Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan:DOS/Alureon.A -- desktop infected and can only partially remove


  • This topic is locked This topic is locked

#1
lady2sylvia

lady2sylvia

    Member

  • Member
  • PipPip
  • 50 posts
Hi - I need help in removing the following virus: Trojan:DOS/Alureon.A

The problem started on March 28th. The main symptom is that the computer crashes, particularly when browsing in Google Chrome.

I've run the Microsoft Malicious Malware Removal Tool numerous times (last version was dated yesterday, 4/9/2013) and have gone on to use the Bootrec.exe tool as recommended. Virus keeps popping up!

I have also run my Norton Anti-Virus full scan and then the Norton Power Eraser, but the computer continues to crash. I ran your OTL quick scan, and the two notepad pages of results are pasted below.

Thank you in advance for any help you can provide!

Heide

OTL logfile created on: 4/10/2013 1:23:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shilstone\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 2.55 Gb Available Physical Memory | 44.30% Memory free
11.50 Gb Paging File | 8.21 Gb Available in Paging File | 71.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.46 Gb Total Space | 604.59 Gb Free Space | 88.07% Space Free | Partition Type: NTFS
Drive D: | 12.08 Gb Total Space | 1.48 Gb Free Space | 12.22% Space Free | Partition Type: NTFS

Computer Name: SHILSTONE-HP | User Name: Shilstone | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/10 13:22:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shilstone\Downloads\OTL.exe
PRC - [2013/03/16 13:01:08 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/12 03:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Shilstone\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/03/07 10:30:42 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/02/16 19:23:50 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013/02/05 11:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013/01/26 07:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Shilstone\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/13 00:54:58 | 000,396,416 | ---- | M] (LG Electronics) -- C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe
PRC - [2012/06/15 22:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
PRC - [2012/06/11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/05/08 23:39:52 | 001,061,520 | R--- | M] (Carbonite, Inc.) -- C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
PRC - [2012/02/16 15:51:14 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\java.exe
PRC - [2011/03/24 03:11:25 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files (x86)\Freecorder\FLVSrvc.exe
PRC - [2010/09/14 18:09:52 | 001,213,848 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/09/09 14:38:16 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2008/11/20 13:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/05/01 07:38:00 | 000,131,072 | ---- | M] (Linksys LLC - A Division of Cisco Systems) -- C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe
PRC - [2008/04/18 05:30:42 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
PRC - [2008/04/09 00:15:12 | 000,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/04/09 00:15:10 | 000,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/16 13:01:08 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/07 10:30:45 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/02/14 04:35:45 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/10 04:52:05 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/10 04:51:36 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/10 04:51:20 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 04:51:18 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/10 04:51:09 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/10 04:51:05 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\520a80ddcdd1084993516f4d42a73e05\System.Xml.ni.dll
MOD - [2013/01/10 04:51:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/10 04:51:01 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 04:50:51 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/04/25 19:52:28 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll
MOD - [2012/04/25 19:52:26 | 007,422,352 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll
MOD - [2012/04/25 19:52:24 | 000,795,024 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll
MOD - [2012/04/25 19:52:24 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll
MOD - [2012/04/25 19:52:22 | 002,453,904 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll
MOD - [2012/04/25 19:52:22 | 002,126,224 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/04/09 18:15:54 | 000,103,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
MOD - [2008/04/09 18:15:54 | 000,038,960 | ---- | M] () -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/07/04 01:36:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/05/08 23:31:42 | 006,715,024 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2011/06/30 03:42:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/28 20:11:55 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll -- (Akamai)
SRV - [2013/03/16 13:01:09 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 10:30:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/15 22:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe -- (NIS)
SRV - [2012/06/11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 17:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2011/10/17 11:24:18 | 000,244,960 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/12 21:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/06/01 18:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/04/03 19:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/14 18:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Disabled | Stopped] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/04/18 05:30:42 | 000,204,800 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2008/04/09 00:15:12 | 000,648,504 | ---- | M] (Pure Networks, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/05 22:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 22:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/07 00:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/05/21 21:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/04/24 11:08:28 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/04/17 22:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 21:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/17 18:45:55 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011/06/30 05:33:14 | 009,371,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/30 03:00:52 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/04/21 19:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/21 12:57:22 | 001,002,848 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/03/10 11:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/06 00:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/06 00:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/12/22 05:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/09 00:14:02 | 000,031,544 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp)
DRV:64bit: - [2008/04/09 00:14:00 | 000,033,080 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis)
DRV - [2013/04/08 08:54:47 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\ex64.sys -- (NAVEX15)
DRV - [2013/04/08 08:54:47 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\eng64.sys -- (NAVENG)
DRV - [2013/04/05 16:06:50 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IDSviA64.sys -- (IDSVia64)
DRV - [2013/03/22 02:09:06 | 001,387,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20130322.001_24\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/12/22 04:10:50 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/20 21:56:47 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{11AEF2D3-E96D-406D-923E-42216A6B749E}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{1A74DAA0-6683-4F87-A388-0B4476F7408F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{991ABEEB-BBC2-4385-B1EB-B411869822F6}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{B9806C96-435B-4A5F-BEF9-EA2A1E6F3C22}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{11AEF2D3-E96D-406D-923E-42216A6B749E}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{1A74DAA0-6683-4F87-A388-0B4476F7408F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{991ABEEB-BBC2-4385-B1EB-B411869822F6}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1060933
IE - HKLM\..\SearchScopes\{B9806C96-435B-4A5F-BEF9-EA2A1E6F3C22}: "URL" = http://search.yahoo....psg&type=HPDTDF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.co...www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.genieo...30415,19432,6,0,
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6C27756E-097B-4A78-A33B-0F58FC1CE42D}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{11AEF2D3-E96D-406D-923E-42216A6B749E}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{1A74DAA0-6683-4F87-A388-0B4476F7408F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{25D8ABA0-5F45-D212-4914-794A69246E1D}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{60FD8A8D-A9FC-482D-9961-61A2C4FF0D22}: "URL" = http://search.genieo...q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{6C27756E-097B-4A78-A33B-0F58FC1CE42D}: "URL" = http://www.google.co...1I7ADRA_enUS415
IE - HKCU\..\SearchScopes\{991ABEEB-BBC2-4385-B1EB-B411869822F6}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1060933
IE - HKCU\..\SearchScopes\{B9806C96-435B-4A5F-BEF9-EA2A1E6F3C22}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2011/05/21 21:58:39 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2011/05/21 21:58:39 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\Shilstone\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\IPSFFPlgn\ [2013/04/08 12:50:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\coFFPlgn\ [2013/04/10 11:04:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2011/01/14 13:49:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/04/08 12:50:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/16 12:15:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/03/16 12:15:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shilstone\AppData\Roaming\Mozilla\Extensions
[2013/03/16 12:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/07 10:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/07 10:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/07 10:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Hulu Desktop (Enabled) = C:\Users\Shilstone\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: WOT = C:\Users\Shilstone\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.11_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\Shilstone\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Shilstone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Norton Identity Protection = C:\Users\Shilstone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.13.5_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shilstone\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shilstone\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BYR_AGENT] C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LELA] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe (Linksys LLC - A Division of Cisco Systems)
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Shilstone\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - Startup: C:\Users\Shilstone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Shilstone\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: genieo.com ([search] http in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Trusted sites)
O16:64bit: - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (Reg Error: Key error.)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.251.130 167.206.251.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22011DE0-9A44-4EC9-9C1B-702400055D3D}: DhcpNameServer = 167.206.251.130 167.206.251.129
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\pure-go - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp3.dll (Pure Networks, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1d104818-7681-11e2-8042-d485640de941}\Shell - "" = AutoRun
O33 - MountPoints2\{1d104818-7681-11e2-8042-d485640de941}\Shell\AutoRun\command - "" = F:\ToolLauncher-Bootstrap.exe
O33 - MountPoints2\{87fd9a52-d0f3-11e1-87e9-d485640de941}\Shell - "" = AutoRun
O33 - MountPoints2\{87fd9a52-d0f3-11e1-87e9-d485640de941}\Shell\AutoRun\command - "" = K:\TL_Bootstrap.exe
O33 - MountPoints2\{dd6a5c71-cef1-11e1-b85d-d485640de941}\Shell - "" = AutoRun
O33 - MountPoints2\{dd6a5c71-cef1-11e1-b85d-d485640de941}\Shell\AutoRun\command - "" = K:\TL_Bootstrap.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\TL_Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/10 10:50:18 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\Documents\gegl-0.0
[2013/04/10 10:50:18 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\.gimp-2.6
[2013/04/10 10:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/04/10 09:29:03 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{D540EAB7-D598-437E-80D0-E6173B024213}
[2013/04/09 22:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2013/04/09 21:18:57 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{C621AF04-437B-4262-BAEE-F636681D2D49}
[2013/04/09 18:53:19 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{0AC61537-8FAE-4E4D-BCC4-2E0F8331DFCF}
[2013/04/09 01:28:15 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{E75A41A3-DCC1-4CFE-97C4-DF83B6614556}
[2013/04/08 13:28:03 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{C9177140-CDC1-4B97-88A0-472E6D794F05}
[2013/04/08 07:09:48 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{9D85A60E-7FF3-4840-99B3-1C5BC831AC2B}
[2013/04/04 21:03:48 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{8A786C72-40DE-47A8-865B-1F2CBB64C8E5}
[2013/04/04 18:43:13 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\Desktop\Lease 31C
[2013/04/04 08:46:44 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{BABA95BB-4BC3-4A74-A998-2640BF1F988E}
[2013/04/04 08:40:21 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{35EBF1C4-FCBB-460A-8993-EFC9A8468EF5}
[2013/04/03 20:12:53 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{F0268412-DABD-47E2-B7B7-E1DA7653BA69}
[2013/04/03 08:06:10 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{806BCCAC-8226-40E7-8F2E-E145357194B4}
[2013/04/02 10:32:35 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{E2801205-96F4-413A-B856-24A168E3BC22}
[2013/04/01 20:45:03 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{2600EECF-6561-4B4E-93CB-75A78264EBD9}
[2013/04/01 08:23:55 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{9CD51B7D-9727-4B70-A861-2648DCDDCE91}
[2013/03/31 09:58:33 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{54254D12-9BB8-4CCC-9974-ACF2108E45CA}
[2013/03/30 11:07:19 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2013/03/30 11:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/03/30 11:06:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013/03/30 10:52:15 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{27FD89D3-9D71-4E03-8D36-98B84591C972}
[2013/03/29 10:13:08 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{EDC095F5-6078-45E9-AD2E-3993B520D2F3}
[2013/03/28 20:30:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/03/28 20:22:52 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{328ECFD4-0BDA-4417-B8A0-D6F61FC137BE}
[2013/03/28 20:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VZW Software Upgrade Assistant - LG
[2013/03/28 19:16:32 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{64E31B33-ADC8-4E19-AED5-FCB4DBCDBC11}
[2013/03/28 06:24:29 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{7E915870-B5A2-49EA-AF46-186091D51106}
[2013/03/27 18:23:41 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{37DFA237-020F-4E0B-AFE8-54B703250C5F}
[2013/03/27 06:20:02 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{A1D8F44D-93B5-4C3F-B3B9-9F69F896AA0C}
[2013/03/26 10:09:24 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{661853B6-8485-4F34-AB5C-8A3651FE7D0B}
[2013/03/25 21:26:04 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{5FDBC9B0-098B-4F83-93C6-9080E09F4D0F}
[2013/03/25 09:25:06 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{FE61820B-CE6F-4500-A2B7-59952CF180A2}
[2013/03/24 22:47:57 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\NPE
[2013/03/24 19:29:42 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{E6696D83-4042-4615-BDB6-7D9EFB17A0F2}
[2013/03/24 10:40:29 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{E944734E-AFA2-4717-9785-0BCE38AB082D}
[2013/03/23 22:40:09 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{CC81583A-DB04-4529-8FD0-F64D7CAD41A3}
[2013/03/23 09:02:14 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{21992A9E-91DA-49BE-B085-A7A3CFF4D00F}
[2013/03/22 19:18:49 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{45120332-A02A-4DA7-9C4E-6C5D88DBF500}
[2013/03/22 06:58:08 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{4E501D28-BF09-413D-89D0-9B6BEF987C23}
[2013/03/21 18:57:56 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{55CBF8D4-F561-4D77-935A-40FDC31B6F2A}
[2013/03/21 06:57:44 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{8BDD6059-4680-45D1-8637-BF3B27301918}
[2013/03/20 18:57:32 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{360BD12D-E348-42CA-9E00-1FBF51261EBC}
[2013/03/20 06:57:20 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{65A5D170-AFD1-4A25-AD6E-8A9A3DCF5EBE}
[2013/03/19 18:57:08 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{BA953D5A-EB7B-4509-AF78-700263261C44}
[2013/03/19 12:50:19 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\Desktop\Recipes
[2013/03/19 12:30:15 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\Desktop\2013 insurance quotes
[2013/03/19 10:56:10 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\Desktop\Color Code
[2013/03/19 06:56:44 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{E0133B7D-3711-43F8-987C-63B88184ADDC}
[2013/03/18 18:56:32 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{F859620F-C806-4DA9-8842-EB7A7DBD6FD2}
[2013/03/18 06:56:19 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{BD597269-645C-466C-978A-32C2284F68D0}
[2013/03/17 12:20:29 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{9FBDE494-51C8-4B7B-BB2D-ED29DCA2FC64}
[2013/03/17 00:20:15 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{1DC137D9-9104-4A5B-A9D8-094DD9AD019C}
[2013/03/16 13:01:20 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\Macromedia
[2013/03/16 12:15:24 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Roaming\Mozilla
[2013/03/16 12:15:24 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\Mozilla
[2013/03/16 12:15:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/03/16 12:15:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/03/16 12:15:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/16 09:13:21 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{E44DFA27-457D-4872-9D3A-66F28F2683D0}
[2013/03/15 10:51:11 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{37CAF8B3-D1AD-4136-BF9E-4988C858BE7E}
[2013/03/14 21:36:17 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{EF864BF8-BB98-49B7-9DB4-3CE46295FBFA}
[2013/03/14 09:36:05 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{930F83F0-5DB3-432E-B622-1A4574BDBCD3}
[2013/03/13 20:29:28 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{5D8A44FC-5553-4F9E-BAB6-A7E90EE41017}
[2013/03/13 06:48:20 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{0F50DFEC-DB9A-4B9D-B5A5-B1EDCFC53A76}
[2013/03/12 09:42:25 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{782F4531-B89C-4146-9A90-37328A4EA0B8}
[2013/03/11 21:42:00 | 000,000,000 | ---D | C] -- C:\Users\Shilstone\AppData\Local\{C53A3F0C-A501-4015-8CE1-0E02692BAE25}

========== Files - Modified Within 30 Days ==========

[2013/04/10 13:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/10 12:29:10 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/10 11:13:19 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/10 11:13:19 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/10 11:10:24 | 000,660,296 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/10 11:10:24 | 000,121,224 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/10 11:10:23 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/10 11:06:31 | 000,002,427 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013/04/10 11:06:19 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/10 11:03:59 | 000,379,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/10 11:03:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/10 11:02:59 | 334,979,071 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/10 10:59:41 | 000,000,129 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2013/04/01 15:46:53 | 001,014,582 | ---- | M] () -- C:\Users\Shilstone\Desktop\W-9.pdf
[2013/03/30 11:07:03 | 000,001,079 | ---- | M] () -- C:\Users\Shilstone\Desktop\Kaspersky Security Scan.lnk
[2013/03/28 21:13:58 | 000,001,061 | ---- | M] () -- C:\Users\Shilstone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/03/28 21:13:35 | 000,001,037 | ---- | M] () -- C:\Users\Shilstone\Desktop\Dropbox.lnk
[2013/03/28 20:30:25 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/03/21 10:12:17 | 000,650,630 | ---- | M] () -- C:\Users\Shilstone\Desktop\Cherry Hill form.pdf
[2013/03/20 19:17:46 | 000,316,764 | ---- | M] () -- C:\Users\Shilstone\Desktop\whatsnextguide-know-yourself.pdf
[2013/03/19 13:17:51 | 000,031,484 | ---- | M] () -- C:\Users\Shilstone\Desktop\Heide Crop.jpg
[2013/03/19 13:16:28 | 000,105,390 | ---- | M] () -- C:\Users\Shilstone\Desktop\Heide & Fiona.jpg
[2013/03/16 13:03:39 | 000,076,364 | ---- | M] () -- C:\Users\Shilstone\Desktop\Les Mis.png
[2013/03/16 12:15:15 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/16 12:09:56 | 000,846,880 | ---- | M] () -- C:\Users\Shilstone\Desktop\Phone Receipt.pdf
[2013/03/15 03:25:27 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForShilstone.job
[2013/03/15 03:05:15 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/15 03:05:15 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

========== Files Created - No Company Name ==========

[2013/04/10 10:59:41 | 000,000,129 | ---- | C] () -- C:\Windows\SysNative\MRT.INI
[2013/04/01 15:47:31 | 001,014,582 | ---- | C] () -- C:\Users\Shilstone\Desktop\W-9.pdf
[2013/03/30 11:07:19 | 000,001,079 | ---- | C] () -- C:\Users\Shilstone\Desktop\Kaspersky Security Scan.lnk
[2013/03/28 20:30:24 | 000,002,214 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/03/21 10:12:42 | 000,650,630 | ---- | C] () -- C:\Users\Shilstone\Desktop\Cherry Hill form.pdf
[2013/03/20 19:17:45 | 000,316,764 | ---- | C] () -- C:\Users\Shilstone\Desktop\whatsnextguide-know-yourself.pdf
[2013/03/19 13:16:28 | 000,031,484 | ---- | C] () -- C:\Users\Shilstone\Desktop\Heide Crop.jpg
[2013/03/16 13:03:39 | 000,076,364 | ---- | C] () -- C:\Users\Shilstone\Desktop\Les Mis.png
[2013/03/16 12:15:15 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/16 12:15:13 | 000,001,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/16 12:10:51 | 000,846,880 | ---- | C] () -- C:\Users\Shilstone\Desktop\Phone Receipt.pdf
[2013/03/15 03:05:15 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/15 03:05:15 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/07/18 11:47:40 | 000,002,427 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/07/04 01:34:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/07/04 01:34:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/04/23 12:32:34 | 000,773,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/18 19:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/01/14 17:09:44 | 000,033,134 | ---- | C] () -- C:\Users\Shilstone\AppData\Roaming\UserTile.png

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/02/20 12:45:58 | 000,000,000 | ---D | M] -- C:\Users\Shilstone\AppData\Roaming\Amazon
[2013/01/23 19:47:18 | 000,000,000 | ---D | M] -- C:\Users\Shilstone\AppData\Roaming\Canon
[2012/02/16 16:10:57 | 000,000,000 | ---D | M] -- C:\Users\Shilstone\AppData\Roaming\Complitly
[2013/04/10 13:23:01 | 000,000,000 | ---D | M] -- C:\Users\Shilstone\AppData\Roaming\Dropbox
[2011/01/12 15:13:10 | 000,000,000 | ---D | M] -- C:\Users\Shilstone\AppData\Roaming\PictureMover
[2012/11/26 19:46:12 | 000,000,000 | ---D | M] -- C:\Users\Shilstone\AppData\Roaming\Softland
[2011/08/09 12:38:49 | 000,000,000 | ---D | M] -- C:\Users\Shilstone\AppData\Roaming\WildTangent
[2011/01/13 16:18:50 | 000,000,000 | ---D | M] -- C:\Users\Shilstone\AppData\Roaming\WinBatch
[2011/01/13 16:25:21 | 000,000,000 | ---D | M] -- C:\Users\Shilstone\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 554 bytes -> C:\Users\Shilstone\Documents\Arbonne signature.eml:OECustomProperty

< End of report >
OTL Extras logfile created on: 4/10/2013 1:23:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shilstone\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 2.55 Gb Available Physical Memory | 44.30% Memory free
11.50 Gb Paging File | 8.21 Gb Available in Paging File | 71.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.46 Gb Total Space | 604.59 Gb Free Space | 88.07% Space Free | Partition Type: NTFS
Drive D: | 12.08 Gb Total Space | 1.48 Gb Free Space | 12.22% Space Free | Partition Type: NTFS

Computer Name: SHILSTONE-HP | User Name: Shilstone | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021A53E1-E172-4572-9370-E48E26A98376}" = rport=137 | protocol=17 | dir=out | app=system |
"{0DAC6392-73B9-41B1-8239-87C8EFF3668B}" = rport=445 | protocol=6 | dir=out | app=system |
"{125B5350-2EE7-4308-B794-BC8CBFE03303}" = lport=2869 | protocol=6 | dir=in | app=system |
"{25C10EC4-B57E-4FF0-B4AA-572A00B0771F}" = rport=138 | protocol=17 | dir=out | app=system |
"{3AB3B39B-6C9E-4B94-A779-E16B5EEFC00D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3B81F8EC-AEB2-464C-8F58-627B2889C3AE}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{3BB05B12-602E-4378-8EC2-865EFB4C5DE4}" = lport=59100 | protocol=6 | dir=in | name=akamai netsession interface |
"{4150CEE5-9786-48E2-94CD-47BFD7060FB3}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{42B7053A-954E-4B27-92BE-BA6748D99394}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DDB058A-B4B6-4A2F-88E3-3B17C1D00715}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{533C749A-9EF0-46E6-840A-99BECEA21C38}" = lport=445 | protocol=6 | dir=in | app=system |
"{544B87F1-11A8-4BB9-ACC3-A08A7FC3D3F1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{57297D91-8519-4C72-8532-73D8BBC6EEAF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{594C8681-77C8-4A11-AFE2-F1A1D3B7F841}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5B273AF5-F322-42A0-81DA-D7AAD2A2C07F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6ECA49D5-0A5B-4535-BCD4-78DE29C034E6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{709604C2-F29F-4516-B45F-B185FC4C1784}" = lport=139 | protocol=6 | dir=in | app=system |
"{72072BD1-90E2-4824-AE57-CDD040D825E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{92D732D7-62C9-4504-ACEF-9083BD735FA9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6743E80-CFBD-4F75-A0AA-E57DE8D7511B}" = lport=137 | protocol=17 | dir=in | app=system |
"{B06710FD-50D5-4826-81B8-1888D1B2CC0A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BAEF306E-8BF6-465D-B480-5F38DFEFB5D0}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BEF6FF55-0450-4676-8D27-B28675CFC870}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BF684D43-B95D-4D5D-8C6D-64C25E1C1613}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CEB43629-F176-44D8-B63C-E54B230F2629}" = lport=138 | protocol=17 | dir=in | app=system |
"{D0E95524-1340-4127-A4B1-586FDF93C3F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D3C619F3-DA86-49F0-BCEF-36040C295D82}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DFEE66F5-F0C4-4086-A42F-9A977C812048}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{E3102770-DE89-40B0-BC6F-6CB8A60F8AB3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E86F35AC-5F7E-4785-9996-3E6443A27322}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FF528218-0E70-4352-B25D-9950CA01B562}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFC32C85-75BD-487F-A652-3AE1386EA004}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0001BCBD-784D-44B5-B0E8-346C4C20AC4E}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{0D3486FB-2253-4A52-A2A0-75D98A3D68B9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1F4E4140-00D9-4B73-853B-259BB42570F8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{20D1E0D1-AFA9-44AA-898F-9A7B89C3C8B4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{3134445F-F500-46BF-8AD1-7E354AA2A1EB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3682BC11-547D-41C0-BFFC-B83061AC9D8F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{37A51407-4271-49FD-91BC-9D8A1A496395}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4238C5B3-981E-4E73-B167-D6911F2F7262}" = protocol=17 | dir=in | app=c:\users\shilstone\appdata\local\akamai\netsession_win.exe |
"{4D257B8B-40FA-449E-9CA6-82569C41C314}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4EA65F42-DA70-4F53-B9D0-103F04DC943A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5135479B-5AC8-4772-B46D-EF67D5B7F668}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{52D06B90-42F5-42CC-B270-883B68DA65C8}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{53045E3D-710C-4D16-9381-E3B6162104BD}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe |
"{54C9A62D-15A5-4849-8217-998C686502EA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{603A42A1-D3CA-4512-97D7-C93AC50A2514}" = protocol=1 | dir=in | [email protected],-28543 |
"{639687D3-D349-4D59-8BC8-4F79DC7EBA4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{640726EF-69D7-478B-939F-67DD2A627220}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6895E731-4629-48A2-A031-CEFF632C09F8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6E43ECE1-A2B9-407F-8203-837B3D606F67}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7345233C-5AEC-403D-9511-FC03AB8F734F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{7FB5CBDB-292A-4310-AAE1-0FCB0DD5BE1A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{83B6985E-AD7A-4C12-A76D-820253CBA719}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8586DDB3-FCE7-47B0-85AD-79982FB92688}" = protocol=58 | dir=out | [email protected],-28546 |
"{88B27F95-2002-4D78-A47E-5DCD83283BE5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E682E39-652D-407E-A0AD-B7018D5158ED}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{94636E36-73AF-455E-A1C6-643449680F60}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9765CAD9-677E-46DD-8708-56D1D4A193A4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{9A1BD3F0-925D-427B-9C48-1B712257B080}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{9D55FE3C-B454-46E3-925A-FE2037FDA637}" = protocol=6 | dir=in | app=c:\users\shilstone\appdata\local\akamai\netsession_win.exe |
"{A640954B-29AA-43AC-85C7-B298ED8DCA39}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{B720D01B-4324-42DE-B8F9-DE78EFE573EE}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{B8149581-0547-4D61-81DB-CBEE867E4DAA}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe |
"{BCEAB010-A681-4672-B2A0-4EE827081861}" = protocol=17 | dir=in | app=c:\users\shilstone\appdata\roaming\dropbox\bin\dropbox.exe |
"{BE7130AE-49BA-4E8D-8F83-4DAC78A8DE54}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{C0711F0F-266A-430E-A86F-BF6B9DB73F1B}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{C15EF0C3-B823-4AD0-81BF-6E2A3418A6DC}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{C3F05CE8-958D-4F8D-98FF-45AC327B77A9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{C4FC5EDA-99DE-4A10-937D-800040E04453}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe |
"{C9E3D7F7-3771-48CC-9A4E-1F8814CCB710}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CB7340FD-DF49-490F-BDDA-5D75DE2D01D2}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe |
"{D3FF507B-BAF0-45D8-A5F8-61B0A00A7C80}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D429547C-7F3E-4524-811D-EFD36F6FE657}" = protocol=6 | dir=in | app=c:\users\shilstone\appdata\roaming\dropbox\bin\dropbox.exe |
"{D747AC54-1C26-403E-903F-B9BB9595536D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E1527B72-F515-4D55-8F7D-AFE2E0935456}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{E286EE86-C4BC-426D-B161-362F746E5B04}" = protocol=1 | dir=out | [email protected],-28544 |
"{E5779317-AB27-4039-9ADB-64B42BEE6E0D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E71966FC-8CC3-4A90-8EC8-DA8E137CBD3C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7C4A91A-F912-421A-ABAB-ECC90F2B49AF}" = protocol=6 | dir=out | app=system |
"{EF7B007A-079B-46F1-8C3B-06A0B47C7F55}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{F00915B6-453E-4E5A-9A65-362995094556}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{FAC47B91-54AC-4858-A285-96758D3ACD39}" = protocol=58 | dir=in | [email protected],-28545 |
"TCP Query User{CC3BEAA1-27C7-4926-A2F6-FE0C80E7F3BF}C:\users\shilstone\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\shilstone\appdata\local\akamai\netsession_win.exe |
"UDP Query User{CF08AE32-6EA7-45EB-A06D-B4DE6E9C33F7}C:\users\shilstone\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\shilstone\appdata\local\akamai\netsession_win.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series" = Canon MX410 series MP Drivers
"{15667DA1-6D17-DD0F-66D7-4221FD246DA8}" = AMD Catalyst Install Manager
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1B7C624C-4EEE-4A1A-7CE9-CBE76DD23FF2}" = AMD Accelerated Video Transcoding
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java™ 6 Update 23 (64-bit)
"{2D445001-F852-CFF5-8056-F629A0AA2C55}" = AMD Drag and Drop Transcoding
"{2E22DBC9-030D-87B3-5E9C-51792D09A3BE}" = AMD Fuel
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FE78439-7CAA-45FE-A808-2D7A0FC98643}" = iTunes
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A1D3B4D-A746-26DD-DB3C-FA9B6CED6FDB}" = AMD Media Foundation Decoders
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7FE3214C-283E-40C6-A8D5-CB773110090C}" = Linksys EasyLink Advisor
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A89B52D3-DA3F-1CA3-BD33-D53871D60081}" = ccc-utility64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"doPDF 7 printer_is1" = doPDF 7.3 printer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054C5EBD-1803-9B06-A201-63A1A8A5C365}" = CCC Help Danish
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FB8CBBF-CFBA-B7C5-6433-4F5132783C31}" = CCC Help Portuguese
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{143412FA-840C-6158-599F-2B32D0861F80}" = Catalyst Control Center Graphics Previews Common
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20EA5B84-7055-65D9-7378-59750A15C6B5}" = CCC Help Russian
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{2680C5AE-EDC8-7A73-3D41-FCE9A2F22390}" = CCC Help German
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2CE4119A-FF7F-3EE6-42A4-EB53C6057FFE}" = Zinio Reader 4
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{32E879B3-F89C-5385-78C8-4DE7730C5FA0}" = AMD VISION Engine Control Center
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33D64034-5BC0-FF4F-6176-62ED61555CA8}" = CCC Help Thai
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3CFAAB58-35C8-84C9-1391-8D4373714AFE}" = CCC Help Spanish
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{453FDDF1-BA65-8D13-2E6F-1740190BB5C4}" = CCC Help Greek
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4728A95D-FD9B-CEE9-9609-BB01B5F82A0B}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AFC194C-FEAD-B844-92C2-D0273872ECCF}" = CCC Help Dutch
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5308F6BF-4660-926A-B611-0CBB32F44DD0}" = CCC Help Swedish
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59716973-C123-4B46-B44B-36FCD9CEB8A3}" = Print Artist Silver 22
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69425AB7-75BF-25FC-EB4F-D2EAE9D82AA5}" = CCC Help Hungarian
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B00CD97-EADD-3AFC-A844-89EB4DA73461}" = Catalyst Control Center InstallProxy
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79839E2D-82B1-6DF1-97A6-6737E4404407}" = CCC Help Japanese
"{7C2D9B2C-D78C-EC0A-2337-612FD4799750}" = CCC Help Czech
"{7D9C2CBE-5941-0250-2922-804D0A506ED0}" = CCC Help Polish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9057D097-0563-6FFB-CDC6-DB2B2C5D1014}" = CCC Help Italian
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{912CED74-88D3-4C5B-ACB0-13231864975D}" = PressReader
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-0137-0409-0000-0000000FF1CE}" = Microsoft Works 6-9 Converter
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1EED58-1790-45C4-ADBC-5D45FCA7292E}" = Pure Networks Platform
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA387C7F-7413-9C5A-DB71-70E406A8A92E}" = CCC Help French
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{B00F5097-1F34-D3EA-4FB9-8DD2FAFF66F4}" = CCC Help Finnish
"{B42129AB-E528-9CB4-7C8B-3BFE648F5CD8}" = CCC Help Norwegian
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BDDA1E1E-204E-4368-B0C2-737F16B76307}" = HP MediaSmart/TouchSmart Netflix
"{C1A27149-1897-8509-CBFC-2C96866C8AD6}" = CCC Help Korean
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE54DD68-6E24-9B72-467A-DFEE00E6E9A8}" = CCC Help Chinese Traditional
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9FDD18A-206A-9A43-AAE3-AB72EFFCD333}" = CCC Help Chinese Standard
"{ED524538-828E-1AD8-D0E1-E2E72C926EE0}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FCFE800F-8F42-1AC9-895C-10389CB90D86}" = Catalyst Control Center Localization All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"Canon MX410 series User Registration" = Canon MX410 series User Registration
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Carbonite Backup" = Carbonite
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Digital Editions" = Adobe Digital Editions
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Freecorder Toolbar" = Freecorder Toolbar
"Freecorder5.11" = Freecorder 5
"FundRaiser Basic" = FundRaiser Basic
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HTC_WModemDriver" = WModem Driver Installer
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{7FE3214C-283E-40C6-A8D5-CB773110090C}" = Linksys EasyLink Advisor
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"Kobo" = Kobo
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1
"My HP Game Console" = HP Game Console
"NIS" = Norton Internet Security
"PDF Complete" = PDF Complete Special Edition
"RealPlayer 15.0" = RealPlayer
"Speed Dial Utility" = Canon Speed Dial Utility
"StartNow Toolbar" = StartNow Toolbar
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"HuluDesktop" = Hulu Desktop

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/16/2013 10:37:34 AM | Computer Name = Shilstone-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 2/17/2013 11:46:56 AM | Computer Name = Shilstone-HP | Source = Application Error | ID = 1000
Description = Faulting application name: nmsrvc.exe, version: 10.0.8093.0, time
stamp: 0x47f3f7af Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x00038dc9 Faulting process
id: 0x8cc Faulting application start time: 0x01ce0a8e1c01ef93 Faulting application
path: C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
Faulting
module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 4142e43a-7919-11e2-8042-d485640de941

Error - 2/17/2013 7:18:56 PM | Computer Name = Shilstone-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16464,
time stamp: 0x50ec971b Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015,
time stamp: 0x50b83c8a Exception code: 0xe06d7363 Fault offset: 0x0000c41f Faulting
process id: 0x3fc Faulting application start time: 0x01ce0b97238051fa Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\syswow64\KERNELBASE.dll Report Id: 665adead-7958-11e2-8042-d485640de941

Error - 2/18/2013 10:00:27 AM | Computer Name = Shilstone-HP | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16464 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 16cc Start
Time: 01ce0ac3a67e6433 Termination Time: 178 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:

Error - 2/18/2013 11:41:18 AM | Computer Name = Shilstone-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 2/20/2013 1:10:54 PM | Computer Name = Shilstone-HP | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16464 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 344 Start
Time: 01ce0de05c8a5226 Termination Time: 938 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:

Error - 2/20/2013 1:12:23 PM | Computer Name = Shilstone-HP | Source = VSS | ID = 8193
Description =

Error - 2/20/2013 2:07:36 PM | Computer Name = Shilstone-HP | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16464 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1148 Start
Time: 01ce0f9506ef5fc0 Termination Time: 18 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:

Error - 2/21/2013 6:56:23 PM | Computer Name = Shilstone-HP | Source = Chrome | ID = 1
Description =

Error - 2/22/2013 3:54:38 PM | Computer Name = Shilstone-HP | Source = Application Error | ID = 1000
Description = Faulting application name: nmsrvc.exe, version: 10.0.8093.0, time
stamp: 0x47f3f7af Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x00038dc9 Faulting process
id: 0x814 Faulting application start time: 0x01ce1027197354b8 Faulting application
path: C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
Faulting
module path: C:\Windows\SysWOW64\ntdll.dll Report Id: afba2587-7d29-11e2-b404-d485640de941

Error - 2/22/2013 8:03:23 PM | Computer Name = Shilstone-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

[ Hewlett-Packard Events ]
Error - 7/28/2011 12:35:40 PM | Computer Name = Shilstone-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071128123537.xml
File not created by asset agent

Error - 9/22/2011 12:24:12 PM | Computer Name = Shilstone-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091122122410.xml
File not created by asset agent

Error - 12/8/2011 1:11:59 PM | Computer Name = Shilstone-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\121108121155.xml
File not created by asset agent

Error - 2/9/2012 1:15:49 PM | Computer Name = Shilstone-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\021209121547.xml
File not created by asset agent

Error - 2/16/2012 1:21:19 PM | Computer Name = Shilstone-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\021216122110.xml
File not created by asset agent

Error - 3/1/2012 1:31:22 PM | Computer Name = Shilstone-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\031201123050.xml
File not created by asset agent

Error - 3/1/2012 1:31:54 PM | Computer Name = Shilstone-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\031201123122.xml
File not created by asset agent

[ Media Center Events ]
Error - 2/23/2012 11:27:57 PM | Computer Name = Shilstone-HP | Source = MCUpdate | ID = 0
Description = 10:27:56 PM - Error connecting to the internet. 10:27:56 PM - Unable
to contact server..

Error - 2/24/2012 9:09:23 AM | Computer Name = Shilstone-HP | Source = MCUpdate | ID = 0
Description = 8:09:22 AM - Error connecting to the internet. 8:09:22 AM - Unable
to contact server..

Error - 3/6/2012 9:59:55 AM | Computer Name = Shilstone-HP | Source = MCUpdate | ID = 0
Description = 8:59:55 AM - Error connecting to the internet. 8:59:55 AM - Unable
to contact server..

Error - 3/6/2012 10:00:01 AM | Computer Name = Shilstone-HP | Source = MCUpdate | ID = 0
Description = 9:00:00 AM - Error connecting to the internet. 9:00:00 AM - Unable
to contact server..

Error - 3/6/2012 11:01:37 AM | Computer Name = Shilstone-HP | Source = MCUpdate | ID = 0
Description = 10:01:37 AM - Error connecting to the internet. 10:01:37 AM - Unable
to contact server..

Error - 3/6/2012 11:01:43 AM | Computer Name = Shilstone-HP | Source = MCUpdate | ID = 0
Description = 10:01:42 AM - Error connecting to the internet. 10:01:42 AM - Unable
to contact server..

Error - 3/8/2012 9:47:28 AM | Computer Name = Shilstone-HP | Source = MCUpdate | ID = 0
Description = 8:47:28 AM - Error connecting to the internet. 8:47:28 AM - Unable
to contact server..

Error - 3/8/2012 9:47:34 AM | Computer Name = Shilstone-HP | Source = MCUpdate | ID = 0
Description = 8:47:33 AM - Error connecting to the internet. 8:47:33 AM - Unable
to contact server..

Error - 3/23/2012 9:06:06 AM | Computer Name = Shilstone-HP | Source = MCUpdate | ID = 0
Description = 9:06:06 AM - Error connecting to the internet. 9:06:06 AM - Unable
to contact server..

Error - 3/23/2012 9:06:15 AM | Computer Name = Shilstone-HP | Source = MCUpdate | ID = 0
Description = 9:06:11 AM - Error connecting to the internet. 9:06:11 AM - Unable
to contact server..

[ System Events ]
Error - 4/10/2013 9:29:10 AM | Computer Name = Shilstone-HP | Source = Service Control Manager | ID = 7034
Description = The Pure Networks Platform Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 4/10/2013 9:39:03 AM | Computer Name = Shilstone-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:37:17 AM on ?4/?10/?2013 was unexpected.

Error - 4/10/2013 9:39:04 AM | Computer Name = SHILSTONE-HP | Source = BugCheck | ID = 1001
Description =

Error - 4/10/2013 10:54:57 AM | Computer Name = Shilstone-HP | Source = DCOM | ID = 10010
Description =

Error - 4/10/2013 10:55:35 AM | Computer Name = Shilstone-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2813170).

Error - 4/10/2013 11:03:57 AM | Computer Name = Shilstone-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:59:48 AM on ?4/?10/?2013 was unexpected.

Error - 4/10/2013 12:20:49 PM | Computer Name = Shilstone-HP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.

Error - 4/10/2013 12:20:49 PM | Computer Name = Shilstone-HP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.

Error - 4/10/2013 12:20:49 PM | Computer Name = Shilstone-HP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.

Error - 4/10/2013 12:20:49 PM | Computer Name = Shilstone-HP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume OS.


< End of report >
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello lady2sylvia

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
lady2sylvia

lady2sylvia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Results of screen317's Security Check version 0.99.62
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java™ 6 Update 31
Java™ 6 Update 3
Java version out of Date!
Adobe Flash Player 11.6.602.180
Adobe Reader 10.1.6 Adobe Reader out of Date!
Mozilla Firefox 19.0.2 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Symantec Norton Online Backup NOBuAgent.exe
Kaspersky Lab Kaspersky Security Scan 2.0 kss.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
  • 0

#4
lady2sylvia

lady2sylvia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Hi Gringo - Here are the results of the AdwCleaner:

# AdwCleaner v2.200 - Logfile created 04/10/2013 at 15:27:48
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Shilstone - SHILSTONE-HP
# Boot Mode : Normal
# Running from : C:\Users\Shilstone\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Updater Service for StartNow Toolbar

***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Complitly
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Freecorder
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecorder
Folder Deleted : C:\Users\Shilstone\AppData\Local\Conduit
Folder Deleted : C:\Users\Shilstone\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Folder Deleted : C:\Users\Shilstone\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Shilstone\AppData\LocalLow\Freecorder
Folder Deleted : C:\Users\Shilstone\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Shilstone\AppData\Roaming\Complitly
Folder Deleted : C:\Users\Shilstone\Documents\Freecorder

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecorder
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E92257F-3F0A-451D-B231-6E2DB60CDC71}
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Deleted : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freecorder
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9E92257F-3F0A-451D-B231-6E2DB60CDC71}
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9E92257F-3F0A-451D-B231-6E2DB60CDC71}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C6D69DF-0667-44C1-AF6D-55FA90E7BFC6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E716815E-2CB4-42C0-A45F-0E2B16B9E51A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Shilstone\AppData\Roaming\Mozilla\Firefox\Profiles\f3bgryeo.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Shilstone\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [8832 octets] - [10/04/2013 15:27:48]

########## EOF - C:\AdwCleaner[S1].txt - [8892 octets] ##########
  • 0

#5
lady2sylvia

lady2sylvia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Okay, here is the report from the RogueKiller for 64bit:

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Shilstone [Admin rights]
Mode : Remove -- Date : 04/10/2013 15:43:27
| ARK || FAK || MBR |

¤¤¤ Bad processes : 3 ¤¤¤
[SVCHOST] svchost.exe -- C:\Windows\\svchost.exe [x] -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\Windows\SysWOW64\svchost.exe [x] -> KILLED [TermProc]
[SUSP PATH] VZWNotiAgent.exe -- C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\Run : BYR_AGENT (C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe) [7] -> DELETED
[TASK][SUSP PATH] {5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} : "C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe" /silent $(Arg0) [x] -> DELETED
[TASK][SUSP PATH] {FF1C36C9-5B22-42F6-805D-8473231E4104} : msiexec.exe /package "C:\Users\Shilstone\Desktop\Works632_en-US.msi" [x] -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST375052 8AS SATA Disk Device +++++
--- User ---
[MBR] d7c45ad9413a45994ecb761bb8f6f76c
[BSP] 1df4db8c575b4acfbb4c174350adbb0a : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 702934 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1439815680 | Size: 12368 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 57a8e9182b12cffa853d4f377b6b56bb
[BSP] c31d898660056a290c41cb1ebc63a6f1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 264071168 | Size: 300 Mo

Finished : << RKreport[2]_D_04102013_02d1543.txt >>
RKreport[1]_S_04102013_02d1541.txt ; RKreport[2]_D_04102013_02d1543.txt
  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello lady2sylvia

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#7
lady2sylvia

lady2sylvia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Hi Gringo - Thanks so much for all your help. The ComboFix ran slowly, but didn't cause the computer to restart. I haven't had any crashes since we started the repair process. (I don't know if it's relevant, but I had uninstalled Google Chrome this morning since it seemed to be somehow connected to the crashes.)

Here's the report:

ComboFix 13-04-10.02 - Shilstone 04/10/2013 16:27:47.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.3873 [GMT -4:00]
Running from: c:\users\Shilstone\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\StartNow Toolbar
c:\program files (x86)\StartNow Toolbar\ReactivateIE.exe
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_images.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_news.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_web.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_games.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files (x86)\StartNow Toolbar\Resources\installer.xml
c:\program files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_background.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\separator.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\splitter.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files (x86)\StartNow Toolbar\Resources\toolbar.xml
c:\program files (x86)\StartNow Toolbar\Resources\update.xml
c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe
c:\program files (x86)\StartNow Toolbar\Toolbar32.dll
c:\program files (x86)\StartNow Toolbar\ToolbarBroker.exe
c:\program files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
c:\program files (x86)\StartNow Toolbar\uninstall.dat
c:\windows\svchost.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-03-10 to 2013-04-10 )))))))))))))))))))))))))))))))
.
.
2013-04-10 20:43 . 2013-04-10 20:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-10 14:55 . 2013-02-21 10:14 19230208 ----a-w- c:\windows\system32\mshtml.dll
2013-04-10 14:50 . 2013-04-10 14:52 -------- d-----w- c:\users\Shilstone\.gimp-2.6
2013-04-10 13:31 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 13:31 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 13:31 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 02:59 . 2013-04-10 02:59 -------- d-----w- c:\programdata\Recovery
2013-03-30 15:06 . 2013-03-30 15:06 -------- d-----w- c:\programdata\Kaspersky Lab
2013-03-30 15:06 . 2013-03-30 15:06 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2013-03-25 02:47 . 2013-03-25 03:09 -------- d-----w- c:\users\Shilstone\AppData\Local\NPE
2013-03-16 17:01 . 2013-03-16 17:01 -------- d-----w- c:\users\Shilstone\AppData\Local\Macromedia
2013-03-16 16:15 . 2013-03-16 16:15 -------- d-----w- c:\users\Shilstone\AppData\Local\Mozilla
2013-03-16 16:15 . 2013-03-16 16:15 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-03-15 07:03 . 2013-03-15 07:03 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-14 07:03 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-01 23:58 . 2011-01-24 15:05 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-16 17:01 . 2012-06-07 11:22 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-16 17:01 . 2011-12-15 13:53 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 05:45 . 2013-03-13 13:54 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 13:54 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 13:54 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 13:54 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 13:54 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 13:54 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2012-05-09 03:39 1011344 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2012-05-09 03:39 1011344 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2012-05-09 03:39 1011344 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Shilstone\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-18 39408]
"KSS"="c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" [2012-04-25 202296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"LELA"="c:\program files (x86)\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" [2008-05-01 131072]
"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-04-09 648504]
"Carbonite Backup"="c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe" [2012-05-09 1061520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-09-14 1213848]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2010-09-09 452016]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-18 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe" [2013-03-13 706776]
.
c:\users\Shilstone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Shilstone\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 LinksysUpdater;Linksys Updater;c:\program files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-04-18 204800]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-13 1255736]
R4 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-06-13 400368]
R4 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R4 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [2012-01-17 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [2012-05-22 1129120]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20130322.001_24\BHDrvx64.sys [2013-03-22 1387608]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [2012-06-07 167072]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IDSvia64.sys [2013-04-05 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [2012-04-18 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [2012-04-18 405624]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-30 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-04 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 KSS;Kaspersky Security Scan Service;c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-04-25 202296]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [2012-06-16 138272]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-21 1002848]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-21 471144]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-07 17:01]
.
2013-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-14 17:49]
.
2013-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-14 17:49]
.
2013-03-15 c:\windows\Tasks\HPCeeScheduleForShilstone.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2012-05-09 03:31 1280144 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2012-05-09 03:31 1280144 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2012-05-09 03:31 1280144 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2782096]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.genieo.com/?v=w3i17W_20&wtag=W3i_IA,206,0_01,StartPage,20130415,19432,6,0,
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: genieo.com\search
TCP: DhcpNameServer = 167.206.251.130 167.206.251.129
FF - ProfilePath - c:\users\Shilstone\AppData\Roaming\Mozilla\Firefox\Profiles\f3bgryeo.default\
FF - ExtSQL: 2013-03-14 16:32; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\IPSFFPlgn
FF - ExtSQL: 2013-03-15 03:28; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\coFFPlgn
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-Freecorder FLV Service - c:\program files (x86)\Freecorder\FLVSrvc.exe
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre6\bin\jusched.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Freecorder5.11 - c:\program files (x86)\Freecorder\uninstall.exe
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3041406407-4141571542-4186460459-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3041406407-4141571542-4186460459-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-10 17:04:28
ComboFix-quarantined-files.txt 2013-04-10 21:04
.
Pre-Run: 649,112,084,480 bytes free
Post-Run: 649,918,820,352 bytes free
.
- - End Of File - - ED6A7C70DBB0AA156AC2B65806E40F39
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello lady2sylvia

Chrome may have been affected but this is the main problem - c:\windows\svchost.exe


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

#9
lady2sylvia

lady2sylvia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Ok, the report from TDSSKiller is broken down in to 3 documents. Here's the first page:

17:21:30.0386 5960 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:21:30.0754 5960 ============================================================
17:21:30.0754 5960 Current date / time: 2013/04/10 17:21:30.0754
17:21:30.0754 5960 SystemInfo:
17:21:30.0754 5960
17:21:30.0754 5960 OS Version: 6.1.7601 ServicePack: 1.0
17:21:30.0754 5960 Product type: Workstation
17:21:30.0755 5960 ComputerName: SHILSTONE-HP
17:21:30.0755 5960 UserName: Shilstone
17:21:30.0755 5960 Windows directory: C:\Windows
17:21:30.0755 5960 System windows directory: C:\Windows
17:21:30.0755 5960 Running under WOW64
17:21:30.0755 5960 Processor architecture: Intel x64
17:21:30.0755 5960 Number of processors: 4
17:21:30.0755 5960 Page size: 0x1000
17:21:30.0755 5960 Boot type: Normal boot
17:21:30.0755 5960 ============================================================
17:21:32.0432 5960 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:21:32.0453 5960 ============================================================
17:21:32.0453 5960 \Device\Harddisk0\DR0:
17:21:32.0453 5960 MBR partitions:
17:21:32.0453 5960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:21:32.0453 5960 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55CEB000
17:21:32.0453 5960 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55D1D800, BlocksNum 0x1828000
17:21:32.0453 5960 ============================================================
17:21:32.0480 5960 C: <-> \Device\Harddisk0\DR0\Partition2
17:21:32.0514 5960 D: <-> \Device\Harddisk0\DR0\Partition3
17:21:32.0514 5960 ============================================================
17:21:32.0514 5960 Initialize success
17:21:32.0514 5960 ============================================================
17:22:05.0274 6124 Deinitialize success
  • 0

#10
lady2sylvia

lady2sylvia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Page 2:

17:26:35.0882 6820 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:26:36.0544 6820 ============================================================
17:26:36.0544 6820 Current date / time: 2013/04/10 17:26:36.0544
17:26:36.0544 6820 SystemInfo:
17:26:36.0544 6820
17:26:36.0544 6820 OS Version: 6.1.7601 ServicePack: 1.0
17:26:36.0544 6820 Product type: Workstation
17:26:36.0545 6820 ComputerName: SHILSTONE-HP
17:26:36.0545 6820 UserName: Shilstone
17:26:36.0545 6820 Windows directory: C:\Windows
17:26:36.0545 6820 System windows directory: C:\Windows
17:26:36.0545 6820 Running under WOW64
17:26:36.0545 6820 Processor architecture: Intel x64
17:26:36.0545 6820 Number of processors: 4
17:26:36.0545 6820 Page size: 0x1000
17:26:36.0545 6820 Boot type: Normal boot
17:26:36.0545 6820 ============================================================
17:26:40.0284 6820 BG loaded
17:26:40.0898 6820 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:26:40.0923 6820 ============================================================
17:26:40.0923 6820 \Device\Harddisk0\DR0:
17:26:40.0924 6820 MBR partitions:
17:26:40.0924 6820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:26:40.0924 6820 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55CEB000
17:26:40.0924 6820 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55D1D800, BlocksNum 0x1828000
17:26:40.0924 6820 ============================================================
17:26:41.0020 6820 C: <-> \Device\Harddisk0\DR0\Partition2
17:26:41.0061 6820 D: <-> \Device\Harddisk0\DR0\Partition3
17:26:41.0061 6820 ============================================================
17:26:41.0061 6820 Initialize success
17:26:41.0061 6820 ============================================================
17:26:59.0020 4404 ============================================================
17:26:59.0020 4404 Scan started
17:26:59.0020 4404 Mode: Manual; SigCheck; TDLFS;
17:26:59.0020 4404 ============================================================
17:27:01.0942 4404 ================ Scan system memory ========================
17:27:01.0942 4404 System memory - ok
17:27:01.0943 4404 ================ Scan services =============================
17:27:02.0054 4404 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:27:02.0220 4404 1394ohci - ok
17:27:02.0253 4404 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:27:02.0285 4404 ACPI - ok
17:27:02.0300 4404 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:27:02.0397 4404 AcpiPmi - ok
17:27:02.0477 4404 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:27:02.0510 4404 AdobeARMservice - ok
17:27:02.0622 4404 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:27:02.0650 4404 AdobeFlashPlayerUpdateSvc - ok
17:27:02.0694 4404 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:27:02.0743 4404 adp94xx - ok
17:27:02.0776 4404 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:27:02.0799 4404 adpahci - ok
17:27:02.0819 4404 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:27:02.0839 4404 adpu320 - ok
17:27:02.0865 4404 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:27:03.0026 4404 AeLookupSvc - ok
17:27:03.0086 4404 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:27:03.0193 4404 AFD - ok
17:27:03.0233 4404 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:27:03.0271 4404 agp440 - ok
17:27:03.0454 4404 [ C7074BD8D4B8F564859ED373433030AE ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll
17:27:03.0455 4404 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE
17:27:03.0463 4404 Akamai ( HiddenFile.Multi.Generic ) - warning
17:27:03.0463 4404 Akamai - detected HiddenFile.Multi.Generic (1)
17:27:03.0480 4404 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:27:03.0554 4404 ALG - ok
17:27:03.0595 4404 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:27:03.0627 4404 aliide - ok
17:27:03.0661 4404 [ 2FDCB3E855076CE97CCB58E2CF8F2A09 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:27:03.0770 4404 AMD External Events Utility - ok
17:27:03.0845 4404 AMD FUEL Service - ok
17:27:03.0876 4404 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:27:03.0921 4404 amdide - ok
17:27:03.0958 4404 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
17:27:03.0992 4404 amdiox64 - ok
17:27:04.0025 4404 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:27:04.0121 4404 AmdK8 - ok
17:27:04.0410 4404 [ 9920704BF815A5B42DA5264F013AAEB7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:27:04.0555 4404 amdkmdag - ok
17:27:04.0581 4404 [ 0D1055A47A8F5DC1CAA2701831293EBB ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:27:04.0612 4404 amdkmdap - ok
17:27:04.0637 4404 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:27:04.0688 4404 AmdPPM - ok
17:27:04.0715 4404 [ F747497A0EE5498F79B207F215B3D2D8 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:27:04.0740 4404 amdsata - ok
17:27:04.0780 4404 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:27:04.0809 4404 amdsbs - ok
17:27:04.0832 4404 [ 2946D695E158615BAAA16248E63C7ADB ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:27:04.0854 4404 amdxata - ok
17:27:04.0883 4404 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:27:04.0897 4404 AODDriver4.1 - ok
17:27:04.0935 4404 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:27:05.0178 4404 AppID - ok
17:27:05.0230 4404 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:27:05.0326 4404 AppIDSvc - ok
17:27:05.0457 4404 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:27:05.0564 4404 Appinfo - ok
17:27:05.0639 4404 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:27:05.0670 4404 Apple Mobile Device - ok
17:27:05.0702 4404 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:27:05.0717 4404 arc - ok
17:27:05.0743 4404 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:27:05.0757 4404 arcsas - ok
17:27:05.0970 4404 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:27:06.0055 4404 aspnet_state - ok
17:27:06.0077 4404 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:27:06.0164 4404 AsyncMac - ok
17:27:06.0196 4404 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:27:06.0229 4404 atapi - ok
17:27:06.0280 4404 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:27:06.0294 4404 AtiPcie - ok
17:27:06.0342 4404 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:27:06.0439 4404 AudioEndpointBuilder - ok
17:27:06.0448 4404 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:27:06.0481 4404 AudioSrv - ok
17:27:06.0513 4404 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:27:06.0627 4404 AxInstSV - ok
17:27:06.0651 4404 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:27:06.0720 4404 b06bdrv - ok
17:27:06.0742 4404 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:27:06.0784 4404 b57nd60a - ok
17:27:06.0867 4404 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
17:27:06.0902 4404 BBSvc - ok
17:27:06.0936 4404 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
17:27:06.0963 4404 BBUpdate - ok
17:27:07.0010 4404 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:27:07.0082 4404 BDESVC - ok
17:27:07.0142 4404 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:27:07.0220 4404 Beep - ok
17:27:07.0281 4404 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:27:07.0346 4404 BFE - ok
17:27:07.0715 4404 [ E92A3DA47BED7CC65D264235617ED46E ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20130322.001_24\BHDrvx64.sys
17:27:07.0745 4404 BHDrvx64 - ok
17:27:07.0793 4404 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
17:27:07.0899 4404 BITS - ok
17:27:07.0940 4404 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:27:07.0967 4404 blbdrive - ok
17:27:08.0001 4404 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:27:08.0017 4404 Bonjour Service - ok
17:27:08.0060 4404 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:27:08.0137 4404 bowser - ok
17:27:08.0157 4404 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:27:08.0236 4404 BrFiltLo - ok
17:27:08.0254 4404 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:27:08.0286 4404 BrFiltUp - ok
17:27:08.0319 4404 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:27:08.0380 4404 BridgeMP - ok
17:27:08.0424 4404 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:27:08.0475 4404 Browser - ok
17:27:08.0496 4404 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:27:08.0553 4404 Brserid - ok
17:27:08.0566 4404 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:27:08.0628 4404 BrSerWdm - ok
17:27:08.0657 4404 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:27:08.0694 4404 BrUsbMdm - ok
17:27:08.0731 4404 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:27:08.0761 4404 BrUsbSer - ok
17:27:08.0775 4404 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:27:08.0812 4404 BTHMODEM - ok
17:27:08.0845 4404 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:27:08.0939 4404 bthserv - ok
17:27:09.0470 4404 [ 4D1B31AA1CD11122E9ABCA04708A1B1C ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
17:27:09.0559 4404 CarboniteService - ok
17:27:09.0587 4404 catchme - ok
17:27:09.0660 4404 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys
17:27:09.0692 4404 ccSet_NIS - ok
17:27:09.0725 4404 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:27:09.0774 4404 cdfs - ok
17:27:09.0807 4404 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:27:09.0819 4404 cdrom - ok
17:27:09.0852 4404 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:27:09.0903 4404 CertPropSvc - ok
17:27:09.0963 4404 [ EA3333DB9AB03106EEC0D6D9D487ED01 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
17:27:10.0018 4404 CinemaNow Service - ok
17:27:10.0044 4404 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:27:10.0071 4404 circlass - ok
17:27:10.0114 4404 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:27:10.0147 4404 CLFS - ok
17:27:10.0205 4404 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:27:10.0273 4404 clr_optimization_v2.0.50727_32 - ok
17:27:10.0321 4404 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:27:10.0355 4404 clr_optimization_v2.0.50727_64 - ok
17:27:10.0427 4404 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:27:10.0591 4404 clr_optimization_v4.0.30319_32 - ok
17:27:10.0604 4404 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:27:10.0643 4404 clr_optimization_v4.0.30319_64 - ok
17:27:10.0682 4404 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:27:10.0720 4404 CmBatt - ok
17:27:10.0748 4404 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:27:10.0765 4404 cmdide - ok
17:27:10.0799 4404 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
17:27:10.0836 4404 CNG - ok
17:27:10.0855 4404 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:27:10.0872 4404 Compbatt - ok
17:27:10.0886 4404 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:27:10.0922 4404 CompositeBus - ok
17:27:10.0928 4404 COMSysApp - ok
17:27:10.0946 4404 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:27:10.0963 4404 crcdisk - ok
17:27:10.0996 4404 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:27:11.0062 4404 CryptSvc - ok
17:27:11.0108 4404 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:27:11.0186 4404 DcomLaunch - ok
17:27:11.0213 4404 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:27:11.0265 4404 defragsvc - ok
17:27:11.0302 4404 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:27:11.0336 4404 DfsC - ok
17:27:11.0360 4404 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:27:11.0417 4404 Dhcp - ok
17:27:11.0422 4404 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:27:11.0463 4404 discache - ok
17:27:11.0481 4404 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:27:11.0492 4404 Disk - ok
17:27:11.0534 4404 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:27:11.0626 4404 Dnscache - ok
17:27:11.0678 4404 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:27:11.0789 4404 dot3svc - ok
17:27:11.0856 4404 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:27:11.0939 4404 DPS - ok
17:27:11.0965 4404 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:27:12.0013 4404 drmkaud - ok
17:27:12.0120 4404 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:27:12.0157 4404 DXGKrnl - ok
17:27:12.0213 4404 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:27:12.0298 4404 EapHost - ok
17:27:12.0448 4404 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:27:12.0622 4404 ebdrv - ok
17:27:12.0665 4404 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:27:12.0696 4404 eeCtrl - ok
17:27:12.0732 4404 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:27:12.0817 4404 EFS - ok
17:27:12.0971 4404 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:27:13.0105 4404 ehRecvr - ok
17:27:13.0131 4404 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:27:13.0215 4404 ehSched - ok
17:27:13.0271 4404 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:27:13.0307 4404 elxstor - ok
17:27:13.0333 4404 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:27:13.0385 4404 ErrDev - ok
17:27:13.0437 4404 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:27:13.0496 4404 EventSystem - ok
17:27:13.0511 4404 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:27:13.0541 4404 exfat - ok
17:27:13.0549 4404 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:27:13.0594 4404 fastfat - ok
17:27:13.0641 4404 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:27:13.0724 4404 Fax - ok
17:27:13.0744 4404 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:27:13.0800 4404 fdc - ok
17:27:13.0827 4404 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:27:13.0868 4404 fdPHost - ok
17:27:13.0880 4404 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:27:13.0934 4404 FDResPub - ok
17:27:13.0952 4404 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:27:13.0973 4404 FileInfo - ok
17:27:13.0987 4404 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:27:14.0057 4404 Filetrace - ok
17:27:14.0085 4404 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:27:14.0098 4404 flpydisk - ok
17:27:14.0111 4404 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:27:14.0127 4404 FltMgr - ok
17:27:14.0263 4404 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
17:27:14.0328 4404 FontCache - ok
17:27:14.0375 4404 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:27:14.0416 4404 FontCache3.0.0.0 - ok
17:27:14.0433 4404 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:27:14.0462 4404 FsDepends - ok
17:27:14.0506 4404 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:27:14.0544 4404 fssfltr - ok
17:27:14.0775 4404 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:27:14.0879 4404 fsssvc - ok
17:27:14.0922 4404 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:27:14.0932 4404 Fs_Rec - ok
17:27:14.0972 4404 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:27:15.0010 4404 fvevol - ok
17:27:15.0025 4404 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:27:15.0043 4404 gagp30kx - ok
17:27:15.0091 4404 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
17:27:15.0139 4404 GameConsoleService - ok
17:27:15.0194 4404 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:27:15.0218 4404 GEARAspiWDM - ok
17:27:15.0267 4404 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:27:15.0379 4404 gpsvc - ok
17:27:15.0431 4404 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:27:15.0454 4404 gupdate - ok
17:27:15.0470 4404 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:27:15.0484 4404 gupdatem - ok
17:27:15.0523 4404 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:27:15.0562 4404 gusvc - ok
17:27:15.0586 4404 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:27:15.0675 4404 hcw85cir - ok
17:27:15.0721 4404 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:27:15.0764 4404 HdAudAddService - ok
17:27:15.0792 4404 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:27:15.0835 4404 HDAudBus - ok
17:27:15.0860 4404 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:27:15.0922 4404 HidBatt - ok
17:27:15.0963 4404 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:27:16.0003 4404 HidBth - ok
17:27:16.0031 4404 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:27:16.0059 4404 HidIr - ok
17:27:16.0088 4404 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:27:16.0182 4404 hidserv - ok
17:27:16.0225 4404 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:27:16.0250 4404 HidUsb - ok
17:27:16.0299 4404 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:27:16.0398 4404 hkmsvc - ok
17:27:16.0454 4404 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:27:16.0508 4404 HomeGroupListener - ok
17:27:16.0568 4404 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:27:16.0624 4404 HomeGroupProvider - ok
17:27:16.0707 4404 [ BE78357FB49759B79CCC01894BCFDDDB ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:27:16.0761 4404 HP Health Check Service - ok
17:27:16.0799 4404 [ 2DFB151FD34DF104DAC0ADF070EDA83C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:27:16.0827 4404 HPDrvMntSvc.exe - ok
17:27:16.0871 4404 [ 184C500CB9F69585F3FE85E1D2667CD8 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:27:16.0908 4404 hpqwmiex - ok
17:27:16.0957 4404 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:27:16.0999 4404 HpSAMD - ok
17:27:17.0062 4404 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:27:17.0133 4404 HTTP - ok
17:27:17.0185 4404 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:27:17.0210 4404 hwpolicy - ok
17:27:17.0237 4404 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:27:17.0256 4404 i8042prt - ok
17:27:17.0286 4404 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:27:17.0321 4404 iaStorV - ok
17:27:17.0453 4404 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:27:17.0534 4404 idsvc - ok
17:27:17.0726 4404 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IDSvia64.sys
17:27:17.0764 4404 IDSVia64 - ok
17:27:17.0792 4404 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:27:17.0809 4404 iirsp - ok
17:27:17.0918 4404 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:27:17.0989 4404 IKEEXT - ok
17:27:18.0104 4404 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:27:18.0157 4404 IntcAzAudAddService - ok
17:27:18.0183 4404 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:27:18.0193 4404 intelide - ok
17:27:18.0228 4404 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:27:18.0286 4404 intelppm - ok
17:27:18.0325 4404 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:27:18.0390 4404 IPBusEnum - ok
17:27:18.0444 4404 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:27:18.0557 4404 IpFilterDriver - ok
17:27:18.0653 4404 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:27:18.0746 4404 iphlpsvc - ok
17:27:18.0775 4404 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:27:18.0812 4404 IPMIDRV - ok
17:27:18.0832 4404 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:27:18.0894 4404 IPNAT - ok
17:27:18.0952 4404 [ 44886233135241F3990724082EB104EE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:27:18.0993 4404 iPod Service - ok
17:27:19.0010 4404 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:27:19.0096 4404 IRENUM - ok
17:27:19.0124 4404 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:27:19.0148 4404 isapnp - ok
17:27:19.0179 4404 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:27:19.0210 4404 iScsiPrt - ok
17:27:19.0227 4404 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:27:19.0243 4404 kbdclass - ok
17:27:19.0287 4404 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:27:19.0303 4404 kbdhid - ok
17:27:19.0325 4404 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:27:19.0341 4404 KeyIso - ok
17:27:19.0386 4404 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:27:19.0437 4404 KSecDD - ok
17:27:19.0463 4404 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:27:19.0506 4404 KSecPkg - ok
17:27:19.0582 4404 [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
17:27:19.0618 4404 KSS - ok
17:27:19.0660 4404 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:27:19.0738 4404 ksthunk - ok
17:27:19.0787 4404 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:27:19.0878 4404 KtmRm - ok
17:27:19.0934 4404 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:27:20.0038 4404 LanmanServer - ok
17:27:20.0080 4404 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:27:20.0171 4404 LanmanWorkstation - ok
17:27:20.0244 4404 [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:27:20.0295 4404 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
17:27:20.0295 4404 LightScribeService - detected UnsignedFile.Multi.Generic (1)
17:27:20.0370 4404 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
17:27:20.0409 4404 LinksysUpdater ( UnsignedFile.Multi.Generic ) - warning
17:27:20.0409 4404 LinksysUpdater - detected UnsignedFile.Multi.Generic (1)
17:27:20.0453 4404 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:27:20.0534 4404 lltdio - ok
17:27:20.0620 4404 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:27:20.0715 4404 lltdsvc - ok
17:27:20.0726 4404 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:27:20.0754 4404 lmhosts - ok
17:27:20.0813 4404 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:27:20.0848 4404 LSI_FC - ok
17:27:20.0872 4404 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:27:20.0886 4404 LSI_SAS - ok
17:27:20.0901 4404 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:27:20.0915 4404 LSI_SAS2 - ok
17:27:20.0929 4404 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:27:20.0943 4404 LSI_SCSI - ok
17:27:20.0968 4404 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:27:21.0027 4404 luafv - ok
17:27:21.0097 4404 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
17:27:21.0150 4404 McComponentHostService - ok
17:27:21.0178 4404 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:27:21.0202 4404 Mcx2Svc - ok
17:27:21.0219 4404 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:27:21.0241 4404 megasas - ok
17:27:21.0261 4404 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:27:21.0278 4404 MegaSR - ok
17:27:21.0295 4404 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:27:21.0324 4404 MMCSS - ok
17:27:21.0335 4404 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:27:21.0408 4404 Modem - ok
17:27:21.0444 4404 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:27:21.0491 4404 monitor - ok
17:27:21.0521 4404 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:27:21.0546 4404 mouclass - ok
17:27:21.0556 4404 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:27:21.0592 4404 mouhid - ok
17:27:21.0644 4404 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:27:21.0661 4404 mountmgr - ok
17:27:21.0722 4404 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:27:21.0770 4404 MozillaMaintenance - ok
17:27:21.0822 4404 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:27:21.0872 4404 mpio - ok
17:27:21.0884 4404 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:27:21.0915 4404 mpsdrv - ok
17:27:22.0103 4404 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:27:22.0175 4404 MpsSvc - ok
17:27:22.0187 4404 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:27:22.0220 4404 MRxDAV - ok
17:27:22.0271 4404 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:27:22.0359 4404 mrxsmb - ok
17:27:22.0402 4404 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:27:22.0438 4404 mrxsmb10 - ok
17:27:22.0474 4404 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:27:22.0487 4404 mrxsmb20 - ok
17:27:22.0545 4404 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:27:22.0586 4404 msahci - ok
17:27:22.0628 4404 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:27:22.0675 4404 msdsm - ok
17:27:22.0691 4404 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:27:22.0736 4404 MSDTC - ok
17:27:22.0766 4404 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:27:22.0802 4404 Msfs - ok
17:27:22.0817 4404 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:27:22.0908 4404 mshidkmdf - ok
17:27:22.0970 4404 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:27:23.0024 4404 msisadrv - ok
17:27:23.0059 4404 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:27:23.0160 4404 MSiSCSI - ok
17:27:23.0163 4404 msiserver - ok
17:27:23.0185 4404 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:27:23.0232 4404 MSKSSRV - ok
17:27:23.0261 4404 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:27:23.0338 4404 MSPCLOCK - ok
17:27:23.0355 4404 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:27:23.0428 4404 MSPQM - ok
17:27:23.0457 4404 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:27:23.0519 4404 MsRPC - ok
17:27:23.0539 4404 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:27:23.0551 4404 mssmbios - ok
17:27:23.0591 4404 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:27:23.0682 4404 MSTEE - ok
17:27:23.0717 4404 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:27:23.0735 4404 MTConfig - ok
17:27:23.0746 4404 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:27:23.0759 4404 Mup - ok
17:27:23.0777 4404 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:27:23.0826 4404 napagent - ok
17:27:23.0867 4404 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:27:23.0904 4404 NativeWifiP - ok
17:27:24.0036 4404 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\ENG64.SYS
17:27:24.0067 4404 NAVENG - ok
17:27:24.0128 4404 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\EX64.SYS
17:27:24.0168 4404 NAVEX15 - ok
17:27:24.0234 4404 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:27:24.0282 4404 NDIS - ok
17:27:24.0300 4404 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:27:24.0336 4404 NdisCap - ok
17:27:24.0348 4404 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:27:24.0376 4404 NdisTapi - ok
17:27:24.0410 4404 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:27:24.0477 4404 Ndisuio - ok
17:27:24.0514 4404 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:27:24.0588 4404 NdisWan - ok
17:27:24.0631 4404 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:27:24.0750 4404 NDProxy - ok
17:27:24.0777 4404 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:27:24.0828 4404 NetBIOS - ok
17:27:24.0896 4404 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:27:24.0988 4404 NetBT - ok
17:27:25.0011 4404 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:27:25.0021 4404 Netlogon - ok
17:27:25.0049 4404 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:27:25.0097 4404 Netman - ok
17:27:25.0138 4404 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:27:25.0180 4404 NetMsmqActivator - ok
17:27:25.0189 4404 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:27:25.0209 4404 NetPipeActivator - ok
17:27:25.0315 4404 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:27:25.0409 4404 netprofm - ok
17:27:25.0489 4404 [ 1982B291DF9833FB3ADC397EBD310A18 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
17:27:25.0525 4404 netr28x - ok
17:27:25.0537 4404 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:27:25.0546 4404 NetTcpActivator - ok
17:27:25.0549 4404 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:27:25.0558 4404 NetTcpPortSharing - ok
17:27:25.0586 4404 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:27:25.0616 4404 nfrd960 - ok
17:27:25.0767 4404 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
17:27:25.0797 4404 NIS - ok
17:27:25.0835 4404 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:27:25.0863 4404 NlaSvc - ok
17:27:25.0927 4404 [ 82C5A813E8EA7E94DC1AFA24CD803B80 ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
17:27:25.0959 4404 nmservice - ok
17:27:26.0387 4404 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:27:26.0442 4404 NOBU - ok
17:27:26.0458 4404 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:27:26.0487 4404 Npfs - ok
17:27:26.0504 4404 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:27:26.0580 4404 nsi - ok
17:27:26.0611 4404 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:27:26.0663 4404 nsiproxy - ok
17:27:26.0923 4404 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:27:27.0080 4404 Ntfs - ok
17:27:27.0108 4404 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:27:27.0198 4404 Null - ok
17:27:27.0361 4404 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:27:27.0419 4404 nvraid - ok
17:27:27.0505 4404 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:27:27.0548 4404 nvstor - ok
17:27:27.0603 4404 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:27:27.0649 4404 nv_agp - ok
17:27:27.0824 4404 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:27:27.0862 4404 odserv - ok
17:27:27.0895 4404 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:27:27.0949 4404 ohci1394 - ok
17:27:27.0984 4404 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:27:28.0023 4404 ose - ok
17:27:28.0078 4404 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:27:28.0165 4404 p2pimsvc - ok
17:27:28.0185 4404 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:27:28.0207 4404 p2psvc - ok
17:27:28.0245 4404 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:27:28.0269 4404 Parport - ok
17:27:28.0301 4404 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:27:28.0332 4404 partmgr - ok
17:27:28.0351 4404 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:27:28.0408 4404 PcaSvc - ok
17:27:28.0436 4404 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:27:28.0461 4404 pci - ok
17:27:28.0506 4404 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:27:28.0533 4404 pciide - ok
17:27:28.0569 4404 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:27:28.0590 4404 pcmcia - ok
17:27:28.0606 4404 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:27:28.0617 4404 pcw - ok
17:27:28.0636 4404 pdfcDispatcher - ok
17:27:28.0672 4404 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:27:28.0737 4404 PEAUTH - ok
17:27:28.0793 4404 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:27:28.0857 4404 PerfHost - ok
17:27:29.0116 4404 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:27:29.0203 4404 pla - ok
17:27:29.0279 4404 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:27:29.0385 4404 PlugPlay - ok
17:27:29.0446 4404 [ 328B99E25901D314FDFB31F18A7E302E ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
17:27:29.0468 4404 pnarp - ok
17:27:29.0488 4404 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:27:29.0555 4404 PNRPAutoReg - ok
17:27:29.0584 4404 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:27:29.0615 4404 PNRPsvc - ok
17:27:29.0701 4404 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:27:29.0782 4404 PolicyAgent - ok
17:27:29.0810 4404 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:27:29.0860 4404 Power - ok
17:27:29.0888 4404 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:27:29.0916 4404 PptpMiniport - ok
17:27:29.0933 4404 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:27:29.0960 4404 Processor - ok
17:27:29.0997 4404 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:27:30.0079 4404 ProfSvc - ok
17:27:30.0097 4404 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:27:30.0110 4404 ProtectedStorage - ok
17:27:30.0129 4404 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:27:30.0179 4404 Psched - ok
17:27:30.0197 4404 [ E33AE01D03EBE68CD6A934BF52702BFD ] purendis C:\Windows\system32\DRIVERS\purendis.sys
17:27:30.0205 4404 purendis - ok
17:27:30.0255 4404 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:27:30.0301 4404 ql2300 - ok
17:27:30.0312 4404 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:27:30.0325 4404 ql40xx - ok
17:27:30.0349 4404 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:27:30.0439 4404 QWAVE - ok
17:27:30.0468 4404 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:27:30.0515 4404 QWAVEdrv - ok
17:27:30.0543 4404 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:27:30.0582 4404 RasAcd - ok
17:27:30.0598 4404 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:27:30.0626 4404 RasAgileVpn - ok
17:27:30.0637 4404 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:27:30.0669 4404 RasAuto - ok
17:27:30.0678 4404 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:27:30.0721 4404 Rasl2tp - ok
17:27:30.0753 4404 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:27:30.0813 4404 RasMan - ok
17:27:30.0827 4404 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:27:30.0874 4404 RasPppoe - ok
17:27:30.0899 4404 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:27:30.0927 4404 RasSstp - ok
17:27:30.0963 4404 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:27:31.0022 4404 rdbss - ok
17:27:31.0037 4404 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:27:31.0056 4404 rdpbus - ok
17:27:31.0065 4404 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:27:31.0093 4404 RDPCDD - ok
17:27:31.0117 4404 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:27:31.0189 4404 RDPENCDD - ok
17:27:31.0203 4404 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:27:31.0232 4404 RDPREFMP - ok
17:27:31.0275 4404 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:27:31.0342 4404 RdpVideoMiniport - ok
17:27:31.0391 4404 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:27:31.0499 4404 RDPWD - ok
17:27:31.0530 4404 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:27:31.0590 4404 rdyboost - ok
17:27:31.0612 4404 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:27:31.0660 4404 RemoteAccess - ok
17:27:31.0670 4404 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:27:31.0734 4404 RemoteRegistry - ok
17:27:31.0755 4404 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:27:31.0802 4404 RpcEptMapper - ok
17:27:31.0836 4404 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:27:31.0944 4404 RpcLocator - ok
17:27:32.0037 4404 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
17:27:32.0096 4404 RpcSs - ok
17:27:32.0157 4404 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:27:32.0237 4404 rspndr - ok
17:27:32.0289 4404 [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:27:32.0318 4404 RTL8167 - ok
17:27:32.0336 4404 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:27:32.0349 4404 SamSs - ok
17:27:32.0403 4404 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:27:32.0447 4404 sbp2port - ok
17:27:32.0518 4404 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:27:32.0609 4404 SCardSvr - ok
17:27:32.0636 4404 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:27:32.0713 4404 scfilter - ok
17:27:32.0923 4404 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:27:33.0003 4404 Schedule - ok
17:27:33.0020 4404 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:27:33.0048 4404 SCPolicySvc - ok
17:27:33.0103 4404 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:27:33.0220 4404 SDRSVC - ok
17:27:33.0240 4404 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:27:33.0293 4404 secdrv - ok
17:27:33.0314 4404 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:27:33.0342 4404 seclogon - ok
17:27:33.0365 4404 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:27:33.0394 4404 SENS - ok
17:27:33.0408 4404 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:27:33.0477 4404 SensrSvc - ok
17:27:33.0515 4404 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:27:33.0564 4404 Serenum - ok
17:27:33.0588 4404 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:27:33.0643 4404 Serial - ok
17:27:33.0672 4404 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:27:33.0717 4404 sermouse - ok
17:27:33.0769 4404 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:27:33.0857 4404 SessionEnv - ok
17:27:33.0914 4404 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:27:34.0009 4404 sffdisk - ok
17:27:34.0025 4404 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:27:34.0038 4404 sffp_mmc - ok
17:27:34.0045 4404 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:27:34.0076 4404 sffp_sd - ok
17:27:34.0105 4404 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:27:34.0148 4404 sfloppy - ok
17:27:34.0232 4404 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:27:34.0312 4404 SharedAccess - ok
17:27:34.0388 4404 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:27:34.0465 4404 ShellHWDetection - ok
17:27:34.0517 4404 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:27:34.0549 4404 SiSRaid2 - ok
17:27:34.0585 4404 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:27:34.0649 4404 SiSRaid4 - ok
17:27:34.0670 4404 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:27:34.0707 4404 Smb - ok
17:27:34.0764 4404 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:27:34.0820 4404 SNMPTRAP - ok
17:27:34.0847 4404 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:27:34.0888 4404 spldr - ok
17:27:34.0977 4404 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:27:35.0083 4404 Spooler - ok
17:27:35.0469 4404 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:27:35.0597 4404 sppsvc - ok
17:27:35.0639 4404 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:27:35.0744 4404 sppuinotify - ok
17:27:36.0009 4404 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS
17:27:36.0046 4404 SRTSP - ok
17:27:36.0062 4404 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS
17:27:36.0083 4404 SRTSPX - ok
17:27:36.0208 4404 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:27:36.0284 4404 srv - ok
17:27:36.0405 4404 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:27:36.0458 4404 srv2 - ok
17:27:36.0483 4404 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:27:36.0511 4404 srvnet - ok
17:27:36.0561 4404 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:27:36.0643 4404 SSDPSRV - ok
17:27:36.0685 4404 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:27:36.0740 4404 SstpSvc - ok
17:27:36.0767 4404 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:27:36.0810 4404 stexstor - ok
17:27:36.0861 4404 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:27:36.0914 4404 stisvc - ok
17:27:36.0925 4404 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:27:36.0935 4404 swenum - ok
17:27:36.0982 4404 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:27:37.0099 4404 swprv - ok
17:27:37.0208 4404 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS
17:27:37.0261 4404 SymDS - ok
17:27:37.0295 4404 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS
17:27:37.0340 4404 SymEFA - ok
17:27:37.0370 4404 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:27:37.0380 4404 SymEvent - ok
17:27:37.0404 4404 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS
17:27:37.0458 4404 SymIRON - ok
17:27:37.0514 4404 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS
17:27:37.0555 4404 SymNetS - ok
17:27:37.0743 4404 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:27:37.0853 4404 SysMain - ok
17:27:37.0866 4404 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:27:37.0886 4404 TabletInputService - ok
17:27:37.0899 4404 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:27:37.0946 4404 TapiSrv - ok
17:27:38.0000 4404 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:27:38.0061 4404 TBS - ok
17:27:38.0370 4404 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:27:38.0450 4404 Tcpip - ok
17:27:38.0683 4404 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:27:38.0732 4404 TCPIP6 - ok
17:27:38.0787 4404 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:27:38.0815 4404 tcpipreg - ok
17:27:38.0856 4404 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:27:38.0943 4404 TDPIPE - ok
17:27:38.0975 4404 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:27:39.0030 4404 TDTCP - ok
17:27:39.0055 4404 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:27:39.0096 4404 tdx - ok
17:27:39.0150 4404 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:27:39.0180 4404 TermDD - ok
17:27:39.0380 4404 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:27:39.0457 4404 TermService - ok
17:27:39.0489 4404 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:27:39.0559 4404 Themes - ok
17:27:39.0601 4404 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:27:39.0654 4404 THREADORDER - ok
17:27:39.0685 4404 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:27:39.0770 4404 TrkWks - ok
17:27:39.0853 4404 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:27:39.0942 4404 TrustedInstaller - ok
17:27:40.0000 4404 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:27:40.0094 4404 tssecsrv - ok
17:27:40.0116 4404 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:27:40.0169 4404 TsUsbFlt - ok
17:27:40.0218 4404 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:27:40.0319 4404 tunnel - ok
17:27:40.0370 4404 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:27:40.0423 4404 uagp35 - ok
17:27:40.0446 4404 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:27:40.0542 4404 udfs - ok
17:27:40.0564 4404 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:27:40.0580 4404 UI0Detect - ok
17:27:40.0612 4404 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:27:40.0654 4404 uliagpkx - ok
17:27:40.0681 4404 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:27:40.0716 4404 umbus - ok
17:27:40.0742 4404 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:27:40.0791 4404 UmPass - ok
17:27:40.0833 4404 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:27:40.0922 4404 upnphost - ok
17:27:40.0939 4404 usbbus - ok
17:27:40.0971 4404 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:27:41.0039 4404 usbccgp - ok
17:27:41.0061 4404 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:27:41.0092 4404 usbcir - ok
17:27:41.0096 4404 UsbDiag - ok
17:27:41.0116 4404 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:27:41.0126 4404 usbehci - ok
17:27:41.0156 4404 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
17:27:41.0178 4404 usbfilter - ok
17:27:41.0214 4404 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:27:41.0251 4404 usbhub - ok
17:27:41.0256 4404 USBModem - ok
17:27:41.0281 4404 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:27:41.0313 4404 usbohci - ok
17:27:41.0336 4404 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:27:41.0389 4404 usbprint - ok
17:27:41.0444 4404 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:27:41.0493 4404 usbscan - ok
17:27:41.0540 4404 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:27:41.0601 4404 USBSTOR - ok
17:27:41.0620 4404 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:27:41.0672 4404 usbuhci - ok
17:27:41.0688 4404 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:27:41.0737 4404 UxSms - ok
17:27:41.0753 4404 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:27:41.0763 4404 VaultSvc - ok
17:27:41.0822 4404 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:27:41.0866 4404 vdrvroot - ok
17:27:41.0944 4404 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:27:42.0049 4404 vds - ok
17:27:42.0058 4404 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:27:42.0071 4404 vga - ok
17:27:42.0114 4404 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:27:42.0195 4404 VgaSave - ok
17:27:42.0215 4404 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:27:42.0231 4404 vhdmp - ok
17:27:42.0249 4404 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:27:42.0299 4404 viaide - ok
17:27:42.0333 4404 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:27:42.0361 4404 volmgr - ok
17:27:42.0382 4404 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:27:42.0400 4404 volmgrx - ok
17:27:42.0421 4404 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:27:42.0454 4404 volsnap - ok
17:27:42.0486 4404 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:27:42.0502 4404 vsmraid - ok
17:27:42.0674 4404 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:27:42.0804 4404 VSS - ok
17:27:42.0840 4404 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:27:42.0900 4404 vwifibus - ok
17:27:42.0921 4404 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:27:42.0963 4404 vwififlt - ok
17:27:42.0987 4404 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:27:43.0022 4404 vwifimp - ok
17:27:43.0079 4404 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:27:43.0165 4404 W32Time - ok
17:27:43.0184 4404 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:27:43.0226 4404 WacomPen - ok
17:27:43.0288 4404 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:27:43.0378 4404 WANARP - ok
17:27:43.0408 4404 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:27:43.0460 4404 Wanarpv6 - ok
17:27:43.0525 4404 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:27:43.0581 4404 WatAdminSvc - ok
17:27:43.0769 4404 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:27:43.0886 4404 wbengine - ok
17:27:43.0923 4404 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:27:43.0982 4404 WbioSrvc - ok
17:27:44.0060 4404 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:27:44.0132 4404 wcncsvc - ok
17:27:44.0157 4404 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:27:44.0241 4404 WcsPlugInService - ok
17:27:44.0268 4404 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:27:44.0285 4404 Wd - ok
17:27:44.0334 4404 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:27:44.0370 4404 Wdf01000 - ok
17:27:44.0382 4404 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:27:44.0481 4404 WdiServiceHost - ok
17:27:44.0502 4404 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:27:44.0521 4404 WdiSystemHost - ok
17:27:44.0531 4404 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:27:44.0573 4404 WebClient - ok
17:27:44.0607 4404 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:27:44.0698 4404 Wecsvc - ok
17:27:44.0725 4404 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:27:44.0771 4404 wercplsupport - ok
17:27:44.0784 4404 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:27:44.0822 4404 WerSvc - ok
17:27:44.0852 4404 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:27:44.0903 4404 WfpLwf - ok
17:27:44.0921 4404 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:27:44.0931 4404 WIMMount - ok
17:27:44.0933 4404 WinDefend - ok
17:27:44.0948 4404 WinHttpAutoProxySvc - ok
17:27:44.0982 4404 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:27:45.0012 4404 Winmgmt - ok
17:27:45.0292 4404 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:27:45.0425 4404 WinRM - ok
17:27:45.0480 4404 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:27:45.0532 4404 WinUsb - ok
17:27:45.0623 4404 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:27:45.0685 4404 Wlansvc - ok
17:27:45.0773 4404 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:27:45.0818 4404 wlcrasvc - ok
17:27:45.0961 4404 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:27:46.0019 4404 wlidsvc - ok
17:27:46.0034 4404 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:27:46.0044 4404 WmiAcpi - ok
17:27:46.0062 4404 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:27:46.0109 4404 wmiApSrv - ok
17:27:46.0143 4404 WMPNetworkSvc - ok
17:27:46.0168 4404 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:27:46.0228 4404 WPCSvc - ok
17:27:46.0260 4404 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:27:46.0280 4404 WPDBusEnum - ok
17:27:46.0322 4404 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:27:46.0397 4404 ws2ifsl - ok
17:27:46.0424 4404 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:27:46.0471 4404 wscsvc - ok
17:27:46.0475 4404 WSearch - ok
17:27:46.0695 4404 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:27:46.0749 4404 wuauserv - ok
17:27:46.0783 4404 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:27:46.0856 4404 WudfPf - ok
17:27:46.0896 4404 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:27:46.0930 4404 WUDFRd - ok
17:27:46.0986 4404 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:27:47.0058 4404 wudfsvc - ok
17:27:47.0097 4404 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:27:47.0155 4404 WwanSvc - ok
17:27:47.0182 4404 ================ Scan global ===============================
17:27:47.0202 4404 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:27:47.0249 4404 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:27:47.0271 4404 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:27:47.0315 4404 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:27:47.0397 4404 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:27:47.0405 4404 [Global] - ok
17:27:47.0406 4404 ================ Scan MBR ==================================
17:27:47.0412 4404 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:27:47.0413 4404 Suspicious mbr (Forged): \Device\Harddisk0\DR0
17:27:47.0487 4404 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
17:27:47.0488 4404 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
17:27:47.0937 4404 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:27:47.0937 4404 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:27:47.0937 4404 ================ Scan VBR ==================================
17:27:47.0940 4404 [ 70245AAA6CEE0298E0501027E931249B ] \Device\Harddisk0\DR0\Partition1
17:27:47.0941 4404 \Device\Harddisk0\DR0\Partition1 - ok
17:27:47.0964 4404 [ 06388D94B2E6F9E16511E58704D83B81 ] \Device\Harddisk0\DR0\Partition2
17:27:47.0977 4404 \Device\Harddisk0\DR0\Partition2 - ok
17:27:47.0999 4404 [ 247D8EF94C7E836A871BD3D824626763 ] \Device\Harddisk0\DR0\Partition3
17:27:48.0049 4404 \Device\Harddisk0\DR0\Partition3 - ok
17:27:48.0050 4404 ================ Scan active images ========================
17:27:48.0052 4404 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
17:27:48.0052 4404 C:\Windows\System32\drivers\crashdmp.sys - ok
17:27:48.0056 4404 [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
17:27:48.0056 4404 C:\Windows\System32\drivers\Diskdump.sys - ok
17:27:48.0061 4404 [ F747497A0EE5498F79B207F215B3D2D8 ] C:\Windows\System32\drivers\amdsata.sys
17:27:48.0061 4404 C:\Windows\System32\drivers\amdsata.sys - ok
17:27:48.0066 4404 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
17:27:48.0066 4404 C:\Windows\System32\drivers\dumpfve.sys - ok
17:27:48.0071 4404 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
17:27:48.0071 4404 C:\Windows\System32\drivers\cdrom.sys - ok
17:27:48.0075 4404 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys
17:27:48.0075 4404 C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys - ok
17:27:48.0078 4404 [ 891793E00432FA055CF040605C260E49 ] C:\Windows\System32\drivers\NISx64\1309010.00E\srtsp64.sys
17:27:48.0078 4404 C:\Windows\System32\drivers\NISx64\1309010.00E\srtsp64.sys - ok
17:27:48.0082 4404 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys
17:27:48.0082 4404 C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys - ok
17:27:48.0086 4404 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys
17:27:48.0086 4404 C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys - ok
17:27:48.0090 4404 [ 898BB48C797483420DF523B2BBC1ECDB ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS
17:27:48.0090 4404 C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok
17:27:48.0094 4404 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\ex64.sys
17:27:48.0094 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\ex64.sys - ok
17:27:48.0098 4404 [ 88A2F45CE66B904285978D6BB13AFEB2 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\eng64.sys
17:27:48.0098 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\eng64.sys - ok
17:27:48.0102 4404 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
17:27:48.0102 4404 C:\Windows\System32\drivers\null.sys - ok
17:27:48.0106 4404 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
17:27:48.0106 4404 C:\Windows\System32\drivers\beep.sys - ok
17:27:48.0110 4404 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
17:27:48.0110 4404 C:\Windows\System32\drivers\watchdog.sys - ok
17:27:48.0113 4404 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
17:27:48.0113 4404 C:\Windows\System32\drivers\videoprt.sys - ok
17:27:48.0117 4404 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
17:27:48.0117 4404 C:\Windows\System32\drivers\vga.sys - ok
17:27:48.0121 4404 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
17:27:48.0121 4404 C:\Windows\System32\drivers\RDPCDD.sys - ok
17:27:48.0125 4404 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
17:27:48.0125 4404 C:\Windows\System32\drivers\RDPENCDD.sys - ok
17:27:48.0128 4404 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
17:27:48.0128 4404 C:\Windows\System32\drivers\RDPREFMP.sys - ok
17:27:48.0132 4404 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
17:27:48.0132 4404 C:\Windows\System32\drivers\msfs.sys - ok
17:27:48.0136 4404 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
17:27:48.0136 4404 C:\Windows\System32\drivers\npfs.sys - ok
17:27:48.0139 4404 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
17:27:48.0139 4404 C:\Windows\System32\drivers\tdi.sys - ok
17:27:48.0143 4404 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
17:27:48.0143 4404 C:\Windows\System32\drivers\tdx.sys - ok
17:27:48.0146 4404 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
17:27:48.0146 4404 C:\Windows\System32\drivers\afd.sys - ok
17:27:48.0150 4404 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
17:27:48.0150 4404 C:\Windows\System32\drivers\netbt.sys - ok
17:27:48.0154 4404 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
17:27:48.0154 4404 C:\Windows\System32\drivers\ws2ifsl.sys - ok
17:27:48.0157 4404 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
17:27:48.0157 4404 C:\Windows\System32\drivers\wfplwf.sys - ok
17:27:48.0161 4404 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
17:27:48.0161 4404 C:\Windows\System32\drivers\pacer.sys - ok
17:27:48.0164 4404 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
17:27:48.0164 4404 C:\Windows\System32\drivers\vwififlt.sys - ok
17:27:48.0168 4404 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
17:27:48.0168 4404 C:\Windows\System32\drivers\netbios.sys - ok
17:27:48.0172 4404 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
17:27:48.0172 4404 C:\Windows\System32\drivers\wanarp.sys - ok
17:27:48.0175 4404 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
17:27:48.0175 4404 C:\Windows\System32\drivers\termdd.sys - ok
17:27:48.0179 4404 [ 3911BD0E68C010E5438A87706ABBE9AB ] C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys
17:27:48.0179 4404 C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys - ok
17:27:48.0182 4404 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
17:27:48.0183 4404 C:\Windows\System32\drivers\rdbss.sys - ok
17:27:48.0186 4404 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
17:27:48.0186 4404 C:\Windows\System32\drivers\nsiproxy.sys - ok
17:27:48.0190 4404 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
17:27:48.0190 4404 C:\Windows\System32\drivers\mssmbios.sys - ok
17:27:48.0193 4404 [ A48928D4CCA6F8B731989DB08CF2C0AB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IDSviA64.sys
17:27:48.0193 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IDSviA64.sys - ok
17:27:48.0197 4404 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:27:48.0197 4404 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok
17:27:48.0201 4404 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
17:27:48.0201 4404 C:\Windows\System32\drivers\discache.sys - ok
17:27:48.0205 4404 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
17:27:48.0205 4404 C:\Windows\System32\drivers\dfsc.sys - ok
17:27:48.0208 4404 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
17:27:48.0208 4404 C:\Windows\System32\drivers\blbdrive.sys - ok
17:27:48.0212 4404 [ E92A3DA47BED7CC65D264235617ED46E ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20130322.001_24\BHDrvx64.sys
17:27:48.0212 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20130322.001_24\BHDrvx64.sys - ok
17:27:48.0216 4404 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
17:27:48.0216 4404 C:\Windows\System32\drivers\tunnel.sys - ok
17:27:48.0219 4404 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
17:27:48.0219 4404 C:\Windows\System32\drivers\amdppm.sys - ok
17:27:48.0223 4404 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
17:27:48.0223 4404 C:\Windows\System32\smss.exe - ok
17:27:48.0226 4404 [ 0D1055A47A8F5DC1CAA2701831293EBB ] C:\Windows\System32\drivers\atikmpag.sys
17:27:48.0226 4404 C:\Windows\System32\drivers\atikmpag.sys - ok
17:27:48.0230 4404 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
17:27:48.0230 4404 C:\Windows\System32\ntdll.dll - ok
17:27:48.0233 4404 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
17:27:48.0233 4404 C:\Windows\System32\autochk.exe - ok
17:27:48.0237 4404 [ 753C0848AE7872A3F59663078A517293 ] C:\Windows\System32\wininet.dll
17:27:48.0237 4404 C:\Windows\System32\wininet.dll - ok
17:27:48.0241 4404 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
17:27:48.0241 4404 C:\Windows\System32\lpk.dll - ok
17:27:48.0244 4404 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
17:27:48.0244 4404 C:\Windows\System32\advapi32.dll - ok
17:27:48.0248 4404 [ 9920704BF815A5B42DA5264F013AAEB7 ] C:\Windows\System32\drivers\atikmdag.sys
17:27:48.0248 4404 C:\Windows\System32\drivers\atikmdag.sys - ok
17:27:48.0252 4404 [ 29812E9971077BE3F8B9DC225CF9D454 ] C:\Windows\System32\urlmon.dll
17:27:48.0252 4404 C:\Windows\System32\urlmon.dll - ok
17:27:48.0255 4404 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
17:27:48.0255 4404 C:\Windows\System32\kernel32.dll - ok
17:27:48.0258 4404 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
17:27:48.0258 4404 C:\Windows\System32\difxapi.dll - ok
17:27:48.0262 4404 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
17:27:48.0262 4404 C:\Windows\System32\nsi.dll - ok
17:27:48.0265 4404 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
17:27:48.0265 4404 C:\Windows\System32\psapi.dll - ok
17:27:48.0269 4404 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
17:27:48.0269 4404 C:\Windows\System32\imm32.dll - ok
17:27:48.0272 4404 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
17:27:48.0272 4404 C:\Windows\System32\shell32.dll - ok
17:27:48.0276 4404 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
17:27:48.0276 4404 C:\Windows\System32\drivers\dxgkrnl.sys - ok
17:27:48.0279 4404 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
17:27:48.0279 4404 C:\Windows\System32\drivers\dxgmms1.sys - ok
17:27:48.0283 4404 [ 1982B291DF9833FB3ADC397EBD310A18 ] C:\Windows\System32\drivers\netr28x.sys
17:27:48.0283 4404 C:\Windows\System32\drivers\netr28x.sys - ok
17:27:48.0287 4404 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
17:27:48.0287 4404 C:\Windows\System32\drivers\vwifibus.sys - ok
17:27:48.0289 4404 [ F4C374B1C46DE294B573BB43723AC3F6 ] C:\Windows\System32\drivers\Rt64win7.sys
17:27:48.0289 4404 C:\Windows\System32\drivers\Rt64win7.sys - ok
17:27:48.0292 4404 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
17:27:48.0292 4404 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
17:27:48.0296 4404 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
17:27:48.0296 4404 C:\Windows\System32\drivers\usbohci.sys - ok
17:27:48.0301 4404 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
17:27:48.0301 4404 C:\Windows\System32\drivers\usbport.sys - ok
17:27:48.0303 4404 [ 2C780746DC44A28FE67004DC58173F05 ] C:\Windows\System32\drivers\usbfilter.sys
17:27:48.0303 4404 C:\Windows\System32\drivers\usbfilter.sys - ok
17:27:48.0307 4404 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
17:27:48.0307 4404 C:\Windows\System32\Wldap32.dll - ok
17:27:48.0311 4404 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
17:27:48.0311 4404 C:\Windows\System32\drivers\usbehci.sys - ok
17:27:48.0314 4404 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
17:27:48.0314 4404 C:\Windows\System32\drivers\hdaudbus.sys - ok
17:27:48.0317 4404 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
17:27:48.0318 4404 C:\Windows\System32\oleaut32.dll - ok
17:27:48.0321 4404 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
17:27:48.0321 4404 C:\Windows\System32\drivers\wmiacpi.sys - ok
17:27:48.0325 4404 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
17:27:48.0325 4404 C:\Windows\System32\drivers\CompositeBus.sys - ok
17:27:48.0328 4404 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
17:27:48.0328 4404 C:\Windows\System32\msvcrt.dll - ok
17:27:48.0331 4404 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
17:27:48.0331 4404 C:\Windows\System32\drivers\agilevpn.sys - ok
17:27:48.0335 4404 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
17:27:48.0335 4404 C:\Windows\System32\normaliz.dll - ok
17:27:48.0339 4404 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
17:27:48.0339 4404 C:\Windows\System32\drivers\rasl2tp.sys - ok
17:27:48.0342 4404 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
17:27:48.0342 4404 C:\Windows\System32\gdi32.dll - ok
17:27:48.0346 4404 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
17:27:48.0346 4404 C:\Windows\System32\drivers\ndistapi.sys - ok
17:27:48.0349 4404 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
17:27:48.0349 4404 C:\Windows\System32\ole32.dll - ok
17:27:48.0353 4404 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
17:27:48.0353 4404 C:\Windows\System32\drivers\ndiswan.sys - ok
17:27:48.0356 4404 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
17:27:48.0356 4404 C:\Windows\System32\drivers\raspppoe.sys - ok
17:27:48.0360 4404 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
17:27:48.0360 4404 C:\Windows\System32\drivers\raspptp.sys - ok
17:27:48.0363 4404 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
17:27:48.0363 4404 C:\Windows\System32\user32.dll - ok
17:27:48.0367 4404 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
17:27:48.0367 4404 C:\Windows\System32\drivers\rassstp.sys - ok
17:27:48.0370 4404 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
17:27:48.0370 4404 C:\Windows\System32\drivers\kbdclass.sys - ok
17:27:48.0374 4404 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
17:27:48.0374 4404 C:\Windows\System32\imagehlp.dll - ok
17:27:48.0377 4404 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
17:27:48.0377 4404 C:\Windows\System32\drivers\mouclass.sys - ok
17:27:48.0381 4404 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
17:27:48.0381 4404 C:\Windows\System32\shlwapi.dll - ok
17:27:48.0384 4404 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
17:27:48.0384 4404 C:\Windows\System32\drivers\ks.sys - ok
17:27:48.0388 4404 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
17:27:48.0388 4404 C:\Windows\System32\rpcrt4.dll - ok
17:27:48.0391 4404 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
17:27:48.0391 4404 C:\Windows\System32\drivers\swenum.sys - ok
17:27:48.0395 4404 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] C:\Windows\System32\drivers\amdiox64.sys
17:27:48.0395 4404 C:\Windows\System32\drivers\amdiox64.sys - ok
17:27:48.0398 4404 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
17:27:48.0398 4404 C:\Windows\System32\drivers\umbus.sys - ok
17:27:48.0402 4404 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
17:27:48.0402 4404 C:\Windows\System32\msctf.dll - ok
17:27:48.0406 4404 [ 85F1FE2D5EDBFD26066F5ABB9504A69C ] C:\Windows\System32\iertutil.dll
17:27:48.0406 4404 C:\Windows\System32\iertutil.dll - ok
17:27:48.0409 4404 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
17:27:48.0409 4404 C:\Windows\System32\ws2_32.dll - ok
17:27:48.0412 4404 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
17:27:48.0412 4404 C:\Windows\System32\sechost.dll - ok
17:27:48.0416 4404 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
17:27:48.0416 4404 C:\Windows\System32\setupapi.dll - ok
17:27:48.0419 4404 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
17:27:48.0419 4404 C:\Windows\System32\usp10.dll - ok
17:27:48.0423 4404 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
17:27:48.0423 4404 C:\Windows\System32\comdlg32.dll - ok
17:27:48.0426 4404 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
17:27:48.0426 4404 C:\Windows\System32\clbcatq.dll - ok
17:27:48.0430 4404 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
17:27:48.0430 4404 C:\Windows\System32\wintrust.dll - ok
17:27:48.0433 4404 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
17:27:48.0434 4404 C:\Windows\System32\comctl32.dll - ok
17:27:48.0437 4404 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
17:27:48.0437 4404 C:\Windows\System32\cfgmgr32.dll - ok
17:27:48.0441 4404 [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
17:27:48.0441 4404 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
17:27:48.0445 4404 [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
17:27:48.0445 4404 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
17:27:48.0448 4404 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
17:27:48.0448 4404 C:\Windows\System32\crypt32.dll - ok
17:27:48.0452 4404 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
17:27:48.0452 4404 C:\Windows\System32\KernelBase.dll - ok
17:27:48.0455 4404 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
17:27:48.0455 4404 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
17:27:48.0459 4404 [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
17:27:48.0459 4404 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
17:27:48.0463 4404 [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
17:27:48.0463 4404 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
17:27:48.0467 4404 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
17:27:48.0467 4404 C:\Windows\System32\devobj.dll - ok
17:27:48.0470 4404 [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
17:27:48.0470 4404 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
17:27:48.0474 4404 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
17:27:48.0474 4404 C:\Windows\System32\drivers\usbhub.sys - ok
17:27:48.0477 4404 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
17:27:48.0477 4404 C:\Windows\System32\msasn1.dll - ok
17:27:48.0481 4404 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
17:27:48.0481 4404 C:\Windows\System32\drivers\ndproxy.sys - ok
17:27:48.0485 4404 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
17:27:48.0485 4404 C:\Windows\System32\drivers\drmk.sys - ok
17:27:48.0488 4404 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
17:27:48.0488 4404 C:\Windows\System32\drivers\portcls.sys - ok
17:27:48.0492 4404 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] C:\Windows\System32\drivers\RTKVHD64.sys
17:27:48.0492 4404 C:\Windows\System32\drivers\RTKVHD64.sys - ok
17:27:48.0495 4404 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
17:27:48.0495 4404 C:\Windows\System32\drivers\ksthunk.sys - ok
17:27:48.0499 4404 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
17:27:48.0499 4404 C:\Windows\SysWOW64\normaliz.dll - ok
17:27:48.0503 4404 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
17:27:48.0503 4404 C:\Windows\System32\drivers\dxapi.sys - ok
17:27:48.0506 4404 [ 86F96630D28523F1C402C783F046DEF1 ] C:\Windows\System32\win32k.sys
17:27:48.0506 4404 C:\Windows\System32\win32k.sys - ok
17:27:48.0510 4404 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
17:27:48.0510 4404 C:\Windows\System32\csrss.exe - ok
17:27:48.0513 4404 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
17:27:48.0513 4404 C:\Windows\System32\drivers\hidparse.sys - ok
17:27:48.0517 4404 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
17:27:48.0517 4404 C:\Windows\System32\drivers\hidclass.sys - ok
17:27:48.0520 4404 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
17:27:48.0520 4404 C:\Windows\System32\drivers\hidusb.sys - ok
17:27:48.0524 4404 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
17:27:48.0524 4404 C:\Windows\System32\drivers\usbd.sys - ok
17:27:48.0528 4404 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
17:27:48.0528 4404 C:\Windows\System32\drivers\mouhid.sys - ok
17:27:48.0532 4404 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
17:27:48.0532 4404 C:\Windows\System32\drivers\usbccgp.sys - ok
17:27:48.0536 4404 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
17:27:48.0536 4404 C:\Windows\System32\drivers\USBSTOR.SYS - ok
17:27:48.0538 4404 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] C:\Windows\System32\drivers\usbscan.sys
17:27:48.0538 4404 C:\Windows\System32\drivers\usbscan.sys - ok
17:27:48.0541 4404 [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
17:27:48.0541 4404 C:\Windows\System32\drivers\usbprint.sys - ok
17:27:48.0545 4404 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
17:27:48.0545 4404 C:\Windows\System32\drivers\kbdhid.sys - ok
17:27:48.0548 4404 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
17:27:48.0548 4404 C:\Windows\System32\csrsrv.dll - ok
17:27:48.0552 4404 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
17:27:48.0552 4404 C:\Windows\System32\basesrv.dll - ok
17:27:48.0556 4404 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
17:27:48.0556 4404 C:\Windows\System32\winsrv.dll - ok
17:27:48.0559 4404 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
17:27:48.0559 4404 C:\Windows\System32\drivers\monitor.sys - ok
17:27:48.0562 4404 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
17:27:48.0562 4404 C:\Windows\System32\tsddd.dll - ok
17:27:48.0566 4404 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
17:27:48.0566 4404 C:\Windows\System32\sxssrv.dll - ok
17:27:48.0569 4404 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
17:27:48.0569 4404 C:\Windows\System32\wininit.exe - ok
17:27:48.0573 4404 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
17:27:48.0573 4404 C:\Windows\System32\profapi.dll - ok
17:27:48.0576 4404 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
17:27:48.0576 4404 C:\Windows\System32\cdd.dll - ok
17:27:48.0580 4404 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
17:27:48.0580 4404 C:\Windows\System32\RpcRtRemote.dll - ok
17:27:48.0584 4404 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
17:27:48.0584 4404 C:\Windows\System32\KBDUS.DLL - ok
17:27:48.0587 4404 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
17:27:48.0587 4404 C:\Windows\System32\winlogon.exe - ok
17:27:48.0591 4404 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
17:27:48.0591 4404 C:\Windows\System32\WlS0WndH.dll - ok
17:27:48.0596 4404 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
17:27:48.0596 4404 C:\Windows\System32\winsta.dll - ok
17:27:48.0599 4404 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
17:27:48.0599 4404 C:\Windows\System32\sxs.dll - ok
17:27:48.0602 4404 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
17:27:48.0602 4404 C:\Windows\System32\cryptbase.dll - ok
17:27:48.0606 4404 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
17:27:48.0606 4404 C:\Windows\System32\apphelp.dll - ok
17:27:48.0609 4404 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
17:27:48.0609 4404 C:\Windows\System32\services.exe - ok
17:27:48.0613 4404 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
17:27:48.0613 4404 C:\Windows\System32\lsass.exe - ok
17:27:48.0617 4404 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
17:27:48.0617 4404 C:\Windows\System32\lsm.exe - ok
17:27:48.0621 4404 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
17:27:48.0621 4404 C:\Windows\System32\sspicli.dll - ok
17:27:48.0624 4404 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
17:27:48.0624 4404 C:\Windows\System32\sspisrv.dll - ok
17:27:48.0629 4404 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
17:27:48.0629 4404 C:\Windows\System32\lsasrv.dll - ok
17:27:48.0633 4404 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
17:27:48.0633 4404 C:\Windows\System32\scext.dll - ok
17:27:48.0637 4404 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
17:27:48.0637 4404 C:\Windows\System32\secur32.dll - ok
17:27:48.0641 4404 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
17:27:48.0641 4404 C:\Windows\System32\sysntfy.dll - ok
17:27:48.0645 4404 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
17:27:48.0645 4404 C:\Windows\System32\scesrv.dll - ok
17:27:48.0649 4404 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
17:27:48.0649 4404 C:\Windows\System32\wmsgapi.dll - ok
17:27:48.0653 4404 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
17:27:48.0653 4404 C:\Windows\System32\srvcli.dll - ok
17:27:48.0658 4404 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
17:27:48.0658 4404 C:\Windows\System32\samsrv.dll - ok
17:27:48.0662 4404 [ 2D066FBE63F7026C43C662C094B98076 ] C:\Windows\System32\bridgeres.dll
17:27:48.0662 4404 C:\Windows\System32\bridgeres.dll - ok
17:27:48.0666 4404 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
17:27:48.0666 4404 C:\Windows\System32\cryptdll.dll - ok
17:27:48.0670 4404 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
17:27:48.0670 4404 C:\Windows\System32\wevtapi.dll - ok
17:27:48.0674 4404 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
17:27:48.0674 4404 C:\Windows\System32\cngaudit.dll - ok
17:27:48.0678 4404 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
17:27:48.0678 4404 C:\Windows\System32\authz.dll - ok
17:27:48.0682 4404 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
17:27:48.0682 4404 C:\Windows\System32\ncrypt.dll - ok
17:27:48.0686 4404 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
17:27:48.0686 4404 C:\Windows\System32\bcrypt.dll - ok
17:27:48.0690 4404 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
17:27:48.0690 4404 C:\Windows\System32\msprivs.dll - ok
17:27:48.0695 4404 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
17:27:48.0695 4404 C:\Windows\System32\netjoin.dll - ok
17:27:48.0698 4404 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
17:27:48.0699 4404 C:\Windows\System32\negoexts.dll - ok
17:27:48.0703 4404 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
17:27:48.0703 4404 C:\Windows\System32\kerberos.dll - ok
17:27:48.0707 4404 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
17:27:48.0707 4404 C:\Windows\System32\cryptsp.dll - ok
17:27:48.0711 4404 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
17:27:48.0711 4404 C:\Windows\System32\mswsock.dll - ok
17:27:48.0715 4404 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
17:27:48.0715 4404 C:\Windows\System32\wship6.dll - ok
17:27:48.0719 4404 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
17:27:48.0719 4404 C:\Windows\System32\msv1_0.dll - ok
17:27:48.0723 4404 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
17:27:48.0723 4404 C:\Windows\System32\netlogon.dll - ok
17:27:48.0727 4404 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
17:27:48.0727 4404 C:\Windows\System32\dnsapi.dll - ok
17:27:48.0731 4404 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
17:27:48.0731 4404 C:\Windows\System32\logoncli.dll - ok
17:27:48.0736 4404 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
17:27:48.0736 4404 C:\Windows\System32\schannel.dll - ok
17:27:48.0739 4404 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
17:27:48.0739 4404 C:\Windows\System32\wuaueng.dll - ok
17:27:48.0744 4404 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
17:27:48.0744 4404 C:\Windows\System32\wdigest.dll - ok
17:27:48.0748 4404 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
17:27:48.0748 4404 C:\Windows\System32\rsaenh.dll - ok
17:27:48.0752 4404 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
17:27:48.0752 4404 C:\Windows\System32\TSpkg.dll - ok
17:27:48.0755 4404 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
17:27:48.0755 4404 C:\Windows\System32\pku2u.dll - ok
17:27:48.0758 4404 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
17:27:48.0758 4404 C:\Windows\System32\LIVESSP.DLL - ok
17:27:48.0762 4404 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
17:27:48.0762 4404 C:\Windows\System32\bcryptprimitives.dll - ok
17:27:48.0765 4404 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
17:27:48.0765 4404 C:\Windows\System32\efslsaext.dll - ok
17:27:48.0769 4404 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
17:27:48.0769 4404 C:\Windows\System32\credssp.dll - ok
17:27:48.0773 4404 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
17:27:48.0773 4404 C:\Windows\System32\ubpm.dll - ok
17:27:48.0776 4404 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
17:27:48.0776 4404 C:\Windows\System32\scecli.dll - ok
17:27:48.0779 4404 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
17:27:48.0779 4404 C:\Windows\System32\svchost.exe - ok
17:27:48.0783 4404 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
17:27:48.0783 4404 C:\Windows\System32\umpnpmgr.dll - ok
17:27:48.0786 4404 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
17:27:48.0786 4404 C:\Windows\System32\SPInf.dll - ok
17:27:48.0788 4404 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
17:27:48.0788 4404 C:\Windows\System32\devrtl.dll - ok
17:27:48.0792 4404 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
17:27:48.0792 4404 C:\Windows\System32\userenv.dll - ok
17:27:48.0796 4404 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
17:27:48.0796 4404 C:\Windows\System32\gpapi.dll - ok
17:27:48.0799 4404 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
17:27:48.0799 4404 C:\Windows\System32\umpo.dll - ok
17:27:48.0803 4404 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
17:27:48.0803 4404 C:\Windows\System32\pcwum.dll - ok
17:27:48.0806 4404 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
17:27:48.0806 4404 C:\Windows\System32\powrprof.dll - ok
17:27:48.0809 4404 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
17:27:48.0809 4404 C:\Windows\System32\atmfd.dll - ok
17:27:48.0813 4404 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
17:27:48.0813 4404 C:\Windows\System32\drivers\luafv.sys - ok
17:27:48.0816 4404 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
17:27:48.0816 4404 C:\Windows\System32\rpcss.dll - ok
17:27:48.0820 4404 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
17:27:48.0820 4404 C:\Windows\System32\RpcEpMap.dll - ok
17:27:48.0823 4404 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
17:27:48.0823 4404 C:\Windows\System32\WSHTCPIP.DLL - ok
17:27:48.0827 4404 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
17:27:48.0827 4404 C:\Windows\System32\wshqos.dll - ok
17:27:48.0830 4404 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
17:27:48.0830 4404 C:\Windows\System32\FirewallAPI.dll - ok
17:27:48.0834 4404 [ 2FDCB3E855076CE97CCB58E2CF8F2A09 ] C:\Windows\System32\atiesrxx.exe
17:27:48.0834 4404 C:\Windows\System32\atiesrxx.exe - ok
17:27:48.0837 4404 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
17:27:48.0837 4404 C:\Windows\System32\LogonUI.exe - ok
17:27:48.0841 4404 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
17:27:48.0841 4404 C:\Windows\System32\version.dll - ok
17:27:48.0844 4404 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
17:27:48.0844 4404 C:\Windows\System32\wtsapi32.dll - ok
17:27:48.0848 4404 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
17:27:48.0848 4404 C:\Windows\System32\authui.dll - ok
17:27:48.0851 4404 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
17:27:48.0851 4404 C:\Windows\System32\cryptui.dll - ok
17:27:48.0855 4404 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
17:27:48.0855 4404 C:\Windows\System32\wevtsvc.dll - ok
17:27:48.0858 4404 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
17:27:48.0858 4404 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
17:27:48.0862 4404 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
17:27:48.0862 4404 C:\Windows\System32\shacct.dll - ok
17:27:48.0865 4404 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
17:27:48.0865 4404 C:\Windows\System32\audiosrv.dll - ok
17:27:48.0868 4404 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
17:27:48.0868 4404 C:\Windows\System32\samlib.dll - ok
17:27:48.0872 4404 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
17:27:48.0872 4404 C:\Windows\System32\wlansvc.dll - ok
17:27:48.0876 4404 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
17:27:48.0876 4404 C:\Windows\System32\FntCache.dll - ok
17:27:48.0879 4404 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
17:27:48.0879 4404 C:\Windows\System32\mmcss.dll - ok
17:27:48.0882 4404 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
17:27:48.0882 4404 C:\Windows\System32\MMDevAPI.dll - ok
17:27:48.0886 4404 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
17:27:48.0886 4404 C:\Windows\System32\avrt.dll - ok
17:27:48.0889 4404 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
17:27:48.0889 4404 C:\Windows\System32\propsys.dll - ok
17:27:48.0893 4404 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
17:27:48.0893 4404 C:\Windows\System32\adtschema.dll - ok
17:27:48.0896 4404 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
17:27:48.0896 4404 C:\Windows\System32\uxtheme.dll - ok
17:27:48.0899 4404 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
17:27:48.0899 4404 C:\Windows\System32\drivers\fltMgr.sys - ok
17:27:48.0903 4404 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
17:27:48.0903 4404 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
17:27:48.0906 4404 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
17:27:48.0906 4404 C:\Windows\System32\PSHED.DLL - ok
17:27:48.0910 4404 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
17:27:48.0910 4404 C:\Windows\System32\audiodg.exe - ok
17:27:48.0913 4404 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
17:27:48.0914 4404 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
17:27:48.0917 4404 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
17:27:48.0917 4404 C:\Windows\System32\ntmarta.dll - ok
17:27:48.0921 4404 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
17:27:48.0921 4404 C:\Windows\System32\dui70.dll - ok
17:27:48.0924 4404 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
17:27:48.0924 4404 C:\Windows\System32\gpsvc.dll - ok
17:27:48.0928 4404 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
17:27:48.0928 4404 C:\Windows\System32\profsvc.dll - ok
17:27:48.0931 4404 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
17:27:48.0931 4404 C:\Windows\System32\atl.dll - ok
17:27:48.0935 4404 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
17:27:48.0935 4404 C:\Windows\System32\themeservice.dll - ok
17:27:48.0939 4404 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
17:27:48.0939 4404 C:\Windows\System32\es.dll - ok
17:27:48.0942 4404 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
17:27:48.0942 4404 C:\Windows\System32\duser.dll - ok
17:27:48.0945 4404 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
17:27:48.0945 4404 C:\Windows\System32\nlaapi.dll - ok
17:27:48.0948 4404 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
17:27:48.0948 4404 C:\Windows\System32\dsrole.dll - ok
17:27:48.0952 4404 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
17:27:48.0952 4404 C:\Windows\System32\slc.dll - ok
17:27:48.0955 4404 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
17:27:48.0955 4404 C:\Windows\System32\Sens.dll - ok
17:27:48.0959 4404 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
17:27:48.0959 4404 C:\Windows\System32\comres.dll - ok
17:27:48.0962 4404 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
17:27:48.0962 4404 C:\Windows\System32\SndVolSSO.dll - ok
17:27:48.0966 4404 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
17:27:48.0966 4404 C:\Windows\System32\uxsms.dll - ok
17:27:48.0969 4404 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
17:27:48.0969 4404 C:\Windows\System32\drivers\lltdio.sys - ok
17:27:48.0973 4404 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
17:27:48.0973 4404 C:\Windows\System32\hid.dll - ok
17:27:48.0976 4404 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
17:27:48.0976 4404 C:\Windows\System32\winmm.dll - ok
17:27:48.0979 4404 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
17:27:48.0980 4404 C:\Windows\System32\drivers\nwifi.sys - ok
17:27:48.0983 4404 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
17:27:48.0983 4404 C:\Windows\System32\wdmaud.drv - ok
17:27:48.0986 4404 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
17:27:48.0986 4404 C:\Windows\System32\ksuser.dll - ok
17:27:48.0990 4404 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
17:27:48.0990 4404 C:\Windows\System32\drivers\ndisuio.sys - ok
17:27:48.0993 4404 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
17:27:48.0993 4404 C:\Windows\System32\dwmapi.dll - ok
17:27:48.0997 4404 [ 328B99E25901D314FDFB31F18A7E302E ] C:\Windows\System32\drivers\pnarp.sys
17:27:48.0997 4404 C:\Windows\System32\drivers\pnarp.sys - ok
17:27:49.0000 4404 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
17:27:49.0000 4404 C:\Windows\System32\xmllite.dll - ok
17:27:49.0004 4404 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
17:27:49.0004 4404 C:\Windows\System32\AudioSes.dll - ok
17:27:49.0008 4404 [ E33AE01D03EBE68CD6A934BF52702BFD ] C:\Windows\System32\drivers\purendis.sys
17:27:49.0008 4404 C:\Windows\System32\drivers\purendis.sys - ok
17:27:49.0011 4404 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
17:27:49.0011 4404 C:\Windows\System32\msacm32.drv - ok
17:27:49.0014 4404 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
17:27:49.0014 4404 C:\Windows\System32\drivers\rspndr.sys - ok
17:27:49.0018 4404 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
17:27:49.0018 4404 C:\Windows\System32\msacm32.dll - ok
17:27:49.0022 4404 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
17:27:49.0022 4404 C:\Windows\System32\midimap.dll - ok
17:27:49.0025 4404 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
17:27:49.0025 4404 C:\Windows\System32\lmhsvc.dll - ok
17:27:49.0028 4404 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
17:27:49.0028 4404 C:\Windows\System32\nsisvc.dll - ok
17:27:49.0031 4404 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
17:27:49.0031 4404 C:\Windows\System32\IPHLPAPI.DLL - ok
17:27:49.0035 4404 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
17:27:49.0035 4404 C:\Windows\System32\WindowsCodecs.dll - ok
17:27:49.0039 4404 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
17:27:49.0039 4404 C:\Windows\System32\winnsi.dll - ok
17:27:49.0041 4404 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
17:27:49.0041 4404 C:\Windows\System32\nrpsrv.dll - ok
17:27:49.0045 4404 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
17:27:49.0045 4404 C:\Windows\System32\keyiso.dll - ok
17:27:49.0048 4404 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
17:27:49.0048 4404 C:\Windows\System32\dhcpcore.dll - ok
17:27:49.0052 4404 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
17:27:49.0052 4404 C:\Windows\System32\dnsrslvr.dll - ok
17:27:49.0055 4404 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
17:27:49.0055 4404 C:\Windows\System32\eapsvc.dll - ok
17:27:49.0059 4404 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
17:27:49.0059 4404 C:\Windows\System32\eapphost.dll - ok
17:27:49.0062 4404 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
17:27:49.0062 4404 C:\Windows\System32\FWPUCLNT.DLL - ok
17:27:49.0065 4404 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
17:27:49.0065 4404 C:\Windows\System32\dhcpcore6.dll - ok
17:27:49.0069 4404 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
17:27:49.0069 4404 C:\Windows\System32\AudioEng.dll - ok
17:27:49.0072 4404 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
17:27:49.0072 4404 C:\Windows\System32\dnsext.dll - ok
17:27:49.0076 4404 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
17:27:49.0076 4404 C:\Windows\System32\dhcpcsvc.dll - ok
17:27:49.0079 4404 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
17:27:49.0079 4404 C:\Windows\System32\dhcpcsvc6.dll - ok
17:27:49.0083 4404 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
17:27:49.0083 4404 C:\Windows\System32\umb.dll - ok
17:27:49.0086 4404 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
17:27:49.0086 4404 C:\Windows\System32\wlanmsm.dll - ok
17:27:49.0090 4404 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
17:27:49.0090 4404 C:\Windows\System32\AUDIOKSE.dll - ok
17:27:49.0093 4404 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
17:27:49.0093 4404 C:\Windows\System32\onex.dll - ok
17:27:49.0096 4404 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
17:27:49.0096 4404 C:\Windows\System32\wlansec.dll - ok
17:27:49.0100 4404 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
17:27:49.0100 4404 C:\Windows\System32\eappprxy.dll - ok
17:27:49.0103 4404 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
17:27:49.0104 4404 C:\Windows\System32\eappcfg.dll - ok
17:27:49.0107 4404 [ 853A17F7CED7ADE5A177520D5EAEC895 ] C:\Windows\System32\RtkAPO64.dll
17:27:49.0107 4404 C:\Windows\System32\RtkAPO64.dll - ok
17:27:49.0110 4404 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
17:27:49.0110 4404 C:\Windows\System32\winbrand.dll - ok
17:27:49.0114 4404 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
17:27:49.0114 4404 C:\Windows\System32\wlgpclnt.dll - ok
17:27:49.0117 4404 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
17:27:49.0117 4404 C:\Windows\System32\l2gpstore.dll - ok
17:27:49.0121 4404 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
17:27:49.0121 4404 C:\Windows\System32\VaultCredProvider.dll - ok
17:27:49.0124 4404 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
17:27:49.0124 4404 C:\Windows\System32\wlanutil.dll - ok
17:27:49.0128 4404 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
17:27:49.0128 4404 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
17:27:49.0131 4404 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
17:27:49.0131 4404 C:\Windows\System32\WinSCard.dll - ok
17:27:49.0135 4404 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
17:27:49.0135 4404 C:\Windows\System32\msxml6.dll - ok
17:27:49.0138 4404 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
17:27:49.0138 4404 C:\Windows\System32\BioCredProv.dll - ok
17:27:49.0142 4404 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
17:27:49.0142 4404 C:\Windows\System32\winbio.dll - ok
17:27:49.0145 4404 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
17:27:49.0145 4404 C:\Windows\System32\credui.dll - ok
17:27:49.0148 4404 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
17:27:49.0148 4404 C:\Windows\System32\vaultcli.dll - ok
17:27:49.0152 4404 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
17:27:49.0152 4404 C:\Windows\System32\netapi32.dll - ok
17:27:49.0155 4404 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
17:27:49.0155 4404 C:\Windows\System32\netutils.dll - ok
17:27:49.0159 4404 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
17:27:49.0159 4404 C:\Windows\System32\wkscli.dll - ok
17:27:49.0162 4404 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
17:27:49.0162 4404 C:\Windows\System32\samcli.dll - ok
17:27:49.0165 4404 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
17:27:49.0165 4404 C:\Windows\System32\WMALFXGFXDSP.dll - ok
17:27:49.0169 4404 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
17:27:49.0169 4404 C:\Windows\System32\certCredProvider.dll - ok
17:27:49.0173 4404 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
17:27:49.0173 4404 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
17:27:49.0176 4404 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
17:27:49.0176 4404 C:\Windows\System32\rasplap.dll - ok
17:27:49.0180 4404 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
17:27:49.0180 4404 C:\Windows\System32\mfplat.dll - ok
17:27:49.0183 4404 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
17:27:49.0183 4404 C:\Windows\System32\rasapi32.dll - ok
17:27:49.0187 4404 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
17:27:49.0187 4404 C:\Windows\System32\rasman.dll - ok
17:27:49.0190 4404 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
17:27:49.0190 4404 C:\Windows\System32\rtutils.dll - ok
17:27:49.0193 4404 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
17:27:49.0193 4404 C:\Windows\System32\shsvcs.dll - ok
17:27:49.0197 4404 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
17:27:49.0197 4404 C:\Windows\System32\netcfgx.dll - ok
17:27:49.0200 4404 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
17:27:49.0200 4404 C:\Windows\System32\schedsvc.dll - ok
17:27:49.0204 4404 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
17:27:49.0204 4404 C:\Windows\System32\UXInit.dll - ok
17:27:49.0207 4404 [ 427E817E414160685FFCFA7F7DF6557E ] C:\Windows\System32\atieclxx.exe
17:27:49.0207 4404 C:\Windows\System32\atieclxx.exe - ok
17:27:49.0211 4404 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
17:27:49.0211 4404 C:\Windows\System32\drivers\vwifimp.sys - ok
17:27:49.0214 4404 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
17:27:49.0214 4404 C:\Windows\System32\ktmw32.dll - ok
17:27:49.0218 4404 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
17:27:49.0218 4404 C:\Windows\System32\fveapi.dll - ok
17:27:49.0221 4404 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
17:27:49.0221 4404 C:\Windows\System32\oleacc.dll - ok
17:27:49.0224 4404 [ 7D9DDE61A8B475AB0097D76797796CB1 ] C:\Windows\System32\atiadlxx.dll
17:27:49.0224 4404 C:\Windows\System32\atiadlxx.dll - ok
17:27:49.0228 4404 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
17:27:49.0228 4404 C:\Windows\System32\tbs.dll - ok
17:27:49.0231 4404 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
17:27:49.0231 4404 C:\Windows\System32\fvecerts.dll - ok
17:27:49.0235 4404 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
17:27:49.0235 4404 C:\Windows\System32\taskcomp.dll - ok
17:27:49.0238 4404 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
17:27:49.0238 4404 C:\Windows\System32\UIAutomationCore.dll - ok
17:27:49.0242 4404 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
17:27:49.0242 4404 C:\Windows\System32\wiarpc.dll - ok
17:27:49.0245 4404 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
17:27:49.0245 4404 C:\Windows\System32\imageres.dll - ok
17:27:49.0248 4404 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
17:27:49.0249 4404 C:\Windows\System32\drivers\http.sys - ok
17:27:49.0252 4404 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
17:27:49.0252 4404 C:\Windows\System32\spoolsv.exe - ok
17:27:49.0256 4404 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
17:27:49.0256 4404 C:\Windows\System32\BFE.DLL - ok
17:27:49.0259 4404 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
17:27:49.0259 4404 C:\Windows\System32\drivers\bowser.sys - ok
17:27:49.0263 4404 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
17:27:49.0263 4404 C:\Windows\System32\drivers\mpsdrv.sys - ok
17:27:49.0266 4404 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
17:27:49.0266 4404 C:\Windows\System32\MPSSVC.dll - ok
17:27:49.0270 4404 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
17:27:49.0270 4404 C:\Windows\System32\drivers\mrxsmb.sys - ok
17:27:49.0273 4404 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
17:27:49.0273 4404 C:\Windows\System32\drivers\mrxsmb10.sys - ok
17:27:49.0277 4404 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
17:27:49.0277 4404 C:\Windows\System32\drivers\mrxsmb20.sys - ok
17:27:49.0280 4404 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
17:27:49.0280 4404 C:\Windows\System32\wkssvc.dll - ok
17:27:49.0283 4404 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
17:27:49.0283 4404 C:\Windows\System32\wfapigp.dll - ok
17:27:49.0287 4404 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
17:27:49.0287 4404 C:\Windows\System32\mscms.dll - ok
17:27:49.0289 4404 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
17:27:49.0289 4404 C:\Windows\System32\pcasvc.dll - ok
17:27:49.0293 4404 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
17:27:49.0293 4404 C:\Windows\System32\snmptrap.exe - ok
17:27:49.0296 4404 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
17:27:49.0296 4404 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
17:27:49.0300 4404 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:27:49.0300 4404 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
17:27:49.0303 4404 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
17:27:49.0303 4404 C:\Windows\SysWOW64\ntdll.dll - ok
17:27:49.0307 4404 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
17:27:49.0307 4404 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
17:27:49.0311 4404 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
17:27:49.0311 4404 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
17:27:49.0314 4404 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
17:27:49.0314 4404 C:\Windows\System32\wow64.dll - ok
17:27:49.0318 4404 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
17:27:49.0318 4404 C:\Windows\System32\provsvc.dll - ok
17:27:49.0321 4404 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
17:27:49.0321 4404 C:\Windows\System32\wow64win.dll - ok
17:27:49.0324 4404 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
17:27:49.0324 4404 C:\Windows\System32\sstpsvc.dll - ok
17:27:49.0328 4404 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
17:27:49.0328 4404 C:\Windows\System32\wow64cpu.dll - ok
17:27:49.0331 4404 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
17:27:49.0331 4404 C:\Windows\SysWOW64\kernel32.dll - ok
17:27:49.0335 4404 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
17:27:49.0335 4404 C:\Windows\SysWOW64\KernelBase.dll - ok
17:27:49.0338 4404 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
17:27:49.0338 4404 C:\Windows\SysWOW64\user32.dll - ok
17:27:49.0342 4404 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
17:27:49.0342 4404 C:\Windows\SysWOW64\gdi32.dll - ok
17:27:49.0345 4404 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
17:27:49.0345 4404 C:\Windows\SysWOW64\lpk.dll - ok
17:27:49.0348 4404 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
17:27:49.0348 4404 C:\Windows\SysWOW64\usp10.dll - ok
17:27:49.0352 4404 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
17:27:49.0352 4404 C:\Windows\SysWOW64\msvcrt.dll - ok
17:27:49.0355 4404 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
17:27:49.0355 4404 C:\Windows\SysWOW64\advapi32.dll - ok
17:27:49.0359 4404 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
17:27:49.0359 4404 C:\Windows\SysWOW64\sechost.dll - ok
17:27:49.0362 4404 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
17:27:49.0362 4404 C:\Windows\SysWOW64\rpcrt4.dll - ok
17:27:49.0365 4404 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
17:27:49.0365 4404 C:\Windows\SysWOW64\cryptbase.dll - ok
17:27:49.0369 4404 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
17:27:49.0369 4404 C:\Windows\SysWOW64\sspicli.dll - ok
17:27:49.0373 4404 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
17:27:49.0373 4404 C:\Windows\SysWOW64\shell32.dll - ok
17:27:49.0376 4404 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
17:27:49.0376 4404 C:\Windows\SysWOW64\shlwapi.dll - ok
17:27:49.0379 4404 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
17:27:49.0379 4404 C:\Windows\SysWOW64\ole32.dll - ok
17:27:49.0383 4404 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
17:27:49.0383 4404 C:\Windows\SysWOW64\oleaut32.dll - ok
17:27:49.0387 4404 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
17:27:49.0387 4404 C:\Windows\SysWOW64\crypt32.dll - ok
17:27:49.0390 4404 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
17:27:49.0390 4404 C:\Windows\SysWOW64\msasn1.dll - ok
17:27:49.0393 4404 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
17:27:49.0393 4404 C:\Windows\SysWOW64\wintrust.dll - ok
17:27:49.0397 4404 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
17:27:49.0397 4404 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
17:27:49.0401 4404 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
17:27:49.0401 4404 C:\Windows\SysWOW64\imm32.dll - ok
17:27:49.0404 4404 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
17:27:49.0404 4404 C:\Windows\SysWOW64\msctf.dll - ok
17:27:49.0407 4404 [ 69CB1A65B835EE6ADF9E16ED6D443072 ] C:\Windows\SysWOW64\urlmon.dll
17:27:49.0407 4404 C:\Windows\SysWOW64\urlmon.dll - ok
17:27:49.0411 4404 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
17:27:49.0411 4404 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
17:27:49.0414 4404 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
17:27:49.0414 4404 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
17:27:49.0419 4404 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
17:27:49.0419 4404 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
17:27:49.0422 4404 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
17:27:49.0422 4404 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
17:27:49.0426 4404 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
17:27:49.0426 4404 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
17:27:49.0429 4404 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
17:27:49.0429 4404 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
17:27:49.0433 4404 [ B5DEC0D4CBBC333CA99FE10B06D4747E ] C:\Windows\SysWOW64\iertutil.dll
17:27:49.0433 4404 C:\Windows\SysWOW64\iertutil.dll - ok
17:27:49.0436 4404 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
17:27:49.0436 4404 C:\Windows\SysWOW64\version.dll - ok
17:27:49.0440 4404 [ CFE0CEE587F9CEA4C29DEEC6D85FC91C ] C:\Windows\SysWOW64\wininet.dll
17:27:49.0440 4404 C:\Windows\SysWOW64\wininet.dll - ok
17:27:49.0443 4404 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
17:27:49.0443 4404 C:\Windows\SysWOW64\nsi.dll - ok
17:27:49.0447 4404 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
17:27:49.0447 4404 C:\Windows\SysWOW64\ws2_32.dll - ok
17:27:49.0450 4404 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
17:27:49.0450 4404 C:\Windows\SysWOW64\atl.dll - ok
17:27:49.0453 4404 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
17:27:49.0453 4404 C:\Windows\SysWOW64\winmm.dll - ok
17:27:49.0457 4404 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
17:27:49.0457 4404 C:\Windows\SysWOW64\svchost.exe - ok
17:27:49.0460 4404 [ C7074BD8D4B8F564859ED373433030AE ] C:\Program Files (x86)\Common Files\Akamai\netsession_win_ca0e279.dll
17:27:49.0460 4404 C:\Program Files (x86)\Common Files\Akamai\netsession_win_ca0e279.dll - ok
17:27:49.0464 4404 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
17:27:49.0464 4404 C:\Windows\SysWOW64\psapi.dll - ok
17:27:49.0467 4404 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
17:27:49.0467 4404 C:\Windows\SysWOW64\pdh.dll - ok
17:27:49.0471 4404 [ 32FB817DFBEE1BA2589AA3964718DCFC ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
17:27:49.0471 4404 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
17:27:49.0474 4404 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
17:27:49.0474 4404 C:\Windows\SysWOW64\winhttp.dll - ok
17:27:49.0478 4404 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
17:27:49.0478 4404 C:\Windows\SysWOW64\webio.dll - ok
17:27:49.0481 4404 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
17:27:49.0481 4404 C:\Windows\SysWOW64\userenv.dll - ok
17:27:49.0485 4404 [ 37D44BFEA9B50D75764660ADC35C83AC ] C:\Windows\System32\msvcp100.dll
17:27:49.0485 4404 C:\Windows\System32\msvcp100.dll - ok
17:27:49.0488 4404 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
17:27:49.0488 4404 C:\Windows\SysWOW64\profapi.dll - ok
17:27:49.0491 4404 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
17:27:49.0491 4404 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
17:27:49.0495 4404 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
17:27:49.0495 4404 C:\Windows\SysWOW64\winnsi.dll - ok
17:27:49.0498 4404 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
17:27:49.0498 4404 C:\Windows\SysWOW64\wtsapi32.dll - ok
17:27:49.0502 4404 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
17:27:49.0502 4404 C:\Windows\SysWOW64\netapi32.dll - ok
17:27:49.0505 4404 [ B88DA7FD10BDBB3754D98AFD39677C29 ] C:\Windows\System32\msvcr100.dll
17:27:49.0505 4404 C:\Windows\System32\msvcr100.dll - ok
17:27:49.0509 4404 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
17:27:49.0509 4404 C:\Windows\SysWOW64\netutils.dll - ok
17:27:49.0512 4404 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
17:27:49.0512 4404 C:\Windows\SysWOW64\srvcli.dll - ok
17:27:49.0516 4404 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
17:27:49.0516 4404 C:\Windows\SysWOW64\wkscli.dll - ok
17:27:49.0519 4404 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
17:27:49.0519 4404 C:\Windows\SysWOW64\logoncli.dll - ok
17:27:49.0523 4404 [ E910B8B8FD87E43F8698908D93290CBF ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
17:27:49.0523 4404 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll - ok
17:27:49.0527 4404 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys
17:27:49.0527 4404 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys - ok
17:27:49.0530 4404 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
17:27:49.0530 4404 C:\Windows\SysWOW64\security.dll - ok
17:27:49.0534 4404 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
17:27:49.0534 4404 C:\Windows\SysWOW64\secur32.dll - ok
17:27:49.0537 4404 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
17:27:49.0537 4404 C:\Windows\SysWOW64\cryptsp.dll - ok
17:27:49.0539 4404 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
17:27:49.0539 4404 C:\Windows\SysWOW64\credssp.dll - ok
17:27:49.0543 4404 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
17:27:49.0543 4404 C:\Windows\SysWOW64\msv1_0.dll - ok
17:27:49.0546 4404 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
17:27:49.0546 4404 C:\Windows\SysWOW64\cryptdll.dll - ok
17:27:49.0549 4404 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
17:27:49.0549 4404 C:\Windows\SysWOW64\winsta.dll - ok
17:27:49.0553 4404 [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:27:49.0553 4404 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
17:27:49.0557 4404 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
17:27:49.0557 4404 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
17:27:49.0560 4404 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
17:27:49.0560 4404 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
17:27:49.0564 4404 [ E2DEA77BAAAED15CA1CE0C8E017C7F2F ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll
17:27:49.0564 4404 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll - ok
17:27:49.0567 4404 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
17:27:49.0567 4404 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
17:27:49.0571 4404 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
17:27:49.0571 4404 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
17:27:49.0575 4404 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
17:27:49.0575 4404 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
17:27:49.0579 4404 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
17:27:49.0579 4404 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
17:27:49.0583 4404 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
17:27:49.0583 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
17:27:49.0587 4404 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
17:27:49.0587 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
17:27:49.0591 4404 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
17:27:49.0591 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
17:27:49.0594 4404 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
17:27:49.0594 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
17:27:49.0598 4404 [ 9C963A14F955AF99F6DF0C1F5FC5AF9B ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll
17:27:49.0598 4404 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll - ok
17:27:49.0602 4404 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
17:27:49.0602 4404 C:\Windows\SysWOW64\wsock32.dll - ok
17:27:49.0606 4404 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
17:27:49.0606 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
17:27:49.0609 4404 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
17:27:49.0609 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
17:27:49.0613 4404 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
17:27:49.0613 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
17:27:49.0617 4404 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
17:27:49.0617 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
17:27:49.0621 4404 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
17:27:49.0621 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
17:27:49.0625 4404 [ 537013677D6C96B2713F6A98A5138B2D ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
17:27:49.0625 4404 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
17:27:49.0628 4404 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
17:27:49.0628 4404 C:\Windows\System32\wlanapi.dll - ok
17:27:49.0632 4404 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
17:27:49.0632 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
17:27:49.0636 4404 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
17:27:49.0636 4404 C:\Windows\SysWOW64\mswsock.dll - ok
17:27:49.0639 4404 [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
17:27:49.0639 4404 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
17:27:49.0643 4404 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
17:27:49.0643 4404 C:\Windows\SysWOW64\wship6.dll - ok
17:27:49.0646 4404 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
17:27:49.0646 4404 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
17:27:49.0650 4404 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
17:27:49.0650 4404 C:\Windows\SysWOW64\setupapi.dll - ok
17:27:49.0653 4404 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
17:27:49.0653 4404 C:\Windows\SysWOW64\dnsapi.dll - ok
17:27:49.0657 4404 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
17:27:49.0657 4404 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
17:27:49.0660 4404 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
17:27:49.0661 4404 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
17:27:49.0664 4404 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
17:27:49.0664 4404 C:\Windows\SysWOW64\rasadhlp.dll - ok
17:27:49.0667 4404 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
17:27:49.0668 4404 C:\Windows\SysWOW64\cfgmgr32.dll - ok
17:27:49.0671 4404 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
17:27:49.0671 4404 C:\Windows\SysWOW64\devobj.dll - ok
17:27:49.0674 4404 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
17:27:49.0674 4404 C:\Windows\SysWOW64\dnssd.dll - ok
17:27:49.0678 4404 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
17:27:49.0678 4404 C:\Windows\SysWOW64\ntmarta.dll - ok
17:27:49.0681 4404 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
17:27:49.0681 4404 C:\Windows\SysWOW64\Wldap32.dll - ok
17:27:49.0685 4404 [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
17:27:49.0685 4404 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
17:27:49.0689 4404 [ F48FEB7DA35821DA15E0B006DCB9A169 ] C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
17:27:49.0689 4404 C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE - ok
17:27:49.0693 4404 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
17:27:49.0693 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
17:27:49.0696 4404 [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
17:27:49.0696 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
17:27:49.0700 4404 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
17:27:49.0701 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
17:27:49.0704 4404 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
17:27:49.0704 4404 C:\Windows\SysWOW64\msi.dll - ok
17:27:49.0708 4404 [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
17:27:49.0708 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
17:27:49.0712 4404 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
17:27:49.0712 4404 C:\Windows\SysWOW64\SensApi.dll - ok
17:27:49.0715 4404 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
17:27:49.0715 4404 C:\Windows\SysWOW64\clbcatq.dll - ok
17:27:49.0719 4404 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
17:27:49.0719 4404 C:\Windows\SysWOW64\rsaenh.dll - ok
17:27:49.0722 4404 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
17:27:49.0722 4404 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
17:27:49.0726 4404 [ 4D1B31AA1CD11122E9ABCA04708A1B1C ] C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
17:27:49.0726 4404 C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe - ok
17:27:49.0729 4404 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
17:27:49.0729 4404 C:\Windows\System32\dllhost.exe - ok
17:27:49.0733 4404 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
17:27:49.0733 4404 C:\Windows\System32\dbghelp.dll - ok
17:27:49.0737 4404 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
17:27:49.0737 4404 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
17:27:49.0740 4404 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
17:27:49.0740 4404 C:\Windows\System32\msi.dll - ok
17:27:49.0744 4404 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
17:27:49.0744 4404 C:\Windows\System32\IDStore.dll - ok
17:27:49.0747 4404 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
17:27:49.0747 4404 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
17:27:49.0750 4404 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
17:27:49.0751 4404 C:\Windows\System32\taskhost.exe - ok
17:27:49.0754 4404 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
17:27:49.0754 4404 C:\Program Files\Bonjour\mdnsNSP.dll - ok
17:27:49.0758 4404 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
17:27:49.0758 4404 C:\Windows\System32\AtBroker.exe - ok
17:27:49.0761 4404 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
17:27:49.0761 4404 C:\Windows\System32\taskeng.exe - ok
17:27:49.0764 4404 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
17:27:49.0764 4404 C:\Windows\System32\mpr.dll - ok
17:27:49.0768 4404 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
17:27:49.0768 4404 C:\Windows\System32\userinit.exe - ok
17:27:49.0771 4404 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
17:27:49.0771 4404 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
17:27:49.0775 4404 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
17:27:49.0775 4404 C:\Windows\System32\rasadhlp.dll - ok
17:27:49.0778 4404 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
17:27:49.0778 4404 C:\Windows\System32\localspl.dll - ok
17:27:49.0782 4404 [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
17:27:49.0782 4404 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
17:27:49.0785 4404 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
17:27:49.0785 4404 C:\Windows\System32\dwm.exe - ok
17:27:49.0789 4404 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
17:27:49.0789 4404 C:\Windows\System32\esent.dll - ok
17:27:49.0791 4404 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
17:27:49.0791 4404 C:\Windows\System32\dwmredir.dll - ok
17:27:49.0794 4404 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
17:27:49.0794 4404 C:\Windows\System32\TSChannel.dll - ok
17:27:49.0798 4404 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
17:27:49.0798 4404 C:\Windows\System32\dwmcore.dll - ok
17:27:49.0801 4404 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
17:27:49.0801 4404 C:\Windows\explorer.exe - ok
17:27:49.0805 4404 [ 8535493AB374BE5B1B3A34671F42CCB3 ] C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
17:27:49.0805 4404 C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe - ok
17:27:49.0808 4404 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
17:27:49.0808 4404 C:\Windows\System32\spoolss.dll - ok
17:27:49.0812 4404 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
17:27:49.0812 4404 C:\Windows\System32\winspool.drv - ok
17:27:49.0815 4404 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
17:27:49.0815 4404 C:\Windows\System32\PrintIsolationProxy.dll - ok
17:27:49.0819 4404 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
17:27:49.0819 4404 C:\Windows\System32\vssapi.dll - ok
17:27:49.0822 4404 [ 6C5604ECB59009D69E984891E435B62A ] C:\Windows\System32\CNCALAL.DLL
17:27:49.0822 4404 C:\Windows\System32\CNCALAL.DLL - ok
17:27:49.0826 4404 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:27:49.0826 4404 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
17:27:49.0829 4404 [ 93B9E4D0B7BD601372C5B50FE0381533 ] C:\Windows\System32\CNMLMAL.DLL
17:27:49.0829 4404 C:\Windows\System32\CNMLMAL.DLL - ok
17:27:49.0833 4404 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
17:27:49.0833 4404 C:\Windows\System32\d3d10_1.dll - ok
17:27:49.0836 4404 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
17:27:49.0836 4404 C:\Windows\System32\d3d10_1core.dll - ok
17:27:49.0840 4404 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
17:27:49.0840 4404 C:\Windows\System32\MsCtfMonitor.dll - ok
17:27:49.0843 4404 [ 4A9C54F09772403272770BD2CD72E765 ] C:\Windows\System32\CNMN6PPM.DLL
17:27:49.0843 4404 C:\Windows\System32\CNMN6PPM.DLL - ok
17:27:49.0847 4404 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
17:27:49.0847 4404 C:\Windows\System32\msutb.dll - ok
17:27:49.0850 4404 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
17:27:49.0850 4404 C:\Windows\System32\dxgi.dll - ok
17:27:49.0854 4404 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
17:27:49.0854 4404 C:\Windows\System32\HotStartUserAgent.dll - ok
17:27:49.0857 4404 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
17:27:49.0857 4404 C:\Windows\System32\PlaySndSrv.dll - ok
17:27:49.0861 4404 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
17:27:49.0861 4404 C:\Windows\System32\vsstrace.dll - ok
17:27:49.0864 4404 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
17:27:49.0864 4404 C:\Windows\System32\d3d11.dll - ok
17:27:49.0867 4404 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
17:27:49.0867 4404 C:\Windows\System32\pdh.dll - ok
17:27:49.0871 4404 [ B0F6619DA9B4DBF58FE86E5934AEC949 ] C:\Windows\System32\aticfx64.dll
17:27:49.0871 4404 C:\Windows\System32\aticfx64.dll - ok
17:27:49.0874 4404 [ 725027EB23A0F4F8BB68D0732632C8E4 ] C:\Windows\System32\atiuxp64.dll
17:27:49.0874 4404 C:\Windows\System32\atiuxp64.dll - ok
17:27:49.0878 4404 [ CB2704C69D4363EB15D1C5B0C6653D45 ] C:\Windows\System32\dopdfmn7.dll
17:27:49.0878 4404 C:\Windows\System32\dopdfmn7.dll - ok
17:27:49.0881 4404 [ ABF41C6B13E9BEC82457E9D1668475E3 ] C:\Windows\System32\atidxx64.dll
17:27:49.0881 4404 C:\Windows\System32\atidxx64.dll - ok
17:27:49.0885 4404 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
17:27:49.0885 4404 C:\Windows\System32\FXSMON.dll - ok
17:27:49.0888 4404 [ 53D8BBB236513133915E8206CC8E419F ] C:\Windows\System32\HPZ3LLHN.DLL
17:27:49.0888 4404 C:\Windows\System32\HPZ3LLHN.DLL - ok
17:27:49.0892 4404 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
17:27:49.0892 4404 C:\Windows\System32\uDWM.dll - ok
17:27:49.0895 4404 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
17:27:49.0895 4404 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
17:27:49.0899 4404 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
17:27:49.0899 4404 C:\Windows\System32\ExplorerFrame.dll - ok
17:27:49.0902 4404 [ 807EB11BD87CD9026906FB79015414CE ] C:\Windows\System32\perfdisk.dll
17:27:49.0902 4404 C:\Windows\System32\perfdisk.dll - ok
17:27:49.0906 4404 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
17:27:49.0906 4404 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
17:27:49.0910 4404 [ B466E673B5E219520A12B40F1289E455 ] C:\Windows\System32\perfproc.dll
17:27:49.0910 4404 C:\Windows\System32\perfproc.dll - ok
17:27:49.0913 4404 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
17:27:49.0913 4404 C:\Windows\SysWOW64\uxtheme.dll - ok
17:27:49.0917 4404 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
17:27:49.0917 4404 C:\Windows\System32\cryptsvc.dll - ok
17:27:49.0920 4404 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
17:27:49.0920 4404 C:\Windows\System32\efssvc.dll - ok
17:27:49.0923 4404 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
17:27:49.0923 4404 C:\Windows\System32\dps.dll - ok
17:27:49.0927 4404 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
17:27:49.0927 4404 C:\Windows\System32\cryptnet.dll - ok
17:27:49.0930 4404 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
17:27:49.0930 4404 C:\Windows\System32\taskschd.dll - ok
17:27:49.0934 4404 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
17:27:49.0934 4404 C:\Windows\System32\efscore.dll - ok
17:27:49.0937 4404 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
17:27:49.0937 4404 C:\Windows\System32\FDResPub.dll - ok
17:27:49.0941 4404 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
17:27:49.0941 4404 C:\Windows\System32\IKEEXT.DLL - ok
17:27:49.0944 4404 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
17:27:49.0944 4404 C:\Windows\System32\WSDApi.dll - ok
17:27:49.0947 4404 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
17:27:49.0947 4404 C:\Windows\System32\efsutil.dll - ok
17:27:49.0951 4404 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
17:27:49.0951 4404 C:\Windows\SysWOW64\imagehlp.dll - ok
17:27:49.0954 4404 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
17:27:49.0954 4404 C:\Windows\System32\webservices.dll - ok
17:27:49.0958 4404 [ 219A9D8CC3E6617A4B7580284944A219 ] C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll
17:27:49.0958 4404 C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll - ok
17:27:49.0961 4404 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
17:27:49.0961 4404 C:\Windows\System32\wdi.dll - ok
17:27:49.0965 4404 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
17:27:49.0965 4404 C:\Windows\System32\vpnikeapi.dll - ok
17:27:49.0968 4404 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
17:27:49.0969 4404 C:\Windows\SysWOW64\cscapi.dll - ok
17:27:49.0972 4404 [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
17:27:49.0972 4404 C:\Users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
17:27:49.0976 4404 [ EF255A7B70D4884B80B8D727B74F3E83 ] C:\Windows\System32\pdfc_port.dll
17:27:49.0976 4404 C:\Windows\System32\pdfc_port.dll - ok
17:27:49.0979 4404 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
17:27:49.0979 4404 C:\Windows\SysWOW64\dbghelp.dll - ok
17:27:49.0983 4404 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
17:27:49.0983 4404 C:\Windows\System32\tcpmon.dll - ok
17:27:49.0986 4404 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
17:27:49.0986 4404 C:\Windows\System32\snmpapi.dll - ok
17:27:49.0989 4404 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
17:27:49.0989 4404 C:\Windows\System32\fundisc.dll - ok
17:27:49.0993 4404 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
17:27:49.0993 4404 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
17:27:49.0996 4404 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
17:27:49.0996 4404 C:\Windows\System32\wsnmp32.dll - ok
17:27:50.0000 4404 [ E47FFCA0909871AC1BFF0D446FF63CA9 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
17:27:50.0000 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe - ok
17:27:50.0004 4404 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
17:27:50.0004 4404 C:\Windows\SysWOW64\perfos.dll - ok
17:27:50.0008 4404 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
17:27:50.0008 4404 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
17:27:50.0011 4404 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
17:27:50.0011 4404 C:\Windows\System32\winhttp.dll - ok
17:27:50.0015 4404 [ D622C0DD759A3D25174FAD44C7B22540 ] C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll
17:27:50.0015 4404 C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
17:27:50.0018 4404 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
17:27:50.0018 4404 C:\Windows\System32\webio.dll - ok
17:27:50.0022 4404 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
17:27:50.0022 4404 C:\Windows\SysWOW64\apphelp.dll - ok
17:27:50.0025 4404 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
17:27:50.0025 4404 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
17:27:50.0029 4404 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
17:27:50.0029 4404 C:\Windows\System32\httpapi.dll - ok
17:27:50.0032 4404 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
17:27:50.0032 4404 C:\Windows\System32\EhStorShell.dll - ok
17:27:50.0036 4404 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
17:27:50.0036 4404 C:\Windows\System32\usbmon.dll - ok
17:27:50.0039 4404 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
17:27:50.0039 4404 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
17:27:50.0042 4404 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
17:27:50.0042 4404 C:\Windows\System32\ntshrui.dll - ok
17:27:50.0045 4404 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
17:27:50.0045 4404 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
17:27:50.0049 4404 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
17:27:50.0049 4404 C:\Windows\System32\NapiNSP.dll - ok
17:27:50.0053 4404 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
17:27:50.0053 4404 C:\Windows\System32\cscapi.dll - ok
17:27:50.0056 4404 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
17:27:50.0056 4404 C:\Windows\System32\WSDMon.dll - ok
17:27:50.0059 4404 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
17:27:50.0059 4404 C:\Windows\SysWOW64\mstask.dll - ok
17:27:50.0063 4404 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
17:27:50.0063 4404 C:\Windows\System32\IconCodecService.dll - ok
17:27:50.0066 4404 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
17:27:50.0066 4404 C:\Windows\System32\pnrpnsp.dll - ok
17:27:50.0070 4404 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
17:27:50.0070 4404 C:\Windows\System32\fdPnp.dll - ok
17:27:50.0073 4404 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
17:27:50.0073 4404 C:\Windows\System32\winrnr.dll - ok
17:27:50.0077 4404 [ 52F6F5D0174AF8020B22890520394CE0 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ushata.dll
17:27:50.0077 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ushata.dll - ok
17:27:50.0081 4404 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
17:27:50.0081 4404 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
17:27:50.0084 4404 [ 474E7750C4ACDC5CBEDF9923A56E977B ] C:\Windows\System32\spool\prtprocs\x64\CNMPDAL.DLL
17:27:50.0084 4404 C:\Windows\System32\spool\prtprocs\x64\CNMPDAL.DLL - ok
17:27:50.0088 4404 [ C30A50449EA4B611484A5F1F1F016774 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL
17:27:50.0088 4404 C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok
17:27:50.0091 4404 [ 8C8E916E24FE1C0DD07554B34064F564 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avpinit.dll
17:27:50.0091 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avpinit.dll - ok
17:27:50.0095 4404 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
17:27:50.0095 4404 C:\Windows\SysWOW64\fltLib.dll - ok
17:27:50.0098 4404 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
17:27:50.0098 4404 C:\Windows\System32\win32spl.dll - ok
17:27:50.0102 4404 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
17:27:50.0102 4404 C:\Windows\System32\inetpp.dll - ok
17:27:50.0105 4404 [ A8E03C3538151D702A39A48CFBBCAF4C ] C:\Windows\System32\spool\drivers\x64\3\CNCARAL.DLL
17:27:50.0105 4404 C:\Windows\System32\spool\drivers\x64\3\CNCARAL.DLL - ok
17:27:50.0109 4404 [ 8ECAE7BA330CC1A8F807FFBF9A40A950 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avpmain.dll
17:27:50.0109 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avpmain.dll - ok
17:27:50.0112 4404 [ 50D998B4B5549E95F8B9C790DB2F78C7 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\prremote.dll
17:27:50.0112 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\prremote.dll - ok
17:27:50.0116 4404 [ 3998A3FDB93A584EEB57D292439D3E1D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\dumpwriter.dll
17:27:50.0116 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\dumpwriter.dll - ok
17:27:50.0120 4404 [ 06DC2FDC6282F0D68910417B1150C848 ] C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
17:27:50.0120 4404 C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe - ok
17:27:50.0124 4404 [ B5B2896034D8ADEBD79E0C281B52508F ] C:\Windows\AppPatch\AcGenral.dll
17:27:50.0124 4404 C:\Windows\AppPatch\AcGenral.dll - ok
17:27:50.0128 4404 [ EC2E03CF0AAE54FCBE436CC89BE52A3A ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\prloader.dll
17:27:50.0128 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\prloader.dll - ok
17:27:50.0131 4404 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
17:27:50.0131 4404 C:\Windows\SysWOW64\samcli.dll - ok
17:27:50.0135 4404 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
17:27:50.0135 4404 C:\Windows\System32\ntprint.dll - ok
17:27:50.0138 4404 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
17:27:50.0138 4404 C:\Windows\SysWOW64\msacm32.dll - ok
17:27:50.0141 4404 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
17:27:50.0141 4404 C:\Windows\SysWOW64\sfc.dll - ok
17:27:50.0145 4404 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
17:27:50.0145 4404 C:\Windows\SysWOW64\sfc_os.dll - ok
17:27:50.0148 4404 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
17:27:50.0148 4404 C:\Windows\SysWOW64\dwmapi.dll - ok
17:27:50.0152 4404 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
17:27:50.0152 4404 C:\Windows\SysWOW64\mpr.dll - ok
17:27:50.0155 4404 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
17:27:50.0155 4404 C:\Windows\System32\netman.dll - ok
17:27:50.0159 4404 [ F2840DBFE9322F35557219AE82CC4597 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
17:27:50.0159 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe - ok
17:27:50.0162 4404 [ C5966E2813B92A5E37E95F33E8410E14 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\nfio.ppl
17:27:50.0162 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\nfio.ppl - ok
17:27:50.0166 4404 [ D2AE56CEAFD824CA022164A79FCB2F5C ] C:\Windows\SysWOW64\java.exe
17:27:50.0166 4404 C:\Windows\SysWOW64\java.exe - ok
17:27:50.0170 4404 [ DED37DA67073115D370CB2634E53B793 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\fsdrvplg.ppl
17:27:50.0170 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\fsdrvplg.ppl - ok
17:27:50.0174 4404 [ FC4E79B2E5B7F19F688EDD9E5D3DC595 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\fssync.dll
17:27:50.0174 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\fssync.dll - ok
17:27:50.0177 4404 [ 4853FAA23868E66FD66DC81B8DD42333 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccl110u.dll
17:27:50.0178 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccl110u.dll - ok
17:27:50.0181 4404 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
17:27:50.0181 4404 C:\Windows\System32\conhost.exe - ok
17:27:50.0185 4404 [ 2257C98561EBAC594A8BB797970D6D54 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccvrtrst.dll
17:27:50.0185 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccvrtrst.dll - ok
17:27:50.0188 4404 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
17:27:50.0188 4404 C:\Windows\System32\nlasvc.dll - ok
17:27:50.0191 4404 [ 795AB874952E74AD48CD741F9D024547 ] C:\Windows\System32\java.exe
17:27:50.0191 4404 C:\Windows\System32\java.exe - ok
17:27:50.0195 4404 [ 52364B2BBA5D1CB4E6A55076EB184D90 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\efacli.dll
17:27:50.0195 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\efacli.dll - ok
17:27:50.0199 4404 [ 8B8EEDA3D4B9C32170918B4EB8EF023B ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvc.dll
17:27:50.0199 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvc.dll - ok
17:27:50.0203 4404 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll
17:27:50.0203 4404 C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll - ok
17:27:50.0206 4404 [ 5839A8027D6D324A7CD494051A96628C ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:27:50.0206 4404 C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe - ok
17:27:50.0210 4404 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
17:27:50.0210 4404 C:\Windows\System32\ncsi.dll - ok
17:27:50.0213 4404 [ 65D64BB840ABF8AA317E1A56595C5E28 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\srtsp32.dll
17:27:50.0213 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\srtsp32.dll - ok
17:27:50.0217 4404 [ BD3C0ABD9EE3562A49F458D9FB491C6D ] C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll
17:27:50.0217 4404 C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll - ok
17:27:50.0221 4404 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
17:27:50.0221 4404 C:\Windows\System32\ssdpapi.dll - ok
17:27:50.0224 4404 [ E277949FB0F4E90509A6A208AB88559D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\winreg.ppl
17:27:50.0224 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\winreg.ppl - ok
17:27:50.0228 4404 [ 79ED7408D94471522D5C34BA10BCC7B9 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccipc.dll
17:27:50.0228 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccipc.dll - ok
17:27:50.0232 4404 [ DBC2246E41D54CE62DE47A71D267479B ] C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll
17:27:50.0232 4404 C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll - ok
17:27:50.0236 4404 [ 78E824973A67192DD52A720083B0318D ] C:\Program Files (x86)\Java\jre6\bin\verify.dll
17:27:50.0236 4404 C:\Program Files (x86)\Java\jre6\bin\verify.dll - ok
17:27:50.0239 4404 [ EFBBE3005DFBC4B740804B2DE2118B17 ] C:\Program Files (x86)\Java\jre6\bin\java.dll
17:27:50.0239 4404 C:\Program Files (x86)\Java\jre6\bin\java.dll - ok
17:27:50.0243 4404 [ CA093AE88517317F97BD1A4ABE8623BA ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\service.dll
17:27:50.0243 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\service.dll - ok
17:27:50.0246 4404 [ B63B4053B8F025D290326A49784F0BA9 ] C:\Program Files (x86)\Java\jre6\bin\zip.dll
17:27:50.0246 4404 C:\Program Files (x86)\Java\jre6\bin\zip.dll - ok
17:27:50.0250 4404 [ 5672C775FAB584EB5BABBB79C74C530E ] C:\Program Files (x86)\Symantec\Norton Online Backup\BuEng.dll
17:27:50.0250 4404 C:\Program Files (x86)\Symantec\Norton Online Backup\BuEng.dll - ok
17:27:50.0254 4404 [ D017BF8D92938EEB9B3A1D1C53FDA152 ] C:\Windows\SysWOW64\mshtml.dll
17:27:50.0254 4404 C:\Windows\SysWOW64\mshtml.dll - ok
17:27:50.0257 4404 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
17:27:50.0257 4404 C:\Windows\System32\wsock32.dll - ok
17:27:50.0260 4404 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
17:27:50.0260 4404 C:\Windows\System32\aepic.dll - ok
17:27:50.0264 4404 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
17:27:50.0264 4404 C:\Windows\System32\sfc.dll - ok
17:27:50.0267 4404 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
17:27:50.0267 4404 C:\Windows\System32\sfc_os.dll - ok
17:27:50.0271 4404 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
17:27:50.0271 4404 C:\Windows\System32\aeevts.dll - ok
17:27:50.0274 4404 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
17:27:50.0274 4404 C:\Windows\System32\drivers\PEAuth.sys - ok
17:27:50.0278 4404 [ 932ED79E577C0D42AB9888287ED5C8D7 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\eka_meta.dll
17:27:50.0278 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\eka_meta.dll - ok
17:27:50.0281 4404 [ 284DAE55DED345F240DF806D45711E0B ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dimaster.dll
17:27:50.0282 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dimaster.dll - ok
17:27:50.0285 4404 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
17:27:50.0285 4404 C:\Windows\System32\drivers\secdrv.sys - ok
17:27:50.0289 4404 [ 8623FCC3AFFE0A9D8C6165543D138C58 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\esmgr.dll
17:27:50.0289 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\esmgr.dll - ok
17:27:50.0291 4404 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
17:27:50.0291 4404 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
17:27:50.0295 4404 [ 5684762CF40116976A0007EECD5A587D ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccset.dll
17:27:50.0295 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccset.dll - ok
17:27:50.0299 4404 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
17:27:50.0299 4404 C:\Windows\System32\seclogon.dll - ok
17:27:50.0302 4404 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
17:27:50.0303 4404 C:\Windows\System32\drivers\srvnet.sys - ok
17:27:50.0306 4404 [ BFFDCC9754CFBE68477D1CCAA7728536 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coSvcPlg.dll
17:27:50.0306 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coSvcPlg.dll - ok
17:27:50.0310 4404 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
17:27:50.0310 4404 C:\Windows\System32\wiaservc.dll - ok
17:27:50.0313 4404 [ 3A9738A0C71A9A5098356BD3AA46D0BD ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccgevt.dll
17:27:50.0313 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccgevt.dll - ok
17:27:50.0317 4404 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
17:27:50.0317 4404 C:\Windows\System32\sysmain.dll - ok
17:27:50.0320 4404 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
17:27:50.0320 4404 C:\Windows\System32\drivers\tcpipreg.sys - ok
17:27:50.0324 4404 [ E036AA5E1F4A94C2D7058192DA0514BA ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccglog.dll
17:27:50.0324 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccglog.dll - ok
17:27:50.0328 4404 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
17:27:50.0328 4404 C:\Windows\System32\tapisrv.dll - ok
17:27:50.0331 4404 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
17:27:50.0331 4404 C:\Windows\System32\wiatrace.dll - ok
17:27:50.0335 4404 [ 564B9FE047BEA0A2A592093C1DBF15C0 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coFFPlgn.dll
17:27:50.0335 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coFFPlgn.dll - ok
17:27:50.0338 4404 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
17:27:50.0338 4404 C:\Windows\System32\wsdchngr.dll - ok
17:27:50.0342 4404 [ AC3F5C50E94037619AC93D01BBF0CA27 ] C:\Windows\System32\CNC410C.dll
17:27:50.0342 4404 C:\Windows\System32\CNC410C.dll - ok
17:27:50.0345 4404 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
17:27:50.0345 4404 C:\Windows\System32\trkwks.dll - ok
17:27:50.0349 4404 [ 564B9FE047BEA0A2A592093C1DBF15C0 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\coFFPlgn\components\coFFPlgn.dll
17:27:50.0349 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\coFFPlgn\components\coFFPlgn.dll - ok
17:27:50.0353 4404 [ 021063A1F708BCCD0AF228DF924A40DE ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\pxstub.ppl
17:27:50.0353 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\pxstub.ppl - ok
17:27:50.0356 4404 [ 63E9ACC3FC9E408A5907650FC78C8064 ] C:\Program Files (x86)\Linksys\Linksys Updater\lib\wrapper.dll
17:27:50.0356 4404 C:\Program Files (x86)\Linksys\Linksys Updater\lib\wrapper.dll - ok
17:27:50.0360 4404 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
17:27:50.0360 4404 C:\Windows\System32\wbem\WMIsvc.dll - ok
17:27:50.0363 4404 [ F325980A000E2FD05C3D9D0313F3A1BE ] C:\Windows\System32\CNC410L.dll
17:27:50.0363 4404 C:\Windows\System32\CNC410L.dll - ok
17:27:50.0367 4404 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
17:27:50.0367 4404 C:\Windows\SysWOW64\propsys.dll - ok
17:27:50.0371 4404 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:27:50.0371 4404 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
17:27:50.0374 4404 [ 59B5902DE78621E7ED90C89579024974 ] C:\Program Files (x86)\Java\jre6\bin\net.dll
17:27:50.0374 4404 C:\Program Files (x86)\Java\jre6\bin\net.dll - ok
17:27:50.0378 4404 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
17:27:50.0378 4404 C:\Windows\System32\wbemcomn.dll - ok
17:27:50.0381 4404 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
17:27:50.0381 4404 C:\Program Files\Windows Defender\MpSvc.dll - ok
17:27:50.0385 4404 [ D61211C6242AE4D6C914CB62EE3D3473 ] C:\Windows\twain_32\MX410 series\SG_ENU.dll
17:27:50.0385 4404 C:\Windows\twain_32\MX410 series\SG_ENU.dll - ok
17:27:50.0389 4404 [ 493574E218AA18161D14EECFD572A0E8 ] C:\Windows\System32\CNHMCA6.dll
17:27:50.0389 4404 C:\Windows\System32\CNHMCA6.dll - ok
17:27:50.0392 4404 [ 93ED9FF632CEE1D181CD89BB67256C92 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccjobmgr.dll
17:27:50.0392 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccjobmgr.dll - ok
17:27:50.0396 4404 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
17:27:50.0396 4404 C:\Windows\System32\wbem\WinMgmtR.dll - ok
17:27:50.0399 4404 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
17:27:50.0399 4404 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
17:27:50.0403 4404 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
17:27:50.0403 4404 C:\Windows\System32\wbem\fastprox.dll - ok
17:27:50.0406 4404 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
17:27:50.0406 4404 C:\Program Files\Windows Defender\MpClient.dll - ok
17:27:50.0410 4404 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
17:27:50.0410 4404 C:\Windows\System32\ntdsapi.dll - ok
17:27:50.0413 4404 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
17:27:50.0413 4404 C:\Windows\System32\wbem\wbemprox.dll - ok
17:27:50.0417 4404 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
17:27:50.0417 4404 C:\Windows\System32\wbem\wbemcore.dll - ok
17:27:50.0420 4404 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
17:27:50.0420 4404 C:\Windows\System32\wbem\esscli.dll - ok
17:27:50.0424 4404 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
17:27:50.0424 4404 C:\Windows\System32\wbem\wbemsvc.dll - ok
17:27:50.0427 4404 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
17:27:50.0427 4404 C:\Windows\System32\wbem\wmiutils.dll - ok
17:27:50.0430 4404 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
17:27:50.0430 4404 C:\Windows\System32\SensApi.dll - ok
17:27:50.0434 4404 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
17:27:50.0434 4404 C:\Windows\System32\wbem\repdrvfs.dll - ok
17:27:50.0437 4404 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
17:27:50.0438 4404 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
17:27:50.0441 4404 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
17:27:50.0441 4404 C:\Windows\System32\wer.dll - ok
17:27:50.0444 4404 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
17:27:50.0444 4404 C:\Windows\System32\iphlpsvc.dll - ok
17:27:50.0448 4404 [ BA5E7B5CEF44E4F60F195C789F666CD7 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\params.ppl
17:27:50.0448 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\params.ppl - ok
17:27:50.0452 4404 [ 82C5A813E8EA7E94DC1AFA24CD803B80 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
17:27:50.0452 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe - ok
17:27:50.0456 4404 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
17:27:50.0456 4404 C:\Windows\System32\sqmapi.dll - ok
17:27:50.0459 4404 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
17:27:50.0459 4404 C:\Windows\System32\wdscore.dll - ok
17:27:50.0462 4404 [ 85C3AB8341F13E94B16FE9A69582A42F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
17:27:50.0462 4404 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
17:27:50.0466 4404 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
17:27:50.0466 4404 C:\Windows\System32\msxml3.dll - ok
17:27:50.0469 4404 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
17:27:50.0469 4404 C:\Windows\System32\hnetcfg.dll - ok
17:27:50.0473 4404 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
17:27:50.0473 4404 C:\Windows\System32\nci.dll - ok
17:27:50.0476 4404 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
17:27:50.0476 4404 C:\Windows\System32\netprofm.dll - ok
17:27:50.0480 4404 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
17:27:50.0480 4404 C:\Windows\SysWOW64\actxprxy.dll - ok
17:27:50.0483 4404 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
17:27:50.0483 4404 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
17:27:50.0487 4404 [ A9E790F2C9B5F22EC9E9BE7855B9BFFC ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsubeng.dll
17:27:50.0487 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsubeng.dll - ok
17:27:50.0490 4404 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
17:27:50.0490 4404 C:\Windows\System32\ncobjapi.dll - ok
17:27:50.0494 4404 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
17:27:50.0494 4404 C:\Windows\SysWOW64\powrprof.dll - ok
17:27:50.0497 4404 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
17:27:50.0497 4404 C:\Windows\System32\wbem\wbemess.dll - ok
17:27:50.0501 4404 [ 3662262608ADC5DEA6FD9F5AC465528D ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccemlpxy.dll
17:27:50.0501 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccemlpxy.dll - ok
17:27:50.0505 4404 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
17:27:50.0505 4404 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
17:27:50.0509 4404 [ 33975A7AF1AF19E24E773948A7257407 ] C:\Program Files\Internet Explorer\sqmapi.dll
17:27:50.0509 4404 C:\Program Files\Internet Explorer\sqmapi.dll - ok
17:27:50.0512 4404 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
17:27:50.0512 4404 C:\Windows\System32\dssenh.dll - ok
17:27:50.0516 4404 [ EAC557409471B44D3341DF9768B621BA ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\thpimpl.ppl
17:27:50.0516 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\thpimpl.ppl - ok
17:27:50.0520 4404 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
17:27:50.0520 4404 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
17:27:50.0524 4404 [ 99056A9FF85141B3337C5D392DD9EBA7 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\iron.dll
17:27:50.0524 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\iron.dll - ok
17:27:50.0527 4404 [ 0B6118058942961D504AAEA04FECB116 ] C:\Windows\SysWOW64\ieframe.dll
17:27:50.0527 4404 C:\Windows\SysWOW64\ieframe.dll - ok
17:27:50.0531 4404 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
17:27:50.0531 4404 C:\Windows\SysWOW64\ntshrui.dll - ok
17:27:50.0534 4404 [ EFB9F55F43B2524E48FE792BEF0D384E ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\propmap.ppl
17:27:50.0534 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\propmap.ppl - ok
17:27:50.0538 4404 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
17:27:50.0538 4404 C:\Windows\SysWOW64\netprofm.dll - ok
17:27:50.0541 4404 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
17:27:50.0541 4404 C:\Windows\SysWOW64\slc.dll - ok
17:27:50.0543 4404 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
17:27:50.0543 4404 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
17:27:50.0547 4404 [ 7EABAA542A7DA553552128F595DDA08E ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sndsvc.dll
17:27:50.0547 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sndsvc.dll - ok
17:27:50.0551 4404 [ B14946D70C2A2317243274A6E3736D3E ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\filemap.ppl
17:27:50.0551 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\filemap.ppl - ok
17:27:50.0555 4404 [ C0F700218CC351CD55503068C28B44E4 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll
17:27:50.0555 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll - ok
17:27:50.0558 4404 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
17:27:50.0558 4404 C:\Windows\SysWOW64\nlaapi.dll - ok
17:27:50.0562 4404 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
17:27:50.0562 4404 C:\Windows\SysWOW64\rasapi32.dll - ok
17:27:50.0565 4404 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
17:27:50.0565 4404 C:\Windows\SysWOW64\ncrypt.dll - ok
17:27:50.0569 4404 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
17:27:50.0569 4404 C:\Windows\SysWOW64\bcrypt.dll - ok
17:27:50.0572 4404 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
17:27:50.0572 4404 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
17:27:50.0576 4404 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
17:27:50.0576 4404 C:\Windows\SysWOW64\rasman.dll - ok
17:27:50.0579 4404 [ 2CFE545ABAFCE9AB0C375DC05CE831C7 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symredir.dll
17:27:50.0579 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symredir.dll - ok
17:27:50.0583 4404 [ 7601A29152ED8EDF2478DEBF5CDD89B6 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symrdrsv.dll
17:27:50.0583 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symrdrsv.dll - ok
17:27:50.0587 4404 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
17:27:50.0587 4404 C:\Windows\SysWOW64\gpapi.dll - ok
17:27:50.0590 4404 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
17:27:50.0590 4404 C:\Windows\System32\drivers\srv2.sys - ok
17:27:50.0594 4404 [ CBAA4D0696C766B6DBC6EE3202B943D2 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmagnt.dll
17:27:50.0594 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmagnt.dll - ok
17:27:50.0597 4404 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
17:27:50.0597 4404 C:\Windows\SysWOW64\rtutils.dll - ok
17:27:50.0601 4404 [ 2DCB2CC8A1D1074E5D42D36FA6B7EB20 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\hncore.dll
17:27:50.0601 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\hncore.dll - ok
17:27:50.0604 4404 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
17:27:50.0604 4404 C:\Windows\System32\drivers\srv.sys - ok
17:27:50.0608 4404 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
17:27:50.0608 4404 C:\Windows\System32\rasmans.dll - ok
17:27:50.0611 4404 [ FE01191E0FD9C827B1366D0BFFE7C050 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmcore.dll
17:27:50.0611 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmcore.dll - ok
17:27:50.0615 4404 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
17:27:50.0615 4404 C:\Windows\System32\rastapi.dll - ok
17:27:50.0618 4404 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
17:27:50.0618 4404 C:\Windows\System32\tapi32.dll - ok
17:27:50.0622 4404 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
17:27:50.0622 4404 C:\Windows\System32\unimdm.tsp - ok
17:27:50.0625 4404 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
17:27:50.0625 4404 C:\Windows\System32\uniplat.dll - ok
17:27:50.0628 4404 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
17:27:50.0628 4404 C:\Windows\System32\kmddsp.tsp - ok
17:27:50.0632 4404 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
17:27:50.0632 4404 C:\Windows\System32\ndptsp.tsp - ok
17:27:50.0635 4404 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
17:27:50.0635 4404 C:\Windows\System32\hidphone.tsp - ok
17:27:50.0639 4404 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
17:27:50.0639 4404 C:\Windows\System32\ndiscapCfg.dll - ok
17:27:50.0642 4404 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
17:27:50.0642 4404 C:\Windows\System32\rascfg.dll - ok
17:27:50.0646 4404 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
17:27:50.0646 4404 C:\Windows\System32\mprapi.dll - ok
17:27:50.0649 4404 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
17:27:50.0649 4404 C:\Windows\System32\mprmsg.dll - ok
17:27:50.0653 4404 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
17:27:50.0653 4404 C:\Windows\System32\tcpipcfg.dll - ok
17:27:50.0656 4404 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
17:27:50.0656 4404 C:\Windows\SysWOW64\NapiNSP.dll - ok
17:27:50.0659 4404 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
17:27:50.0659 4404 C:\Windows\System32\rasppp.dll - ok
17:27:50.0663 4404 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
17:27:50.0663 4404 C:\Windows\SysWOW64\pnrpnsp.dll - ok
17:27:50.0666 4404 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
17:27:50.0666 4404 C:\Windows\System32\vpnike.dll - ok
17:27:50.0670 4404 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
17:27:50.0670 4404 C:\Windows\SysWOW64\winrnr.dll - ok
17:27:50.0674 4404 [ 3726030ED9FAE22748F4ECB6936AE91B ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll
17:27:50.0674 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll - ok
17:27:50.0677 4404 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
17:27:50.0677 4404 C:\Windows\System32\raschap.dll - ok
17:27:50.0681 4404 [ 6C2C715A966DCD7118533D0B0171DBD8 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
17:27:50.0681 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll - ok
17:27:50.0684 4404 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
17:27:50.0684 4404 C:\Windows\SysWOW64\winspool.drv - ok
17:27:50.0688 4404 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
17:27:50.0688 4404 C:\Windows\System32\srvsvc.dll - ok
17:27:50.0691 4404 [ 3215F584BF98ACAC49DE9A86A1A98710 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\tm.ppl
17:27:50.0691 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\tm.ppl - ok
17:27:50.0695 4404 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
17:27:50.0695 4404 C:\Windows\System32\browser.dll - ok
17:27:50.0698 4404 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
17:27:50.0698 4404 C:\Windows\System32\ipnathlp.dll - ok
17:27:50.0702 4404 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
17:27:50.0702 4404 C:\Windows\System32\netshell.dll - ok
17:27:50.0705 4404 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
17:27:50.0705 4404 C:\Windows\SysWOW64\wlanapi.dll - ok
17:27:50.0709 4404 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
17:27:50.0709 4404 C:\Windows\SysWOW64\wlanutil.dll - ok
17:27:50.0712 4404 [ 7C630EB7CA59C687C5D910F4FFB0BBDC ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmrasv.dll
17:27:50.0712 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmrasv.dll - ok
17:27:50.0716 4404 [ C50D0F17B5A01E8805EEFD5DA9CF9FA2 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\appmgr32.dll
17:27:50.0716 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\appmgr32.dll - ok
17:27:50.0720 4404 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
17:27:50.0720 4404 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
17:27:50.0724 4404 [ FF6B44E0BD9C3941A9D7764839100AC6 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symneti.dll
17:27:50.0724 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symneti.dll - ok
17:27:50.0728 4404 [ 05A3E083332D3ABE33E499A6DC3E7FFB ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\isdatapr.dll
17:27:50.0728 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\isdatapr.dll - ok
17:27:50.0731 4404 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
17:27:50.0731 4404 C:\Windows\System32\netmsg.dll - ok
17:27:50.0735 4404 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
17:27:50.0735 4404 C:\Windows\System32\sscore.dll - ok
17:27:50.0738 4404 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
17:27:50.0738 4404 C:\Windows\System32\clusapi.dll - ok
17:27:50.0742 4404 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
17:27:50.0742 4404 C:\Windows\System32\resutils.dll - ok
17:27:50.0745 4404 [ 632DA8D8158DEB133FF086FF7171B2F6 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\dtreg.ppl
17:27:50.0745 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\dtreg.ppl - ok
17:27:50.0749 4404 [ 797A3566CDAE5E9CEE6DB0041305DB46 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avmodule.dll
17:27:50.0749 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avmodule.dll - ok
17:27:50.0753 4404 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
17:27:50.0753 4404 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
17:27:50.0756 4404 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
17:27:50.0756 4404 C:\Windows\SysWOW64\wbemcomn.dll - ok
17:27:50.0760 4404 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
17:27:50.0760 4404 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
17:27:50.0763 4404 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
17:27:50.0763 4404 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
17:27:50.0767 4404 [ A6910B3BC8FBE23EF08166E35ECEAAEA ] C:\Program Files (x86)\Java\jre6\bin\sunmscapi.dll
17:27:50.0767 4404 C:\Program Files (x86)\Java\jre6\bin\sunmscapi.dll - ok
17:27:50.0770 4404 [ 613B277AB5C75287DACBA35AA7EE4BC8 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\defutdcd.dll
17:27:50.0770 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\defutdcd.dll - ok
17:27:50.0774 4404 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
17:27:50.0774 4404 C:\Windows\SysWOW64\ntdsapi.dll - ok
17:27:50.0778 4404 [ 10280E90B16CD866364D155C88AF08DB ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ncw.dll
17:27:50.0778 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ncw.dll - ok
17:27:50.0781 4404 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
17:27:50.0781 4404 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
17:27:50.0785 4404 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
17:27:50.0785 4404 C:\Windows\System32\wbem\cimwin32.dll - ok
17:27:50.0788 4404 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
17:27:50.0788 4404 C:\Windows\SysWOW64\ktmw32.dll - ok
17:27:50.0792 4404 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
17:27:50.0792 4404 C:\Windows\System32\framedynos.dll - ok
17:27:50.0794 4404 [ 2BF24493488E91285E0AB7ECADC6B822 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\bl.ppl
17:27:50.0794 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\bl.ppl - ok
17:27:50.0798 4404 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
17:27:50.0798 4404 C:\Windows\System32\wmi.dll - ok
17:27:50.0801 4404 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
17:27:50.0801 4404 C:\Windows\System32\browcli.dll - ok
17:27:50.0805 4404 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
17:27:50.0805 4404 C:\Windows\System32\schedcli.dll - ok
17:27:50.0808 4404 [ C44354E5074D69B0A7FF50964CB3BD18 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ducclib.dll
17:27:50.0808 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ducclib.dll - ok
17:27:50.0812 4404 [ 83E5B8B86E6FDD48A60954A193F1B440 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltpe.dll
17:27:50.0812 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltpe.dll - ok
17:27:50.0816 4404 [ 81D6FFDDD22663CA32F8BEF9F107889D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\vercheck.ppl
17:27:50.0816 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\vercheck.ppl - ok
17:27:50.0819 4404 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll
17:27:50.0820 4404 C:\Windows\SysWOW64\netcfgx.dll - ok
17:27:50.0823 4404 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
17:27:50.0823 4404 C:\Windows\SysWOW64\taskschd.dll - ok
17:27:50.0826 4404 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
17:27:50.0826 4404 C:\Windows\SysWOW64\devrtl.dll - ok
17:27:50.0830 4404 [ A4D813B49057FCA29B16C1343424F79D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\regmap.ppl
17:27:50.0830 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\regmap.ppl - ok
17:27:50.0834 4404 [ 876AFFC7ED37A39109E85E32947ABBF7 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\NAVENG32.DLL
17:27:50.0834 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\NAVENG32.DLL - ok
17:27:50.0838 4404 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
17:27:50.0838 4404 C:\Windows\SysWOW64\SPInf.dll - ok
17:27:50.0841 4404 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
17:27:50.0841 4404 C:\Windows\System32\FXSRESM.dll - ok
17:27:50.0845 4404 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
17:27:50.0845 4404 C:\Windows\SysWOW64\FirewallAPI.dll - ok
17:27:50.0848 4404 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll
17:27:50.0848 4404 C:\Windows\SysWOW64\upnp.dll - ok
17:27:50.0852 4404 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
17:27:50.0852 4404 C:\Windows\SysWOW64\ssdpapi.dll - ok
17:27:50.0855 4404 [ B135B7BAD6A9C8318B5C9B88692638D8 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avpsvc32.dll
17:27:50.0855 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avpsvc32.dll - ok
17:27:50.0859 4404 [ 468D9C5404D6202DC7A5D96B8480929B ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sqsvc.dll
17:27:50.0859 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sqsvc.dll - ok
17:27:50.0863 4404 [ 603EEEED14B3398532D2189119CE9B6B ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avpinst.dll
17:27:50.0863 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avpinst.dll - ok
17:27:50.0867 4404 [ EAB1BB965DF56129A786078FC68A8B92 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avifc.dll
17:27:50.0867 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avifc.dll - ok
17:27:50.0870 4404 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
17:27:50.0870 4404 C:\Windows\SysWOW64\wshqos.dll - ok
17:27:50.0874 4404 [ 30979CDC8F0DA5E4AF4127A24870DCAC ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avmail.dll
17:27:50.0874 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avmail.dll - ok
17:27:50.0878 4404 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
17:27:50.0878 4404 C:\Windows\System32\diagperf.dll - ok
17:27:50.0881 4404 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
17:27:50.0881 4404 C:\Windows\System32\ssdpsrv.dll - ok
17:27:50.0885 4404 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
17:27:50.0885 4404 C:\Windows\System32\perftrack.dll - ok
17:27:50.0888 4404 [ FD32EA9505B4C74A0882D4733D4D1156 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\asengine.dll
17:27:50.0888 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\asengine.dll - ok
17:27:50.0892 4404 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
17:27:50.0892 4404 C:\Windows\System32\SearchIndexer.exe - ok
17:27:50.0895 4404 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
17:27:50.0895 4404 C:\Windows\SysWOW64\sxs.dll - ok
17:27:50.0899 4404 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
17:27:50.0899 4404 C:\Windows\SysWOW64\msxml3.dll - ok
17:27:50.0902 4404 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
17:27:50.0902 4404 C:\Windows\SysWOW64\xmllite.dll - ok
17:27:50.0906 4404 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
17:27:50.0906 4404 C:\Windows\System32\tquery.dll - ok
17:27:50.0909 4404 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe
17:27:50.0909 4404 C:\Windows\svchost.exe - ok
17:27:50.0913 4404 [ FF9918AF76D2F4D68910F28D5FD4713B ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\10.1.8116.1.nmcorePS.dll
17:27:50.0913 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\10.1.8116.1.nmcorePS.dll - ok
17:27:50.0916 4404 [ 7D4DC95A1F5E0818E74A399960569EA1 ] C:\Windows\SysWOW64\wuapi.dll
17:27:50.0916 4404 C:\Windows\SysWOW64\wuapi.dll - ok
17:27:50.0920 4404 [ D3654637A382BFD0E1ACED5CDF90CFDA ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\qsplugin.dll
17:27:50.0920 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\qsplugin.dll - ok
17:27:50.0924 4404 [ A46D72A18E4B34BDA2832AA445F7C058 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltlms.dll
17:27:50.0924 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltlms.dll - ok
17:27:50.0927 4404 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
17:27:50.0927 4404 C:\Windows\System32\mssrch.dll - ok
17:27:50.0931 4404 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
17:27:50.0931 4404 C:\Windows\SysWOW64\cabinet.dll - ok
17:27:50.0934 4404 [ FB633DCC8664E4CCACF562DB5BAE38CF ] C:\Windows\SysWOW64\wups.dll
17:27:50.0934 4404 C:\Windows\SysWOW64\wups.dll - ok
17:27:50.0938 4404 [ 77BE435238DC00551C80E09B4EC2D5C4 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\am_facade.dll
17:27:50.0938 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\am_facade.dll - ok
17:27:50.0941 4404 [ 1F761DA08B1855DDBDD97204D69B48DD ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\bhsvcplg.dll
17:27:50.0941 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\bhsvcplg.dll - ok
17:27:50.0945 4404 [ 91658099D83CE02D1C317C589FB67105 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\UPnPGW.dll
17:27:50.0945 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\UPnPGW.dll - ok
17:27:50.0949 4404 [ 5E0C5B5BE5304E133968D6D6F8840B28 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dscli.dll
17:27:50.0949 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dscli.dll - ok
17:27:50.0953 4404 [ CA591BB0B28C777065D8A16B7057FCF8 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\spocclnt.dll
17:27:50.0953 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\spocclnt.dll - ok
17:27:50.0956 4404 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
17:27:50.0956 4404 C:\Windows\System32\msidle.dll - ok
17:27:50.0960 4404 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
17:27:50.0960 4404 C:\Windows\System32\appinfo.dll - ok
17:27:50.0963 4404 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
17:27:50.0963 4404 C:\Windows\System32\npmproxy.dll - ok
17:27:50.0967 4404 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
17:27:50.0967 4404 C:\Windows\System32\wpdbusenum.dll - ok
17:27:50.0970 4404 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
17:27:50.0970 4404 C:\Windows\System32\mssprxy.dll - ok
17:27:50.0973 4404 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
17:27:50.0973 4404 C:\Windows\System32\pnpts.dll - ok
17:27:50.0977 4404 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
17:27:50.0977 4404 C:\Windows\System32\hidserv.dll - ok
17:27:50.0980 4404 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
17:27:50.0980 4404 C:\Windows\System32\Apphlpdm.dll - ok
17:27:50.0983 4404 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
17:27:50.0984 4404 C:\Windows\System32\radardt.dll - ok
17:27:50.0987 4404 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
17:27:50.0987 4404 C:\Windows\System32\PortableDeviceApi.dll - ok
17:27:50.0990 4404 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
17:27:50.0990 4404 C:\Windows\SysWOW64\npmproxy.dll - ok
17:27:50.0994 4404 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
17:27:50.0994 4404 C:\Windows\System32\wdiasqmmodule.dll - ok
17:27:50.0997 4404 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
17:27:50.0997 4404 C:\Windows\System32\en-US\tquery.dll.mui - ok
17:27:51.0001 4404 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
17:27:51.0001 4404 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
17:27:51.0005 4404 [ 8A8AB03962C9AEFC5D0471F629743338 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\metainfo.dll
17:27:51.0005 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\metainfo.dll - ok
17:27:51.0008 4404 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
17:27:51.0008 4404 C:\Windows\System32\IPSECSVC.DLL - ok
17:27:51.0011 4404 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
17:27:51.0011 4404 C:\Windows\SysWOW64\mssprxy.dll - ok
17:27:51.0015 4404 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
17:27:51.0015 4404 C:\Windows\System32\aelupsvc.dll - ok
17:27:51.0019 4404 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
17:27:51.0019 4404 C:\Windows\SysWOW64\dsound.dll - ok
17:27:51.0022 4404 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
17:27:51.0022 4404 C:\Windows\System32\cabinet.dll - ok
17:27:51.0025 4404 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
17:27:51.0025 4404 C:\Windows\System32\mspatcha.dll - ok
17:27:51.0029 4404 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
17:27:51.0029 4404 C:\Windows\System32\drivers\WUDFRd.sys - ok
17:27:51.0032 4404 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
17:27:51.0032 4404 C:\Windows\System32\FwRemoteSvr.dll - ok
17:27:51.0036 4404 [ 14D289F63D9538306CB560C4CD12172F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IDSxpx86.dll
17:27:51.0036 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IDSxpx86.dll - ok
17:27:51.0040 4404 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
17:27:51.0040 4404 C:\Windows\System32\wups.dll - ok
17:27:51.0043 4404 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
17:27:51.0043 4404 C:\Windows\System32\wups2.dll - ok
17:27:51.0045 4404 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
17:27:51.0045 4404 C:\Windows\System32\WUDFPlatform.dll - ok
17:27:51.0049 4404 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
17:27:51.0049 4404 C:\Windows\System32\runonce.exe - ok
17:27:51.0053 4404 [ 53726EBA2B0D9DD215CCE7B8923D73BF ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\datastor.dll
17:27:51.0053 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\datastor.dll - ok
17:27:51.0056 4404 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
17:27:51.0056 4404 C:\Windows\System32\drivers\WUDFPf.sys - ok
17:27:51.0060 4404 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
17:27:51.0060 4404 C:\Windows\System32\dimsjob.dll - ok
17:27:51.0063 4404 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
17:27:51.0063 4404 C:\Windows\System32\pautoenr.dll - ok
17:27:51.0067 4404 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
17:27:51.0067 4404 C:\Windows\System32\WUDFSvc.dll - ok
17:27:51.0070 4404 [ E01B313466464F9FF0EE76D171EAB624 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\codatapr.dll
17:27:51.0070 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\codatapr.dll - ok
17:27:51.0074 4404 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
17:27:51.0074 4404 C:\Windows\System32\WUDFHost.exe - ok
17:27:51.0077 4404 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
17:27:51.0077 4404 C:\Windows\System32\certcli.dll - ok
17:27:51.0080 4404 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
17:27:51.0080 4404 C:\Windows\SysWOW64\runonce.exe - ok
17:27:51.0084 4404 [ 5BDC853E9DB4641700E6480213538B9F ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coshdobj.dll
17:27:51.0084 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coshdobj.dll - ok
17:27:51.0088 4404 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
17:27:51.0088 4404 C:\Windows\System32\CertEnroll.dll - ok
17:27:51.0091 4404 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
17:27:51.0091 4404 C:\Windows\System32\wbem\NCProv.dll - ok
17:27:51.0095 4404 [ 4C230E31630087B78D061D29A43E6D11 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\comm.dll
17:27:51.0095 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\comm.dll - ok
17:27:51.0098 4404 [ F7DC4705A1B1D14FF9582D373AF080BA ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sqlite.dll
17:27:51.0098 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sqlite.dll - ok
17:27:51.0102 4404 [ 10729D2D308C5AA804ECE537B49C16AD ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\userlog.dll
17:27:51.0102 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\userlog.dll - ok
17:27:51.0106 4404 [ D750EA29EB42573062C3F115C4884942 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ipsplug.dll
17:27:51.0106 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ipsplug.dll - ok
17:27:51.0110 4404 [ 7A136F1B080B1CC7A8E219054CCEB1B2 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\storage.dll
17:27:51.0110 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\storage.dll - ok
17:27:51.0114 4404 [ F38E7CC2C76A78F31B1EE2559EDD35A9 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\isdatasv.dll
17:27:51.0114 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\isdatasv.dll - ok
17:27:51.0118 4404 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
17:27:51.0118 4404 C:\Windows\SysWOW64\cmd.exe - ok
17:27:51.0121 4404 [ 8718831F001A4C4F8ADD98833C2B1211 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\proxyclt.dll
17:27:51.0121 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\proxyclt.dll - ok
17:27:51.0125 4404 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
17:27:51.0125 4404 C:\Windows\System32\WUDFx.dll - ok
17:27:51.0128 4404 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
17:27:51.0128 4404 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
17:27:51.0132 4404 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
17:27:51.0132 4404 C:\Windows\System32\WMVCORE.DLL - ok
17:27:51.0135 4404 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
17:27:51.0135 4404 C:\Windows\System32\slwga.dll - ok
17:27:51.0139 4404 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
17:27:51.0139 4404 C:\Windows\System32\security.dll - ok
17:27:51.0142 4404 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
17:27:51.0142 4404 C:\Windows\System32\sppc.dll - ok
17:27:51.0146 4404 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
17:27:51.0146 4404 C:\Windows\System32\wbem\wmipcima.dll - ok
17:27:51.0149 4404 [ 371F3248198FC6732D14F110495F25F6 ] C:\Windows\SysWOW64\Firewall.cpl
17:27:51.0149 4404 C:\Windows\SysWOW64\Firewall.cpl - ok
17:27:51.0152 4404 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
17:27:51.0153 4404 C:\Windows\System32\WMASF.DLL - ok
17:27:51.0156 4404 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
17:27:51.0156 4404 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
17:27:51.0159 4404 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
17:27:51.0159 4404 C:\Windows\System32\PortableDeviceTypes.dll - ok
17:27:51.0163 4404 [ 1C508276096E4C2D1684E475CE33EF82 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwcore.dll
17:27:51.0163 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwcore.dll - ok
17:27:51.0167 4404 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
17:27:51.0167 4404 C:\Windows\SysWOW64\winbrand.dll - ok
17:27:51.0171 4404 [ DA0688029B2E7F7E703A39C41BBB1444 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20130322.001_24\BHEngine.dll
17:27:51.0171 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20130322.001_24\BHEngine.dll - ok
17:27:51.0174 4404 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
17:27:51.0174 4404 C:\Windows\SysWOW64\mlang.dll - ok
17:27:51.0177 4404 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
17:27:51.0177 4404 C:\Windows\SysWOW64\msimtf.dll - ok
17:27:51.0181 4404 [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\SysWOW64\msls31.dll
17:27:51.0181 4404 C:\Windows\SysWOW64\msls31.dll - ok
17:27:51.0184 4404 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
17:27:51.0184 4404 C:\Windows\System32\SearchProtocolHost.exe - ok
17:27:51.0188 4404 [ 9B59687619B27CDA24638CDC3AF079FB ] C:\Windows\SysWOW64\jscript9.dll
17:27:51.0188 4404 C:\Windows\SysWOW64\jscript9.dll - ok
17:27:51.0191 4404 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
17:27:51.0191 4404 C:\Windows\SysWOW64\shdocvw.dll - ok
17:27:51.0195 4404 [ BF84B8A80A002A0E6D7D6E3952569269 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ndetect.ppl
17:27:51.0195 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ndetect.ppl - ok
17:27:51.0199 4404 [ EA856F4A46320389D1899B2CAA7BF40F ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:27:51.0199 4404 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok
17:27:51.0203 4404 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
17:27:51.0203 4404 C:\Windows\System32\msshooks.dll - ok
17:27:51.0206 4404 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
17:27:51.0206 4404 C:\Windows\System32\SearchFilterHost.exe - ok
17:27:51.0210 4404 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Shilstone\AppData\Local\Temp\4BF4DD95-E303-4509-A77F-862E438B7AD2.exe
17:27:51.0210 4404 C:\Users\Shilstone\AppData\Local\Temp\4BF4DD95-E303-4509-A77F-862E438B7AD2.exe - ok
17:27:51.0213 4404 [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
17:27:51.0213 4404 C:\Windows\SysWOW64\d2d1.dll - ok
17:27:51.0217 4404 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
17:27:51.0217 4404 C:\Windows\System32\mscoree.dll - ok
17:27:51.0221 4404 [ BC0ED1BD94343BD7AC2E259576BFBCF8 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwgenplg.dll
17:27:51.0221 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwgenplg.dll - ok
17:27:51.0224 4404 [ 64975EB94BE6B314694C1F550D5DA3AD ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\idsaux.dll
17:27:51.0224 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\idsaux.dll - ok
17:27:51.0228 4404 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
17:27:51.0228 4404 C:\Windows\SysWOW64\cryptnet.dll - ok
17:27:51.0232 4404 [ 5C36B5D824FB86BA812DA74A4C23424D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\crpthlpr.ppl
17:27:51.0232 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\crpthlpr.ppl - ok
17:27:51.0236 4404 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
17:27:51.0236 4404 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
17:27:51.0239 4404 [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\SysWOW64\DWrite.dll
17:27:51.0239 4404 C:\Windows\SysWOW64\DWrite.dll - ok
17:27:51.0243 4404 [ 5217BA40DFEFFB00895EC279715EF9CB ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\report.ppl
17:27:51.0243 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\report.ppl - ok
17:27:51.0246 4404 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
17:27:51.0246 4404 C:\Windows\System32\mssph.dll - ok
17:27:51.0249 4404 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
17:27:51.0249 4404 C:\Windows\SysWOW64\dxgi.dll - ok
17:27:51.0253 4404 [ 698667E69CF976A70A82AA2F0B1C37E0 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwsetup.dll
17:27:51.0253 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwsetup.dll - ok
17:27:51.0257 4404 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
17:27:51.0257 4404 C:\Windows\System32\mapi32.dll - ok
17:27:51.0260 4404 [ B8367D76BBF50335BA0777179D7BB799 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccscanw.dll
17:27:51.0260 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccscanw.dll - ok
17:27:51.0264 4404 [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\SysWOW64\d3d11.dll
17:27:51.0264 4404 C:\Windows\SysWOW64\d3d11.dll - ok
17:27:51.0268 4404 [ 7B378E6633E08BC393D0E59A0DA13678 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ecmldr32.dll
17:27:51.0268 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ecmldr32.dll - ok
17:27:51.0271 4404 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
17:27:51.0271 4404 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
17:27:51.0275 4404 [ F586611283205EBBC010201EE9EF85D9 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwhelper.dll
17:27:51.0275 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwhelper.dll - ok
17:27:51.0279 4404 [ D66D82989DCF0D0C269DC21E413E2208 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\ECMSVR32.DLL
17:27:51.0279 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\ECMSVR32.DLL - ok
17:27:51.0283 4404 [ B3170CCC779B682C3341873EA60CF084 ] C:\Windows\SysWOW64\d3d10warp.dll
17:27:51.0283 4404 C:\Windows\SysWOW64\d3d10warp.dll - ok
17:27:51.0287 4404 [ 5D50BB423CCC09BCABFE9BD5551BFA08 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IPSFFPl.dll
17:27:51.0287 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IPSFFPl.dll - ok
17:27:51.0290 4404 [ A2F5B0B6010408B592FBE6BBD81A0D0A ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\schedule.ppl
17:27:51.0291 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\schedule.ppl - ok
17:27:51.0294 4404 [ A28A91EECD09AF257CBFE00624EEDFB5 ] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
17:27:51.0294 4404 C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll - ok
17:27:51.0296 4404 [ 00CDFA8461780E8A42EED36D92B1B58B ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ispwd.dll
17:27:51.0297 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ispwd.dll - ok
17:27:51.0302 4404 [ 748306FCA3E4F30D8F615EDF448BD767 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dec_abi.dll
17:27:51.0302 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dec_abi.dll - ok
17:27:51.0306 4404 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
17:27:51.0306 4404 C:\Windows\SysWOW64\EhStorShell.dll - ok
17:27:51.0309 4404 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
17:27:51.0309 4404 C:\Windows\SysWOW64\imageres.dll - ok
17:27:51.0312 4404 [ D0C0C17E2A31C33FA495D3AB8A0D5BB2 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\bhclient.dll
17:27:51.0313 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\bhclient.dll - ok
17:27:51.0316 4404 [ 47B4B2467838828B2DDA43E2FD31606D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\timer.ppl
17:27:51.0316 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\timer.ppl - ok
17:27:51.0320 4404 [ 5D50BB423CCC09BCABFE9BD5551BFA08 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\IPSFFPlgn\components\IPSFFPl.dll
17:27:51.0320 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\IPSFFPlgn\components\IPSFFPl.dll - ok
17:27:51.0324 4404 [ 38A0BE38EB53510AB425E33EA0847AD6 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx
17:27:51.0324 4404 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx - ok
17:27:51.0328 4404 [ 1B72D757763C358130531DC837B586C6 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\reportdb.ppl
17:27:51.0328 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\reportdb.ppl - ok
17:27:51.0332 4404 [ 956019F9950947A06389BAA6BE8438CA ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\NAVEX32A.DLL
17:27:51.0332 4404 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\NAVEX32A.DLL - ok
17:27:51.0336 4404 [ 069E73627E4BD53EADDA5D53F1379542 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\stat.ppl
17:27:51.0336 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\stat.ppl - ok
17:27:51.0339 4404 [ CB61626FB485A606662279CEC7806214 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npctray.dll
17:27:51.0339 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npctray.dll - ok
17:27:51.0343 4404 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
17:27:51.0343 4404 C:\Windows\SysWOW64\comdlg32.dll - ok
17:27:51.0346 4404 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
17:27:51.0346 4404 C:\Windows\SysWOW64\msimg32.dll - ok
17:27:51.0350 4404 [ BA364CB84A0815C69EC4B4B993CC28A6 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npcstats.dll
17:27:51.0350 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npcstats.dll - ok
17:27:51.0354 4404 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
17:27:51.0354 4404 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
17:27:51.0358 4404 [ 1245D621C59DF410EA3AB35234C734A7 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ashelper.dll
17:27:51.0358 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ashelper.dll - ok
17:27:51.0361 4404 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
17:27:51.0361 4404 C:\Windows\SysWOW64\mscms.dll - ok
17:27:51.0365 4404 [ 548DF858BC8446D6A649E87EC02EEA09 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\asoehook.dll
17:27:51.0365 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\asoehook.dll - ok
17:27:51.0369 4404 [ 96E0F0BED5D9EBABB899D8CA83C36A7E ] C:\Windows\SysWOW64\vbscript.dll
17:27:51.0369 4404 C:\Windows\SysWOW64\vbscript.dll - ok
17:27:51.0372 4404 [ 6487A19E0EA3228515394A4B1A780B17 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symhtml.dll
17:27:51.0372 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symhtml.dll - ok
17:27:51.0376 4404 [ B5BEB279C54709F9E1DD9A7CADCF863A ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\threatsmanager.dll
17:27:51.0376 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\threatsmanager.dll - ok
17:27:51.0380 4404 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
17:27:51.0380 4404 C:\Windows\SysWOW64\oleacc.dll - ok
17:27:51.0383 4404 [ 8985D2AA1EE7BE86B24BFC89A651519A ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avpapp32.dll
17:27:51.0383 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avpapp32.dll - ok
17:27:51.0387 4404 [ 198D51AB311EF8ED8882985048A93406 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\distrptr.dll
17:27:51.0387 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\distrptr.dll - ok
17:27:51.0391 4404 [ 33740E38BE21BA07F7FBE3A4B61CB0D7 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qb.ppl
17:27:51.0391 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qb.ppl - ok
17:27:51.0395 4404 [ F79F4C73D4FFC0D199C1D27E29DB5B48 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ksnhelper.dll
17:27:51.0395 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ksnhelper.dll - ok
17:27:51.0399 4404 [ 92F7F16C5BBF75D96793A86C83DF322E ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltaldis.dll
17:27:51.0399 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltaldis.dll - ok
17:27:51.0403 4404 [ E7EE9E6E6CBC7929A5A3DB9F5CF095C0 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\packed_io.dll
17:27:51.0403 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\packed_io.dll - ok
17:27:51.0406 4404 [ 1048CC7458DEED300BA3D192119D0CCE ] C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\09\01\cltres.loc
17:27:51.0406 4404 C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\09\01\cltres.loc - ok
17:27:51.0410 4404 [ C8112AFCCB31BB054A4570D99A0E331C ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwsesal.dll
17:27:51.0410 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwsesal.dll - ok
17:27:51.0414 4404 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
17:27:51.0414 4404 C:\Windows\SysWOW64\samlib.dll - ok
17:27:51.0418 4404 [ B0A7FA04BF62AAD1BD8F52BA07BD30CB ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\nahelper.dll
17:27:51.0418 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\nahelper.dll - ok
17:27:51.0421 4404 [ FC2BB2598B4004C637F56331DF13A18F ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coactmgr.dll
17:27:51.0421 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coactmgr.dll - ok
17:27:51.0425 4404 [ 070AD442FA11A1FC4F695F7F93231825 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ksn_client.dll
17:27:51.0425 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ksn_client.dll - ok
17:27:51.0429 4404 [ C0479DFDB520B7117EDA736ADE855698 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sdkcmn.dll
17:27:51.0429 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sdkcmn.dll - ok
17:27:51.0433 4404 [ 51B58EE8E0966EE553A5E497201B555E ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\uialert.dll
17:27:51.0433 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\uialert.dll - ok
17:27:51.0436 4404 [ 60402F4BC7E1DDE03CECA8B50E7A942E ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\userctxt.dll
17:27:51.0436 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\userctxt.dll - ok
17:27:51.0440 4404 [ 6A8661B0B63BDB4A5555AE2D906B96EA ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ksn_facade.dll
17:27:51.0440 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ksn_facade.dll - ok
17:27:51.0444 4404 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
17:27:51.0444 4404 C:\Windows\SysWOW64\prnfldr.dll - ok
17:27:51.0447 4404 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
17:27:51.0447 4404 C:\Windows\SysWOW64\linkinfo.dll - ok
17:27:51.0451 4404 [ A3209E8D70456D01DD2BB0C624C2AB12 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\transport_provider.dll
17:27:51.0451 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\transport_provider.dll - ok
17:27:51.0455 4404 [ 374F45E5A2C2632134AF67C2BC5C72C4 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\cryptostaticprovider.dll
17:27:51.0455 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\cryptostaticprovider.dll - ok
17:27:51.0458 4404 [ CCE1839C52D74A113FF5BAC6E1FC0495 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avs.ppl
17:27:51.0458 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avs.ppl - ok
17:27:51.0462 4404 [ AF8B7EE63077AF38B0AE3A91C372043B ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\procmon.ppl
17:27:51.0462 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\procmon.ppl - ok
17:27:51.0466 4404 [ FDFF7984838441BE3D458C8B4F106C23 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ichecker.dll
17:27:51.0466 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\ichecker.dll - ok
17:27:51.0470 4404 [ 376FBDA340404E04115B8F5210CD81DA ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\memmon.dll
17:27:51.0470 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\memmon.dll - ok
17:27:51.0473 4404 [ F0758B13102C4120AE40E55242899EB5 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\dmap.ppl
17:27:51.0474 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\dmap.ppl - ok
17:27:51.0477 4404 [ F2163DEE022F71C2523F42C980A5769E ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\excludemanager.dll
17:27:51.0477 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\excludemanager.dll - ok
17:27:51.0481 4404 [ 070EAD77219F8A97E6EA02FDF7397607 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\klifpp.dll
17:27:51.0481 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\klifpp.dll - ok
17:27:51.0485 4404 [ 0316A26929C49D72D100A11BA949F8B6 ] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\avengine.dll.0316a26929c49d72d100a11ba949f8b6
17:27:51.0485 4404 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\avengine.dll.0316a26929c49d72d100a11ba949f8b6 - ok
17:27:51.0489 4404 [ 5E27E54F3B4175E0E6DFEE726B87A311 ] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavbase.kdl.5e27e54f3b4175e0e6dfee726b87a311
17:27:51.0489 4404 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavbase.kdl.5e27e54f3b4175e0e6dfee726b87a311 - ok
17:27:51.0493 4404 [ 1A46113F3B43DBD04D5A33B60B73074D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\hashmd5.ppl
17:27:51.0493 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\hashmd5.ppl - ok
17:27:51.0496 4404 [ 6CB560907292A84CD0A6BA0E9E8B632C ] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\klavemu.kdl.6cb560907292a84cd0a6ba0e9e8b632c
17:27:51.0496 4404 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\klavemu.kdl.6cb560907292a84cd0a6ba0e9e8b632c - ok
17:27:51.0500 4404 [ A918B448BE75F1E6825549DDB6692D7A ] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kjim.kdl.a918b448be75f1e6825549ddb6692d7a
17:27:51.0500 4404 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kjim.kdl.a918b448be75f1e6825549ddb6692d7a - ok
17:27:51.0504 4404 [ 2DE8B3750F5E699CB8E6C10DD3970437 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\acassembler.dll
17:27:51.0504 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\acassembler.dll - ok
17:27:51.0508 4404 [ 915F6694F918DC272BDEA73A2DAE812F ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\format_recognizer.dll
17:27:51.0508 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\format_recognizer.dll - ok
17:27:51.0512 4404 [ 317DF7C0EFF0939E6289F5C72F65BA51 ] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51
17:27:51.0512 4404 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51 - ok
17:27:51.0515 4404 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
17:27:51.0515 4404 C:\Windows\System32\timedate.cpl - ok
17:27:51.0519 4404 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
17:27:51.0519 4404 C:\Windows\System32\actxprxy.dll - ok
17:27:51.0523 4404 [ A6720B2881C5B66257DD9B6DD954887D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\processmonitor.dll
17:27:51.0523 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\processmonitor.dll - ok
17:27:51.0526 4404 [ FB1FEC251BAAA2AB4237FB3CFF510751 ] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\qscan.kdl.fb1fec251baaa2ab4237fb3cff510751
17:27:51.0526 4404 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\qscan.kdl.fb1fec251baaa2ab4237fb3cff510751 - ok
17:27:51.0530 4404 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
17:27:51.0530 4404 C:\Windows\System32\Query.dll - ok
17:27:51.0533 4404 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
17:27:51.0533 4404 C:\Windows\System32\shdocvw.dll - ok
17:27:51.0537 4404 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
17:27:51.0537 4404 C:\Windows\System32\msiltcfg.dll - ok
17:27:51.0540 4404 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
17:27:51.0540 4404 C:\Windows\System32\linkinfo.dll - ok
17:27:51.0544 4404 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
17:27:51.0544 4404 C:\Windows\System32\msftedit.dll - ok
17:27:51.0546 4404 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
17:27:51.0546 4404 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
17:27:51.0550 4404 [ CC7A567E299A103B794D5D77B51810AF ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\proxydet.ppl
17:27:51.0550 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\proxydet.ppl - ok
17:27:51.0553 4404 [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
17:27:51.0553 4404 C:\Windows\System32\msls31.dll - ok
17:27:51.0557 4404 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
17:27:51.0557 4404 C:\Windows\System32\gameux.dll - ok
17:27:51.0560 4404 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
17:27:51.0560 4404 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
17:27:51.0564 4404 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
17:27:51.0564 4404 C:\Windows\System32\DeviceCenter.dll - ok
17:27:51.0568 4404 [ 554A50B5310E702029D3A675459108FF ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
17:27:51.0568 4404 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe - ok
17:27:51.0571 4404 [ 68D45D36DD827738A2F2E8E21E53C193 ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
17:27:51.0571 4404 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok
17:27:51.0575 4404 [ AAB979089E192ACC0FE1E3C018F8B591 ] C:\Users\Shilstone\AppData\Local\Akamai\netsession_win.exe
17:27:51.0575 4404 C:\Users\Shilstone\AppData\Local\Akamai\netsession_win.exe - ok
17:27:51.0578 4404 [ D744D5B8145C2303B19A288AF695E9AD ] C:\Windows\System32\ieframe.dll
17:27:51.0579 4404 C:\Windows\System32\ieframe.dll - ok
17:27:51.0582 4404 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
17:27:51.0582 4404 C:\Windows\System32\CertPolEng.dll - ok
17:27:51.0586 4404 [ C389DCD78E4BD8294097517A70CCE0E6 ] C:\Program Files\Canon\MyPrinter\CNMPU.DLL
17:27:51.0586 4404 C:\Program Files\Canon\MyPrinter\CNMPU.DLL - ok
17:27:51.0589 4404 [ 4AF2942743C865FE1708998ED8CED178 ] C:\Program Files\Canon\MyPrinter\BJMYRES.DLL
17:27:51.0589 4404 C:\Program Files\Canon\MyPrinter\BJMYRES.DLL - ok
17:27:51.0593 4404 [ 0B219909E597679290E7C00230D3D2F0 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\updater.dll
17:27:51.0593 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\updater.dll - ok
17:27:51.0597 4404 [ 1D83A60ECA0C8142F8A280E9AE6667B5 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\diffs.dll
17:27:51.0597 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\diffs.dll - ok
17:27:51.0601 4404 [ 41DC267440BC79CB8C2216BD28F1F254 ] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\pbs.kdl.41dc267440bc79cb8c2216bd28f1f254
17:27:51.0601 4404 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\pbs.kdl.41dc267440bc79cb8c2216bd28f1f254 - ok
17:27:51.0604 4404 [ 69D2B6F54B8D3AAE15E8112FAAC7979F ] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\dns_client.dll.69d2b6f54b8d3aae15e8112faac7979f
17:27:51.0604 4404 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\dns_client.dll.69d2b6f54b8d3aae15e8112faac7979f - ok
17:27:51.0608 4404 [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
17:27:51.0608 4404 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
17:27:51.0612 4404 [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
17:27:51.0612 4404 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
17:27:51.0615 4404 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
17:27:51.0615 4404 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
17:27:51.0619 4404 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
17:27:51.0619 4404 C:\Windows\System32\stobject.dll - ok
17:27:51.0623 4404 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
17:27:51.0623 4404 C:\Windows\System32\batmeter.dll - ok
17:27:51.0626 4404 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
17:27:51.0626 4404 C:\Windows\System32\prnfldr.dll - ok
17:27:51.0629 4404 [ B96C13B5C85AC4240FE95DE115945D59 ] C:\Windows\SysWOW64\imgutil.dll
17:27:51.0630 4404 C:\Windows\SysWOW64\imgutil.dll - ok
17:27:51.0633 4404 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
17:27:51.0633 4404 C:\Windows\System32\DXP.dll - ok
17:27:51.0636 4404 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
17:27:51.0637 4404 C:\Windows\System32\Syncreg.dll - ok
17:27:51.0640 4404 [ BD713579A87D698E1F2158CE10E48130 ] C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
17:27:51.0640 4404 C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe - ok
17:27:51.0644 4404 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
17:27:51.0644 4404 C:\Windows\ehome\ehSSO.dll - ok
17:27:51.0647 4404 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
17:27:51.0647 4404 C:\Windows\System32\WPDShServiceObj.dll - ok
17:27:51.0651 4404 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
17:27:51.0651 4404 C:\Windows\System32\AltTab.dll - ok
17:27:51.0654 4404 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
17:27:51.0654 4404 C:\Windows\System32\ActionCenter.dll - ok
17:27:51.0657 4404 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
17:27:51.0657 4404 C:\Windows\System32\pnidui.dll - ok
17:27:51.0661 4404 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
17:27:51.0661 4404 C:\Windows\System32\QUTIL.DLL - ok
17:27:51.0664 4404 [ 5E118E606E2AF56419A699210DFCF450 ] C:\Users\Shilstone\AppData\Roaming\Dropbox\bin\Dropbox.exe
17:27:51.0664 4404 C:\Users\Shilstone\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
17:27:51.0668 4404 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
17:27:51.0668 4404 C:\Windows\System32\srchadmin.dll - ok
17:27:51.0672 4404 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
17:27:51.0672 4404 C:\Windows\System32\networkexplorer.dll - ok
17:27:51.0675 4404 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
17:27:51.0675 4404 C:\Windows\System32\bthprops.cpl - ok
17:27:51.0679 4404 [ E4DC1B9579C849E18472B9A852607173 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avzkrnl.dll
17:27:51.0679 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avzkrnl.dll - ok
17:27:51.0682 4404 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
17:27:51.0682 4404 C:\Windows\System32\thumbcache.dll - ok
17:27:51.0687 4404 [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
17:27:51.0687 4404 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
17:27:51.0690 4404 [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll
17:27:51.0690 4404 C:\Windows\System32\webcheck.dll - ok
17:27:51.0694 4404 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
17:27:51.0694 4404 C:\Windows\System32\mlang.dll - ok
17:27:51.0697 4404 [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
17:27:51.0697 4404 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
17:27:51.0701 4404 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
17:27:51.0701 4404 C:\Windows\System32\SyncCenter.dll - ok
17:27:51.0705 4404 [ E4F6125ED5185F8FA37CC4F449B85526 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
17:27:51.0705 4404 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
17:27:51.0708 4404 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
17:27:51.0708 4404 C:\Windows\System32\FXSST.dll - ok
17:27:51.0712 4404 [ 5516C26A6AF8EB4E2CAB48EC98A74398 ] C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
17:27:51.0712 4404 C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe - ok
17:27:51.0715 4404 [ D3E69D500466C17498AAF7F83D12FFF0 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
17:27:51.0715 4404 C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe - ok
17:27:51.0719 4404 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
17:27:51.0719 4404 C:\Windows\System32\FXSAPI.dll - ok
17:27:51.0723 4404 [ 180BDB1F17FE41C8D8AEFE069A70CA2B ] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe
17:27:51.0723 4404 C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe - ok
17:27:51.0726 4404 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
17:27:51.0726 4404 C:\Windows\System32\imapi2.dll - ok
17:27:51.0730 4404 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
17:27:51.0730 4404 C:\Windows\SysWOW64\mscoree.dll - ok
17:27:51.0733 4404 [ E6A51806370DC61767CAE6DCD5F082A6 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
17:27:51.0733 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe - ok
17:27:51.0737 4404 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
17:27:51.0737 4404 C:\Windows\System32\FXSSVC.exe - ok
17:27:51.0740 4404 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
17:27:51.0740 4404 C:\Windows\System32\rasdlg.dll - ok
17:27:51.0744 4404 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
17:27:51.0744 4404 C:\Windows\System32\hgcpl.dll - ok
17:27:51.0747 4404 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
17:27:51.0747 4404 C:\Windows\System32\dot3api.dll - ok
17:27:51.0750 4404 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
17:27:51.0751 4404 C:\Windows\System32\fdPHost.dll - ok
17:27:51.0754 4404 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
17:27:51.0754 4404 C:\Windows\System32\wlanhlp.dll - ok
17:27:51.0757 4404 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
17:27:51.0757 4404 C:\Windows\System32\fdWSD.dll - ok
17:27:51.0761 4404 [ 7B53984BB934E599A4E3668B2F678D48 ] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavsys.kdl.7b53984bb934e599a4e3668b2f678d48
17:27:51.0761 4404 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavsys.kdl.7b53984bb934e599a4e3668b2f678d48 - ok
17:27:51.0764 4404 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
17:27:51.0764 4404 C:\Windows\System32\fdSSDP.dll - ok
17:27:51.0768 4404 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
17:27:51.0768 4404 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
17:27:51.0772 4404 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
17:27:51.0772 4404 C:\Windows\System32\fdProxy.dll - ok
17:27:51.0775 4404 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
17:27:51.0775 4404 C:\Windows\System32\WWanAPI.dll - ok
17:27:51.0779 4404 [ 92DFF4EE3F31D4A8028788006D921D26 ] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\uds.dll.92dff4ee3f31d4a8028788006d921d26
17:27:51.0779 4404 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\uds.dll.92dff4ee3f31d4a8028788006d921d26 - ok
17:27:51.0782 4404 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
17:27:51.0782 4404 C:\Windows\System32\ListSvc.dll - ok
17:27:51.0786 4404 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
17:27:51.0786 4404 C:\Windows\System32\P2P.dll - ok
17:27:51.0789 4404 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
17:27:51.0789 4404 C:\Windows\System32\wwapi.dll - ok
17:27:51.0792 4404 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
17:27:51.0792 4404 C:\Windows\System32\QAGENT.DLL - ok
17:27:51.0794 4404 [ 649ED39CA880B4CC5602D80931FF8817 ] C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll
17:27:51.0794 4404 C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll - ok
17:27:51.0798 4404 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
17:27:51.0798 4404 C:\Windows\System32\p2pcollab.dll - ok
17:27:51.0802 4404 [ 41446E7545BB7B4167DE8A274CC924E3 ] C:\Program Files\Internet Explorer\ieproxy.dll
17:27:51.0802 4404 C:\Program Files\Internet Explorer\ieproxy.dll - ok
17:27:51.0806 4404 [ 7C6D2ACD8A48A7BA8C70BA68F6740732 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avpgui.ppl
17:27:51.0806 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\avpgui.ppl - ok
17:27:51.0809 4404 [ DA6C4B5FEEEA4DC7162B5D0C055EB967 ] C:\Windows\System32\imaadp32.acm
17:27:51.0809 4404 C:\Windows\System32\imaadp32.acm - ok
17:27:51.0813 4404 [ 1392B2F8B434936F3348DA97A130BE71 ] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
17:27:51.0813 4404 C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe - ok
17:27:51.0816 4404 [ 1C81E1BEA4847F406BBDB74D19721CE6 ] C:\Windows\System32\msg711.acm
17:27:51.0816 4404 C:\Windows\System32\msg711.acm - ok
17:27:51.0820 4404 [ E5B9A2FA94D21C44DA2B898DC326B0C2 ] C:\Windows\System32\msgsm32.acm
17:27:51.0820 4404 C:\Windows\System32\msgsm32.acm - ok
17:27:51.0824 4404 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:27:51.0824 4404 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
17:27:51.0827 4404 [ 329FEB3452982A377726DEDAFE9BBDF0 ] C:\Windows\System32\msadp32.acm
17:27:51.0827 4404 C:\Windows\System32\msadp32.acm - ok
17:27:51.0830 4404 [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
17:27:51.0830 4404 C:\Windows\System32\l3codeca.acm - ok
17:27:51.0834 4404 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
17:27:51.0834 4404 C:\Windows\System32\IdListen.dll - ok
17:27:51.0838 4404 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
17:27:51.0838 4404 C:\Windows\System32\hgprint.dll - ok
17:27:51.0841 4404 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
17:27:51.0841 4404 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
17:27:51.0845 4404 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
17:27:51.0845 4404 C:\Windows\System32\pnrpsvc.dll - ok
17:27:51.0848 4404 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
17:27:51.0848 4404 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
17:27:51.0852 4404 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
17:27:51.0852 4404 C:\Windows\System32\QAGENTRT.DLL - ok
17:27:51.0855 4404 [ 083F6B59E8317FA6BD0983DC051328C3 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxthl.dll
17:27:51.0855 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxthl.dll - ok
17:27:51.0859 4404 [ 857ECCF9BA20609AE28B39214015E8AD ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxt.dll
17:27:51.0859 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxt.dll - ok
17:27:51.0863 4404 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
17:27:51.0863 4404 C:\Windows\System32\fveui.dll - ok
17:27:51.0866 4404 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
17:27:51.0866 4404 C:\Windows\System32\p2psvc.dll - ok
17:27:51.0870 4404 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
17:27:51.0870 4404 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
17:27:51.0873 4404 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
17:27:51.0873 4404 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
17:27:51.0877 4404 [ BAE2F93DCBDC47C290A5F1A18EF9BCE8 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp3.dll
17:27:51.0877 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp3.dll - ok
17:27:51.0881 4404 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
17:27:51.0881 4404 C:\Windows\System32\P2PGraph.dll - ok
17:27:51.0884 4404 [ EE263A62F955D87BAEE9D609E22D5543 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\10.1.8116.1.nmctxtPS.dll
17:27:51.0884 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\10.1.8116.1.nmctxtPS.dll - ok
17:27:51.0888 4404 [ DB29633B71298F68EEB4B232F3829086 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:27:51.0888 4404 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
17:27:51.0892 4404 [ 2327A96F10DF4A5BDD09AFAEBFCD74E0 ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\AVManagerUnified.dll
17:27:51.0892 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\AVManagerUnified.dll - ok
17:27:51.0896 4404 [ 6521891B67EAD77CAFD877D8A24ED769 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
17:27:51.0896 4404 C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE - ok
17:27:51.0900 4404 [ D3570ACC178180AC0D7C24645461A9D3 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
17:27:51.0900 4404 C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe - ok
17:27:51.0904 4404 [ 46DA8E7484AC7A52CE1D6E428398724B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:27:51.0904 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
17:27:51.0907 4404 [ 5EB18497CEA961BB3C954C02F961022F ] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\FWManager.dll
17:27:51.0907 4404 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\FWManager.dll - ok
17:27:51.0911 4404 [ 784A50A6A09C25F011C3143DDD68E729 ] C:\Windows\SysWOW64\netsh.exe
17:27:51.0911 4404 C:\Windows\SysWOW64\netsh.exe - ok
17:27:51.0914 4404 [ 7BE48C578124BBF4C1FAAFB4E718A4CC ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
17:27:51.0914 4404 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
17:27:51.0918 4404 [ 83317A2B2708824B2978DAC3137D2627 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll
17:27:51.0918 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll - ok
17:27:51.0922 4404 [ E30C5F23B28D8BFD02E0E6AE79AC83A4 ] C:\Windows\SysWOW64\fwcfg.dll
17:27:51.0922 4404 C:\Windows\SysWOW64\fwcfg.dll - ok
17:27:51.0925 4404 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
17:27:51.0925 4404 C:\Windows\System32\wmdrmdev.dll - ok
17:27:51.0928 4404 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
17:27:51.0928 4404 C:\Windows\SysWOW64\credui.dll - ok
17:27:51.0932 4404 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
17:27:51.0932 4404 C:\Windows\System32\drmv2clt.dll - ok
17:27:51.0936 4404 [ B96F045D571747F8700CB43E8C458FF0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
17:27:51.0936 4404 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
17:27:51.0939 4404 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
17:27:51.0939 4404 C:\Windows\System32\blackbox.dll - ok
17:27:51.0943 4404 [ 05FA8ADC5E47FF262020857BF503FB2E ] C:\Program Files\Windows Defender\MSASCui.exe
17:27:51.0943 4404 C:\Program Files\Windows Defender\MSASCui.exe - ok
17:27:51.0946 4404 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
17:27:51.0946 4404 C:\Windows\System32\upnp.dll - ok
17:27:51.0950 4404 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
17:27:51.0950 4404 C:\Windows\System32\wmp.dll - ok
17:27:51.0953 4404 [ 3F533D75631178A880AEFFDF117213BE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
17:27:51.0953 4404 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
17:27:51.0957 4404 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
17:27:51.0957 4404 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
17:27:51.0961 4404 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
17:27:51.0961 4404 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
17:27:51.0964 4404 [ D7962EF035BDF4FFAD9105FF9C30BB93 ] C:\Windows\SysWOW64\aticfx32.dll
17:27:51.0964 4404 C:\Windows\SysWOW64\aticfx32.dll - ok
17:27:51.0968 4404 [ AE41A16603E2ED2DC4B8A2DF6E106D79 ] C:\ProgramData\Carbonite\Carbonite Backup\CarbonitePossibleUpgrade.exe
17:27:51.0968 4404 C:\ProgramData\Carbonite\Carbonite Backup\CarbonitePossibleUpgrade.exe - ok
17:27:51.0972 4404 [ E7088444721498C937DFD5CB3CEFF2B6 ] C:\Windows\SysWOW64\atiadlxy.dll
17:27:51.0972 4404 C:\Windows\SysWOW64\atiadlxy.dll - ok
17:27:51.0975 4404 [ BC5E4F284065D426A0BF7FAD3CA32450 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
17:27:51.0975 4404 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
17:27:51.0979 4404 [ 6B7F83060A9A8B96380174F779472104 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
17:27:51.0979 4404 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
17:27:51.0983 4404 [ 56DD8322E112B35E7986137EB64EA039 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
17:27:51.0983 4404 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
17:27:51.0987 4404 [ E8C99911CAC7668FC70C19BB7DE5CD8F ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.dll
17:27:51.0987 4404 C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.dll - ok
17:27:51.0990 4404 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
17:27:51.0990 4404 C:\Windows\System32\UIAnimation.dll - ok
17:27:51.0994 4404 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
17:27:51.0994 4404 C:\Windows\System32\wmploc.DLL - ok
17:27:51.0997 4404 [ 17DB2616F860BF58FA1ED086EB356B84 ] C:\Windows\SysWOW64\CNMNPPM.DLL
17:27:51.0997 4404 C:\Windows\SysWOW64\CNMNPPM.DLL - ok
17:27:52.0001 4404 [ C6106E98EC11ACBB728A6C47556C1263 ] C:\Windows\twain_32\MX410 series\CISDS.DS
17:27:52.0001 4404 C:\Windows\twain_32\MX410 series\CISDS.DS - ok
17:27:52.0005 4404 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
17:27:52.0005 4404 C:\Windows\System32\drttransport.dll - ok
17:27:52.0008 4404 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
17:27:52.0008 4404 C:\Windows\System32\drt.dll - ok
17:27:52.0012 4404 [ A89346DF06DC06DEE6FD4CA370F03D81 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll
17:27:52.0012 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll - ok
17:27:52.0016 4404 [ 91207A331F160E7D0C0AAB2AC94FE40D ] C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe
17:27:52.0016 4404 C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe - ok
17:27:52.0020 4404 [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
17:27:52.0020 4404 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
17:27:52.0023 4404 [ 44886233135241F3990724082EB104EE ] C:\Program Files\iPod\bin\iPodService.exe
17:27:52.0023 4404 C:\Program Files\iPod\bin\iPodService.exe - ok
17:27:52.0027 4404 [ D1F4EF194A129726FBF30E2F514824AA ] C:\Users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
17:27:52.0027 4404 C:\Users\Shilstone\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll - ok
17:27:52.0031 4404 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
17:27:52.0031 4404 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
17:27:52.0035 4404 [ 06A7B794EDEFBA8AC17DC89DAEB21944 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
17:27:52.0035 4404 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
17:27:52.0039 4404 [ BFEF1EC8A8C826AA722A17642C5C647E ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
17:27:52.0039 4404 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
17:27:52.0042 4404 [ 3ADD0FE7104713CF41D0FD75ACA8157C ] C:\Windows\SysWOW64\OpenCL.dll
17:27:52.0042 4404 C:\Windows\SysWOW64\OpenCL.dll - ok
17:27:52.0044 4404 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
17:27:52.0044 4404 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
17:27:52.0048 4404 [ 87890E0F3254AE7654A5FE1B5C7DABB8 ] C:\Windows\SysWOW64\amdocl.dll
17:27:52.0048 4404 C:\Windows\SysWOW64\amdocl.dll - ok
17:27:52.0052 4404 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
17:27:52.0052 4404 C:\Windows\System32\wmpps.dll - ok
17:27:52.0055 4404 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
17:27:52.0055 4404 C:\Windows\System32\wmpmde.dll - ok
17:27:52.0058 4404 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
17:27:52.0058 4404 C:\Windows\System32\WinSATAPI.dll - ok
17:27:52.0062 4404 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
17:27:52.0062 4404 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
17:27:52.0065 4404 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
17:27:52.0065 4404 C:\Windows\System32\MSMPEG2ENC.DLL - ok
17:27:52.0069 4404 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
17:27:52.0069 4404 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
17:27:52.0073 4404 [ 823DC6C38A6BA9668F5D8B01413FD5F5 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMLNG.DLL
17:27:52.0073 4404 C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMLNG.DLL - ok
17:27:52.0076 4404 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
17:27:52.0076 4404 C:\Windows\System32\devenum.dll - ok
17:27:52.0080 4404 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
17:27:52.0080 4404 C:\Windows\System32\msdmo.dll - ok
17:27:52.0083 4404 [ 163A95975E1D8819E653AA3E961371CA ] C:\Windows\twain_32.dll
17:27:52.0083 4404 C:\Windows\twain_32.dll - ok
17:27:52.0086 4404 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
17:27:52.0086 4404 C:\Windows\System32\upnphost.dll - ok
17:27:52.0090 4404 [ C6106E98EC11ACBB728A6C47556C1263 ] C:\Windows\twain_32\MX410 series\CISDS_Network.DS
17:27:52.0090 4404 C:\Windows\twain_32\MX410 series\CISDS_Network.DS - ok
17:27:52.0093 4404 [ 0503D60AFCED7CB601C7CA70C08E8CAC ] C:\Windows\twain_32\wiatwain.ds
17:27:52.0093 4404 C:\Windows\twain_32\wiatwain.ds - ok
17:27:52.0097 4404 [ 80279007CAB3549A5999348BD0C23732 ] C:\Windows\SysWOW64\wiadss.dll
17:27:52.0097 4404 C:\Windows\SysWOW64\wiadss.dll - ok
17:27:52.0100 4404 [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll
17:27:52.0100 4404 C:\Windows\System32\sti.dll - ok
17:27:52.0103 4404 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll
17:27:52.0103 4404 C:\Windows\SysWOW64\sti.dll - ok
17:27:52.0107 4404 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
17:27:52.0107 4404 C:\Windows\System32\wbem\wmiprov.dll - ok
17:27:52.0110 4404 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll
17:27:52.0110 4404 C:\Windows\SysWOW64\wiatrace.dll - ok
17:27:52.0114 4404 [ F8E2BDEED312CB62D5C7F135A2A26A91 ] C:\Program Files (x86)\Canon\Solution Menu EX\LangInfo\EN\CNSELANG.DLL
17:27:52.0114 4404 C:\Program Files (x86)\Canon\Solution Menu EX\LangInfo\EN\CNSELANG.DLL - ok
17:27:52.0118 4404 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
17:27:52.0118 4404 C:\Windows\SysWOW64\msxml6.dll - ok
17:27:52.0121 4404 [ FBA4773ECFEFFC6566FB2AD13CEC4940 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
17:27:52.0121 4404 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll - ok
17:27:52.0125 4404 [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\Windows\System32\wuauclt.exe
17:27:52.0125 4404 C:\Windows\System32\wuauclt.exe - ok
17:27:52.0128 4404 [ DA362B18ECC0352C188DEA4D0AB37745 ] C:\Windows\SysWOW64\aticaldd.dll
17:27:52.0128 4404 C:\Windows\SysWOW64\aticaldd.dll - ok
17:27:52.0132 4404 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
17:27:52.0132 4404 C:\Windows\System32\wucltux.dll - ok
17:27:52.0135 4404 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
17:27:52.0135 4404 C:\Windows\System32\udhisapi.dll - ok
17:27:52.0139 4404 [ D0278156167EC2D8B4206CEFB0FF9FF5 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZSMEX.DLL
17:27:52.0139 4404 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZSMEX.DLL - ok
17:27:52.0143 4404 [ 3C06536A9AA332E9E0CEBDE5A596822A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
17:27:52.0143 4404 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
17:27:52.0146 4404 [ D202F8A7BF7391A099F99B4BC9057F93 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMME.DLL
17:27:52.0146 4404 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMME.DLL - ok
17:27:52.0150 4404 [ F063B868865F684B24F65312749C1B47 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDM.DLL
17:27:52.0150 4404 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDM.DLL - ok
17:27:52.0154 4404 [ 0C15DB6FF927935F0ECA52FEEA40E6C2 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
17:27:52.0154 4404 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
17:27:52.0158 4404 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
17:27:52.0158 4404 C:\Windows\System32\msimg32.dll - ok
17:27:52.0161 4404 [ 802467DB6F104AD4EF8789206E1755D6 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDMRC.DLL
17:27:52.0161 4404 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDMRC.DLL - ok
17:27:52.0165 4404 [ 4A31D1D93A0E359639FADC23B006883E ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDBAC.DLL
17:27:52.0165 4404 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDBAC.DLL - ok
17:27:52.0169 4404 [ B9BFE20689398A7618C4AF5137F4068C ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\LEJES.DLL
17:27:52.0169 4404 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\LEJES.DLL - ok
17:27:52.0173 4404 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
17:27:52.0173 4404 C:\Windows\System32\drprov.dll - ok
17:27:52.0176 4404 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
17:27:52.0176 4404 C:\Windows\System32\ntlanman.dll - ok
17:27:52.0179 4404 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
17:27:52.0179 4404 C:\Windows\System32\davclnt.dll - ok
17:27:52.0183 4404 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
17:27:52.0183 4404 C:\Windows\System32\davhlpr.dll - ok
17:27:52.0187 4404 [ 1E3CB1435EC745058628AE40FEA9F471 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
17:27:52.0187 4404 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll - ok
17:27:52.0190 4404 [ A91F3E7B431F2A59E9E0BEDBF7D31CE2 ] C:\Windows\SysWOW64\atigktxx.dll
17:27:52.0190 4404 C:\Windows\SysWOW64\atigktxx.dll - ok
17:27:52.0194 4404 [ 97548D6969BC66D01B89E1F80B35E83E ] C:\Windows\System32\spool\drivers\x64\3\CNMDRAL.DLL
17:27:52.0194 4404 C:\Windows\System32\spool\drivers\x64\3\CNMDRAL.DLL - ok
17:27:52.0197 4404 [ 127AA81343A7C6F665C22CB1293B0A90 ] C:\Windows\splwow64.exe
17:27:52.0197 4404 C:\Windows\splwow64.exe - ok
17:27:52.0201 4404 [ DEAB2B98FFC24E784D6B81BFD42130F7 ] C:\Windows\System32\spool\drivers\x64\3\CNMUIAL.DLL
17:27:52.0201 4404 C:\Windows\System32\spool\drivers\x64\3\CNMUIAL.DLL - ok
17:27:52.0205 4404 [ 57EA435A851C813031DB154DD6EB67B3 ] C:\Windows\System32\spool\drivers\x64\3\CNMCPAL.DLL
17:27:52.0205 4404 C:\Windows\System32\spool\drivers\x64\3\CNMCPAL.DLL - ok
17:27:52.0208 4404 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
17:27:52.0208 4404 C:\Windows\System32\PrintIsolationHost.exe - ok
17:27:52.0212 4404 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
17:27:52.0212 4404 C:\Windows\SysWOW64\icm32.dll - ok
17:27:52.0215 4404 [ EE74A0FF7C5752E49911986F22BBAEEF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
17:27:52.0215 4404 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll - ok
17:27:52.0219 4404 [ 4D2A265C64B0EAAD21BC175902F35E63 ] C:\Windows\System32\spool\drivers\x64\3\CNMBS3AL.DLL
17:27:52.0219 4404 C:\Windows\System32\spool\drivers\x64\3\CNMBS3AL.DLL - ok
17:27:52.0223 4404 [ A7934B26A096F39B15960E0A56C1C8C4 ] C:\Windows\SysWOW64\bidispl.dll
17:27:52.0223 4404 C:\Windows\SysWOW64\bidispl.dll - ok
17:27:52.0226 4404 [ C0035666593496CA0FCD61600A11C83B ] C:\Windows\System32\spool\drivers\x64\3\CNMFUAL.DLL
17:27:52.0226 4404 C:\Windows\System32\spool\drivers\x64\3\CNMFUAL.DLL - ok
17:27:52.0230 4404 [ 7403E983C3B76A4D92A92229DA1FFBE7 ] C:\Windows\System32\spool\drivers\x64\3\CNMBM3AL.DLL
17:27:52.0230 4404 C:\Windows\System32\spool\drivers\x64\3\CNMBM3AL.DLL - ok
17:27:52.0233 4404 [ 7271B4BB5DE60D0C713AD0489EC87965 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0401\CNMurAL.dll
17:27:52.0233 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0401\CNMurAL.dll - ok
17:27:52.0237 4404 [ A3431E97742183236BF02C7F7FA7AB25 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0404\CNMurAL.dll
17:27:52.0237 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0404\CNMurAL.dll - ok
17:27:52.0241 4404 [ E61AB1015F1DF865880B033E3E1EE0A0 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0405\CNMurAL.dll
17:27:52.0241 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0405\CNMurAL.dll - ok
17:27:52.0245 4404 [ FDC2882C03154835F7B523363493830A ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0406\CNMurAL.dll
17:27:52.0245 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0406\CNMurAL.dll - ok
17:27:52.0249 4404 [ 92BC10AAF1B7497987DCE24B9EE1AB4E ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0407\CNMurAL.dll
17:27:52.0249 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0407\CNMurAL.dll - ok
17:27:52.0253 4404 [ 4044150AC5E943B1B34DE04B3E4F9E5A ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0408\CNMurAL.dll
17:27:52.0253 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0408\CNMurAL.dll - ok
17:27:52.0257 4404 [ 592D6989F8464A1700748A5B96A7FD4E ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0409\CNMurAL.dll
17:27:52.0257 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0409\CNMurAL.dll - ok
17:27:52.0261 4404 [ F7AE4639FE8A7A76BFEDBA14F205C2F9 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll
17:27:52.0261 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll - ok
17:27:52.0265 4404 [ 1CA712B01500CD1AC0DC329A90D2FC70 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\040b\CNMurAL.dll
17:27:52.0265 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\040b\CNMurAL.dll - ok
17:27:52.0269 4404 [ 828B289739D4643F272B83E57045D964 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\040c\CNMurAL.dll
17:27:52.0269 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\040c\CNMurAL.dll - ok
17:27:52.0273 4404 [ 64AB0EE2028A465B765A8458C6208140 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\040e\CNMurAL.dll
17:27:52.0273 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\040e\CNMurAL.dll - ok
17:27:52.0277 4404 [ 4AC9458DB0A67A94D1645A4BAE330F80 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0410\CNMurAL.dll
17:27:52.0277 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0410\CNMurAL.dll - ok
17:27:52.0281 4404 [ FD16677B09FAE5D68D0AEE998D721D36 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0411\CNMurAL.dll
17:27:52.0281 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0411\CNMurAL.dll - ok
17:27:52.0285 4404 [ 5422CA729AB4FCF796D3386AE7698694 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0412\CNMurAL.dll
17:27:52.0285 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0412\CNMurAL.dll - ok
17:27:52.0289 4404 [ 13D2F5AD32EFB0A25831548BB17FBC71 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0413\CNMurAL.dll
17:27:52.0289 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0413\CNMurAL.dll - ok
17:27:52.0293 4404 [ 621A062498FE5131D73A9ADE53E0D112 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0414\CNMurAL.dll
17:27:52.0293 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0414\CNMurAL.dll - ok
17:27:52.0295 4404 [ 75BC0D565426E01EB6AB41A5A14EBAC1 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0415\CNMurAL.dll
17:27:52.0295 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0415\CNMurAL.dll - ok
17:27:52.0301 4404 [ 0E750342D9A6348FFD0D3C3E1E90D4F0 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0416\CNMurAL.dll
17:27:52.0301 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0416\CNMurAL.dll - ok
17:27:52.0306 4404 [ B6BD201CFC34E11095F037AD70DE5F1A ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0419\CNMurAL.dll
17:27:52.0306 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0419\CNMurAL.dll - ok
17:27:52.0310 4404 [ 9BCF861A8B1DCF3303D0B38EA6A9FD2F ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\041D\CNMurAL.dll
17:27:52.0310 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\041D\CNMurAL.dll - ok
17:27:52.0314 4404 [ F2BF05A83DFEC8278CBFDE2D1DA59E18 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\041E\CNMurAL.dll
17:27:52.0314 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\041E\CNMurAL.dll - ok
17:27:52.0318 4404 [ 7FD251C248B2A366CDB75F1A401AA615 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\041F\CNMurAL.dll
17:27:52.0318 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\041F\CNMurAL.dll - ok
17:27:52.0322 4404 [ 259ED5726E9B95143BCF8906F7F8057E ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0421\CNMurAL.dll
17:27:52.0322 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0421\CNMurAL.dll - ok
17:27:52.0326 4404 [ 582BD75E50CF3E6C725EEED6B3233F50 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0804\CNMurAL.dll
17:27:52.0326 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0804\CNMurAL.dll - ok
17:27:52.0330 4404 [ 1589D8C640EC72EF93492DB78D8E86E4 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0c0a\CNMurAL.dll
17:27:52.0330 4404 C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX410 series Printer\LanguageModules\0c0a\CNMurAL.dll - ok
17:27:52.0334 4404 [ 0C85BEFBC3C5072DACD66474BBA121D8 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\qbackup.dll
17:27:52.0334 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\qbackup.dll - ok
17:27:52.0338 4404 [ 74D81D681CAC17963A661BE5DA08B98C ] C:\Windows\System32\spool\drivers\x64\3\CNMUBAL.DLL
17:27:52.0338 4404 C:\Windows\System32\spool\drivers\x64\3\CNMUBAL.DLL - ok
17:27:52.0341 4404 [ 5E3BA3887FA79E2588FAF1CC51EE3DB6 ] C:\Windows\System32\spool\drivers\x64\3\CNMBS6AL.DLL
17:27:52.0341 4404 C:\Windows\System32\spool\drivers\x64\3\CNMBS6AL.DLL - ok
17:27:52.0345 4404 [ 9FA56171C452530E2F51E3238B52140B ] C:\Windows\System32\bidispl.dll
17:27:52.0345 4404 C:\Windows\System32\bidispl.dll - ok
17:27:52.0348 4404 [ 2362B23E77CF7B05EFBBC18AC7E72694 ] C:\Windows\System32\spool\drivers\x64\3\CNMEIAL.DLL
17:27:52.0348 4404 C:\Windows\System32\spool\drivers\x64\3\CNMEIAL.DLL - ok
17:27:52.0352 4404 [ C52F93F01FB4E92B8852C9BD9DD9C75D ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE
17:27:52.0352 4404 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE - ok
17:27:52.0356 4404 [ FF6ABD2340BC42194C1FD9FD667A55A1 ] C:\Program Files (x86)\Canon\MP Navigator EX 4.1\mpnex41.exe
17:27:52.0356 4404 C:\Program Files (x86)\Canon\MP Navigator EX 4.1\mpnex41.exe - ok
17:27:52.0359 4404 [ 7221E564AF08E3C0858404B1933BEABE ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll
17:27:52.0359 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll - ok
17:27:52.0363 4404 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
17:27:52.0363 4404 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
17:27:52.0367 4404 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
17:27:52.0367 4404 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
17:27:52.0371 4404 [ 2537D941F11279765D7DA9CB89D627C2 ] C:\Program Files (x86)\Canon\Speed Dial Utility\sdutil.exe
17:27:52.0371 4404 C:\Program Files (x86)\Canon\Speed Dial Utility\sdutil.exe - ok
17:27:52.0375 4404 [ 93EDCC4872ADB099EFEA9FB245F32365 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll
17:27:52.0375 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll - ok
17:27:52.0378 4404 [ 343655E9CD92650670956A385983A67B ] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\log4net.dll
17:27:52.0378 4404 C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\log4net.dll - ok
17:27:52.0382 4404 [ 9B642E45C4BC5E84957CD7397DD48E3C ] C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe
17:27:52.0382 4404 C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe - ok
17:27:52.0386 4404 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
17:27:52.0386 4404 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
17:27:52.0390 4404 [ 5F9FFB632B74264C49A189850502C77F ] C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE
17:27:52.0390 4404 C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE - ok
17:27:52.0394 4404 [ 21E110FF1C0E948860458BD7B692DE13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
17:27:52.0394 4404 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
17:27:52.0397 4404 [ 811CF8920B409089D4B8C8A01378835C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\520a80ddcdd1084993516f4d42a73e05\System.Xml.ni.dll
17:27:52.0397 4404 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\520a80ddcdd1084993516f4d42a73e05\System.Xml.ni.dll - ok
17:27:52.0401 4404 [ 9F2295A6DFC28CBA4D1085D698785F56 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll
17:27:52.0401 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll - ok
17:27:52.0405 4404 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
17:27:52.0405 4404 C:\Windows\SysWOW64\browcli.dll - ok
17:27:52.0409 4404 [ 8D5B6A862E3D3937292CA5B1C66B1B4F ] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\LelaResource.dll
17:27:52.0409 4404 C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\LelaResource.dll - ok
17:27:52.0412 4404 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
17:27:52.0412 4404 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
17:27:52.0416 4404 [ 8B1590C627138166C015A5680ABF6BB2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
17:27:52.0416 4404 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll - ok
17:27:52.0420 4404 [ 605C180BD21B4E988CAB263FB89C8D45 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\basegui.ppl
17:27:52.0420 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\basegui.ppl - ok
17:27:52.0424 4404 [ 7683E68DDF7B479AC938461058A32518 ] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\en-US\Linksys EasyLink Advisor.resources.dll
17:27:52.0424 4404 C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\en-US\Linksys EasyLink Advisor.resources.dll - ok
17:27:52.0428 4404 [ 69B88F658A73362FC27E840543FB0518 ] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\en-US\LelaResource.resources.dll
17:27:52.0428 4404 C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\en-US\LelaResource.resources.dll - ok
17:27:52.0432 4404 [ 71DB15004402F4C8D004D13967FC1AE9 ] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\LelaNetwork.dll
17:27:52.0432 4404 C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\LelaNetwork.dll - ok
17:27:52.0436 4404 [ FABD60DC893FAC2CC8A3E0639E99984C ] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\en-US\LelaNetwork.resources.dll
17:27:52.0436 4404 C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\en-US\LelaNetwork.resources.dll - ok
17:27:52.0440 4404 [ BE39E22059A3082D5289739299C33C01 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
17:27:52.0440 4404 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll - ok
17:27:52.0443 4404 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
17:27:52.0443 4404 C:\Windows\SysWOW64\d3d9.dll - ok
17:27:52.0447 4404 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
17:27:52.0447 4404 C:\Windows\SysWOW64\d3d8thk.dll - ok
17:27:52.0450 4404 [ 3D58F13253A749E37852630E9E264A70 ] C:\Windows\SysWOW64\atiu9pag.dll
17:27:52.0450 4404 C:\Windows\SysWOW64\atiu9pag.dll - ok
17:27:52.0454 4404 [ 5DD2F79B31D2FDFDBF22E5CC7B6393B7 ] C:\Windows\SysWOW64\atiumdag.dll
17:27:52.0454 4404 C:\Windows\SysWOW64\atiumdag.dll - ok
17:27:52.0457 4404 [ 3F939395FDB3AA9C2F55F057E21C5400 ] C:\Windows\SysWOW64\atiumdva.dll
17:27:52.0457 4404 C:\Windows\SysWOW64\atiumdva.dll - ok
17:27:52.0461 4404 [ 080D2F45C75C596D4EF2C9C82397AA61 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\localization_manager.dll
17:27:52.0461 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\localization_manager.dll - ok
17:27:52.0465 4404 [ 6FFAB55128BAF5E4043E88C56138D833 ] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\LelaNetworkLib.dll
17:27:52.0465 4404 C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\LelaNetworkLib.dll - ok
17:27:52.0468 4404 [ FD7A28964CFF2A745E12296ADEC13F12 ] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\Interop.NetworkCore.dll
17:27:52.0468 4404 C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\Interop.NetworkCore.dll - ok
17:27:52.0472 4404 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
17:27:52.0472 4404 C:\Windows\SysWOW64\shfolder.dll - ok
17:27:52.0476 4404 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
17:27:52.0476 4404 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
17:27:52.0479 4404 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
17:27:52.0479 4404 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
17:27:52.0483 4404 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
17:27:52.0483 4404 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
17:27:52.0486 4404 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
17:27:52.0486 4404 C:\Windows\SysWOW64\duser.dll - ok
17:27:52.0490 4404 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
17:27:52.0490 4404 C:\Windows\SysWOW64\dui70.dll - ok
17:27:52.0493 4404 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
17:27:52.0493 4404 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
17:27:52.0497 4404 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
17:27:52.0497 4404 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
17:27:52.0500 4404 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
17:27:52.0501 4404 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
17:27:52.0504 4404 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
17:27:52.0504 4404 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
17:27:52.0508 4404 [ D7C08234E429159E419D500D5C53EE0D ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\w8toaster.dll
17:27:52.0508 4404 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\w8toaster.dll - ok
17:27:52.0511 4404 [ 8E8C92DD50F6B34907813AFDC0C8F7DD ] C:\Windows\SysWOW64\dbgeng.dll
17:27:52.0511 4404 C:\Windows\SysWOW64\dbgeng.dll - ok
17:27:52.0515 4404 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll
17:27:52.0515 4404 C:\Windows\SysWOW64\schannel.dll - ok
17:27:52.0518 4404 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
17:27:52.0518 4404 C:\Windows\servicing\TrustedInstaller.exe - ok
17:27:52.0522 4404 [ E805F740F3A9B18DEFD853BE4A37A70C ] C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\LelaServices.dll
17:27:52.0522 4404 C:\Program Files (x86)\Linksys\Linksys EasyLink Advisor\LelaServices.dll - ok
17:27:52.0526 4404 [ 62A6EB5771580CAE445804389F3F7432 ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
17:27:52.0526 4404 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
17:27:52.0529 4404 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
17:27:52.0529 4404 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
17:27:52.0533 4404 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
17:27:52.0533 4404 C:\Windows\System32\dpx.dll - ok
17:27:52.0537 4404 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
17:27:52.0537 4404 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
17:27:52.0540 4404 [ 45FB05F743E626D9E239E52602CEA041 ] C:\Windows\SysWOW64\msctfui.dll
17:27:52.0540 4404 C:\Windows\SysWOW64\msctfui.dll - ok
17:27:52.0544 4404 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
17:27:52.0544 4404 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
17:27:52.0546 4404 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
17:27:52.0546 4404 C:\Windows\System32\srclient.dll - ok
17:27:52.0550 4404 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
17:27:52.0550 4404 C:\Windows\System32\spp.dll - ok
17:27:52.0553 4404 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
17:27:52.0553 4404 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
17:27:52.0557 4404 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
17:27:52.0557 4404 C:\Windows\System32\sxsstore.dll - ok
17:27:52.0560 4404 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
17:27:52.0560 4404 C:\Windows\servicing\CbsApi.dll - ok
17:27:52.0564 4404 [ F52084DB96C2021ED7D73C7FD7562AB8 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\imcfg.dll
17:27:52.0564 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\imcfg.dll - ok
17:27:52.0568 4404 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:27:52.0568 4404 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
17:27:52.0572 4404 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
17:27:52.0572 4404 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
17:27:52.0575 4404 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:27:52.0575 4404 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
17:27:52.0579 4404 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
17:27:52.0579 4404 C:\Windows\System32\msvcr100_clr0400.dll - ok
17:27:52.0582 4404 [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
17:27:52.0582 4404 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll - ok
17:27:52.0586 4404 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\41945931.sys
17:27:52.0586 4404 C:\Windows\System32\drivers\41945931.sys - ok
17:27:52.0589 4404 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
17:27:52.0589 4404 C:\Windows\System32\sppsvc.exe - ok
17:27:52.0593 4404 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
17:27:52.0593 4404 C:\Windows\System32\advpack.dll - ok
17:27:52.0596 4404 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
17:27:52.0596 4404 C:\Windows\System32\drivers\spsys.sys - ok
17:27:52.0600 4404 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
17:27:52.0600 4404 C:\Windows\System32\wscsvc.dll - ok
17:27:52.0603 4404 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
17:27:52.0603 4404 C:\Windows\SysWOW64\riched20.dll - ok
17:27:52.0607 4404 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
17:27:52.0607 4404 C:\Windows\System32\wuapi.dll - ok
17:27:52.0610 4404 [ EA1145006C441864FB0E434FE7D0BF79 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\wscstub.exe
17:27:52.0610 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\wscstub.exe - ok
17:27:52.0614 4404 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
17:27:52.0614 4404 C:\Windows\System32\sppwinob.dll - ok
17:27:52.0618 4404 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
17:27:52.0618 4404 C:\Windows\SysWOW64\wscisvif.dll - ok
17:27:52.0621 4404 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
17:27:52.0621 4404 C:\Windows\SysWOW64\wscapi.dll - ok
17:27:52.0624 4404 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
17:27:52.0624 4404 C:\Windows\SysWOW64\wscproxystub.dll - ok
17:27:52.0628 4404 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
17:27:52.0628 4404 C:\Windows\System32\sppobjs.dll - ok
17:27:52.0631 4404 [ DC46D85DBBDB2E173FDD218D03169E08 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avscntsk.dll
17:27:52.0631 4404 C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avscntsk.dll - ok
17:27:52.0635 4404 [ A10B048B681C38E26CA90CD1BC123604 ] C:\Windows\System32\syncui.dll
17:27:52.0635 4404 C:\Windows\System32\syncui.dll - ok
17:27:52.0639 4404 [ 8699D17DFCFCD327784034DB6BD3A422 ] C:\Windows\System32\synceng.dll
17:27:52.0639 4404 C:\Windows\System32\synceng.dll - ok
17:27:52.0641 4404 ============================================================
17:27:52.0641 4404 Scan finished
17:27:52.0641 4404 ============================================================
17:27:52.0647 6272 Detected object count: 5
17:27:52.0647 6272 Actual detected object count: 5
17:28:36.0932 6272 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
17:28:36.0932 6272 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
17:28:36.0933 6272 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
17:28:36.0933 6272 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:28:36.0935 6272 LinksysUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
17:28:36.0935 6272 LinksysUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:28:43.0798 6272 \Device\Harddisk0\DR0\# - copied to quarantine
17:28:43.0837 6272 \Device\Harddisk0\DR0 - copied to quarantine
17:28:43.0975 6272 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
17:28:43.0981 6272 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:28:44.0224 6272 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:28:44.0234 6272 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:28:44.0239 6272 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
17:28:44.0252 6272 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
17:28:44.0257 6272 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:28:44.0262 6272 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:28:44.0269 6272 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:28:44.0274 6272 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
17:28:44.0278 6272 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
17:28:44.0281 6272 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
17:28:44.0284 6272 \Device\Harddisk0\DR0\TDLFS\cmd32.dll - copied to quarantine
17:28:44.0338 6272 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
17:28:44.0339 6272 \Device\Harddisk0\DR0 - ok
17:28:44.0857 6272 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
17:28:44.0858 6272 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:28:44.0858 6272 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
17:29:24.0572 3204 Deinitialize success
  • 0

Advertisements


#11
lady2sylvia

lady2sylvia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Page 3:

17:33:53.0198 3792 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:33:53.0619 3792 ============================================================
17:33:53.0619 3792 Current date / time: 2013/04/10 17:33:53.0619
17:33:53.0619 3792 SystemInfo:
17:33:53.0619 3792
17:33:53.0620 3792 OS Version: 6.1.7601 ServicePack: 1.0
17:33:53.0620 3792 Product type: Workstation
17:33:53.0620 3792 ComputerName: SHILSTONE-HP
17:33:53.0620 3792 UserName: Shilstone
17:33:53.0620 3792 Windows directory: C:\Windows
17:33:53.0620 3792 System windows directory: C:\Windows
17:33:53.0620 3792 Running under WOW64
17:33:53.0620 3792 Processor architecture: Intel x64
17:33:53.0620 3792 Number of processors: 4
17:33:53.0620 3792 Page size: 0x1000
17:33:53.0620 3792 Boot type: Normal boot
17:33:53.0620 3792 ============================================================
17:33:58.0822 3792 BG loaded
17:33:59.0194 3792 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:33:59.0225 3792 ============================================================
17:33:59.0225 3792 \Device\Harddisk0\DR0:
17:33:59.0235 3792 MBR partitions:
17:33:59.0235 3792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:33:59.0235 3792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55CEB000
17:33:59.0235 3792 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55D1D800, BlocksNum 0x1828000
17:33:59.0235 3792 ============================================================
17:33:59.0404 3792 C: <-> \Device\Harddisk0\DR0\Partition2
17:33:59.0523 3792 D: <-> \Device\Harddisk0\DR0\Partition3
17:33:59.0524 3792 ============================================================
17:33:59.0524 3792 Initialize success
17:33:59.0524 3792 ============================================================
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello



I would like you to rerun TDSSKiller and this time when it gets to this part

\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

I want you to select Delete this time instead of skip.


Gringo
  • 0

#13
lady2sylvia

lady2sylvia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Okay, will do. But in the meantime, I ran Malwarebytes- it found one instance of Malware which I selected to clean up. I'm presently running Malwarebytes again. Then I'll run TDSSKiller again. Here's the report from Malwarebytes:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1022

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16540

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.800000 GHz
Memory total: 6173265920, free: 4087701504

------------ Kernel report ------------
04/10/2013 17:41:21
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\93579385.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\amdsata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\AtiPcie64.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\NISx64\1309010.00E\ccSetx64.sys
\SystemRoot\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS
\SystemRoot\system32\drivers\NISx64\1309010.00E\Ironx64.SYS
\SystemRoot\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\EX64.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\ENG64.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IDSvia64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20130322.001_24\BHDrvx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amdsata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\pnarp.sys
\SystemRoot\system32\DRIVERS\purendis.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\29805628.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\lpk.dll
\Windows\System32\setupapi.dll
\Windows\System32\imm32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\user32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shell32.dll
\Windows\System32\gdi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\nsi.dll
\Windows\System32\normaliz.dll
\Windows\System32\Wldap32.dll
\Windows\System32\difxapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\ole32.dll
\Windows\System32\msctf.dll
\Windows\System32\iertutil.dll
\Windows\System32\clbcatq.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\ws2_32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\advapi32.dll
\Windows\System32\psapi.dll
\Windows\System32\wininet.dll
\Windows\System32\usp10.dll
\Windows\System32\sechost.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\devobj.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa800651b060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000087\
Lower Device Object: 0xfffffa80080d6b60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa80064f7060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000086\
Lower Device Object: 0xfffffa80080d7b60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8006514060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000085\
Lower Device Object: 0xfffffa80080d3b60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8008259060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000084\
Lower Device Object: 0xfffffa80080cdb60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005c04790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000061\
Lower Device Object: 0xfffffa8005a049c0
Lower Device Driver Name: \Driver\amdsata\
Driver name found: amdsata
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\storport.sys (0x0)
Load Function returned 0x0
Downloaded database version: v2013.04.10.14
Downloaded database version: v2013.03.25.01
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005c04790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005c042c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005c04790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004f4e040, DeviceName: Unknown, DriverName: \Driver\amdxata\
DevicePointer: 0xfffffa8005a049c0, DeviceName: \Device\00000061\, DriverName: \Driver\amdsata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a0138eb5d0, 0xfffffa8005c04790, 0xfffffa8009d8f790
Lower DeviceData: 0xfffff8a0073375b0, 0xfffffa8005a049c0, 0xfffffa8009dab310
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 32CBF65C

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 1439608832

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 1439815680 Numsec = 25329664

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 750156374016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1465129168-1465149168)...
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa8008259060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8008259ac0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8008259060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80080ccbf0, DeviceName: Unknown, DriverName: \Driver\usbfilter\
DevicePointer: 0xfffffa80080cdb60, DeviceName: \Device\00000084\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa8006514060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8006514b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8006514060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80080d9bf0, DeviceName: Unknown, DriverName: \Driver\usbfilter\
DevicePointer: 0xfffffa80080d3b60, DeviceName: \Device\00000085\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa80064f7060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80064f7b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80064f7060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80080dabf0, DeviceName: Unknown, DriverName: \Driver\usbfilter\
DevicePointer: 0xfffffa80080d7b60, DeviceName: \Device\00000086\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa800651b060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800651bb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800651b060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80080d8bf0, DeviceName: Unknown, DriverName: \Driver\usbfilter\
DevicePointer: 0xfffffa80080d6b60, DeviceName: \Device\00000087\, DriverName: \Driver\USBSTOR\
------------ End ----------
Done!
Performing system, memory and registry scan...
Infected: c:\Windows\svchost.exe --> [Trojan.Agent]
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1022

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16540

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.800000 GHz
Memory total: 6173265920, free: 4452655104

Removal queue found; removal started
Removing c:\Windows\svchost.exe...
Removal finished
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1022

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16540

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.800000 GHz
Memory total: 6173265920, free: 3992567808

------------ Kernel report ------------
04/10/2013 17:59:09
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\amdsata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\AtiPcie64.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\NISx64\1309010.00E\ccSetx64.sys
\SystemRoot\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS
\SystemRoot\system32\drivers\NISx64\1309010.00E\Ironx64.SYS
\SystemRoot\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\EX64.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20130410.003\ENG64.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20130406.002\IDSvia64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20130322.001_24\BHDrvx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amdsata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\pnarp.sys
\SystemRoot\system32\DRIVERS\purendis.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa8006639790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000087\
Lower Device Object: 0xfffffa80087c6b60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa8007700790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000086\
Lower Device Object: 0xfffffa80087ccb60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa800664e790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000085\
Lower Device Object: 0xfffffa80087aeb60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8006642230
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000084\
Lower Device Object: 0xfffffa80087b8b60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005f31790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000061\
Lower Device Object: 0xfffffa80059e89c0
Lower Device Driver Name: \Driver\amdsata\
Driver name found: amdsata
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\storport.sys (0x0)
Load Function returned 0x0
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005f31790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005f312c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005f31790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004fbd690, DeviceName: Unknown, DriverName: \Driver\amdxata\
DevicePointer: 0xfffffa80059e89c0, DeviceName: \Device\00000061\, DriverName: \Driver\amdsata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a012bf0f20, 0xfffffa8005f31790, 0xfffffa8005b49090
Lower DeviceData: 0xfffff8a012fe9620, 0xfffffa80059e89c0, 0xfffffa8004f8d330
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
very good and I will be waiting for the report
  • 0

#15
lady2sylvia

lady2sylvia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Hi Gringo - I hope for both our sakes we're almost done! I ran the Malwarebytes a second time and it came back clean - no threats.

I ran the TDSSkiller again and did as you said. Here's the report (page 1):

18:17:05.0319 2816 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:17:05.0573 2816 ============================================================
18:17:05.0573 2816 Current date / time: 2013/04/10 18:17:05.0573
18:17:05.0573 2816 SystemInfo:
18:17:05.0573 2816
18:17:05.0573 2816 OS Version: 6.1.7601 ServicePack: 1.0
18:17:05.0573 2816 Product type: Workstation
18:17:05.0573 2816 ComputerName: SHILSTONE-HP
18:17:05.0573 2816 UserName: Shilstone
18:17:05.0573 2816 Windows directory: C:\Windows
18:17:05.0573 2816 System windows directory: C:\Windows
18:17:05.0573 2816 Running under WOW64
18:17:05.0573 2816 Processor architecture: Intel x64
18:17:05.0574 2816 Number of processors: 4
18:17:05.0574 2816 Page size: 0x1000
18:17:05.0574 2816 Boot type: Normal boot
18:17:05.0574 2816 ============================================================
18:17:07.0406 2816 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:17:07.0428 2816 ============================================================
18:17:07.0428 2816 \Device\Harddisk0\DR0:
18:17:07.0429 2816 MBR partitions:
18:17:07.0429 2816 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:17:07.0429 2816 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55CEB000
18:17:07.0429 2816 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55D1D800, BlocksNum 0x1828000
18:17:07.0429 2816 ============================================================
18:17:07.0467 2816 C: <-> \Device\Harddisk0\DR0\Partition2
18:17:07.0574 2816 D: <-> \Device\Harddisk0\DR0\Partition3
18:17:07.0574 2816 ============================================================
18:17:07.0574 2816 Initialize success
18:17:07.0574 2816 ============================================================
18:17:16.0430 1628 Deinitialize success
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP