48088f504f}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-09-28 1715768]
"EA Core"="c:\program files (x86)\Electronic Arts\EADM\Core.exe" [2009-03-28 3325952]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-12-29 336384]
"My Scrap Nook Search Scope Monitor"="c:\progra~2\MYSCRA~2\bar\1.bin\12srchmn.exe" [2012-11-07 42536]
"MyScrapNook_12 Browser Plugin Loader"="c:\progra~2\MYSCRA~2\bar\1.bin\12brmon.exe" [2012-11-07 30096]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableRegedit"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R3 EraserUtilDrv11122;EraserUtilDrv11122;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11122.sys [x]
R3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;c:\windows\system32\drivers\libusb0.sys [2011-11-23 29184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-27 1255736]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [2011-08-16 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [2012-05-22 1129120]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\BASHDefs\20130301.001_adb\BHDrvx64.sys [2013-03-01 1388120]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [2012-06-07 167072]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\IPSDefs\20130326.001\IDSvia64.sys [2013-03-08 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [2012-04-18 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [2012-04-18 405624]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-11 203264]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-12-29 354304]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-06-13 400368]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MyScrapNook_12Service;My Scrap NookService;c:\progra~2\MYSCRA~2\bar\1.bin\12barsvc.exe [2012-11-07 42504]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [2012-06-16 138272]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-03-11 138912]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-12-19 852256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-15 04:45 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 04:06]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05 03:16]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05 03:16]
.
2013-03-23 c:\windows\Tasks\HPCeeScheduleForDotti.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15]
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 167.206.251.130 167.206.251.129 192.168.1.1
TCP: Interfaces\{66AB48E3-1DC6-4FC5-891D-A97287A17432}: NameServer = 198.153.192.1,198.153.194.1
TCP: Interfaces\{66AB48E3-1DC6-4FC5-891D-A97287A17432}\34963736F62463931343: NameServer = 198.153.192.1,198.153.194.1
TCP: Interfaces\{ADE2892E-59B2-45E6-B60D-B5388822DC6C}: NameServer = 198.153.192.1,198.153.194.1
FF - ProfilePath - c:\users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\j12bwqda.default\
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
BHO-{9b9dcae3-be34-424c-8d73-75e305a9e091} - c:\program files (x86)\WeatherBlink\bar\1.bin\gcSrcAs.dll
BHO-{dc9051c2-8f55-479a-97a4-747980d9047f} - c:\progra~2\WEATHE~2\bar\1.bin\gcbar.dll
Toolbar-Locked - (no file)
Toolbar-{f20de5e0-2a6e-4c54-985f-1cf59551ce39} - c:\program files (x86)\WeatherBlink\bar\1.bin\gcbar.dll
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\Dana\AppData\Local\Akamai\netsession_win.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-WeatherBlink Search Scope Monitor - c:\progra~2\WEATHE~2\bar\1.bin\gcsrchmn.exe
Wow6432Node-HKLM-Run-WeatherBlink Browser Plugin Loader - c:\progra~2\WEATHE~2\bar\1.bin\gcbrmon.exe
SafeBoot-36208131.sys
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-SelectRebatesUninstall - c:\program files (x86)\SelectRebates\SelectRebatesUninstall.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Completion time: 2013-03-27 03:56:06 - machine was rebooted
ComboFix-quarantined-files.txt 2013-03-27 07:56
.
Pre-Run: 626,727,358,464 bytes free
Post-Run: 626,262,085,632 bytes free
.
- - End Of File - - ABAC14F09F19C352E08F8C39653FA9A5
  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello medic


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

Advertisements


#11
medic

medic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
13:01:10.0946 0656 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:01:11.0429 0656 ============================================================
13:01:11.0429 0656 Current date / time: 2013/03/27 13:01:11.0429
13:01:11.0429 0656 SystemInfo:
13:01:11.0429 0656
13:01:11.0429 0656 OS Version: 6.1.7601 ServicePack: 1.0
13:01:11.0429 0656 Product type: Workstation
13:01:11.0429 0656 ComputerName: OWNER-HP
13:01:11.0429 0656 UserName: Dana
13:01:11.0429 0656 Windows directory: C:\Windows
13:01:11.0429 0656 System windows directory: C:\Windows
13:01:11.0429 0656 Running under WOW64
13:01:11.0429 0656 Processor architecture: Intel x64
13:01:11.0429 0656 Number of processors: 4
13:01:11.0429 0656 Page size: 0x1000
13:01:11.0429 0656 Boot type: Normal boot
13:01:11.0429 0656 ============================================================
13:01:23.0362 0656 BG loaded
13:01:24.0032 0656 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:01:24.0079 0656 ============================================================
13:01:24.0079 0656 \Device\Harddisk0\DR0:
13:01:24.0079 0656 MBR partitions:
13:01:24.0079 0656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:01:24.0079 0656 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55D1A000
13:01:24.0079 0656 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55D4C800, BlocksNum 0x17F9000
13:01:24.0079 0656 ============================================================
13:01:24.0173 0656 C: <-> \Device\Harddisk0\DR0\Partition2
13:01:24.0220 0656 D: <-> \Device\Harddisk0\DR0\Partition3
13:01:24.0220 0656 ============================================================
13:01:24.0220 0656 Initialize success
13:01:24.0220 0656 ============================================================
13:01:45.0217 1980 ============================================================
13:01:45.0217 1980 Scan started
13:01:45.0217 1980 Mode: Manual; SigCheck; TDLFS;
13:01:45.0217 1980 ============================================================
13:01:46.0933 1980 ================ Scan system memory ========================
13:01:46.0933 1980 System memory - ok
13:01:46.0933 1980 ================ Scan services =============================
13:01:47.0339 1980 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:01:47.0526 1980 1394ohci - ok
13:01:47.0604 1980 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:01:47.0666 1980 ACPI - ok
13:01:47.0713 1980 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:01:47.0916 1980 AcpiPmi - ok
13:01:48.0290 1980 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:01:48.0322 1980 AdobeARMservice - ok
13:01:48.0790 1980 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:01:48.0836 1980 AdobeFlashPlayerUpdateSvc - ok
13:01:48.0961 1980 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:01:49.0070 1980 adp94xx - ok
13:01:49.0148 1980 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:01:49.0211 1980 adpahci - ok
13:01:49.0226 1980 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:01:49.0289 1980 adpu320 - ok
13:01:49.0398 1980 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:01:49.0616 1980 AeLookupSvc - ok
13:01:49.0694 1980 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:01:49.0819 1980 AFD - ok
13:01:49.0913 1980 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:01:49.0960 1980 agp440 - ok
13:01:50.0802 1980 [ C7074BD8D4B8F564859ED373433030AE ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll
13:01:50.0802 1980 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE
13:01:50.0818 1980 Akamai ( HiddenFile.Multi.Generic ) - warning
13:01:50.0818 1980 Akamai - detected HiddenFile.Multi.Generic (1)
13:01:50.0849 1980 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:01:50.0927 1980 ALG - ok
13:01:50.0989 1980 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:01:51.0052 1980 aliide - ok
13:01:51.0114 1980 [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:01:51.0286 1980 AMD External Events Utility - ok
13:01:51.0426 1980 AMD FUEL Service - ok
13:01:51.0551 1980 [ DD27F6C3DE9BFE50635C721E09EDC5DD ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
13:01:51.0582 1980 AMD Reservation Manager - ok
13:01:51.0613 1980 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:01:51.0629 1980 amdide - ok
13:01:51.0738 1980 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
13:01:51.0769 1980 amdiox64 - ok
13:01:51.0863 1980 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:01:52.0019 1980 AmdK8 - ok
13:01:52.0596 1980 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:01:52.0690 1980 amdkmdag - ok
13:01:52.0768 1980 [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:01:52.0861 1980 amdkmdap - ok
13:01:52.0924 1980 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:01:52.0986 1980 AmdPPM - ok
13:01:53.0048 1980 [ F747497A0EE5498F79B207F215B3D2D8 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
13:01:53.0080 1980 amdsata - ok
13:01:53.0142 1980 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:01:53.0173 1980 amdsbs - ok
13:01:53.0204 1980 [ 2946D695E158615BAAA16248E63C7ADB ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
13:01:53.0220 1980 amdxata - ok
13:01:53.0314 1980 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:01:53.0813 1980 AppID - ok
13:01:53.0875 1980 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:01:54.0031 1980 AppIDSvc - ok
13:01:54.0109 1980 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:01:54.0187 1980 Appinfo - ok
13:01:54.0421 1980 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:01:54.0452 1980 Apple Mobile Device - ok
13:01:54.0858 1980 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:01:54.0920 1980 arc - ok
13:01:54.0952 1980 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:01:54.0983 1980 arcsas - ok
13:01:55.0357 1980 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:01:55.0529 1980 aspnet_state - ok
13:01:55.0591 1980 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:01:55.0747 1980 AsyncMac - ok
13:01:55.0841 1980 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:01:55.0872 1980 atapi - ok
13:01:55.0997 1980 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
13:01:56.0028 1980 AtiPcie - ok
13:01:56.0090 1980 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:01:56.0215 1980 AudioEndpointBuilder - ok
13:01:56.0231 1980 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:01:56.0262 1980 AudioSrv - ok
13:01:56.0356 1980 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:01:56.0434 1980 AxInstSV - ok
13:01:56.0590 1980 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:01:56.0652 1980 b06bdrv - ok
13:01:56.0714 1980 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:01:56.0761 1980 b57nd60a - ok
13:01:56.0808 1980 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:01:56.0839 1980 BDESVC - ok
13:01:56.0870 1980 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:01:56.0933 1980 Beep - ok
13:01:57.0089 1980 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:01:57.0182 1980 BFE - ok
13:01:57.0635 1980 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\BASHDefs\20130301.001_adb\BHDrvx64.sys
13:01:57.0682 1980 BHDrvx64 - ok
13:01:57.0728 1980 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
13:01:57.0806 1980 BITS - ok
13:01:57.0869 1980 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:01:57.0900 1980 blbdrive - ok
13:01:58.0290 1980 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:01:58.0306 1980 Bonjour Service - ok
13:01:58.0415 1980 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:01:58.0524 1980 bowser - ok
13:01:58.0602 1980 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:01:58.0836 1980 BrFiltLo - ok
13:01:58.0836 1980 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:01:58.0867 1980 BrFiltUp - ok
13:01:58.0930 1980 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:01:59.0039 1980 BridgeMP - ok
13:01:59.0070 1980 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:01:59.0101 1980 Browser - ok
13:01:59.0117 1980 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:01:59.0148 1980 Brserid - ok
13:01:59.0164 1980 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:01:59.0195 1980 BrSerWdm - ok
13:01:59.0210 1980 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:01:59.0273 1980 BrUsbMdm - ok
13:01:59.0273 1980 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:01:59.0288 1980 BrUsbSer - ok
13:01:59.0320 1980 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:01:59.0382 1980 BTHMODEM - ok
13:01:59.0429 1980 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:01:59.0522 1980 bthserv - ok
13:01:59.0554 1980 catchme - ok
13:01:59.0647 1980 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys
13:01:59.0678 1980 ccSet_NIS - ok
13:01:59.0710 1980 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:01:59.0772 1980 cdfs - ok
13:01:59.0819 1980 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:01:59.0866 1980 cdrom - ok
13:01:59.0897 1980 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:01:59.0990 1980 CertPropSvc - ok
13:02:00.0053 1980 [ EA3333DB9AB03106EEC0D6D9D487ED01 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
13:02:00.0084 1980 CinemaNow Service - ok
13:02:00.0100 1980 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:02:00.0146 1980 circlass - ok
13:02:00.0193 1980 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:02:00.0224 1980 CLFS - ok
13:02:00.0287 1980 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:02:00.0334 1980 clr_optimization_v2.0.50727_32 - ok
13:02:00.0365 1980 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:02:00.0396 1980 clr_optimization_v2.0.50727_64 - ok
13:02:00.0490 1980 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:02:00.0724 1980 clr_optimization_v4.0.30319_32 - ok
13:02:00.0802 1980 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:02:00.0942 1980 clr_optimization_v4.0.30319_64 - ok
13:02:00.0989 1980 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:02:01.0036 1980 CmBatt - ok
13:02:01.0114 1980 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:02:01.0145 1980 cmdide - ok
13:02:01.0270 1980 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:02:01.0316 1980 CNG - ok
13:02:01.0348 1980 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:02:01.0363 1980 Compbatt - ok
13:02:01.0410 1980 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:02:01.0488 1980 CompositeBus - ok
13:02:01.0519 1980 COMSysApp - ok
13:02:01.0550 1980 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:02:01.0644 1980 crcdisk - ok
13:02:02.0018 1980 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:02:02.0081 1980 CryptSvc - ok
13:02:02.0221 1980 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:02:02.0252 1980 cvhsvc - ok
13:02:02.0362 1980 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:02:02.0424 1980 DcomLaunch - ok
13:02:02.0533 1980 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:02:02.0642 1980 defragsvc - ok
13:02:02.0689 1980 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:02:02.0767 1980 DfsC - ok
13:02:02.0892 1980 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:02:02.0939 1980 Dhcp - ok
13:02:03.0032 1980 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:02:03.0095 1980 discache - ok
13:02:03.0173 1980 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:02:03.0204 1980 Disk - ok
13:02:03.0266 1980 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:02:03.0313 1980 Dnscache - ok
13:02:03.0376 1980 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:02:03.0516 1980 dot3svc - ok
13:02:03.0578 1980 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:02:03.0625 1980 DPS - ok
13:02:03.0688 1980 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:02:03.0750 1980 drmkaud - ok
13:02:03.0797 1980 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:02:03.0828 1980 DXGKrnl - ok
13:02:03.0844 1980 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:02:03.0922 1980 EapHost - ok
13:02:04.0015 1980 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:02:04.0109 1980 ebdrv - ok
13:02:04.0405 1980 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:02:04.0436 1980 eeCtrl - ok
13:02:04.0483 1980 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:02:04.0546 1980 EFS - ok
13:02:04.0639 1980 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:02:04.0764 1980 ehRecvr - ok
13:02:04.0795 1980 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:02:04.0842 1980 ehSched - ok
13:02:04.0936 1980 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:02:04.0982 1980 elxstor - ok
13:02:05.0014 1980 EraserUtilDrv11122 - ok
13:02:05.0107 1980 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:02:05.0138 1980 EraserUtilRebootDrv - ok
13:02:05.0170 1980 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:02:05.0216 1980 ErrDev - ok
13:02:05.0279 1980 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:02:05.0326 1980 EventSystem - ok
13:02:05.0419 1980 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:02:05.0466 1980 exfat - ok
13:02:05.0528 1980 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:02:05.0591 1980 fastfat - ok
13:02:05.0684 1980 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:02:05.0778 1980 Fax - ok
13:02:05.0825 1980 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:02:05.0872 1980 fdc - ok
13:02:05.0918 1980 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:02:05.0965 1980 fdPHost - ok
13:02:05.0996 1980 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:02:06.0043 1980 FDResPub - ok
13:02:06.0074 1980 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:02:06.0137 1980 FileInfo - ok
13:02:06.0152 1980 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:02:06.0199 1980 Filetrace - ok
13:02:06.0215 1980 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:02:06.0215 1980 flpydisk - ok
13:02:06.0230 1980 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:02:06.0246 1980 FltMgr - ok
13:02:06.0355 1980 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:02:06.0418 1980 FontCache - ok
13:02:06.0496 1980 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:02:06.0589 1980 FontCache3.0.0.0 - ok
13:02:06.0605 1980 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:02:06.0620 1980 FsDepends - ok
13:02:06.0652 1980 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:02:06.0683 1980 Fs_Rec - ok
13:02:06.0714 1980 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:02:06.0745 1980 fvevol - ok
13:02:06.0839 1980 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:02:06.0901 1980 gagp30kx - ok
13:02:07.0322 1980 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
13:02:07.0369 1980 GameConsoleService - ok
13:02:07.0447 1980 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:02:07.0478 1980 GEARAspiWDM - ok
13:02:07.0634 1980 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:02:07.0744 1980 gpsvc - ok
13:02:08.0056 1980 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:02:08.0087 1980 gupdate - ok
13:02:08.0180 1980 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:02:08.0212 1980 gupdatem - ok
13:02:08.0726 1980 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:02:08.0758 1980 gusvc - ok
13:02:08.0945 1980 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:02:09.0023 1980 hcw85cir - ok
13:02:09.0148 1980 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:02:09.0288 1980 HdAudAddService - ok
13:02:09.0491 1980 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:02:09.0553 1980 HDAudBus - ok
13:02:09.0647 1980 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:02:09.0694 1980 HidBatt - ok
13:02:09.0709 1980 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:02:09.0756 1980 HidBth - ok
13:02:09.0803 1980 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:02:09.0896 1980 HidIr - ok
13:02:09.0959 1980 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
13:02:10.0099 1980 hidserv - ok
13:02:10.0208 1980 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:02:10.0240 1980 HidUsb - ok
13:02:10.0286 1980 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:02:10.0411 1980 hkmsvc - ok
13:02:10.0567 1980 [ CE0006BA28A1C6883AA7B2E4CC31B125 ] hnmsvc C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
13:02:10.0583 1980 hnmsvc - ok
13:02:10.0630 1980 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:02:10.0708 1980 HomeGroupListener - ok
13:02:10.0754 1980 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:02:10.0786 1980 HomeGroupProvider - ok
13:02:10.0957 1980 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:02:10.0988 1980 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
13:02:10.0988 1980 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
13:02:11.0191 1980 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
13:02:11.0254 1980 hpqwmiex - ok
13:02:11.0394 1980 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:02:11.0441 1980 HpSAMD - ok
13:02:11.0503 1980 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:02:11.0612 1980 HTTP - ok
13:02:11.0644 1980 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:02:11.0659 1980 hwpolicy - ok
13:02:11.0737 1980 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:02:11.0753 1980 i8042prt - ok
13:02:11.0893 1980 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:02:11.0956 1980 iaStorV - ok
13:02:12.0065 1980 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:02:12.0174 1980 idsvc - ok
13:02:12.0580 1980 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\IPSDefs\20130326.001\IDSvia64.sys
13:02:13.0266 1980 IDSVia64 - ok
13:02:13.0360 1980 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:02:13.0360 1980 iirsp - ok
13:02:13.0438 1980 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:02:13.0484 1980 IKEEXT - ok
13:02:13.0843 1980 [ 2B888BBDF6962E608A5E1A1D7A626ADF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:02:13.0874 1980 IntcAzAudAddService - ok
13:02:13.0906 1980 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:02:13.0937 1980 intelide - ok
13:02:13.0968 1980 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:02:14.0030 1980 intelppm - ok
13:02:14.0062 1980 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:02:14.0124 1980 IPBusEnum - ok
13:02:14.0186 1980 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:02:14.0249 1980 IpFilterDriver - ok
13:02:14.0311 1980 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:02:14.0420 1980 iphlpsvc - ok
13:02:14.0483 1980 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:02:14.0514 1980 IPMIDRV - ok
13:02:14.0514 1980 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:02:14.0561 1980 IPNAT - ok
13:02:14.0670 1980 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:02:14.0701 1980 iPod Service - ok
13:02:14.0748 1980 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:02:15.0013 1980 IRENUM - ok
13:02:15.0029 1980 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:02:15.0029 1980 isapnp - ok
13:02:15.0076 1980 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:02:15.0107 1980 iScsiPrt - ok
13:02:15.0138 1980 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:02:15.0154 1980 kbdclass - ok
13:02:15.0200 1980 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:02:15.0232 1980 kbdhid - ok
13:02:15.0278 1980 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:02:15.0294 1980 KeyIso - ok
13:02:15.0310 1980 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:02:15.0341 1980 KSecDD - ok
13:02:15.0388 1980 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:02:15.0434 1980 KSecPkg - ok
13:02:15.0481 1980 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:02:15.0559 1980 ksthunk - ok
13:02:15.0606 1980 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:02:15.0731 1980 KtmRm - ok
13:02:15.0793 1980 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:02:15.0840 1980 LanmanServer - ok
13:02:15.0887 1980 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:02:15.0965 1980 LanmanWorkstation - ok
13:02:16.0090 1980 [ ACEC35F181075B20A5EF4A71958B13DF ] libusb0 C:\Windows\system32\drivers\libusb0.sys
13:02:16.0121 1980 libusb0 - ok
13:02:16.0168 1980 [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:02:16.0199 1980 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
13:02:16.0199 1980 LightScribeService - detected UnsignedFile.Multi.Generic (1)
13:02:16.0246 1980 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:02:16.0292 1980 lltdio - ok
13:02:16.0370 1980 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:02:16.0417 1980 lltdsvc - ok
13:02:16.0433 1980 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:02:16.0464 1980 lmhosts - ok
13:02:16.0558 1980 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:02:16.0573 1980 LSI_FC - ok
13:02:16.0604 1980 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:02:16.0604 1980 LSI_SAS - ok
13:02:16.0620 1980 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:02:16.0620 1980 LSI_SAS2 - ok
13:02:16.0651 1980 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:02:16.0667 1980 LSI_SCSI - ok
13:02:16.0698 1980 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:02:16.0776 1980 luafv - ok
13:02:16.0870 1980 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:02:16.0916 1980 Mcx2Svc - ok
13:02:16.0932 1980 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:02:16.0932 1980 megasas - ok
13:02:16.0963 1980 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:02:16.0979 1980 MegaSR - ok
13:02:17.0026 1980 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:02:17.0119 1980 MMCSS - ok
13:02:17.0135 1980 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:02:17.0166 1980 Modem - ok
13:02:17.0228 1980 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:02:17.0275 1980 monitor - ok
13:02:17.0322 1980 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:02:17.0353 1980 mouclass - ok
13:02:17.0369 1980 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:02:17.0400 1980 mouhid - ok
13:02:17.0462 1980 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:02:17.0509 1980 mountmgr - ok
13:02:17.0572 1980 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:02:17.0618 1980 MozillaMaintenance - ok
13:02:17.0634 1980 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:02:17.0650 1980 mpio - ok
13:02:17.0665 1980 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:02:17.0696 1980 mpsdrv - ok
13:02:17.0759 1980 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:02:17.0806 1980 MpsSvc - ok
13:02:17.0837 1980 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:02:17.0899 1980 MRxDAV - ok
13:02:17.0915 1980 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:02:17.0977 1980 mrxsmb - ok
13:02:18.0008 1980 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:02:18.0071 1980 mrxsmb10 - ok
13:02:18.0086 1980 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:02:18.0118 1980 mrxsmb20 - ok
13:02:18.0164 1980 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:02:18.0196 1980 msahci - ok
13:02:18.0258 1980 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:02:18.0289 1980 msdsm - ok
13:02:18.0305 1980 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:02:18.0352 1980 MSDTC - ok
13:02:18.0383 1980 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:02:18.0414 1980 Msfs - ok
13:02:18.0430 1980 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:02:18.0476 1980 mshidkmdf - ok
13:02:18.0523 1980 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:02:18.0554 1980 msisadrv - ok
13:02:18.0632 1980 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:02:18.0695 1980 MSiSCSI - ok
13:02:18.0695 1980 msiserver - ok
13:02:18.0773 1980 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:02:18.0866 1980 MSKSSRV - ok
13:02:18.0898 1980 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:02:18.0991 1980 MSPCLOCK - ok
13:02:18.0991 1980 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:02:19.0038 1980 MSPQM - ok
13:02:19.0085 1980 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:02:19.0132 1980 MsRPC - ok
13:02:19.0163 1980 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:02:19.0178 1980 mssmbios - ok
13:02:19.0194 1980 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:02:19.0272 1980 MSTEE - ok
13:02:19.0288 1980 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:02:19.0319 1980 MTConfig - ok
13:02:19.0334 1980 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:02:19.0350 1980 Mup - ok
13:02:19.0412 1980 [ 622FCF264119F7DF127BE353F796B319 ] MyScrapNook_12Service C:\PROGRA~2\MYSCRA~2\bar\1.bin\12barsvc.exe
13:02:19.0412 1980 MyScrapNook_12Service - ok
13:02:19.0490 1980 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:02:19.0553 1980 napagent - ok
13:02:19.0631 1980 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:02:19.0662 1980 NativeWifiP - ok
13:02:19.0787 1980 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\VirusDefs\20130326.024\ENG64.SYS
13:02:19.0818 1980 NAVENG - ok
13:02:19.0927 1980 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\VirusDefs\20130326.024\EX64.SYS
13:02:20.0005 1980 NAVEX15 - ok
13:02:20.0130 1980 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:02:20.0177 1980 NDIS - ok
13:02:20.0208 1980 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:02:20.0255 1980 NdisCap - ok
13:02:20.0286 1980 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:02:20.0317 1980 NdisTapi - ok
13:02:20.0348 1980 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:02:20.0426 1980 Ndisuio - ok
13:02:20.0489 1980 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:02:20.0567 1980 NdisWan - ok
13:02:20.0614 1980 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:02:20.0676 1980 NDProxy - ok
13:02:20.0692 1980 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:02:20.0738 1980 NetBIOS - ok
13:02:20.0832 1980 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:02:20.0894 1980 NetBT - ok
13:02:20.0941 1980 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:02:20.0957 1980 Netlogon - ok
13:02:21.0035 1980 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:02:21.0113 1980 Netman - ok
13:02:21.0160 1980 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:02:21.0269 1980 NetMsmqActivator - ok
13:02:21.0300 1980 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:02:21.0331 1980 NetPipeActivator - ok
13:02:21.0409 1980 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:02:21.0456 1980 netprofm - ok
13:02:21.0581 1980 [ 064AB63C9A588D2611306AE16D017E7E ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
13:02:21.0612 1980 netr28x - ok
13:02:21.0628 1980 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:02:21.0628 1980 NetTcpActivator - ok
13:02:21.0628 1980 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:02:21.0643 1980 NetTcpPortSharing - ok
13:02:21.0706 1980 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:02:21.0721 1980 nfrd960 - ok
13:02:21.0940 1980 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
13:02:21.0955 1980 NIS - ok
13:02:21.0971 1980 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:02:22.0002 1980 NlaSvc - ok
13:02:22.0033 1980 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:02:22.0064 1980 Npfs - ok
13:02:22.0111 1980 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:02:22.0142 1980 nsi - ok
13:02:22.0174 1980 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:02:22.0220 1980 nsiproxy - ok
13:02:22.0345 1980 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:02:22.0392 1980 Ntfs - ok
13:02:22.0439 1980 [ D4012918D3A3847B44B888D56BC095D6 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
13:02:22.0454 1980 NuidFltr - ok
13:02:22.0470 1980 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:02:22.0501 1980 Null - ok
13:02:22.0548 1980 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:02:22.0564 1980 nvraid - ok
13:02:22.0595 1980 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:02:22.0610 1980 nvstor - ok
13:02:22.0642 1980 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:02:22.0657 1980 nv_agp - ok
13:02:22.0688 1980 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:02:22.0688 1980 ohci1394 - ok
13:02:22.0720 1980 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:02:22.0735 1980 ose - ok
13:02:22.0938 1980 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:02:23.0078 1980 osppsvc - ok
13:02:23.0156 1980 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:02:23.0203 1980 p2pimsvc - ok
13:02:23.0250 1980 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:02:23.0266 1980 p2psvc - ok
13:02:23.0297 1980 [ 99E6AA0AE2D05389BA7F7DFF6866B569 ] Packet C:\Windows\system32\DRIVERS\packet.sys
13:02:23.0312 1980 Packet - ok
13:02:23.0344 1980 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:02:23.0390 1980 Parport - ok
13:02:23.0437 1980 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:02:23.0437 1980 partmgr - ok
13:02:23.0468 1980 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:02:23.0500 1980 PcaSvc - ok
13:02:23.0624 1980 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:02:23.0624 1980 pci - ok
13:02:23.0671 1980 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:02:23.0687 1980 pciide - ok
13:02:23.0702 1980 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:02:23.0718 1980 pcmcia - ok
13:02:23.0734 1980 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:02:23.0765 1980 pcw - ok
13:02:23.0796 1980 pdfcDispatcher - ok
13:02:23.0858 1980 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:02:23.0921 1980 PEAUTH - ok
13:02:24.0170 1980 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:02:24.0202 1980 PerfHost - ok
13:02:24.0326 1980 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:02:24.0404 1980 pla - ok
13:02:24.0467 1980 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:02:24.0514 1980 PlugPlay - ok
13:02:24.0560 1980 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:02:24.0592 1980 PNRPAutoReg - ok
13:02:24.0670 1980 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:02:24.0685 1980 PNRPsvc - ok
13:02:24.0701 1980 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:02:24.0763 1980 PolicyAgent - ok
13:02:24.0794 1980 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:02:24.0841 1980 Power - ok
13:02:24.0904 1980 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:02:24.0919 1980 PptpMiniport - ok
13:02:24.0982 1980 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:02:25.0044 1980 Processor - ok
13:02:25.0091 1980 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:02:25.0122 1980 ProfSvc - ok
13:02:25.0138 1980 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:02:25.0153 1980 ProtectedStorage - ok
13:02:25.0231 1980 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:02:25.0294 1980 Psched - ok
13:02:25.0325 1980 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:02:25.0372 1980 ql2300 - ok
13:02:25.0372 1980 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:02:25.0387 1980 ql40xx - ok
13:02:25.0403 1980 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:02:25.0434 1980 QWAVE - ok
13:02:25.0450 1980 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:02:25.0465 1980 QWAVEdrv - ok
13:02:25.0465 1980 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:02:25.0496 1980 RasAcd - ok
13:02:25.0528 1980 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:02:25.0590 1980 RasAgileVpn - ok
13:02:25.0621 1980 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:02:25.0684 1980 RasAuto - ok
13:02:25.0746 1980 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:02:25.0840 1980 Rasl2tp - ok
13:02:25.0918 1980 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:02:25.0980 1980 RasMan - ok
13:02:25.0996 1980 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:02:26.0042 1980 RasPppoe - ok
13:02:26.0042 1980 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:02:26.0074 1980 RasSstp - ok
13:02:26.0105 1980 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:02:26.0136 1980 rdbss - ok
13:02:26.0152 1980 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:02:26.0183 1980 rdpbus - ok
13:02:26.0183 1980 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:02:26.0214 1980 RDPCDD - ok
13:02:26.0261 1980 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:02:26.0339 1980 RDPENCDD - ok
13:02:26.0339 1980 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:02:26.0370 1980 RDPREFMP - ok
13:02:26.0417 1980 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:02:26.0432 1980 RDPWD - ok
13:02:26.0464 1980 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:02:26.0510 1980 rdyboost - ok
13:02:26.0526 1980 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:02:26.0588 1980 RemoteAccess - ok
13:02:26.0635 1980 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:02:26.0682 1980 RemoteRegistry - ok
13:02:26.0698 1980 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:02:26.0729 1980 RpcEptMapper - ok
13:02:26.0744 1980 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:02:26.0791 1980 RpcLocator - ok
13:02:26.0838 1980 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:02:26.0885 1980 RpcSs - ok
13:02:26.0900 1980 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:02:26.0978 1980 rspndr - ok
13:02:27.0025 1980 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:02:27.0056 1980 RTL8167 - ok
13:02:27.0088 1980 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:02:27.0103 1980 SamSs - ok
13:02:27.0150 1980 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:02:27.0181 1980 sbp2port - ok
13:02:27.0212 1980 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:02:27.0275 1980 SCardSvr - ok
13:02:27.0337 1980 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:02:27.0415 1980 scfilter - ok
13:02:27.0446 1980 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:02:27.0509 1980 Schedule - ok
13:02:27.0540 1980 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:02:27.0571 1980 SCPolicySvc - ok
13:02:27.0602 1980 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:02:27.0634 1980 SDRSVC - ok
13:02:27.0665 1980 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:02:27.0696 1980 secdrv - ok
13:02:27.0743 1980 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:02:27.0805 1980 seclogon - ok
13:02:27.0852 1980 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
13:02:27.0883 1980 SENS - ok
13:02:27.0930 1980 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:02:27.0961 1980 SensrSvc - ok
13:02:28.0008 1980 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:02:28.0039 1980 Serenum - ok
13:02:28.0055 1980 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:02:28.0070 1980 Serial - ok
13:02:28.0117 1980 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:02:28.0211 1980 sermouse - ok
13:02:28.0258 1980 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:02:28.0367 1980 SessionEnv - ok
13:02:28.0429 1980 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:02:28.0492 1980 sffdisk - ok
13:02:28.0523 1980 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:02:28.0570 1980 sffp_mmc - ok
13:02:28.0585 1980 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:02:28.0616 1980 sffp_sd - ok
13:02:28.0616 1980 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:02:28.0632 1980 sfloppy - ok
13:02:28.0679 1980 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
13:02:28.0694 1980 Sftfs - ok
13:02:28.0804 1980 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:02:28.0850 1980 sftlist - ok
13:02:28.0897 1980 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:02:28.0913 1980 Sftplay - ok
13:02:28.0960 1980 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:02:28.0975 1980 Sftredir - ok
13:02:29.0038 1980 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
13:02:29.0053 1980 Sftvol - ok
13:02:29.0100 1980 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:02:29.0116 1980 sftvsa - ok
13:02:29.0162 1980 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:02:29.0256 1980 SharedAccess - ok
13:02:29.0350 1980 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:02:29.0428 1980 ShellHWDetection - ok
13:02:29.0459 1980 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:02:29.0506 1980 SiSRaid2 - ok
13:02:29.0506 1980 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:02:29.0521 1980 SiSRaid4 - ok
13:02:29.0552 1980 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:02:29.0599 1980 Smb - ok
13:02:29.0646 1980 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:02:29.0693 1980 SNMPTRAP - ok
13:02:29.0708 1980 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:02:29.0724 1980 spldr - ok
13:02:29.0755 1980 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:02:29.0786 1980 Spooler - ok
13:02:30.0052 1980 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:02:30.0145 1980 sppsvc - ok
13:02:30.0208 1980 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:02:30.0301 1980 sppuinotify - ok
13:02:30.0457 1980 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS
13:02:30.0535 1980 SRTSP - ok
13:02:30.0566 1980 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS
13:02:30.0582 1980 SRTSPX - ok
13:02:30.0613 1980 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:02:30.0691 1980 srv - ok
13:02:30.0722 1980 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:02:30.0754 1980 srv2 - ok
13:02:30.0785 1980 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:02:30.0816 1980 srvnet - ok
13:02:30.0863 1980 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:02:30.0925 1980 SSDPSRV - ok
13:02:30.0925 1980 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:02:30.0956 1980 SstpSvc - ok
13:02:30.0988 1980 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:02:31.0003 1980 stexstor - ok
13:02:31.0050 1980 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:02:31.0128 1980 stisvc - ok
13:02:31.0159 1980 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:02:31.0175 1980 swenum - ok
13:02:31.0237 1980 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:02:31.0331 1980 swprv - ok
13:02:31.0440 1980 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS
13:02:31.0487 1980 SymDS - ok
13:02:31.0534 1980 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS
13:02:31.0580 1980 SymEFA - ok
13:02:31.0627 1980 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:02:31.0643 1980 SymEvent - ok
13:02:31.0690 1980 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS
13:02:31.0721 1980 SymIRON - ok
13:02:31.0752 1980 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS
13:02:31.0768 1980 SymNetS - ok
13:02:31.0846 1980 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:02:31.0939 1980 SysMain - ok
13:02:31.0986 1980 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:02:32.0033 1980 TabletInputService - ok
13:02:32.0095 1980 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:02:32.0189 1980 TapiSrv - ok
13:02:32.0204 1980 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:02:32.0236 1980 TBS - ok
13:02:32.0516 1980 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:02:32.0626 1980 Tcpip - ok
13:02:32.0672 1980 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:02:32.0704 1980 TCPIP6 - ok
13:02:32.0735 1980 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:02:32.0750 1980 tcpipreg - ok
13:02:32.0797 1980 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:02:32.0844 1980 TDPIPE - ok
13:02:32.0875 1980 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:02:32.0922 1980 TDTCP - ok
13:02:32.0953 1980 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:02:32.0984 1980 tdx - ok
13:02:33.0016 1980 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:02:33.0031 1980 TermDD - ok
13:02:33.0094 1980 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:02:33.0187 1980 TermService - ok
13:02:33.0234 1980 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:02:33.0296 1980 Themes - ok
13:02:33.0328 1980 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:02:33.0343 1980 THREADORDER - ok
13:02:33.0374 1980 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:02:33.0406 1980 TrkWks - ok
13:02:33.0530 1980 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:02:33.0593 1980 TrustedInstaller - ok
13:02:33.0624 1980 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:02:33.0702 1980 tssecsrv - ok
13:02:33.0764 1980 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:02:33.0796 1980 TsUsbFlt - ok
13:02:33.0842 1980 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:02:33.0889 1980 tunnel - ok
13:02:33.0905 1980 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:02:33.0920 1980 uagp35 - ok
13:02:33.0936 1980 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:02:33.0983 1980 udfs - ok
13:02:34.0014 1980 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:02:34.0030 1980 UI0Detect - ok
13:02:34.0061 1980 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:02:34.0076 1980 uliagpkx - ok
13:02:34.0108 1980 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:02:34.0154 1980 umbus - ok
13:02:34.0170 1980 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:02:34.0217 1980 UmPass - ok
13:02:34.0264 1980 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:02:34.0326 1980 upnphost - ok
13:02:34.0342 1980 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:02:34.0404 1980 usbccgp - ok
13:02:34.0435 1980 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:02:34.0482 1980 usbcir - ok
13:02:34.0498 1980 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:02:34.0513 1980 usbehci - ok
13:02:34.0529 1980 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
13:02:34.0544 1980 usbfilter - ok
13:02:34.0560 1980 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:02:34.0591 1980 usbhub - ok
13:02:34.0638 1980 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:02:34.0685 1980 usbohci - ok
13:02:34.0716 1980 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:02:34.0747 1980 usbprint - ok
13:02:34.0794 1980 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:02:34.0841 1980 usbscan - ok
13:02:34.0872 1980 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:02:34.0888 1980 USBSTOR - ok
13:02:34.0903 1980 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:02:34.0919 1980 usbuhci - ok
13:02:34.0950 1980 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:02:34.0981 1980 UxSms - ok
13:02:34.0997 1980 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:02:35.0012 1980 VaultSvc - ok
13:02:35.0028 1980 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:02:35.0044 1980 vdrvroot - ok
13:02:35.0090 1980 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:02:35.0153 1980 vds - ok
13:02:35.0168 1980 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:02:35.0184 1980 vga - ok
13:02:35.0200 1980 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:02:35.0246 1980 VgaSave - ok
13:02:35.0309 1980 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:02:35.0340 1980 vhdmp - ok
13:02:35.0356 1980 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:02:35.0371 1980 viaide - ok
13:02:35.0387 1980 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:02:35.0402 1980 volmgr - ok
13:02:35.0434 1980 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:02:35.0480 1980 volmgrx - ok
13:02:35.0496 1980 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:02:35.0527 1980 volsnap - ok
13:02:35.0558 1980 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:02:35.0574 1980 vsmraid - ok
13:02:35.0761 1980 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:02:35.0870 1980 VSS - ok
13:02:35.0870 1980 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:02:35.0902 1980 vwifibus - ok
13:02:35.0902 1980 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:02:35.0933 1980 vwififlt - ok
13:02:35.0980 1980 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:02:36.0011 1980 W32Time - ok
13:02:36.0011 1980 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:02:36.0058 1980 WacomPen - ok
13:02:36.0120 1980 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:02:36.0198 1980 WANARP - ok
13:02:36.0214 1980 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:02:36.0245 1980 Wanarpv6 - ok
13:02:36.0401 1980 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:02:36.0479 1980 WatAdminSvc - ok
13:02:36.0541 1980 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:02:36.0604 1980 wbengine - ok
13:02:36.0650 1980 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:02:36.0682 1980 WbioSrvc - ok
13:02:36.0744 1980 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:02:36.0806 1980 wcncsvc - ok
13:02:36.0838 1980 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:02:36.0853 1980 WcsPlugInService - ok
13:02:36.0884 1980 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:02:36.0884 1980 Wd - ok
13:02:36.0962 1980 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:02:37.0025 1980 Wdf01000 - ok
13:02:37.0040 1980 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:02:37.0087 1980 WdiServiceHost - ok
13:02:37.0087 1980 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:02:37.0103 1980 WdiSystemHost - ok
13:02:37.0150 1980 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:02:37.0196 1980 WebClient - ok
13:02:37.0212 1980 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:02:37.0274 1980 Wecsvc - ok
13:02:37.0290 1980 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:02:37.0321 1980 wercplsupport - ok
13:02:37.0352 1980 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:02:37.0446 1980 WerSvc - ok
13:02:37.0477 1980 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:02:37.0540 1980 WfpLwf - ok
13:02:37.0540 1980 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:02:37.0555 1980 WIMMount - ok
13:02:37.0555 1980 WinDefend - ok
13:02:37.0571 1980 WinHttpAutoProxySvc - ok
13:02:37.0649 1980 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:02:37.0711 1980 Winmgmt - ok
13:02:37.0789 1980 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:02:37.0930 1980 WinRM - ok
13:02:37.0976 1980 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:02:38.0008 1980 WinUsb - ok
13:02:38.0070 1980 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:02:38.0132 1980 Wlansvc - ok
13:02:38.0320 1980 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:02:38.0366 1980 wlidsvc - ok
13:02:38.0413 1980 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:02:38.0444 1980 WmiAcpi - ok
13:02:38.0491 1980 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:02:38.0522 1980 wmiApSrv - ok
13:02:38.0538 1980 WMPNetworkSvc - ok
13:02:38.0554 1980 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:02:38.0569 1980 WPCSvc - ok
13:02:38.0616 1980 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:02:38.0632 1980 WPDBusEnum - ok
13:02:38.0663 1980 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:02:38.0741 1980 ws2ifsl - ok
13:02:38.0756 1980 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:02:38.0834 1980 wscsvc - ok
13:02:38.0834 1980 WSearch - ok
13:02:38.0912 1980 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:02:38.0959 1980 wuauserv - ok
13:02:39.0006 1980 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:02:39.0053 1980 WudfPf - ok
13:02:39.0084 1980 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:02:39.0115 1980 WUDFRd - ok
13:02:39.0146 1980 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:02:39.0193 1980 wudfsvc - ok
13:02:39.0209 1980 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:02:39.0256 1980 WwanSvc - ok
13:02:39.0271 1980 ================ Scan global ===============================
13:02:39.0302 1980 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:02:39.0349 1980 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:02:39.0396 1980 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:02:39.0443 1980 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:02:39.0536 1980 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:02:39.0536 1980 [Global] - ok
13:02:39.0536 1980 ================ Scan MBR ==================================
13:02:39.0552 1980 [ EC347AF5D4D5CE651A2BF7A004F4F57B ] \Device\Harddisk0\DR0
13:02:40.0691 1980 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:02:40.0691 1980 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:02:40.0691 1980 ================ Scan VBR ==================================
13:02:40.0722 1980 [ F89476CA267D4D13B6FBF343B7A52873 ] \Device\Harddisk0\DR0\Partition1
13:02:40.0738 1980 \Device\Harddisk0\DR0\Partition1 - ok
13:02:40.0753 1980 [ 4663DC33FCD38F7ED28EA03AC84E9740 ] \Device\Harddisk0\DR0\Partition2
13:02:40.0769 1980 \Device\Harddisk0\DR0\Partition2 - ok
13:02:40.0816 1980 [ 0C5947D242F9870DB3A6866D2D661B2F ] \Device\Harddisk0\DR0\Partition3
13:02:40.0847 1980 \Device\Harddisk0\DR0\Partition3 - ok
13:02:40.0847 1980 ================ Scan active images ========================
13:02:40.0847 1980 [ F747497A0EE5498F79B207F215B3D2D8 ] C:\Windows\System32\drivers\amdsata.sys
13:02:40.0847 1980 C:\Windows\System32\drivers\amdsata.sys - ok
13:02:40.0862 1980 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
13:02:40.0862 1980 C:\Windows\System32\drivers\crashdmp.sys - ok
13:02:40.0878 1980 [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
13:02:40.0878 1980 C:\Windows\System32\drivers\Diskdump.sys - ok
13:02:40.0878 1980 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
13:02:40.0878 1980 C:\Windows\System32\drivers\dumpfve.sys - ok
13:02:40.0894 1980 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
13:02:40.0894 1980 C:\Windows\System32\drivers\cdrom.sys - ok
13:02:40.0894 1980 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys
13:02:40.0894 1980 C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys - ok
13:02:40.0894 1980 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys
13:02:40.0894 1980 C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys - ok
13:02:40.0909 1980 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
13:02:40.0909 1980 C:\Windows\System32\drivers\null.sys - ok
13:02:40.0909 1980 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
13:02:40.0909 1980 C:\Windows\System32\drivers\beep.sys - ok
13:02:40.0909 1980 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
13:02:40.0909 1980 C:\Windows\System32\drivers\vga.sys - ok
13:02:40.0925 1980 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
13:02:40.0925 1980 C:\Windows\System32\drivers\videoprt.sys - ok
13:02:40.0925 1980 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
13:02:40.0925 1980 C:\Windows\System32\drivers\watchdog.sys - ok
13:02:40.0925 1980 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
13:02:40.0925 1980 C:\Windows\System32\drivers\msfs.sys - ok
13:02:40.0925 1980 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
13:02:40.0925 1980 C:\Windows\System32\drivers\npfs.sys - ok
13:02:40.0940 1980 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
13:02:40.0940 1980 C:\Windows\System32\drivers\RDPCDD.sys - ok
13:02:40.0940 1980 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
13:02:40.0940 1980 C:\Windows\System32\drivers\RDPENCDD.sys - ok
13:02:40.0940 1980 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
13:02:40.0940 1980 C:\Windows\System32\drivers\RDPREFMP.sys - ok
13:02:40.0956 1980 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
13:02:40.0956 1980 C:\Windows\System32\drivers\tdi.sys - ok
13:02:40.0956 1980 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
13:02:40.0956 1980 C:\Windows\System32\drivers\tdx.sys - ok
13:02:40.0956 1980 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
13:02:40.0956 1980 C:\Windows\System32\drivers\afd.sys - ok
13:02:40.0956 1980 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
13:02:40.0956 1980 C:\Windows\System32\drivers\netbt.sys - ok
13:02:40.0972 1980 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
13:02:40.0972 1980 C:\Windows\System32\drivers\pacer.sys - ok
13:02:40.0972 1980 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
13:02:40.0972 1980 C:\Windows\System32\drivers\vwififlt.sys - ok
13:02:40.0972 1980 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
13:02:40.0972 1980 C:\Windows\System32\drivers\wfplwf.sys - ok
13:02:40.0987 1980 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
13:02:40.0987 1980 C:\Windows\System32\drivers\ws2ifsl.sys - ok
13:02:40.0987 1980 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
13:02:40.0987 1980 C:\Windows\System32\drivers\netbios.sys - ok
13:02:40.0987 1980 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
13:02:40.0987 1980 C:\Windows\System32\drivers\termdd.sys - ok
13:02:40.0987 1980 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
13:02:40.0987 1980 C:\Windows\System32\drivers\wanarp.sys - ok
13:02:41.0003 1980 [ 3911BD0E68C010E5438A87706ABBE9AB ] C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys
13:02:41.0003 1980 C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys - ok
13:02:41.0003 1980 [ 898BB48C797483420DF523B2BBC1ECDB ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS
13:02:41.0003 1980 C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok
13:02:41.0003 1980 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys
13:02:41.0003 1980 C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys - ok
13:02:41.0018 1980 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
13:02:41.0018 1980 C:\Windows\System32\drivers\mssmbios.sys - ok
13:02:41.0018 1980 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
13:02:41.0018 1980 C:\Windows\System32\drivers\nsiproxy.sys - ok
13:02:41.0018 1980 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
13:02:41.0018 1980 C:\Windows\System32\drivers\rdbss.sys - ok
13:02:41.0018 1980 [ A48928D4CCA6F8B731989DB08CF2C0AB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\IPSDefs\20130326.001\IDSviA64.sys
13:02:41.0018 1980 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\IPSDefs\20130326.001\IDSviA64.sys - ok
13:02:41.0034 1980 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:02:41.0034 1980 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok
13:02:41.0034 1980 [ C5BCCB378D0A896304A3E71BE7215983 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:02:41.0034 1980 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
13:02:41.0034 1980 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
13:02:41.0034 1980 C:\Windows\System32\drivers\dfsc.sys - ok
13:02:41.0050 1980 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
13:02:41.0050 1980 C:\Windows\System32\drivers\discache.sys - ok
13:02:41.0050 1980 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
13:02:41.0050 1980 C:\Windows\System32\drivers\blbdrive.sys - ok
13:02:41.0050 1980 [ 866335C9C0E6733C753FB472C539A6B9 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\BASHDefs\20130301.001_adb\BHDrvx64.sys
13:02:41.0050 1980 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\BASHDefs\20130301.001_adb\BHDrvx64.sys - ok
13:02:41.0065 1980 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
13:02:41.0065 1980 C:\Windows\System32\drivers\amdppm.sys - ok
13:02:41.0065 1980 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
13:02:41.0065 1980 C:\Windows\System32\drivers\tunnel.sys - ok
13:02:41.0065 1980 [ B765CF4B32F347BE747B21AE22641025 ] C:\Windows\System32\drivers\atikmpag.sys
13:02:41.0065 1980 C:\Windows\System32\drivers\atikmpag.sys - ok
13:02:41.0065 1980 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] C:\Windows\System32\drivers\atikmdag.sys
13:02:41.0065 1980 C:\Windows\System32\drivers\atikmdag.sys - ok
13:02:41.0081 1980 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
13:02:41.0081 1980 C:\Windows\System32\ntdll.dll - ok
13:02:41.0081 1980 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
13:02:41.0081 1980 C:\Windows\System32\smss.exe - ok
13:02:41.0081 1980 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
13:02:41.0081 1980 C:\Windows\System32\drivers\dxgkrnl.sys - ok
13:02:41.0096 1980 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
13:02:41.0096 1980 C:\Windows\System32\drivers\dxgmms1.sys - ok
13:02:41.0096 1980 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
13:02:41.0096 1980 C:\Windows\System32\autochk.exe - ok
13:02:41.0096 1980 [ 064AB63C9A588D2611306AE16D017E7E ] C:\Windows\System32\drivers\netr28x.sys
13:02:41.0096 1980 C:\Windows\System32\drivers\netr28x.sys - ok
13:02:41.0096 1980 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
13:02:41.0096 1980 C:\Windows\System32\drivers\vwifibus.sys - ok
13:02:41.0112 1980 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
13:02:41.0112 1980 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
13:02:41.0112 1980 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] C:\Windows\System32\drivers\Rt64win7.sys
13:02:41.0112 1980 C:\Windows\System32\drivers\Rt64win7.sys - ok
13:02:41.0112 1980 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
13:02:41.0112 1980 C:\Windows\System32\drivers\usbport.sys - ok
13:02:41.0128 1980 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
13:02:41.0128 1980 C:\Windows\System32\drivers\CompositeBus.sys - ok
13:02:41.0128 1980 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
13:02:41.0128 1980 C:\Windows\System32\drivers\hdaudbus.sys - ok
13:02:41.0128 1980 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
13:02:41.0128 1980 C:\Windows\System32\drivers\usbehci.sys - ok
13:02:41.0128 1980 [ 2C780746DC44A28FE67004DC58173F05 ] C:\Windows\System32\drivers\usbfilter.sys
13:02:41.0128 1980 C:\Windows\System32\drivers\usbfilter.sys - ok
13:02:41.0143 1980 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
13:02:41.0143 1980 C:\Windows\System32\drivers\usbohci.sys - ok
13:02:41.0143 1980 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
13:02:41.0143 1980 C:\Windows\System32\drivers\wmiacpi.sys - ok
13:02:41.0143 1980 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
13:02:41.0143 1980 C:\Windows\System32\drivers\agilevpn.sys - ok
13:02:41.0159 1980 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
13:02:41.0159 1980 C:\Windows\System32\drivers\ndistapi.sys - ok
13:02:41.0159 1980 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
13:02:41.0159 1980 C:\Windows\System32\drivers\ndiswan.sys - ok
13:02:41.0159 1980 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
13:02:41.0159 1980 C:\Windows\System32\drivers\rasl2tp.sys - ok
13:02:41.0159 1980 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
13:02:41.0159 1980 C:\Windows\System32\drivers\kbdclass.sys - ok
13:02:41.0174 1980 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
13:02:41.0174 1980 C:\Windows\System32\drivers\raspppoe.sys - ok
13:02:41.0174 1980 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
13:02:41.0174 1980 C:\Windows\System32\drivers\raspptp.sys - ok
13:02:41.0174 1980 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
13:02:41.0174 1980 C:\Windows\System32\drivers\rassstp.sys - ok
13:02:41.0190 1980 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] C:\Windows\System32\drivers\amdiox64.sys
13:02:41.0190 1980 C:\Windows\System32\drivers\amdiox64.sys - ok
13:02:41.0190 1980 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
13:02:41.0190 1980 C:\Windows\System32\drivers\ks.sys - ok
13:02:41.0190 1980 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
13:02:41.0190 1980 C:\Windows\System32\drivers\mouclass.sys - ok
13:02:41.0206 1980 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
13:02:41.0206 1980 C:\Windows\System32\drivers\swenum.sys - ok
13:02:41.0206 1980 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
13:02:41.0206 1980 C:\Windows\System32\drivers\umbus.sys - ok
13:02:41.0206 1980 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
13:02:41.0206 1980 C:\Windows\System32\kernel32.dll - ok
13:02:41.0206 1980 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
13:02:41.0206 1980 C:\Windows\System32\imm32.dll - ok
13:02:41.0221 1980 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
13:02:41.0221 1980 C:\Windows\System32\usp10.dll - ok
13:02:41.0221 1980 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
13:02:41.0221 1980 C:\Windows\System32\shell32.dll - ok
13:02:41.0221 1980 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
13:02:41.0221 1980 C:\Windows\System32\drivers\usbhub.sys - ok
13:02:41.0221 1980 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
13:02:41.0221 1980 C:\Windows\System32\drivers\ndproxy.sys - ok
13:02:41.0237 1980 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
13:02:41.0237 1980 C:\Windows\System32\msvcrt.dll - ok
13:02:41.0237 1980 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
13:02:41.0237 1980 C:\Windows\System32\drivers\drmk.sys - ok
13:02:41.0237 1980 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
13:02:41.0237 1980 C:\Windows\System32\drivers\portcls.sys - ok
13:02:41.0252 1980 [ 2B888BBDF6962E608A5E1A1D7A626ADF ] C:\Windows\System32\drivers\RTKVHD64.sys
13:02:41.0252 1980 C:\Windows\System32\drivers\RTKVHD64.sys - ok
13:02:41.0252 1980 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
13:02:41.0252 1980 C:\Windows\System32\drivers\ksthunk.sys - ok
13:02:41.0252 1980 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
13:02:41.0252 1980 C:\Windows\System32\lpk.dll - ok
13:02:41.0252 1980 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
13:02:41.0252 1980 C:\Windows\System32\gdi32.dll - ok
13:02:41.0268 1980 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
13:02:41.0268 1980 C:\Windows\System32\sechost.dll - ok
13:02:41.0268 1980 [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\Windows\System32\urlmon.dll
13:02:41.0268 1980 C:\Windows\System32\urlmon.dll - ok
13:02:41.0268 1980 [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\Windows\System32\iertutil.dll
13:02:41.0268 1980 C:\Windows\System32\iertutil.dll - ok
13:02:41.0268 1980 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
13:02:41.0268 1980 C:\Windows\System32\clbcatq.dll - ok
13:02:41.0284 1980 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
13:02:41.0284 1980 C:\Windows\System32\normaliz.dll - ok
13:02:41.0284 1980 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
13:02:41.0284 1980 C:\Windows\System32\Wldap32.dll - ok
13:02:41.0284 1980 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
13:02:41.0284 1980 C:\Windows\System32\ws2_32.dll - ok
13:02:41.0299 1980 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
13:02:41.0299 1980 C:\Windows\System32\ole32.dll - ok
13:02:41.0299 1980 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
13:02:41.0299 1980 C:\Windows\System32\msctf.dll - ok
13:02:41.0299 1980 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
13:02:41.0299 1980 C:\Windows\System32\rpcrt4.dll - ok
13:02:41.0299 1980 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
13:02:41.0299 1980 C:\Windows\System32\oleaut32.dll - ok
13:02:41.0315 1980 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
13:02:41.0315 1980 C:\Windows\System32\shlwapi.dll - ok
13:02:41.0315 1980 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
13:02:41.0315 1980 C:\Windows\System32\advapi32.dll - ok
13:02:41.0315 1980 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
13:02:41.0315 1980 C:\Windows\System32\difxapi.dll - ok
13:02:41.0330 1980 [ FA274190682AA41A46B285208ED46A74 ] C:\Windows\System32\wininet.dll
13:02:41.0330 1980 C:\Windows\System32\wininet.dll - ok
13:02:41.0330 1980 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
13:02:41.0330 1980 C:\Windows\System32\nsi.dll - ok
13:02:41.0330 1980 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
13:02:41.0330 1980 C:\Windows\System32\user32.dll - ok
13:02:41.0330 1980 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
13:02:41.0330 1980 C:\Windows\System32\setupapi.dll - ok
13:02:41.0346 1980 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
13:02:41.0346 1980 C:\Windows\System32\comdlg32.dll - ok
13:02:41.0346 1980 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
13:02:41.0346 1980 C:\Windows\System32\imagehlp.dll - ok
13:02:41.0346 1980 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
13:02:41.0346 1980 C:\Windows\System32\crypt32.dll - ok
13:02:41.0362 1980 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
13:02:41.0362 1980 C:\Windows\System32\psapi.dll - ok
13:02:41.0362 1980 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
13:02:41.0362 1980 C:\Windows\System32\wintrust.dll - ok
13:02:41.0362 1980 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
13:02:41.0362 1980 C:\Windows\System32\comctl32.dll - ok
13:02:41.0362 1980 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
13:02:41.0362 1980 C:\Windows\System32\KernelBase.dll - ok
13:02:41.0377 1980 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
13:02:41.0377 1980 C:\Windows\System32\cfgmgr32.dll - ok
13:02:41.0377 1980 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
13:02:41.0377 1980 C:\Windows\System32\devobj.dll - ok
13:02:41.0377 1980 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
13:02:41.0377 1980 C:\Windows\System32\msasn1.dll - ok
13:02:41.0393 1980 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
13:02:41.0393 1980 C:\Windows\SysWOW64\normaliz.dll - ok
13:02:41.0393 1980 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
13:02:41.0393 1980 C:\Windows\System32\drivers\dxapi.sys - ok
13:02:41.0393 1980 [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
13:02:41.0393 1980 C:\Windows\System32\win32k.sys - ok
13:02:41.0393 1980 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
13:02:41.0393 1980 C:\Windows\System32\csrss.exe - ok
13:02:41.0408 1980 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
13:02:41.0408 1980 C:\Windows\System32\basesrv.dll - ok
13:02:41.0408 1980 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
13:02:41.0408 1980 C:\Windows\System32\csrsrv.dll - ok
13:02:41.0408 1980 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
13:02:41.0408 1980 C:\Windows\System32\winsrv.dll - ok
13:02:41.0408 1980 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
13:02:41.0408 1980 C:\Windows\System32\drivers\usbccgp.sys - ok
13:02:41.0424 1980 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
13:02:41.0424 1980 C:\Windows\System32\drivers\usbd.sys - ok
13:02:41.0424 1980 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
13:02:41.0424 1980 C:\Windows\System32\drivers\USBSTOR.SYS - ok
13:02:41.0424 1980 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
13:02:41.0424 1980 C:\Windows\System32\drivers\hidclass.sys - ok
13:02:41.0440 1980 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
13:02:41.0440 1980 C:\Windows\System32\drivers\hidparse.sys - ok
13:02:41.0440 1980 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
13:02:41.0440 1980 C:\Windows\System32\drivers\hidusb.sys - ok
13:02:41.0440 1980 [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
13:02:41.0440 1980 C:\Windows\System32\drivers\usbprint.sys - ok
13:02:41.0455 1980 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] C:\Windows\System32\drivers\usbscan.sys
13:02:41.0455 1980 C:\Windows\System32\drivers\usbscan.sys - ok
13:02:41.0455 1980 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
13:02:41.0455 1980 C:\Windows\System32\drivers\kbdhid.sys - ok
13:02:41.0455 1980 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
13:02:41.0455 1980 C:\Windows\System32\drivers\mouhid.sys - ok
13:02:41.0455 1980 [ D4012918D3A3847B44B888D56BC095D6 ] C:\Windows\System32\drivers\nuidfltr.sys
13:02:41.0455 1980 C:\Windows\System32\drivers\nuidfltr.sys - ok
13:02:41.0471 1980 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
13:02:41.0471 1980 C:\Windows\System32\drivers\monitor.sys - ok
13:02:41.0471 1980 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
13:02:41.0471 1980 C:\Windows\System32\sxssrv.dll - ok
13:02:41.0471 1980 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
13:02:41.0471 1980 C:\Windows\System32\tsddd.dll - ok
13:02:41.0471 1980 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
13:02:41.0471 1980 C:\Windows\System32\wininit.exe - ok
13:02:41.0486 1980 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
13:02:41.0486 1980 C:\Windows\System32\profapi.dll - ok
13:02:41.0486 1980 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
13:02:41.0486 1980 C:\Windows\System32\RpcRtRemote.dll - ok
13:02:41.0486 1980 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
13:02:41.0486 1980 C:\Windows\System32\cdd.dll - ok
13:02:41.0502 1980 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
13:02:41.0502 1980 C:\Windows\System32\KBDUS.DLL - ok
13:02:41.0502 1980 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
13:02:41.0502 1980 C:\Windows\System32\winlogon.exe - ok
13:02:41.0502 1980 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
13:02:41.0502 1980 C:\Windows\System32\WlS0WndH.dll - ok
13:02:41.0502 1980 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
13:02:41.0502 1980 C:\Windows\System32\sxs.dll - ok
13:02:41.0518 1980 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
13:02:41.0518 1980 C:\Windows\System32\cryptbase.dll - ok
13:02:41.0518 1980 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
13:02:41.0518 1980 C:\Windows\System32\apphelp.dll - ok
13:02:41.0518 1980 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
13:02:41.0518 1980 C:\Windows\System32\winsta.dll - ok
13:02:41.0518 1980 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
13:02:41.0518 1980 C:\Windows\System32\lsass.exe - ok
13:02:41.0533 1980 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
13:02:41.0533 1980 C:\Windows\System32\lsm.exe - ok
13:02:41.0533 1980 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
13:02:41.0533 1980 C:\Windows\System32\services.exe - ok
13:02:41.0533 1980 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
13:02:41.0533 1980 C:\Windows\System32\sspisrv.dll - ok
13:02:41.0549 1980 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
13:02:41.0549 1980 C:\Windows\System32\lsasrv.dll - ok
13:02:41.0549 1980 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
13:02:41.0549 1980 C:\Windows\System32\sspicli.dll - ok
13:02:41.0549 1980 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
13:02:41.0549 1980 C:\Windows\System32\scesrv.dll - ok
13:02:41.0549 1980 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
13:02:41.0549 1980 C:\Windows\System32\scext.dll - ok
13:02:41.0564 1980 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
13:02:41.0564 1980 C:\Windows\System32\secur32.dll - ok
13:02:41.0564 1980 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
13:02:41.0564 1980 C:\Windows\System32\sysntfy.dll - ok
13:02:41.0564 1980 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
13:02:41.0564 1980 C:\Windows\System32\wmsgapi.dll - ok
13:02:41.0580 1980 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
13:02:41.0580 1980 C:\Windows\System32\samsrv.dll - ok
13:02:41.0580 1980 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
13:02:41.0580 1980 C:\Windows\System32\srvcli.dll - ok
13:02:41.0580 1980 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
13:02:41.0580 1980 C:\Windows\System32\cryptdll.dll - ok
13:02:41.0580 1980 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
13:02:41.0580 1980 C:\Windows\System32\wevtapi.dll - ok
13:02:41.0596 1980 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
13:02:41.0596 1980 C:\Windows\System32\authz.dll - ok
13:02:41.0596 1980 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
13:02:41.0596 1980 C:\Windows\System32\cngaudit.dll - ok
13:02:41.0596 1980 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
13:02:41.0596 1980 C:\Windows\System32\ncrypt.dll - ok
13:02:41.0596 1980 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
13:02:41.0596 1980 C:\Windows\System32\bcrypt.dll - ok
13:02:41.0611 1980 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
13:02:41.0611 1980 C:\Windows\System32\msprivs.dll - ok
13:02:41.0611 1980 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
13:02:41.0611 1980 C:\Windows\System32\netjoin.dll - ok
13:02:41.0611 1980 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
13:02:41.0611 1980 C:\Windows\System32\negoexts.dll - ok
13:02:41.0627 1980 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
13:02:41.0627 1980 C:\Windows\System32\kerberos.dll - ok
13:02:41.0627 1980 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
13:02:41.0627 1980 C:\Windows\System32\cryptsp.dll - ok
13:02:41.0627 1980 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
13:02:41.0627 1980 C:\Windows\System32\mswsock.dll - ok
13:02:41.0627 1980 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
13:02:41.0627 1980 C:\Windows\System32\msv1_0.dll - ok
13:02:41.0642 1980 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
13:02:41.0642 1980 C:\Windows\System32\wship6.dll - ok
13:02:41.0642 1980 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
13:02:41.0642 1980 C:\Windows\System32\netlogon.dll - ok
13:02:41.0642 1980 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
13:02:41.0642 1980 C:\Windows\System32\dnsapi.dll - ok
13:02:41.0658 1980 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
13:02:41.0658 1980 C:\Windows\System32\logoncli.dll - ok
13:02:41.0658 1980 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
13:02:41.0658 1980 C:\Windows\System32\schannel.dll - ok
13:02:41.0658 1980 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
13:02:41.0658 1980 C:\Windows\System32\wdigest.dll - ok
13:02:41.0658 1980 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
13:02:41.0658 1980 C:\Windows\System32\rsaenh.dll - ok
13:02:41.0674 1980 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
13:02:41.0674 1980 C:\Windows\System32\TSpkg.dll - ok
13:02:41.0674 1980 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
13:02:41.0674 1980 C:\Windows\System32\pku2u.dll - ok
13:02:41.0674 1980 [ 918434C02A5A8ED1DD1B16A2FF16409C ] C:\Windows\System32\LIVESSP.DLL
13:02:41.0674 1980 C:\Windows\System32\LIVESSP.DLL - ok
13:02:41.0674 1980 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
13:02:41.0689 1980 C:\Windows\System32\bcryptprimitives.dll - ok
13:02:41.0689 1980 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
13:02:41.0689 1980 C:\Windows\System32\credssp.dll - ok
13:02:41.0689 1980 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
13:02:41.0689 1980 C:\Windows\System32\efslsaext.dll - ok
13:02:41.0689 1980 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
13:02:41.0689 1980 C:\Windows\System32\scecli.dll - ok
13:02:41.0705 1980 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
13:02:41.0705 1980 C:\Windows\System32\ubpm.dll - ok
13:02:41.0705 1980 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
13:02:41.0705 1980 C:\Windows\System32\svchost.exe - ok
13:02:41.0705 1980 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
13:02:41.0705 1980 C:\Windows\System32\umpnpmgr.dll - ok
13:02:41.0705 1980 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
13:02:41.0705 1980 C:\Windows\System32\SPInf.dll - ok
13:02:41.0720 1980 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
13:02:41.0720 1980 C:\Windows\System32\devrtl.dll - ok
13:02:41.0720 1980 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
13:02:41.0720 1980 C:\Windows\System32\gpapi.dll - ok
13:02:41.0720 1980 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
13:02:41.0720 1980 C:\Windows\System32\userenv.dll - ok
13:02:41.0736 1980 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
13:02:41.0736 1980 C:\Windows\System32\umpo.dll - ok
13:02:41.0736 1980 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
13:02:41.0736 1980 C:\Windows\System32\pcwum.dll - ok
13:02:41.0736 1980 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
13:02:41.0736 1980 C:\Windows\System32\powrprof.dll - ok
13:02:41.0736 1980 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
13:02:41.0736 1980 C:\Windows\System32\drivers\luafv.sys - ok
13:02:41.0752 1980 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
13:02:41.0752 1980 C:\Windows\System32\drivers\Sftvollh.sys - ok
13:02:41.0752 1980 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
13:02:41.0752 1980 C:\Windows\System32\rpcss.dll - ok
13:02:41.0752 1980 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
13:02:41.0752 1980 C:\Windows\System32\RpcEpMap.dll - ok
13:02:41.0767 1980 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
13:02:41.0767 1980 C:\Windows\System32\wshqos.dll - ok
13:02:41.0767 1980 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
13:02:41.0767 1980 C:\Windows\System32\WSHTCPIP.DLL - ok
13:02:41.0767 1980 [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] C:\Windows\System32\atiesrxx.exe
13:02:41.0767 1980 C:\Windows\System32\atiesrxx.exe - ok
13:02:41.0767 1980 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
13:02:41.0767 1980 C:\Windows\System32\FirewallAPI.dll - ok
13:02:41.0783 1980 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
13:02:41.0783 1980 C:\Windows\System32\LogonUI.exe - ok
13:02:41.0783 1980 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
13:02:41.0783 1980 C:\Windows\System32\authui.dll - ok
13:02:41.0783 1980 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
13:02:41.0783 1980 C:\Windows\System32\wtsapi32.dll - ok
13:02:41.0783 1980 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
13:02:41.0783 1980 C:\Windows\System32\version.dll - ok
13:02:41.0798 1980 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
13:02:41.0798 1980 C:\Windows\System32\wevtsvc.dll - ok
13:02:41.0798 1980 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
13:02:41.0798 1980 C:\Windows\System32\cryptui.dll - ok
13:02:41.0798 1980 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
13:02:41.0798 1980 C:\Windows\System32\audiosrv.dll - ok
13:02:41.0814 1980 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
13:02:41.0814 1980 C:\Windows\System32\avrt.dll - ok
13:02:41.0814 1980 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
13:02:41.0814 1980 C:\Windows\System32\mmcss.dll - ok
13:02:41.0814 1980 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
13:02:41.0814 1980 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
13:02:41.0814 1980 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
13:02:41.0814 1980 C:\Windows\System32\shacct.dll - ok
13:02:41.0830 1980 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
13:02:41.0830 1980 C:\Windows\System32\propsys.dll - ok
13:02:41.0830 1980 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
13:02:41.0830 1980 C:\Windows\System32\samlib.dll - ok
13:02:41.0830 1980 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
13:02:41.0830 1980 C:\Windows\System32\MMDevAPI.dll - ok
13:02:41.0845 1980 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
13:02:41.0845 1980 C:\Windows\System32\netprofm.dll - ok
13:02:41.0845 1980 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
13:02:41.0845 1980 C:\Windows\System32\adtschema.dll - ok
13:02:41.0845 1980 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
13:02:41.0845 1980 C:\Windows\System32\MPSSVC.dll - ok
13:02:41.0845 1980 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
13:02:41.0845 1980 C:\Windows\System32\audiodg.exe - ok
13:02:41.0861 1980 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
13:02:41.0861 1980 C:\Windows\System32\gpsvc.dll - ok
13:02:41.0861 1980 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
13:02:41.0861 1980 C:\Windows\System32\nlaapi.dll - ok
13:02:41.0861 1980 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
13:02:41.0861 1980 C:\Windows\System32\profsvc.dll - ok
13:02:41.0876 1980 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
13:02:41.0876 1980 C:\Windows\System32\themeservice.dll - ok
13:02:41.0876 1980 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
13:02:41.0876 1980 C:\Windows\System32\ntmarta.dll - ok
13:02:41.0876 1980 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
13:02:41.0876 1980 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
13:02:41.0876 1980 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
13:02:41.0876 1980 C:\Windows\System32\WUDFPlatform.dll - ok
13:02:41.0892 1980 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
13:02:41.0892 1980 C:\Windows\System32\drivers\fltMgr.sys - ok
13:02:41.0892 1980 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
13:02:41.0892 1980 C:\Windows\System32\PSHED.DLL - ok
13:02:41.0892 1980 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
13:02:41.0892 1980 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
13:02:41.0908 1980 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
13:02:41.0908 1980 C:\Windows\System32\atl.dll - ok
13:02:41.0908 1980 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
13:02:41.0908 1980 C:\Windows\System32\dsrole.dll - ok
13:02:41.0908 1980 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
13:02:41.0908 1980 C:\Windows\System32\slc.dll - ok
13:02:41.0908 1980 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
13:02:41.0908 1980 C:\Windows\System32\es.dll - ok
13:02:41.0923 1980 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
13:02:41.0923 1980 C:\Windows\System32\Sens.dll - ok
13:02:41.0923 1980 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
13:02:41.0923 1980 C:\Windows\System32\drivers\lltdio.sys - ok
13:02:41.0923 1980 [ 99E6AA0AE2D05389BA7F7DFF6866B569 ] C:\Windows\System32\drivers\packet.sys
13:02:41.0923 1980 C:\Windows\System32\drivers\packet.sys - ok
13:02:41.0939 1980 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
13:02:41.0939 1980 C:\Windows\System32\uxsms.dll - ok
13:02:41.0939 1980 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
13:02:41.0939 1980 C:\Windows\System32\drivers\nwifi.sys - ok
13:02:41.0939 1980 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
13:02:41.0939 1980 C:\Windows\System32\drivers\ndisuio.sys - ok
13:02:41.0939 1980 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
13:02:41.0939 1980 C:\Windows\System32\drivers\rspndr.sys - ok
13:02:41.0954 1980 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
13:02:41.0954 1980 C:\Windows\System32\IPHLPAPI.DLL - ok
13:02:41.0954 1980 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
13:02:41.0954 1980 C:\Windows\System32\lmhsvc.dll - ok
13:02:41.0954 1980 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
13:02:41.0954 1980 C:\Windows\System32\nsisvc.dll - ok
13:02:41.0970 1980 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
13:02:41.0970 1980 C:\Windows\System32\dhcpcore.dll - ok
13:02:41.0970 1980 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
13:02:41.0970 1980 C:\Windows\System32\nrpsrv.dll - ok
13:02:41.0970 1980 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
13:02:41.0970 1980 C:\Windows\System32\winnsi.dll - ok
13:02:41.0970 1980 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
13:02:41.0970 1980 C:\Windows\System32\dnsrslvr.dll - ok
13:02:41.0986 1980 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
13:02:41.0986 1980 C:\Windows\System32\FWPUCLNT.DLL - ok
13:02:41.0986 1980 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
13:02:41.0986 1980 C:\Windows\System32\keyiso.dll - ok
13:02:41.0986 1980 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
13:02:41.0986 1980 C:\Windows\System32\eapphost.dll - ok
13:02:41.0986 1980 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
13:02:41.0986 1980 C:\Windows\System32\eapsvc.dll - ok
13:02:42.0001 1980 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
13:02:42.0001 1980 C:\Windows\System32\dhcpcore6.dll - ok
13:02:42.0001 1980 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
13:02:42.0001 1980 C:\Windows\System32\dhcpcsvc.dll - ok
13:02:42.0001 1980 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
13:02:42.0001 1980 C:\Windows\System32\dhcpcsvc6.dll - ok
13:02:42.0017 1980 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
13:02:42.0017 1980 C:\Windows\System32\dnsext.dll - ok
13:02:42.0017 1980 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
13:02:42.0017 1980 C:\Windows\System32\comres.dll - ok
13:02:42.0017 1980 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
13:02:42.0017 1980 C:\Windows\System32\uxtheme.dll - ok
13:02:42.0017 1980 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
13:02:42.0017 1980 C:\Windows\System32\umb.dll - ok
13:02:42.0032 1980 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
13:02:42.0032 1980 C:\Windows\System32\wlansvc.dll - ok
13:02:42.0032 1980 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
13:02:42.0032 1980 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
13:02:42.0032 1980 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
13:02:42.0032 1980 C:\Windows\System32\dui70.dll - ok
13:02:42.0048 1980 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
13:02:42.0048 1980 C:\Windows\System32\duser.dll - ok
13:02:42.0048 1980 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
13:02:42.0048 1980 C:\Windows\System32\winmm.dll - ok
13:02:42.0048 1980 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
13:02:42.0048 1980 C:\Windows\System32\wdmaud.drv - ok
13:02:42.0048 1980 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
13:02:42.0048 1980 C:\Windows\System32\ksuser.dll - ok
13:02:42.0064 1980 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
13:02:42.0064 1980 C:\Windows\System32\SndVolSSO.dll - ok
13:02:42.0064 1980 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
13:02:42.0064 1980 C:\Windows\System32\dwmapi.dll - ok
13:02:42.0064 1980 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
13:02:42.0064 1980 C:\Windows\System32\hid.dll - ok
13:02:42.0064 1980 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
13:02:42.0064 1980 C:\Windows\System32\xmllite.dll - ok
13:02:42.0079 1980 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
13:02:42.0079 1980 C:\Windows\System32\AudioSes.dll - ok
13:02:42.0079 1980 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
13:02:42.0079 1980 C:\Windows\System32\msacm32.dll - ok
13:02:42.0079 1980 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
13:02:42.0079 1980 C:\Windows\System32\msacm32.drv - ok
13:02:42.0095 1980 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
13:02:42.0095 1980 C:\Windows\System32\midimap.dll - ok
13:02:42.0095 1980 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
13:02:42.0095 1980 C:\Windows\System32\WindowsCodecs.dll - ok
13:02:42.0095 1980 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
13:02:42.0095 1980 C:\Windows\System32\AudioEng.dll - ok
13:02:42.0095 1980 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
13:02:42.0095 1980 C:\Windows\System32\AUDIOKSE.dll - ok
13:02:42.0110 1980 [ C7F1648168BDEEC24562AB40C5D5940A ] C:\Windows\System32\RtkAPO64.dll
13:02:42.0110 1980 C:\Windows\System32\RtkAPO64.dll - ok
13:02:42.0110 1980 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
13:02:42.0110 1980 C:\Windows\System32\VaultCredProvider.dll - ok
13:02:42.0110 1980 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
13:02:42.0110 1980 C:\Windows\System32\winbrand.dll - ok
13:02:42.0126 1980 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
13:02:42.0126 1980 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
13:02:42.0126 1980 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
13:02:42.0126 1980 C:\Windows\System32\BioCredProv.dll - ok
13:02:42.0126 1980 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
13:02:42.0126 1980 C:\Windows\System32\credui.dll - ok
13:02:42.0142 1980 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
13:02:42.0142 1980 C:\Windows\System32\winbio.dll - ok
13:02:42.0142 1980 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
13:02:42.0142 1980 C:\Windows\System32\certCredProvider.dll - ok
13:02:42.0142 1980 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
13:02:42.0142 1980 C:\Windows\System32\netapi32.dll - ok
13:02:42.0142 1980 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
13:02:42.0142 1980 C:\Windows\System32\netutils.dll - ok
13:02:42.0157 1980 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
13:02:42.0157 1980 C:\Windows\System32\samcli.dll - ok
13:02:42.0157 1980 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
13:02:42.0157 1980 C:\Windows\System32\vaultcli.dll - ok
13:02:42.0157 1980 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
13:02:42.0157 1980 C:\Windows\System32\wkscli.dll - ok
13:02:42.0157 1980 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
13:02:42.0157 1980 C:\Windows\System32\WMALFXGFXDSP.dll - ok
13:02:42.0173 1980 [ FB25067C233B686B50F29ABD688B2A6D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
13:02:42.0173 1980 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
13:02:42.0173 1980 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
13:02:42.0173 1980 C:\Windows\System32\rasplap.dll - ok
13:02:42.0173 1980 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
13:02:42.0173 1980 C:\Windows\System32\mfplat.dll - ok
13:02:42.0188 1980 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
13:02:42.0188 1980 C:\Windows\System32\rasapi32.dll - ok
13:02:42.0188 1980 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
13:02:42.0188 1980 C:\Windows\System32\rasman.dll - ok
13:02:42.0188 1980 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
13:02:42.0188 1980 C:\Windows\System32\rtutils.dll - ok
13:02:42.0188 1980 [ 1A8EC24AEDF8150DA73BCB5DB8E4B431 ] C:\Windows\System32\atieclxx.exe
13:02:42.0188 1980 C:\Windows\System32\atieclxx.exe - ok
13:02:42.0204 1980 [ BD1F078914777F8E415D5CEA9C9FCABC ] C:\Windows\System32\atiadlxx.dll
13:02:42.0204 1980 C:\Windows\System32\atiadlxx.dll - ok
13:02:42.0204 1980 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
13:02:42.0204 1980 C:\Windows\System32\UXInit.dll - ok
13:02:42.0204 1980 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
13:02:42.0204 1980 C:\Windows\System32\wlanmsm.dll - ok
13:02:42.0220 1980 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
13:02:42.0220 1980 C:\Windows\System32\wlansec.dll - ok
13:02:42.0220 1980 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
13:02:42.0220 1980 C:\Windows\System32\onex.dll - ok
13:02:42.0220 1980 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
13:02:42.0220 1980 C:\Windows\System32\eappprxy.dll - ok
13:02:42.0220 1980 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
13:02:42.0220 1980 C:\Windows\System32\eappcfg.dll - ok
13:02:42.0235 1980 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
13:02:42.0235 1980 C:\Windows\System32\l2gpstore.dll - ok
13:02:42.0235 1980 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
13:02:42.0235 1980 C:\Windows\System32\wlgpclnt.dll - ok
13:02:42.0235 1980 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
13:02:42.0235 1980 C:\Windows\System32\WinSCard.dll - ok
13:02:42.0251 1980 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
13:02:42.0251 1980 C:\Windows\System32\wlanutil.dll - ok
13:02:42.0251 1980 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
13:02:42.0251 1980 C:\Windows\System32\msxml6.dll - ok
13:02:42.0251 1980 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
13:02:42.0251 1980 C:\Windows\System32\shsvcs.dll - ok
13:02:42.0251 1980 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
13:02:42.0251 1980 C:\Windows\System32\netcfgx.dll - ok
13:02:42.0266 1980 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
13:02:42.0266 1980 C:\Windows\System32\schedsvc.dll - ok
13:02:42.0266 1980 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
13:02:42.0266 1980 C:\Windows\System32\ktmw32.dll - ok
13:02:42.0266 1980 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
13:02:42.0266 1980 C:\Windows\System32\fveapi.dll - ok
13:02:42.0282 1980 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
13:02:42.0282 1980 C:\Windows\System32\oleacc.dll - ok
13:02:42.0282 1980 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
13:02:42.0282 1980 C:\Windows\System32\fvecerts.dll - ok
13:02:42.0282 1980 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
13:02:42.0282 1980 C:\Windows\System32\taskcomp.dll - ok
13:02:42.0282 1980 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
13:02:42.0282 1980 C:\Windows\System32\tbs.dll - ok
13:02:42.0298 1980 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
13:02:42.0298 1980 C:\Windows\System32\UIAutomationCore.dll - ok
13:02:42.0298 1980 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
13:02:42.0298 1980 C:\Windows\System32\wiarpc.dll - ok
13:02:42.0298 1980 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
13:02:42.0298 1980 C:\Windows\System32\drivers\http.sys - ok
13:02:42.0298 1980 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
13:02:42.0298 1980 C:\Windows\System32\spoolsv.exe - ok
13:02:42.0313 1980 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
13:02:42.0313 1980 C:\Windows\System32\imageres.dll - ok
13:02:42.0313 1980 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
13:02:42.0313 1980 C:\Windows\System32\BFE.DLL - ok
13:02:42.0313 1980 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
13:02:42.0313 1980 C:\Windows\System32\drivers\bowser.sys - ok
13:02:42.0313 1980 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
13:02:42.0329 1980 C:\Windows\System32\drivers\mpsdrv.sys - ok
13:02:42.0329 1980 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
13:02:42.0329 1980 C:\Windows\System32\drivers\mrxsmb.sys - ok
13:02:42.0329 1980 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
13:02:42.0329 1980 C:\Windows\System32\drivers\mrxsmb10.sys - ok
13:02:42.0329 1980 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
13:02:42.0329 1980 C:\Windows\System32\drivers\mrxsmb20.sys - ok
13:02:42.0344 1980 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
13:02:42.0344 1980 C:\Windows\System32\wkssvc.dll - ok
13:02:42.0344 1980 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
13:02:42.0344 1980 C:\Windows\System32\wfapigp.dll - ok
13:02:42.0344 1980 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
13:02:42.0344 1980 C:\Windows\System32\FntCache.dll - ok
13:02:42.0344 1980 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
13:02:42.0344 1980 C:\Windows\System32\mscms.dll - ok
13:02:42.0360 1980 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
13:02:42.0360 1980 C:\Windows\System32\pcasvc.dll - ok
13:02:42.0360 1980 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:02:42.0360 1980 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
13:02:42.0360 1980 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
13:02:42.0360 1980 C:\Windows\SysWOW64\ntdll.dll - ok
13:02:42.0376 1980 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
13:02:42.0376 1980 C:\Windows\System32\wow64.dll - ok
13:02:42.0376 1980 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
13:02:42.0376 1980 C:\Windows\System32\wow64win.dll - ok
13:02:42.0376 1980 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
13:02:42.0376 1980 C:\Windows\System32\wow64cpu.dll - ok
13:02:42.0376 1980 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
13:02:42.0376 1980 C:\Windows\SysWOW64\kernel32.dll - ok
13:02:42.0391 1980 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
13:02:42.0391 1980 C:\Windows\SysWOW64\KernelBase.dll - ok
13:02:42.0391 1980 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
13:02:42.0391 1980 C:\Windows\SysWOW64\user32.dll - ok
13:02:42.0391 1980 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
13:02:42.0391 1980 C:\Windows\SysWOW64\gdi32.dll - ok
13:02:42.0407 1980 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
13:02:42.0407 1980 C:\Windows\SysWOW64\lpk.dll - ok
13:02:42.0407 1980 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
13:02:42.0407 1980 C:\Windows\SysWOW64\usp10.dll - ok
13:02:42.0407 1980 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
13:02:42.0407 1980 C:\Windows\SysWOW64\msvcrt.dll - ok
13:02:42.0407 1980 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
13:02:42.0407 1980 C:\Windows\SysWOW64\advapi32.dll - ok
13:02:42.0422 1980 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
13:02:42.0422 1980 C:\Windows\SysWOW64\rpcrt4.dll - ok
13:02:42.0422 1980 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
13:02:42.0422 1980 C:\Windows\SysWOW64\sechost.dll - ok
13:02:42.0422 1980 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
13:02:42.0422 1980 C:\Windows\SysWOW64\cryptbase.dll - ok
13:02:42.0438 1980 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
13:02:42.0438 1980 C:\Windows\SysWOW64\shell32.dll - ok
13:02:42.0438 1980 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
13:02:42.0438 1980 C:\Windows\SysWOW64\sspicli.dll - ok
13:02:42.0438 1980 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
13:02:42.0438 1980 C:\Windows\System32\snmptrap.exe - ok
13:02:42.0438 1980 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
13:02:42.0438 1980 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
13:02:42.0454 1980 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
13:02:42.0454 1980 C:\Windows\System32\provsvc.dll - ok
13:02:42.0454 1980 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
13:02:42.0454 1980 C:\Windows\System32\sstpsvc.dll - ok
13:02:42.0454 1980 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
13:02:42.0454 1980 C:\Windows\SysWOW64\ole32.dll - ok
13:02:42.0469 1980 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
13:02:42.0469 1980 C:\Windows\SysWOW64\shlwapi.dll - ok
13:02:42.0469 1980 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
13:02:42.0469 1980 C:\Windows\SysWOW64\oleaut32.dll - ok
13:02:42.0469 1980 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
13:02:42.0469 1980 C:\Windows\SysWOW64\crypt32.dll - ok
13:02:42.0469 1980 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
13:02:42.0469 1980 C:\Windows\SysWOW64\msasn1.dll - ok
13:02:42.0485 1980 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
13:02:42.0485 1980 C:\Windows\SysWOW64\wintrust.dll - ok
13:02:42.0485 1980 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
13:02:42.0485 1980 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
13:02:42.0485 1980 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
13:02:42.0485 1980 C:\Windows\SysWOW64\imm32.dll - ok
13:02:42.0500 1980 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
13:02:42.0500 1980 C:\Windows\SysWOW64\msctf.dll - ok
13:02:42.0500 1980 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
13:02:42.0500 1980 C:\Windows\SysWOW64\svchost.exe - ok
13:02:42.0500 1980 [ C7074BD8D4B8F564859ED373433030AE ] C:\Program Files (x86)\Common Files\Akamai\netsession_win_ca0e279.dll
13:02:42.0500 1980 C:\Program Files (x86)\Common Files\Akamai\netsession_win_ca0e279.dll - ok
13:02:42.0500 1980 [ DD27F6C3DE9BFE50635C721E09EDC5DD ] C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
13:02:42.0500 1980 C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe - ok
13:02:42.0516 1980 [ 530566B97C73813FFDDE8EC0C7C044EA ] C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\XML_RPC_DLL.dll
13:02:42.0516 1980 C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\XML_RPC_DLL.dll - ok
13:02:42.0516 1980 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
13:02:42.0516 1980 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
13:02:42.0516 1980 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
13:02:42.0516 1980 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
13:02:42.0532 1980 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:02:42.0532 1980 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
13:02:42.0532 1980 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
13:02:42.0532 1980 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
13:02:42.0532 1980 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
13:02:42.0532 1980 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
13:02:42.0547 1980 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
13:02:42.0547 1980 C:\Windows\SysWOW64\ws2_32.dll - ok
13:02:42.0547 1980 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
13:02:42.0547 1980 C:\Windows\SysWOW64\nsi.dll - ok
13:02:42.0547 1980 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
13:02:42.0547 1980 C:\Windows\SysWOW64\pdh.dll - ok
13:02:42.0547 1980 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
13:02:42.0547 1980 C:\Windows\SysWOW64\psapi.dll - ok
13:02:42.0563 1980 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
13:02:42.0563 1980 C:\Windows\SysWOW64\winhttp.dll - ok
13:02:42.0563 1980 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
13:02:42.0563 1980 C:\Windows\SysWOW64\webio.dll - ok
13:02:42.0563 1980 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
13:02:42.0563 1980 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
13:02:42.0578 1980 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
13:02:42.0578 1980 C:\Windows\SysWOW64\netapi32.dll - ok
13:02:42.0578 1980 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
13:02:42.0578 1980 C:\Windows\SysWOW64\netutils.dll - ok
13:02:42.0578 1980 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
13:02:42.0578 1980 C:\Windows\SysWOW64\profapi.dll - ok
13:02:42.0578 1980 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
13:02:42.0578 1980 C:\Windows\SysWOW64\srvcli.dll - ok
13:02:42.0594 1980 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
13:02:42.0594 1980 C:\Windows\SysWOW64\userenv.dll - ok
13:02:42.0594 1980 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
13:02:42.0594 1980 C:\Windows\SysWOW64\winnsi.dll - ok
13:02:42.0594 1980 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
13:02:42.0594 1980 C:\Windows\SysWOW64\wkscli.dll - ok
13:02:42.0610 1980 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
13:02:42.0610 1980 C:\Windows\SysWOW64\wtsapi32.dll - ok
13:02:42.0610 1980 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
13:02:42.0610 1980 C:\Windows\SysWOW64\logoncli.dll - ok
13:02:42.0610 1980 [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\Windows\SysWOW64\wininet.dll
13:02:42.0610 1980 C:\Windows\SysWOW64\wininet.dll - ok
13:02:42.0610 1980 [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\Windows\SysWOW64\iertutil.dll
13:02:42.0610 1980 C:\Windows\SysWOW64\iertutil.dll - ok
13:02:42.0625 1980 [ 180D098704551DE37C6299AA888D6821 ] C:\Windows\SysWOW64\urlmon.dll
13:02:42.0625 1980 C:\Windows\SysWOW64\urlmon.dll - ok
13:02:42.0625 1980 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
13:02:42.0625 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
13:02:42.0625 1980 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
13:02:42.0625 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
13:02:42.0641 1980 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
13:02:42.0641 1980 C:\Windows\SysWOW64\version.dll - ok
13:02:42.0641 1980 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
13:02:42.0641 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
13:02:42.0641 1980 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
13:02:42.0641 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
13:02:42.0641 1980 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
13:02:42.0641 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
13:02:42.0656 1980 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
13:02:42.0656 1980 C:\Windows\SysWOW64\wsock32.dll - ok
13:02:42.0656 1980 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
13:02:42.0656 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
13:02:42.0656 1980 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
13:02:42.0656 1980 C:\Windows\SysWOW64\winmm.dll - ok
13:02:42.0672 1980 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
13:02:42.0672 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
13:02:42.0672 1980 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
13:02:42.0672 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
13:02:42.0672 1980 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
13:02:42.0672 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
13:02:42.0688 1980 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
13:02:42.0688 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
13:02:42.0688 1980 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
13:02:42.0688 1980 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
13:02:42.0688 1980 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
13:02:42.0688 1980 C:\Windows\SysWOW64\setupapi.dll - ok
13:02:42.0688 1980 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
13:02:42.0688 1980 C:\Windows\SysWOW64\cfgmgr32.dll - ok
13:02:42.0703 1980 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
13:02:42.0703 1980 C:\Windows\SysWOW64\devobj.dll - ok
13:02:42.0703 1980 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
13:02:42.0703 1980 C:\Windows\SysWOW64\dnssd.dll - ok
13:02:42.0703 1980 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
13:02:42.0703 1980 C:\Windows\SysWOW64\ntmarta.dll - ok
13:02:42.0719 1980 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
13:02:42.0719 1980 C:\Windows\SysWOW64\Wldap32.dll - ok
13:02:42.0719 1980 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
13:02:42.0719 1980 C:\Program Files\Bonjour\mDNSResponder.exe - ok
13:02:42.0719 1980 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
13:02:42.0719 1980 C:\Windows\SysWOW64\mswsock.dll - ok
13:02:42.0719 1980 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
13:02:42.0719 1980 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
13:02:42.0734 1980 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
13:02:42.0734 1980 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
13:02:42.0734 1980 [ EA3333DB9AB03106EEC0D6D9D487ED01 ] C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
13:02:42.0734 1980 C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe - ok
13:02:42.0734 1980 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
13:02:42.0734 1980 C:\Windows\SysWOW64\credssp.dll - ok
13:02:42.0750 1980 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
13:02:42.0750 1980 C:\Windows\SysWOW64\cryptsp.dll - ok
13:02:42.0750 1980 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
13:02:42.0750 1980 C:\Windows\SysWOW64\msv1_0.dll - ok
13:02:42.0750 1980 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
13:02:42.0750 1980 C:\Windows\SysWOW64\secur32.dll - ok
13:02:42.0750 1980 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
13:02:42.0750 1980 C:\Windows\SysWOW64\security.dll - ok
13:02:42.0766 1980 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
13:02:42.0766 1980 C:\Windows\SysWOW64\cryptdll.dll - ok
13:02:42.0766 1980 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
13:02:42.0766 1980 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
13:02:42.0766 1980 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
13:02:42.0766 1980 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
13:02:42.0781 1980 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
13:02:42.0781 1980 C:\Windows\SysWOW64\winsta.dll - ok
13:02:42.0781 1980 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
13:02:42.0781 1980 C:\Windows\SysWOW64\clbcatq.dll - ok
13:02:42.0781 1980 [ A84509C6AB1C764C592F192AA89DA830 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
13:02:42.0781 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
13:02:42.0797 1980 [ 2D0157B482115B37F1D84D69A22790D4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
13:02:42.0797 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
13:02:42.0797 1980 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
13:02:42.0797 1980 C:\Windows\System32\cryptsvc.dll - ok
13:02:42.0797 1980 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
13:02:42.0797 1980 C:\Windows\System32\dps.dll - ok
13:02:42.0812 1980 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
13:02:42.0812 1980 C:\Windows\SysWOW64\wmp.dll - ok
13:02:42.0812 1980 [ CE0006BA28A1C6883AA7B2E4CC31B125 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
13:02:42.0812 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\hnm_svc.exe - ok
13:02:42.0812 1980 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
13:02:42.0812 1980 C:\Windows\System32\cryptnet.dll - ok
13:02:42.0828 1980 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
13:02:42.0828 1980 C:\Windows\System32\taskschd.dll - ok
13:02:42.0828 1980 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
13:02:42.0828 1980 C:\Windows\System32\vssapi.dll - ok
13:02:42.0828 1980 [ F2B8855B667FA274853CD21332EAB89E ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\dbghelp.dll
13:02:42.0828 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\dbghelp.dll - ok
13:02:42.0828 1980 [ B123B1027CAF9C09C8ADCB07BE7B227D ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi.dll
13:02:42.0828 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi.dll - ok
13:02:42.0844 1980 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
13:02:42.0844 1980 C:\Windows\System32\wdi.dll - ok
13:02:42.0844 1980 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
13:02:42.0844 1980 C:\Windows\SysWOW64\samcli.dll - ok
13:02:42.0844 1980 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
13:02:42.0844 1980 C:\Windows\System32\vsstrace.dll - ok
13:02:42.0844 1980 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
13:02:42.0844 1980 C:\Windows\SysWOW64\rasapi32.dll - ok
13:02:42.0859 1980 [ 0A855F27A1E48991D14C593CB930D2B2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
13:02:42.0859 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
13:02:42.0859 1980 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
13:02:42.0859 1980 C:\Windows\SysWOW64\rasman.dll - ok
13:02:42.0859 1980 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
13:02:42.0859 1980 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
13:02:42.0875 1980 [ E8F932E855CBF23ED4632439A35E7354 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
13:02:42.0875 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
13:02:42.0875 1980 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\SysWOW64\wsnmp32.dll
13:02:42.0875 1980 C:\Windows\SysWOW64\wsnmp32.dll - ok
13:02:42.0875 1980 [ 0A09E5A08D434C31A59C20D50D41C389 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_comm.dll
13:02:42.0875 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_comm.dll - ok
13:02:42.0890 1980 [ 66A7AFB8BEF18B063B09709A90522492 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_crypt.dll
13:02:42.0890 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_crypt.dll - ok
13:02:42.0890 1980 [ 5BF449CC6DC91C756A5C077723C8C6AC ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_dev.dll
13:02:42.0890 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_dev.dll - ok
13:02:42.0890 1980 [ 72CCAE0FEE46902A8927CF260A71E82B ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_registry.dll
13:02:42.0890 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_registry.dll - ok
13:02:42.0906 1980 [ 4692DC0925CA2529D461853873749676 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_dun.dll
13:02:42.0906 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_dun.dll - ok
13:02:42.0906 1980 [ 8ED122E950956FBC3AE95ADBA6437938 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_ip_hlpr.dll
13:02:42.0906 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_ip_hlpr.dll - ok
13:02:42.0906 1980 [ C1851DBDA5EF33A3B8398604FC8C43D1 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_oui.dll
13:02:42.0906 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_oui.dll - ok
13:02:42.0906 1980 [ 9ED2FE15F63FD8F7BF2240C5AAD82071 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_snetcfg.dll
13:02:42.0906 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_snetcfg.dll - ok
13:02:42.0922 1980 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
13:02:42.0922 1980 C:\Windows\SysWOW64\msi.dll - ok
13:02:42.0922 1980 [ 7061BDF6A436BA8AD999D7BE5C2A9ED7 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_socket.dll
13:02:42.0922 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_socket.dll - ok
13:02:42.0922 1980 [ 049BD57E65832237796D9475D68B50CE ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_sys32.dll
13:02:42.0922 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_sys32.dll - ok
13:02:42.0937 1980 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
13:02:42.0937 1980 C:\Windows\SysWOW64\browcli.dll - ok
13:02:42.0937 1980 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
13:02:42.0937 1980 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
13:02:42.0937 1980 [ 835BFF67EBD89BCE0B13460B2A56C53E ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
13:02:42.0937 1980 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
13:02:42.0953 1980 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
13:02:42.0953 1980 C:\Windows\SysWOW64\mpr.dll - ok
13:02:42.0953 1980 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
13:02:42.0953 1980 C:\Windows\SysWOW64\winspool.drv - ok
13:02:42.0953 1980 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
13:02:42.0953 1980 C:\Windows\SysWOW64\wship6.dll - ok
13:02:42.0953 1980 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
13:02:42.0953 1980 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
13:02:42.0968 1980 [ E2DCC350F07238CC76352F59BF031C99 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_http.dll
13:02:42.0968 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_http.dll - ok
13:02:42.0968 1980 [ FCC94278B520594A6BF08A0E3E96802A ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\packet_api.dll
13:02:42.0968 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\packet_api.dll - ok
13:02:42.0968 1980 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
13:02:42.0968 1980 C:\Windows\SysWOW64\dnsapi.dll - ok
13:02:42.0984 1980 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
13:02:42.0984 1980 C:\Windows\SysWOW64\rasadhlp.dll - ok
13:02:42.0984 1980 [ F6D3FC772CE57D0BD689AD7896F16738 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_icc.dll
13:02:42.0984 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_icc.dll - ok
13:02:42.0984 1980 [ 1D0511BA609BDCF12605819A8FE0A539 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\hnm_ipc.dll
13:02:42.0984 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\hnm_ipc.dll - ok
13:02:42.0984 1980 [ 3A12F229D17870FD2D028C69DF27263F ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_sha.dll
13:02:42.0984 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_sha.dll - ok
13:02:43.0000 1980 [ 3C263E2B6407CC1B9CC55CFA1300852C ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_upnp.dll
13:02:43.0000 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_upnp.dll - ok
13:02:43.0000 1980 [ 7B30BB253054FEE95CDC69D4AA511D29 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_wireless.dll
13:02:43.0000 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_wireless.dll - ok
13:02:43.0000 1980 [ 1F82F8AC6769A041DCB5E440B3462ED9 ] C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_wmi.dll
13:02:43.0000 1980 C:\Program Files (x86)\Common Files\SingleClick Systems\Advanced Networking Service\ezi_wmi.dll - ok
13:02:43.0015 1980 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
13:02:43.0015 1980 C:\Windows\SysWOW64\dwmapi.dll - ok
13:02:43.0015 1980 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
13:02:43.0015 1980 C:\Windows\SysWOW64\wmploc.DLL - ok
13:02:43.0015 1980 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
13:02:43.0015 1980 C:\Windows\SysWOW64\propsys.dll - ok
13:02:43.0031 1980 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
13:02:43.0031 1980 C:\Windows\SysWOW64\uxtheme.dll - ok
13:02:43.0031 1980 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
13:02:43.0031 1980 C:\Windows\System32\IKEEXT.DLL - ok
13:02:43.0031 1980 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll
13:02:43.0031 1980 C:\Windows\SysWOW64\netcfgx.dll - ok
13:02:43.0031 1980 [ 1B2AA330C30062CCF3AC6847D6652FCB ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
13:02:43.0031 1980 C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
13:02:43.0046 1980 [ 7550D101BF49FDB1F92666A233EE36C4 ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:02:43.0046 1980 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
13:02:43.0046 1980 [ 5973175F67CAC09A60EE4FDB11CC52E1 ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
13:02:43.0046 1980 C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
13:02:43.0046 1980 [ 622FCF264119F7DF127BE353F796B319 ] C:\PROGRA~2\MYSCRA~2\bar\1.bin\12barsvc.exe
13:02:43.0046 1980 C:\PROGRA~2\MYSCRA~2\bar\1.bin\12barsvc.exe - ok
13:02:43.0062 1980 [ F2840DBFE9322F35557219AE82CC4597 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
13:02:43.0062 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe - ok
13:02:43.0062 1980 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
13:02:43.0062 1980 C:\Windows\System32\netman.dll - ok
13:02:43.0062 1980 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
13:02:43.0062 1980 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
13:02:43.0062 1980 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
13:02:43.0062 1980 C:\Windows\SysWOW64\slc.dll - ok
13:02:43.0078 1980 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
13:02:43.0078 1980 C:\Windows\SysWOW64\devrtl.dll - ok
13:02:43.0078 1980 [ 4853FAA23868E66FD66DC81B8DD42333 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccl110u.dll
13:02:43.0078 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccl110u.dll - ok
13:02:43.0078 1980 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
13:02:43.0078 1980 C:\Windows\SysWOW64\dbghelp.dll - ok
13:02:43.0093 1980 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
13:02:43.0093 1980 C:\Windows\System32\vpnikeapi.dll - ok
13:02:43.0093 1980 [ 2257C98561EBAC594A8BB797970D6D54 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccvrtrst.dll
13:02:43.0093 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccvrtrst.dll - ok
13:02:43.0093 1980 [ BDF850D185B2344C7811B79E49050188 ] C:\Program Files (x86)\PDF Complete\pdfsvc.exe
13:02:43.0093 1980 C:\Program Files (x86)\PDF Complete\pdfsvc.exe - ok
13:02:43.0109 1980 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
13:02:43.0109 1980 C:\Windows\System32\aepic.dll - ok
13:02:43.0109 1980 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
13:02:43.0109 1980 C:\Windows\System32\nlasvc.dll - ok
13:02:43.0109 1980 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
13:02:43.0109 1980 C:\Windows\System32\sfc.dll - ok
13:02:43.0109 1980 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
13:02:43.0109 1980 C:\Windows\System32\sfc_os.dll - ok
13:02:43.0124 1980 [ 52364B2BBA5D1CB4E6A55076EB184D90 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\efacli.dll
13:02:43.0124 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\efacli.dll - ok
13:02:43.0124 1980 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
13:02:43.0124 1980 C:\Windows\System32\ncsi.dll - ok
13:02:43.0124 1980 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
13:02:43.0124 1980 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
13:02:43.0124 1980 [ 8B8EEDA3D4B9C32170918B4EB8EF023B ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvc.dll
13:02:43.0124 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvc.dll - ok
13:02:43.0140 1980 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
13:02:43.0140 1980 C:\Windows\System32\winhttp.dll - ok
13:02:43.0140 1980 [ 65D64BB840ABF8AA317E1A56595C5E28 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\srtsp32.dll
13:02:43.0140 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\srtsp32.dll - ok
13:02:43.0140 1980 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
13:02:43.0140 1980 C:\Windows\System32\webio.dll - ok
13:02:43.0156 1980 [ 79ED7408D94471522D5C34BA10BCC7B9 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccipc.dll
13:02:43.0156 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccipc.dll - ok
13:02:43.0156 1980 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
13:02:43.0156 1980 C:\Windows\System32\ssdpapi.dll - ok
13:02:43.0156 1980 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
13:02:43.0156 1980 C:\Windows\System32\drivers\PEAuth.sys - ok
13:02:43.0171 1980 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
13:02:43.0171 1980 C:\Windows\System32\drivers\secdrv.sys - ok
13:02:43.0171 1980 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys
13:02:43.0171 1980 C:\Windows\System32\drivers\Sftfslh.sys - ok
13:02:43.0171 1980 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
13:02:43.0171 1980 C:\Windows\System32\seclogon.dll - ok
13:02:43.0171 1980 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
13:02:43.0171 1980 C:\Windows\System32\aeevts.dll - ok
13:02:43.0187 1980 [ 0A888754C63C3A5D8CD8F7492C62B40D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
13:02:43.0187 1980 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
13:02:43.0187 1980 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
13:02:43.0187 1980 C:\Program Files\Bonjour\mdnsNSP.dll - ok
13:02:43.0187 1980 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
13:02:43.0187 1980 C:\Windows\System32\rasadhlp.dll - ok
13:02:43.0202 1980 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
13:02:43.0202 1980 C:\Windows\System32\localspl.dll - ok
13:02:43.0202 1980 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
13:02:43.0202 1980 C:\Windows\SysWOW64\wlanapi.dll - ok
13:02:43.0202 1980 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
13:02:43.0202 1980 C:\Windows\SysWOW64\wlanutil.dll - ok
13:02:43.0202 1980 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
13:02:43.0202 1980 C:\Windows\System32\spoolss.dll - ok
13:02:43.0218 1980 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
13:02:43.0218 1980 C:\Windows\System32\winspool.drv - ok
13:02:43.0218 1980 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
13:02:43.0218 1980 C:\Windows\SysWOW64\rsaenh.dll - ok
13:02:43.0218 1980 [ FED24B6873814C0222E0F2705B893188 ] C:\Windows\System32\AdobePDF.dll
13:02:43.0218 1980 C:\Windows\System32\AdobePDF.dll - ok
13:02:43.0234 1980 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
13:02:43.0234 1980 C:\Windows\System32\PrintIsolationProxy.dll - ok
13:02:43.0234 1980 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
13:02:43.0234 1980 C:\Windows\System32\FXSMON.dll - ok
13:02:43.0234 1980 [ 62A0ED06E9FF55EEF51B27EC4839EE0B ] C:\Windows\System32\hpz3lw71.dll
13:02:43.0234 1980 C:\Windows\System32\hpz3lw71.dll - ok
13:02:43.0234 1980 [ C5E82BCFD577AF98F3A7937A69A338B9 ] C:\Windows\System32\HPZ3LWN7.DLL
13:02:43.0234 1980 C:\Windows\System32\HPZ3LWN7.DLL - ok
13:02:43.0249 1980 [ EF255A7B70D4884B80B8D727B74F3E83 ] C:\Windows\System32\pdfc_port.dll
13:02:43.0249 1980 C:\Windows\System32\pdfc_port.dll - ok
13:02:43.0249 1980 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
13:02:43.0249 1980 C:\Windows\System32\tcpmon.dll - ok
13:02:43.0249 1980 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
13:02:43.0249 1980 C:\Windows\System32\snmpapi.dll - ok
13:02:43.0265 1980 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
13:02:43.0265 1980 C:\Windows\System32\wsnmp32.dll - ok
13:02:43.0265 1980 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
13:02:43.0265 1980 C:\Windows\System32\usbmon.dll - ok
13:02:43.0265 1980 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
13:02:43.0265 1980 C:\Windows\System32\WSDApi.dll - ok
13:02:43.0265 1980 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
13:02:43.0265 1980 C:\Windows\System32\WSDMon.dll - ok
13:02:43.0280 1980 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
13:02:43.0280 1980 C:\Windows\System32\webservices.dll - ok
13:02:43.0280 1980 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
13:02:43.0280 1980 C:\Windows\System32\fundisc.dll - ok
13:02:43.0280 1980 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
13:02:43.0280 1980 C:\Windows\SysWOW64\MMDevAPI.dll - ok
13:02:43.0296 1980 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
13:02:43.0296 1980 C:\Windows\System32\fdPnp.dll - ok
13:02:43.0296 1980 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
13:02:43.0296 1980 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
13:02:43.0296 1980 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
13:02:43.0296 1980 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
13:02:43.0296 1980 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
13:02:43.0296 1980 C:\Windows\SysWOW64\mfplat.dll - ok
13:02:43.0312 1980 [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL
13:02:43.0312 1980 C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok
13:02:43.0312 1980 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
13:02:43.0312 1980 C:\Windows\SysWOW64\AudioSes.dll - ok
13:02:43.0312 1980 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
13:02:43.0312 1980 C:\Windows\SysWOW64\avrt.dll - ok
13:02:43.0327 1980 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
13:02:43.0327 1980 C:\Windows\System32\win32spl.dll - ok
13:02:43.0327 1980 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
13:02:43.0327 1980 C:\Windows\System32\inetpp.dll - ok
13:02:43.0327 1980 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
13:02:43.0327 1980 C:\Windows\System32\cscapi.dll - ok
13:02:43.0327 1980 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
13:02:43.0327 1980 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
13:02:43.0343 1980 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
13:02:43.0343 1980 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
13:02:43.0343 1980 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
13:02:43.0343 1980 C:\Windows\System32\ntprint.dll - ok
13:02:43.0343 1980 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys
13:02:43.0343 1980 C:\Windows\System32\drivers\Sftplaylh.sys - ok
13:02:43.0358 1980 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:02:43.0358 1980 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
13:02:43.0358 1980 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
13:02:43.0358 1980 C:\Windows\System32\drivers\srvnet.sys - ok
13:02:43.0358 1980 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
13:02:43.0358 1980 C:\Windows\System32\drivers\tcpipreg.sys - ok
13:02:43.0358 1980 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
13:02:43.0358 1980 C:\Windows\System32\sysmain.dll - ok
13:02:43.0374 1980 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
13:02:43.0374 1980 C:\Windows\System32\wiaservc.dll - ok
13:02:43.0374 1980 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
13:02:43.0374 1980 C:\Windows\System32\httpapi.dll - ok
13:02:43.0374 1980 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
13:02:43.0374 1980 C:\Windows\System32\tapisrv.dll - ok
13:02:43.0374 1980 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
13:02:43.0374 1980 C:\Windows\System32\wiatrace.dll - ok
13:02:43.0390 1980 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
13:02:43.0390 1980 C:\Windows\System32\wsdchngr.dll - ok
13:02:43.0390 1980 [ 98F138897EF4246381D197CB81846D62 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:02:43.0390 1980 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
13:02:43.0390 1980 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
13:02:43.0390 1980 C:\Windows\System32\trkwks.dll - ok
13:02:43.0405 1980 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
13:02:43.0405 1980 C:\Windows\System32\wbem\WMIsvc.dll - ok
13:02:43.0405 1980 [ 678C769DA5F2F0F515D0F22D4FC4787D ] C:\Windows\System32\hpowiav1.dll
13:02:43.0405 1980 C:\Windows\System32\hpowiav1.dll - ok
13:02:43.0405 1980 [ 57B736E990BA15568FAFAE9262C0AE6B ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
13:02:43.0405 1980 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
13:02:43.0405 1980 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
13:02:43.0421 1980 C:\Windows\System32\SensApi.dll - ok
13:02:43.0421 1980 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
13:02:43.0421 1980 C:\Windows\System32\wbemcomn.dll - ok
13:02:43.0421 1980 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
13:02:43.0421 1980 C:\Windows\System32\ntdsapi.dll - ok
13:02:43.0421 1980 [ 6AF9C9F6D1B49A3382E52DCF13CC2CA8 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
13:02:43.0421 1980 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
13:02:43.0436 1980 [ 08F0BE836428436724EE15964AE8A2E1 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
13:02:43.0436 1980 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
13:02:43.0436 1980 [ A1CF0ED4315C7EBFF0B8E86C36B86FE6 ] C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll
13:02:43.0436 1980 C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll - ok
13:02:43.0436 1980 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
13:02:43.0436 1980 C:\Windows\System32\msxml3.dll - ok
13:02:43.0452 1980 [ 37D44BFEA9B50D75764660ADC35C83AC ] C:\Windows\System32\msvcp100.dll
13:02:43.0452 1980 C:\Windows\System32\msvcp100.dll - ok
13:02:43.0452 1980 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
13:02:43.0452 1980 C:\Windows\System32\wbem\WinMgmtR.dll - ok
13:02:43.0452 1980 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
13:02:43.0452 1980 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
13:02:43.0452 1980 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
13:02:43.0452 1980 C:\Windows\System32\wbem\fastprox.dll - ok
13:02:43.0468 1980 [ B88DA7FD10BDBB3754D98AFD39677C29 ] C:\Windows\System32\msvcr100.dll
13:02:43.0468 1980 C:\Windows\System32\msvcr100.dll - ok
13:02:43.0468 1980 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
13:02:43.0468 1980 C:\Windows\System32\actxprxy.dll - ok
13:02:43.0468 1980 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
13:02:43.0468 1980 C:\Windows\System32\wbem\wbemprox.dll - ok
13:02:43.0483 1980 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:02:43.0483 1980 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
13:02:43.0483 1980 [ 5A9C7C58D6ED2E943BF720D84A8315B2 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.AFCM.dll
13:02:43.0483 1980 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.AFCM.dll - ok
13:02:43.0483 1980 [ 167A39A44D711178004BDBA56158A006 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\RM_Client_Module.dll
13:02:43.0483 1980 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\RM_Client_Module.dll - ok
13:02:43.0483 1980 [ 530566B97C73813FFDDE8EC0C7C044EA ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\XML_RPC_DLL.dll
13:02:43.0483 1980 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\XML_RPC_DLL.dll - ok
13:02:43.0499 1980 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
13:02:43.0499 1980 C:\Windows\System32\iphlpsvc.dll - ok
13:02:43.0499 1980 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
13:02:43.0499 1980 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
13:02:43.0499 1980 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
13:02:43.0499 1980 C:\Windows\System32\sqmapi.dll - ok
13:02:43.0514 1980 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
13:02:43.0514 1980 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
13:02:43.0514 1980 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
13:02:43.0514 1980 C:\Windows\System32\NapiNSP.dll - ok
13:02:43.0514 1980 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
13:02:43.0514 1980 C:\Windows\System32\pnrpnsp.dll - ok
13:02:43.0514 1980 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
13:02:43.0514 1980 C:\Windows\System32\winrnr.dll - ok
13:02:43.0530 1980 [ 82C7DFCB81DB43A883F4C77BBC03BDFE ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
13:02:43.0530 1980 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll - ok
13:02:43.0530 1980 [ 6463816A8B0E6E6D0B6B82EC1217EB67 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
13:02:43.0530 1980 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
13:02:43.0530 1980 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
13:02:43.0530 1980 C:\Windows\System32\mscoree.dll - ok
13:02:43.0546 1980 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
13:02:43.0546 1980 C:\Windows\System32\wlanapi.dll - ok
13:02:43.0546 1980 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
13:02:43.0546 1980 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
13:02:43.0546 1980 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
13:02:43.0546 1980 C:\Windows\System32\ntshrui.dll - ok
13:02:43.0561 1980 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
13:02:43.0561 1980 C:\Windows\System32\wdscore.dll - ok
13:02:43.0561 1980 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
13:02:43.0561 1980 C:\Windows\SysWOW64\perfos.dll - ok
13:02:43.0561 1980 [ 286EA8AA169E866F6A8815E5FB6ADAAB ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
13:02:43.0561 1980 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll - ok
13:02:43.0561 1980 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
13:02:43.0561 1980 C:\Windows\System32\rasmans.dll - ok
13:02:43.0577 1980 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
13:02:43.0577 1980 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
13:02:43.0577 1980 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
13:02:43.0577 1980 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
13:02:43.0577 1980 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
13:02:43.0577 1980 C:\Windows\System32\rastapi.dll - ok
13:02:43.0592 1980 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
13:02:43.0592 1980 C:\Windows\System32\tapi32.dll - ok
13:02:43.0592 1980 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
13:02:43.0592 1980 C:\Windows\System32\hnetcfg.dll - ok
13:02:43.0592 1980 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
13:02:43.0592 1980 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
13:02:43.0592 1980 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
13:02:43.0592 1980 C:\Windows\SysWOW64\SensApi.dll - ok
13:02:43.0608 1980 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
13:02:43.0608 1980 C:\Windows\System32\nci.dll - ok
13:02:43.0608 1980 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
13:02:43.0608 1980 C:\Windows\System32\unimdm.tsp - ok
13:02:43.0608 1980 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
13:02:43.0608 1980 C:\Windows\System32\wbem\wbemcore.dll - ok
13:02:43.0624 1980 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
13:02:43.0624 1980 C:\Windows\System32\drivers\srv.sys - ok
13:02:43.0624 1980 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
13:02:43.0624 1980 C:\Windows\System32\drivers\srv2.sys - ok
13:02:43.0624 1980 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
13:02:43.0624 1980 C:\Windows\System32\uniplat.dll - ok
13:02:43.0624 1980 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
13:02:43.0624 1980 C:\Windows\System32\kmddsp.tsp - ok
13:02:43.0639 1980 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys
13:02:43.0639 1980 C:\Windows\System32\drivers\Sftredirlh.sys - ok
13:02:43.0639 1980 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
13:02:43.0639 1980 C:\Windows\System32\ndptsp.tsp - ok
13:02:43.0639 1980 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
13:02:43.0639 1980 C:\Windows\SysWOW64\fltLib.dll - ok
13:02:43.0655 1980 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
13:02:43.0655 1980 C:\Windows\System32\hidphone.tsp - ok
13:02:43.0655 1980 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
13:02:43.0655 1980 C:\Windows\System32\wbem\esscli.dll - ok
13:02:43.0655 1980 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
13:02:43.0655 1980 C:\Windows\System32\wbem\wbemsvc.dll - ok
13:02:43.0655 1980 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
13:02:43.0655 1980 C:\Windows\SysWOW64\schannel.dll - ok
13:02:43.0670 1980 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
13:02:43.0670 1980 C:\Windows\System32\rasppp.dll - ok
13:02:43.0670 1980 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
13:02:43.0670 1980 C:\Windows\System32\dssenh.dll - ok
13:02:43.0670 1980 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
13:02:43.0670 1980 C:\Windows\System32\vpnike.dll - ok
13:02:43.0670 1980 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
13:02:43.0670 1980 C:\Windows\System32\wbem\wmiutils.dll - ok
13:02:43.0686 1980 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
13:02:43.0686 1980 C:\Windows\System32\raschap.dll - ok
13:02:43.0686 1980 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
13:02:43.0686 1980 C:\Windows\System32\wbem\repdrvfs.dll - ok
13:02:43.0686 1980 [ 284DAE55DED345F240DF806D45711E0B ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dimaster.dll
13:02:43.0686 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dimaster.dll - ok
13:02:43.0702 1980 [ 499147F015E87AC2C2EBAA368F6BFE96 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
13:02:43.0702 1980 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
13:02:43.0702 1980 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
13:02:43.0702 1980 C:\Windows\SysWOW64\msxml6.dll - ok
13:02:43.0702 1980 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
13:02:43.0702 1980 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
13:02:43.0717 1980 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
13:02:43.0717 1980 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
13:02:43.0717 1980 [ 5684762CF40116976A0007EECD5A587D ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccset.dll
13:02:43.0717 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccset.dll - ok
13:02:43.0717 1980 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
13:02:43.0717 1980 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
13:02:43.0717 1980 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
13:02:43.0717 1980 C:\Windows\SysWOW64\wbemcomn.dll - ok
13:02:43.0733 1980 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
13:02:43.0733 1980 C:\Windows\SysWOW64\credui.dll - ok
13:02:43.0733 1980 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
13:02:43.0733 1980 C:\Windows\SysWOW64\oleacc.dll - ok
13:02:43.0733 1980 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
13:02:43.0733 1980 C:\Windows\SysWOW64\hlink.dll - ok
13:02:43.0748 1980 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
13:02:43.0748 1980 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
13:02:43.0748 1980 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
13:02:43.0748 1980 C:\Windows\System32\srvsvc.dll - ok
13:02:43.0748 1980 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
13:02:43.0748 1980 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
13:02:43.0764 1980 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
13:02:43.0764 1980 C:\Windows\System32\browser.dll - ok
13:02:43.0764 1980 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
13:02:43.0764 1980 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
13:02:43.0764 1980 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
13:02:43.0764 1980 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
13:02:43.0764 1980 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
13:02:43.0764 1980 C:\Windows\System32\ipnathlp.dll - ok
13:02:43.0780 1980 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
13:02:43.0780 1980 C:\Windows\SysWOW64\ntdsapi.dll - ok
13:02:43.0780 1980 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
13:02:43.0780 1980 C:\Windows\System32\mprapi.dll - ok
13:02:43.0780 1980 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
13:02:43.0780 1980 C:\Windows\System32\netshell.dll - ok
13:02:43.0795 1980 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
13:02:43.0795 1980 C:\Windows\System32\netmsg.dll - ok
13:02:43.0795 1980 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
13:02:43.0795 1980 C:\Windows\System32\clusapi.dll - ok
13:02:43.0795 1980 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
13:02:43.0795 1980 C:\Windows\System32\sscore.dll - ok
13:02:43.0795 1980 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
13:02:43.0795 1980 C:\Windows\System32\resutils.dll - ok
13:02:43.0811 1980 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
13:02:43.0811 1980 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
13:02:43.0811 1980 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
13:02:43.0811 1980 C:\Windows\System32\ncobjapi.dll - ok
13:02:43.0811 1980 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
13:02:43.0811 1980 C:\Windows\System32\wbem\wbemess.dll - ok
13:02:43.0826 1980 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
13:02:43.0826 1980 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
13:02:43.0826 1980 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
13:02:43.0826 1980 C:\Windows\System32\wbem\cimwin32.dll - ok
13:02:43.0826 1980 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
13:02:43.0826 1980 C:\Windows\System32\framedynos.dll - ok
13:02:43.0826 1980 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
13:02:43.0826 1980 C:\Windows\System32\wmi.dll - ok
13:02:43.0842 1980 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
13:02:43.0842 1980 C:\Windows\System32\npmproxy.dll - ok
13:02:43.0842 1980 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
13:02:43.0842 1980 C:\Windows\System32\SearchIndexer.exe - ok
13:02:43.0842 1980 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
13:02:43.0842 1980 C:\Windows\SysWOW64\samlib.dll - ok
13:02:43.0858 1980 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
13:02:43.0858 1980 C:\Windows\System32\tquery.dll - ok
13:02:43.0858 1980 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
13:02:43.0858 1980 C:\Windows\System32\mssrch.dll - ok
13:02:43.0858 1980 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
13:02:43.0858 1980 C:\Windows\System32\esent.dll - ok
13:02:43.0873 1980 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
13:02:43.0873 1980 C:\Windows\System32\diagperf.dll - ok
13:02:43.0873 1980 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
13:02:43.0873 1980 C:\Windows\System32\hidserv.dll - ok
13:02:43.0873 1980 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
13:02:43.0873 1980 C:\Windows\System32\msidle.dll - ok
13:02:43.0873 1980 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
13:02:43.0873 1980 C:\Windows\System32\perftrack.dll - ok
13:02:43.0889 1980 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
13:02:43.0889 1980 C:\Windows\System32\wpdbusenum.dll - ok
13:02:43.0889 1980 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
13:02:43.0889 1980 C:\Windows\System32\aelupsvc.dll - ok
13:02:43.0889 1980 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
13:02:43.0889 1980 C:\Windows\System32\IPSECSVC.DLL - ok
13:02:43.0904 1980 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
13:02:43.0904 1980 C:\Windows\System32\mssprxy.dll - ok
13:02:43.0904 1980 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
13:02:43.0904 1980 C:\Windows\System32\PortableDeviceApi.dll - ok
13:02:43.0904 1980 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
13:02:43.0904 1980 C:\Windows\System32\FwRemoteSvr.dll - ok
13:02:43.0904 1980 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
13:02:43.0904 1980 C:\Windows\System32\Apphlpdm.dll - ok
13:02:43.0920 1980 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
13:02:43.0920 1980 C:\Windows\System32\pnpts.dll - ok
13:02:43.0920 1980 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
13:02:43.0920 1980 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
13:02:43.0920 1980 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
13:02:43.0920 1980 C:\Windows\System32\wdiasqmmodule.dll - ok
13:02:43.0920 1980 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
13:02:43.0920 1980 C:\Windows\System32\wer.dll - ok
13:02:43.0936 1980 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
13:02:43.0936 1980 C:\Windows\System32\drivers\WUDFRd.sys - ok
13:02:43.0936 1980 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
13:02:43.0936 1980 C:\Windows\System32\en-US\tquery.dll.mui - ok
13:02:43.0936 1980 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
13:02:43.0936 1980 C:\Windows\System32\drivers\WUDFPf.sys - ok
13:02:43.0951 1980 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
13:02:43.0951 1980 C:\Windows\System32\WUDFSvc.dll - ok
13:02:43.0951 1980 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
13:02:43.0951 1980 C:\Windows\System32\WUDFHost.exe - ok
13:02:43.0951 1980 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
13:02:43.0951 1980 C:\Windows\System32\WUDFx.dll - ok
13:02:43.0951 1980 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
13:02:43.0951 1980 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
13:02:43.0967 1980 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
13:02:43.0967 1980 C:\Windows\System32\WMVCORE.DLL - ok
13:02:43.0967 1980 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
13:02:43.0967 1980 C:\Windows\System32\WMASF.DLL - ok
13:02:43.0967 1980 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
13:02:43.0967 1980 C:\Windows\SysWOW64\cscapi.dll - ok
13:02:43.0982 1980 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
13:02:43.0982 1980 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
13:02:43.0982 1980 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
13:02:43.0982 1980 C:\Windows\SysWOW64\FirewallAPI.dll - ok
13:02:43.0982 1980 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
13:02:43.0982 1980 C:\Windows\System32\PortableDeviceTypes.dll - ok
13:02:43.0982 1980 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
13:02:43.0982 1980 C:\Windows\SysWOW64\devenum.dll - ok
13:02:43.0998 1980 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
13:02:43.0998 1980 C:\Windows\SysWOW64\avicap32.dll - ok
13:02:43.0998 1980 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
13:02:43.0998 1980 C:\Windows\SysWOW64\msdmo.dll - ok
13:02:43.0998 1980 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
13:02:43.0998 1980 C:\Windows\SysWOW64\msvfw32.dll - ok
13:02:44.0014 1980 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
13:02:44.0014 1980 C:\Windows\SysWOW64\wdmaud.drv - ok
13:02:44.0014 1980 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
13:02:44.0014 1980 C:\Windows\SysWOW64\ksuser.dll - ok
13:02:44.0014 1980 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
13:02:44.0014 1980 C:\Windows\SysWOW64\midimap.dll - ok
13:02:44.0014 1980 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
13:02:44.0014 1980 C:\Windows\SysWOW64\msacm32.dll - ok
13:02:44.0029 1980 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
13:02:44.0029 1980 C:\Windows\SysWOW64\msacm32.drv - ok
13:02:44.0029 1980 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
13:02:44.0029 1980 C:\Windows\System32\SearchProtocolHost.exe - ok
13:02:44.0029 1980 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
13:02:44.0029 1980 C:\Windows\System32\msshooks.dll - ok
13:02:44.0045 1980 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
13:02:44.0045 1980 C:\Windows\System32\SearchFilterHost.exe - ok
13:02:44.0045 1980 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
13:02:44.0045 1980 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
13:02:44.0045 1980 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
13:02:44.0045 1980 C:\Windows\System32\mssph.dll - ok
13:02:44.0045 1980 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
13:02:44.0045 1980 C:\Windows\System32\mapi32.dll - ok
13:02:44.0060 1980 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
13:02:44.0060 1980 C:\Windows\System32\qmgr.dll - ok
13:02:44.0060 1980 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
13:02:44.0060 1980 C:\Windows\System32\bitsperf.dll - ok
13:02:44.0060 1980 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
13:02:44.0060 1980 C:\Windows\System32\bitsigd.dll - ok
13:02:44.0076 1980 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
13:02:44.0076 1980 C:\Windows\System32\upnp.dll - ok
13:02:44.0076 1980 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
13:02:44.0076 1980 C:\Windows\System32\ssdpsrv.dll - ok
13:02:44.0076 1980 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
13:02:44.0076 1980 C:\Windows\System32\qmgrprxy.dll - ok
13:02:44.0076 1980 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
13:02:44.0076 1980 C:\Windows\SysWOW64\qmgrprxy.dll - ok
13:02:44.0092 1980 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
13:02:44.0092 1980 C:\Windows\SysWOW64\shfolder.dll - ok
13:02:44.0092 1980 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
13:02:44.0092 1980 C:\Windows\System32\dllhost.exe - ok
13:02:44.0092 1980 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
13:02:44.0092 1980 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
13:02:44.0107 1980 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
13:02:44.0107 1980 C:\Windows\System32\IDStore.dll - ok
13:02:44.0107 1980 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
13:02:44.0107 1980 C:\Windows\System32\mpr.dll - ok
13:02:44.0107 1980 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
13:02:44.0107 1980 C:\Windows\System32\userinit.exe - ok
13:02:44.0123 1980 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
13:02:44.0123 1980 C:\Windows\System32\dwm.exe - ok
13:02:44.0123 1980 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
13:02:44.0123 1980 C:\Windows\System32\dwmredir.dll - ok
13:02:44.0123 1980 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
13:02:44.0123 1980 C:\Windows\System32\dwmcore.dll - ok
13:02:44.0123 1980 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
13:02:44.0123 1980 C:\Windows\explorer.exe - ok
13:02:44.0138 1980 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
13:02:44.0138 1980 C:\Windows\SysWOW64\apphelp.dll - ok
13:02:44.0138 1980 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
13:02:44.0138 1980 C:\Windows\System32\d3d10_1.dll - ok
13:02:44.0138 1980 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
13:02:44.0138 1980 C:\Windows\System32\radardt.dll - ok
13:02:44.0154 1980 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
13:02:44.0154 1980 C:\Windows\System32\d3d10_1core.dll - ok
13:02:44.0154 1980 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
13:02:44.0154 1980 C:\Windows\System32\dxgi.dll - ok
13:02:44.0154 1980 [ CB61626FB485A606662279CEC7806214 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npctray.dll
13:02:44.0154 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npctray.dll - ok
13:02:44.0170 1980 [ BA364CB84A0815C69EC4B4B993CC28A6 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npcstats.dll
13:02:44.0170 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npcstats.dll - ok
13:02:44.0170 1980 [ 1DFCB6D0C8DFE2045A851E7E78AD2C31 ] C:\Windows\System32\aticfx64.dll
13:02:44.0170 1980 C:\Windows\System32\aticfx64.dll - ok
13:02:44.0170 1980 [ 05A3E083332D3ABE33E499A6DC3E7FFB ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\isdatapr.dll
13:02:44.0170 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\isdatapr.dll - ok
13:02:44.0170 1980 [ 6BD52DA132BCFF07A111D89BD4B68C83 ] C:\Windows\System32\atidxx64.dll
13:02:44.0170 1980 C:\Windows\System32\atidxx64.dll - ok
13:02:44.0185 1980 [ 296D75D561246A120FA81C47AFA5F85C ] C:\Windows\System32\atiuxp64.dll
13:02:44.0185 1980 C:\Windows\System32\atiuxp64.dll - ok
13:02:44.0185 1980 [ 6487A19E0EA3228515394A4B1A780B17 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symhtml.dll
13:02:44.0185 1980 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symhtml.dll - ok
13:02:44.0185 1980 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
13:02:44.0185 1980 C:\Windows\System32\ExplorerFrame.dll - ok
13:02:44.0185 1980 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
13:02:44.0185 1980 C:\Windows\System32\uDWM.dll - ok
13:02:44.0201 1980 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
13:02:44.0201 1980 C:\Windows\SysWOW64\comdlg32.dll - ok
13:02:44.0201 1980 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
13:02:44.0201 1980 C:\Windows\System32\EhStorShell.dll - ok
13:02:44.0201 1980 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
13:02:44.0201 1980 C:\Windows\System32\IconCodecService.dll - ok
13:02:44.0216 1980 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
13:02:44.0216 1980 C:\Windows\System32\appinfo.dll - ok
13:02:44.0216 1980 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
13:02:44.0216 1980 C:\Windows\System32\runonce.exe - ok
13:02:44.0216 1980 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
13:02:44.0216 1980 C:\Windows\SysWOW64\runonce.exe - ok
13:02:44.0216 1980 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
13:02:44.0216 1980 C:\Windows\SysWOW64\cmd.exe - ok
13:02:44.0232 1980 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
13:02:44.0232 1980 C:\Windows\System32\taskeng.exe - ok
13:02:44.0232 1980 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
13:02:44.0232 1980 C:\Windows\System32\conhost.exe - ok
13:02:44.0232 1980 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
13:02:44.0232 1980 C:\Windows\System32\TSChannel.dll - ok
13:02:44.0248 1980 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:02:44.0248 1980 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
13:02:44.0248 1980 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
13:02:44.0248 1980 C:\Windows\SysWOW64\winbrand.dll - ok
13:02:44.0248 1980 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
13:02:44.0248 1980 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
13:02:44.0263 1980 [ 9C7983C288CA39A6790AE93DA85FA447 ] C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\mbar.exe
13:02:44.0263 1980 C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\mbar.exe - ok
13:02:44.0263 1980 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
13:02:44.0263 1980 C:\Windows\SysWOW64\imagehlp.dll - ok
13:02:44.0263 1980 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
13:02:44.0263 1980 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
13:02:44.0279 1980 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
13:02:44.0279 1980 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
13:02:44.0279 1980 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
13:02:44.0279 1980 C:\Windows\SysWOW64\mstask.dll - ok
13:02:44.0279 1980 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
13:02:44.0279 1980 C:\Windows\System32\dbghelp.dll - ok
13:02:44.0279 1980 [ 5394031EC2A00A1C862398CFE944E086 ] C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\QtGui4.dll
13:02:44.0279 1980 C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\QtGui4.dll - ok
13:02:44.0294 1980 [ 13DB2A8AAF9CE36F21DC0CCB2C88E1B3 ] C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\QtCore4.dll
13:02:44.0294 1980 C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\QtCore4.dll - ok
13:02:44.0294 1980 [ 991C91E61C6989781E94841213770D68 ] C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\msvcp100.dll
13:02:44.0294 1980 C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\msvcp100.dll - ok
13:02:44.0294 1980 [ D90DD6C64D775386DEAA169839AED619 ] C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\msvcr100.dll
13:02:44.0294 1980 C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\msvcr100.dll - ok
13:02:44.0310 1980 [ DB2A67D1C8525990187C7994B3C3C6FA ] C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\mbamcore.dll
13:02:44.0310 1980 C:\Users\Dana\Desktop\virus\mbar-1.01.0.1021\mbar\mbamcore.dll - ok
13:02:44.0310 1980 [ D3EAB9BCB2B92EFCA615781C215644C0 ] C:\Windows\SysWOW64\ieframe.dll
13:02:44.0310 1980 C:\Windows\SysWOW64\ieframe.dll - ok
13:02:44.0310 1980 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
13:02:44.0310 1980 C:\Windows\SysWOW64\shdocvw.dll - ok
13:02:44.0310 1980 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Dana\AppData\Local\Temp\ECDCF3BE-8404-403E-97F1-72A0F3FE063A.exe
13:02:44.0310 1980 C:\Users\Dana\AppData\Local\Temp\ECDCF3BE-8404-403E-97F1-72A0F3FE063A.exe - ok
13:02:44.0326 1980 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
13:02:44.0326 1980 C:\Windows\SysWOW64\ncrypt.dll - ok
13:02:44.0326 1980 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
13:02:44.0326 1980 C:\Windows\SysWOW64\bcrypt.dll - ok
13:02:44.0326 1980 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
13:02:44.0326 1980 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
13:02:44.0341 1980 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
13:02:44.0341 1980 C:\Windows\SysWOW64\gpapi.dll - ok
13:02:44.0341 1980 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
13:02:44.0341 1980 C:\Windows\SysWOW64\cryptnet.dll - ok
13:02:44.0341 1980 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
13:02:44.0341 1980 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
13:02:44.0341 1980 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
13:02:44.0341 1980 C:\Windows\SysWOW64\EhStorShell.dll - ok
13:02:44.0357 1980 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
13:02:44.0357 1980 C:\Windows\SysWOW64\ntshrui.dll - ok
13:02:44.0357 1980 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
13:02:44.0357 1980 C:\Windows\SysWOW64\imageres.dll - ok
13:02:44.0357 1980 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
13:02:44.0357 1980 C:\Windows\System32\wbem\NCProv.dll - ok
13:02:44.0372 1980 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
13:02:44.0372 1980 C:\Windows\SysWOW64\nlaapi.dll - ok
13:02:44.0372 1980 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
13:02:44.0372 1980 C:\Windows\SysWOW64\NapiNSP.dll - ok
13:02:44.0372 1980 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
13:02:44.0372 1980 C:\Windows\SysWOW64\pnrpnsp.dll - ok
13:02:44.0388 1980 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
13:02:44.0388 1980 C:\Windows\SysWOW64\winrnr.dll - ok
13:02:44.0388 1980 [ 5629E16C6C15A138F9E0FABF42E2AE78 ] C:\Windows\System32\netbios.dll
13:02:44.0388 1980 C:\Windows\System32\netbios.dll - ok
13:02:44.0388 1980 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
13:02:44.0388 1980 C:\Windows\SysWOW64\sfc.dll - ok
13:02:44.0388 1980 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
13:02:44.0388 1980 C:\Windows\SysWOW64\sfc_os.dll - ok
13:02:44.0404 1980 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
13:02:44.0404 1980 C:\Windows\System32\ie4uinit.exe - ok
13:02:44.0404 1980 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
13:02:44.0404 1980 C:\Windows\System32\iedkcs32.dll - ok
13:02:44.0404 1980 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
13:02:44.0404 1980 C:\Windows\System32\timedate.cpl - ok
13:02:44.0404 1980 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
13:02:44.0419 1980 C:\Windows\System32\shdocvw.dll - ok
13:02:44.0419 1980 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
13:02:44.0419 1980 C:\Windows\System32\linkinfo.dll - ok
13:02:44.0419 1980 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
13:02:44.0419 1980 C:\Windows\System32\msftedit.dll - ok
13:02:44.0419 1980 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
13:02:44.0419 1980 C:\Windows\System32\msls31.dll - ok
13:02:44.0435 1980 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
13:02:44.0435 1980 C:\Windows\System32\gameux.dll - ok
13:02:44.0435 1980 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
13:02:44.0435 1980 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
13:02:44.0435 1980 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
13:02:44.0435 1980 C:\Windows\System32\DeviceCenter.dll - ok
13:02:44.0450 1980 [ 7BF3F0910D5894F51E7D40A013F28584 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:02:44.0450 1980 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
13:02:44.0450 1980 [ CCA818A157A991CFD0B0D17C0C6D4ECD ] C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12SrchMn.exe
13:02:44.0450 1980 C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12SrchMn.exe - ok
13:02:44.0450 1980 [ 35D6CAAA9E4D82974A74DBDB53801F98 ] C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12brmon.exe
13:02:44.0450 1980 C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12brmon.exe - ok
13:02:44.0450 1980 [ D3EFE03300CAF0FA2215206280D31220 ] C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12brstub.dll
13:02:44.0450 1980 C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12brstub.dll - ok
13:02:44.0466 1980 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:02:44.0466 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
13:02:44.0466 1980 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
13:02:44.0466 1980 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
13:02:44.0466 1980 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
13:02:44.0466 1980 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
13:02:44.0482 1980 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
13:02:44.0482 1980 C:\Windows\System32\thumbcache.dll - ok
13:02:44.0482 1980 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
13:02:44.0482 1980 C:\Windows\System32\msiltcfg.dll - ok
13:02:44.0482 1980 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
13:02:44.0482 1980 C:\Windows\System32\msi.dll - ok
13:02:44.0497 1980 [ E4401CF27225C1D6E664E86195978562 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
13:02:44.0497 1980 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
13:02:44.0497 1980 [ C85ECCBAA179719E658FFDBF99221E1E ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
13:02:44.0497 1980 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
13:02:44.0497 1980 [ 814A169C40B55178BD8E1F79D1ADA649 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
13:02:44.0497 1980 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
13:02:44.0513 1980 [ 9DF319F1C2D4B80D8CE8214EA4899ADF ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
13:02:44.0513 1980 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
13:02:44.0513 1980 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
13:02:44.0513 1980 C:\Windows\System32\networkexplorer.dll - ok
13:02:44.0513 1980 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
13:02:44.0513 1980 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
13:02:44.0513 1980 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
13:02:44.0513 1980 C:\Windows\System32\stobject.dll - ok
13:02:44.0528 1980 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
13:02:44.0528 1980 C:\Windows\System32\batmeter.dll - ok
13:02:44.0528 1980 [ 0F261EC4F514926177C70C1832374231 ] C:\Program Files\iPod\bin\iPodService.exe
13:02:44.0528 1980 C:\Program Files\iPod\bin\iPodService.exe - ok
13:02:44.0528 1980 [ 5EF8A000C7927E87332D8CB6B7970067 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
13:02:44.0528 1980 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
13:02:44.0544 1980 [ 763E2BBEFCD523AB3B7163A5671BF5EF ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
13:02:44.0544 1980 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
13:02:44.0544 1980 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
13:02:44.0544 1980 C:\Windows\SysWOW64\sxs.dll - ok
13:02:44.0544 1980 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
13:02:44.0544 1980 C:\Windows\System32\prnfldr.dll - ok
13:02:44.0544 1980 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
13:02:44.0544 1980 C:\Windows\System32\DXP.dll - ok
13:02:44.0560 1980 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
13:02:44.0560 1980 C:\Windows\System32\Syncreg.dll - ok
13:02:44.0560 1980 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
13:02:44.0560 1980 C:\Windows\ehome\ehSSO.dll - ok
13:02:44.0560 1980 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\42962821.sys
13:02:44.0560 1980 C:\Windows\System32\drivers\42962821.sys - ok
13:02:44.0575 1980 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
13:02:44.0575 1980 C:\Windows\System32\AltTab.dll - ok
13:02:44.0575 1980 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
13:02:44.0575 1980 C:\Windows\System32\WPDShServiceObj.dll - ok
13:02:44.0575 1980 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
13:02:44.0575 1980 C:\Windows\System32\pnidui.dll - ok
13:02:44.0575 1980 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
13:02:44.0575 1980 C:\Windows\System32\QUTIL.DLL - ok
13:02:44.0591 1980 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
13:02:44.0591 1980 C:\Windows\System32\srchadmin.dll - ok
13:02:44.0591 1980 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
13:02:44.0591 1980 C:\Windows\System32\ActionCenter.dll - ok
13:02:44.0591 1980 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
13:02:44.0591 1980 C:\Windows\System32\webcheck.dll - ok
13:02:44.0606 1980 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
13:02:44.0606 1980 C:\Windows\SysWOW64\riched20.dll - ok
13:02:44.0606 1980 [ E829C45F0D77852C43BE99C4B1BD215D ] C:\Windows\System32\ieframe.dll
13:02:44.0606 1980 C:\Windows\System32\ieframe.dll - ok
13:02:44.0606 1980 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
13:02:44.0606 1980 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
13:02:44.0606 1980 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
13:02:44.0606 1980 C:\Windows\SysWOW64\duser.dll - ok
13:02:44.0622 1980 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
13:02:44.0622 1980 C:\Windows\SysWOW64\dui70.dll - ok
13:02:44.0622 1980 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
13:02:44.0622 1980 C:\Windows\System32\mlang.dll - ok
13:02:44.0622 1980 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
13:02:44.0622 1980 C:\Windows\System32\UIAnimation.dll - ok
13:02:44.0638 1980 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
13:02:44.0638 1980 C:\Windows\System32\SyncCenter.dll - ok
13:02:44.0638 1980 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
13:02:44.0638 1980 C:\Windows\System32\imapi2.dll - ok
13:02:44.0638 1980 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
13:02:44.0638 1980 C:\Windows\System32\bthprops.cpl - ok
13:02:44.0638 1980 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
13:02:44.0638 1980 C:\Windows\System32\hgcpl.dll - ok
13:02:44.0653 1980 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
13:02:44.0653 1980 C:\Windows\System32\FXSST.dll - ok
13:02:44.0653 1980 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
13:02:44.0653 1980 C:\Windows\System32\FXSAPI.dll - ok
13:02:44.0653 1980 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
13:02:44.0653 1980 C:\Windows\System32\FXSRESM.dll - ok
13:02:44.0669 1980 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
13:02:44.0669 1980 C:\Windows\System32\FXSSVC.exe - ok
13:02:44.0669 1980 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
13:02:44.0669 1980 C:\Windows\System32\rasdlg.dll - ok
13:02:44.0669 1980 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
13:02:44.0669 1980 C:\Windows\System32\dot3api.dll - ok
13:02:44.0669 1980 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
13:02:44.0669 1980 C:\Windows\System32\wlanhlp.dll - ok
13:02:44.0684 1980 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
13:02:44.0684 1980 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
13:02:44.0684 1980 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
13:02:44.0684 1980 C:\Windows\System32\WWanAPI.dll - ok
13:02:44.0684 1980 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
13:02:44.0684 1980 C:\Windows\System32\wwapi.dll - ok
13:02:44.0700 1980 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
13:02:44.0700 1980 C:\Windows\System32\QAGENT.DLL - ok
13:02:44.0700 1980 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
13:02:44.0700 1980 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
13:02:44.0700 1980 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
13:02:44.0700 1980 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
13:02:44.0700 1980 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
13:02:44.0700 1980 C:\Windows\System32\wsock32.dll - ok
13:02:44.0716 1980 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
13:02:44.0716 1980 C:\Windows\System32\wmdrmdev.dll - ok
13:02:44.0716 1980 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
13:02:44.0716 1980 C:\Windows\System32\drmv2clt.dll - ok
13:02:44.0716 1980 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
13:02:44.0716 1980 C:\Windows\System32\blackbox.dll - ok
13:02:44.0716 1980 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
13:02:44.0716 1980 C:\Windows\System32\wmp.dll - ok
13:02:44.0731 1980 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
13:02:44.0731 1980 C:\Windows\System32\wmploc.DLL - ok
13:02:44.0731 1980 [ F7220A36464885AC591C21544B47D443 ] C:\Program Files\Internet Explorer\ieproxy.dll
13:02:44.0731 1980 C:\Program Files\Internet Explorer\ieproxy.dll - ok
13:02:44.0731 1980 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
13:02:44.0731 1980 C:\Windows\System32\wmpps.dll - ok
13:02:44.0747 1980 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
13:02:44.0747 1980 C:\Windows\System32\wmpmde.dll - ok
13:02:44.0747 1980 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
13:02:44.0747 1980 C:\Windows\System32\WinSATAPI.dll - ok
13:02:44.0747 1980 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
13:02:44.0747 1980 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
13:02:44.0762 1980 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
13:02:44.0762 1980 C:\Windows\System32\MSMPEG2ENC.DLL - ok
13:02:44.0762 1980 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
13:02:44.0762 1980 C:\Windows\System32\devenum.dll - ok
13:02:44.0762 1980 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
13:02:44.0762 1980 C:\Windows\System32\msdmo.dll - ok
13:02:44.0762 1980 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
13:02:44.0762 1980 C:\Windows\System32\upnphost.dll - ok
13:02:44.0778 1980 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
13:02:44.0778 1980 C:\Windows\System32\wbem\wmiprov.dll - ok
13:02:44.0778 1980 [ 679E82F9D5BE28F5B05064A2F46CE4F2 ] C:\Windows\System32\wbem\mofd.dll
13:02:44.0778 1980 C:\Windows\System32\wbem\mofd.dll - ok
13:02:44.0778 1980 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
13:02:44.0778 1980 C:\Windows\System32\udhisapi.dll - ok
13:02:44.0794 1980 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
13:02:44.0794 1980 C:\Windows\System32\drprov.dll - ok
13:02:44.0794 1980 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
13:02:44.0794 1980 C:\Windows\System32\ntlanman.dll - ok
13:02:44.0794 1980 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
13:02:44.0794 1980 C:\Windows\System32\davclnt.dll - ok
13:02:44.0809 1980 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
13:02:44.0809 1980 C:\Windows\System32\davhlpr.dll - ok
13:02:44.0809 1980 [ FC3001B4B9DF50B61F3CCA615759EFE7 ] C:\Windows\System32\PhotoMetadataHandler.dll
13:02:44.0809 1980 C:\Windows\System32\PhotoMetadataHandler.dll - ok
13:02:44.0809 1980 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll
13:02:44.0809 1980 C:\Windows\System32\WindowsCodecsExt.dll - ok
13:02:44.0809 1980 ============================================================
13:02:44.0809 1980 Scan finished
13:02:44.0809 1980 ============================================================
13:02:44.0825 3668 Detected object count: 4
13:02:44.0825 3668 Actual detected object count: 4
13:03:02.0625 3668 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
13:03:02.0625 3668 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
13:03:02.0625 3668 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:03:02.0625 3668 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:03:02.0625 3668 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
13:03:02.0625 3668 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:03:02.0625 3668 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:03:02.0625 3668 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:03:24.0059 3844 Deinitialize success
  • 0

#12
medic

medic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.27.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Dana :: OWNER-HP [administrator]

3/27/2013 1:29:59 PM
mbar-log-2013-03-27 (13-29-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31948
Time elapsed: 10 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#13
medic

medic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
seems to now have intermittent redirects. system is also running much faster.
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello



I would like you to rerun TDSSKiller and this time when it gets to this part

\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

I want you to select Delete this time instead of skip.


Gringo
  • 0

#15
medic

medic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Done, there was only one item on the actual scan list that matched the two you listed I deleted it, here is the log: BTW if I enter "geekstogo" in the address bar of mozilla and then click on one of the results here is what I get: http://8.26.70.252/s...14710&subid=e10

Here is the log: (it would not let me post the full log) here is the end and I attached the full if you need it.

14:19:29.0719 1968 Scan finished
14:19:29.0719 1968 ============================================================
14:19:29.0735 3292 Detected object count: 3
14:19:29.0735 3292 Actual detected object count: 3
14:19:31.0279 3292 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
14:19:31.0279 3292 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
14:19:31.0279 3292 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:19:31.0279 3292 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:19:31.0295 3292 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
14:19:31.0295 3292 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:19:34.0056 3864 Deinitialize success

Attached Files


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP