Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

ALLSEARCH.COM redireting my browser searches (proxy server) [Solved]

Started by Vorkus , Apr 27 2013 10:53 PM

  • This topic is locked This topic is locked

#1
Vorkus
Posted 27 April 2013 - 10:53 PM

Vorkus

    Member

  • Member
  • PipPip
  • 35 posts
My browser searches are being redirected by ALLSEARCHAPP.com It inserted a proxy redirect. I ran Norton, malwarebytes, tdskiller Spyhunter Combofix and none cleared it. I also reinstalled the browsers and Firefox and Chrome are still being hijacked. I ran OTL and it found refrences to allsearchapp.

ALso, Firefox is redirected and wont even load correctly. when I try to open it, it just gives me a visual C++ error message and cant open the plugins.exe

How do i fix this??


OTL logfile created on: 4/27/2013 10:17:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = G:\PRIORITY VIEWING
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 49.47% Memory free
4.69 Gb Paging File | 3.79 Gb Available in Paging File | 80.93% Paging File free
Paging file location(s): C:\pagefile.sys 2973 2973 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 225.41 Gb Total Space | 92.85 Gb Free Space | 41.19% Space Free | Partition Type: NTFS
Drive D: | 7.45 Gb Total Space | 0.48 Gb Free Space | 6.40% Space Free | Partition Type: FAT32
Drive G: | 931.50 Gb Total Space | 457.32 Gb Free Space | 49.10% Space Free | Partition Type: NTFS

Computer Name: MAIN | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - G:\PRIORITY VIEWING\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Learning Like Crazy\Verbarrator\update.exe ()
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
PRC - C:\Program Files\Common Files\Motive\pcCMService.exe (Alcatel-Lucent)
PRC - C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe ()
PRC - C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Motive\pcServiceHost.exe (Alcatel-Lucent)
PRC - C:\Program Files\Comcast\pcTrayApp.exe (Alcatel-Lucent)
PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
PRC - C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Seagate)
PRC - C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
PRC - C:\Program Files\Common Files\aol\1252510432\ee\aolsoftware.exe (AOL LLC)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
PRC - C:\Program Files\DISC\DISCUpdateMgr.exe (Digital Interactive Systems Corporation, Inc.)
PRC - C:\WINDOWS\arpwrmsg.exe (Microsoft)
PRC - C:\WINDOWS\arservice.exe (Microsoft)
PRC - C:\Program Files\Iomega\AutoDisk\ADService.exe (Iomega Corporation)
PRC - C:\Program Files\Iomega\AutoDisk\ADUserMon.exe (Iomega Corporation)
PRC - C:\Program Files\Iomega\System32\AppServices.exe (Iomega Corporation)
PRC - C:\Program Files\Iomega\DriveIcons\Imgicon.exe (Iomega)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Learning Like Crazy\Verbarrator\update.exe ()
MOD - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
MOD - C:\WINDOWS\system32\quartz.dll ()
MOD - C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9a2b2e7c\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_861bb736\system.drawing.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_7a4dcdbc\system.windows.forms.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b9163843\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
MOD - C:\Program Files\Norton Security Suite\Engine\20.2.0.19\wincfi39.dll ()
MOD - C:\WINDOWS\system32\encdec.dll ()
MOD - C:\WINDOWS\system32\sbe.dll ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Seagate\DiscWizard\fox.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\WINDOWS\system32\VBICodec.ax ()
MOD - C:\WINDOWS\system32\mpg2splt.ax ()
MOD - C:\WINDOWS\armcex.dll ()
MOD - C:\WINDOWS\system32\Primomonnt.dll ()
MOD - C:\WINDOWS\system32\hcwXDS.dll ()
MOD - C:\Program Files\Iomega\Common\IoATLDrv.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()


========== Services (SafeList) ==========

SRV - (PCCUJobMgr) -- C:\Program Files\Norton PC Checkup\Engine\2.0.2.547\ccSvcHst.exe /s PCCUJobMgr /m C:\Program Files\Norton PC Checkup\Engine\2.0.2.547\diMaster.dll /prefetch:1 File not found
SRV - (Norton PC Checkup Application Launcher) -- C:\Program Files\Norton PC Checkup\Engine\2.0.2.547\SymcPCCULaunchSvc.exe /s File not found
SRV - (Iomega Activity Disk2) -- File not found
SRV - (Learning Like Crazy: Verbarrator update permissions manager. 8545.) -- C:\Program Files\Learning Like Crazy\Verbarrator\update.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (SpyHunter 4 Service) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
SRV - (pcCMService) -- C:\Program Files\Common Files\Motive\pcCMService.exe (Alcatel-Lucent)
SRV - (FastFreeConverterUpdt) -- C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe ()
SRV - (N360) -- C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe (Symantec Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (pcServiceHost) -- C:\Program Files\Common Files\Motive\pcServiceHost.exe (Alcatel-Lucent)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
SRV - (ICDSPTSV) -- C:\WINDOWS\system32\IcdSptSv.exe (Sony Corporation)
SRV - (SgtSch2Svc) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Seagate)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (AOL ACS) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
SRV - (ARSVC) -- C:\WINDOWS\arservice.exe (Microsoft)
SRV - (_IOMEGA_ACTIVE_DISK_SERVICE_) -- C:\Program Files\Iomega\AutoDisk\ADService.exe (Iomega Corporation)
SRV - (Iomega App Services) -- C:\Program Files\Iomega\System32\AppServices.exe (Iomega Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (SYMNDIS) -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS File not found
DRV - (SYMIDS) -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS File not found
DRV - (SYMFW) -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (MRENDIS5) -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS File not found
DRV - (MREMPR5) -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (ftsata2) -- system32\DRIVERS\ftsata2.sys File not found
DRV - (cpuz132) -- C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (cpuz128) -- C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\cpuz_x32.sys File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\catchme.sys File not found
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130427.007\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130427.007\NAVENG.SYS (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130426.001\IDSXpx86.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\N360\1402000.013\srtsp.sys (Symantec Corporation)
DRV - (Apowersoft_AudioDevice) -- C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\N360\1402000.013\symefa.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\N360\1402000.013\symds.sys (Symantec Corporation)
DRV - (ccSet_N360) -- C:\WINDOWS\system32\drivers\N360\1402000.013\ccsetx86.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SymIMMP) -- C:\WINDOWS\system32\drivers\SymIM.sys (Symantec Corporation)
DRV - (SymIM) -- C:\WINDOWS\system32\drivers\SymIM.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\N360\1402000.013\ironx86.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\N360\1402000.013\symtdi.sys (Symantec Corporation)
DRV - (EsgScanner) -- C:\WINDOWS\system32\drivers\EsgScanner.sys ()
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\N360\1402000.013\srtspx.sys (Symantec Corporation)
DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (timounter) -- C:\WINDOWS\system32\drivers\timntr.sys (Acronis)
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\drivers\snapman.sys (Acronis)
DRV - (tdrpman) -- C:\WINDOWS\system32\drivers\tdrpman.sys (Acronis)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (LSI Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (ICDUSB3) -- C:\WINDOWS\system32\drivers\ICDUSB3.sys (Sony Corporation)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (IrBus) -- C:\WINDOWS\system32\drivers\irbus.sys (Microsoft Corporation)
DRV - (ppa3) -- C:\WINDOWS\system32\drivers\ppa3.sys (Microsoft Corporation)
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (hcwPP2) -- C:\WINDOWS\system32\drivers\hcwPP2.sys (Hauppauge Computer Works, Inc.)
DRV - (BANTExt) -- C:\WINDOWS\system32\drivers\BANTExt.sys ()
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (SI3112) -- C:\WINDOWS\system32\drivers\SI3112.sys (Silicon Image, Inc.)
DRV - (wanatw) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (iomdisk) -- C:\WINDOWS\system32\drivers\IomDisk.sys (Iomega Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - No CLSID value found
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=20.2.0.19
IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=20.2.0.19
IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}

IE - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D4 E5 39 A4 15 31 CA 01 [binary data]
IE - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..\SearchScopes\{43682B77-B546-4606-A6AD-D81710E1AB36}: "URL" = http://proxy.allsear...q={searchTerms}
IE - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..\SearchScopes\{C21CF8B5-89C5-43E0-A3BA-BB83DF3EFD24}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "All Search"
FF - prefs.js..browser.startup.homepage: "http://proxy.allsear...com/app/start/"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0

FF - user.js..browser.startup.homepage: "http://proxy.allsear...com/app/start/"
FF - user.js..browser.search.defaultenginename: "All Search"
FF - user.js..browser.search.defaultenginename: "All Search"
FF - user.js..extensions.enabledAddons: [email protected]:1.0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\HP_Administrator\Application Data\Move Networks\plugins\npqmp071706000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\HP_Administrator\Application Data\Move Networks\plugins\npqmp071706000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\VDownloader\Addons\FireFox [2013/04/21 16:09:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/04/27 21:17:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/04/03 21:25:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/04/03 21:25:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013/04/17 21:19:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/21 23:37:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/21 23:37:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Move Networks [2010/12/19 01:12:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Social Privacy\FF\

[2010/02/19 16:53:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
[2010/02/19 16:53:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
[2013/04/27 01:46:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions
[2010/09/14 14:43:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/04/13 14:17:03 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/01/27 01:59:58 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2012/01/29 21:52:51 | 000,000,000 | ---D | M] (♬ MediaPimp - Internet Radio, Save Videos, Screengrab &amp; More) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\[email protected]
[2009/12/09 02:10:04 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\[email protected]
[2012/10/27 14:28:22 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\[email protected]
[2013/03/08 20:12:48 | 000,275,665 | ---- | M] () (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\[email protected]
[2011/09/04 21:47:50 | 000,008,001 | ---- | M] () (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\[email protected]
[2013/04/13 14:17:03 | 000,350,097 | ---- | M] () (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2013/01/12 22:41:53 | 000,316,778 | ---- | M] () (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
[2011/12/26 21:05:34 | 000,098,637 | ---- | M] () (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\{DA1B0AB5-7DD3-4066-BC2A-64AABBDD0A8B}.xpi
[2013/04/21 15:57:03 | 000,000,328 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\searchplugins\all search.xml
[2012/01/18 22:32:38 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\searchplugins\s-amazon.xml
[2013/04/21 15:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/08 00:07:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/03/08 00:07:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/03/08 00:07:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/04/21 15:55:34 | 000,000,000 | ---D | M] (Fast Free Converter) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/02/25 01:23:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]\content
[2013/02/25 01:23:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]\defaults
[2010/12/19 01:12:02 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\HP_ADMINISTRATOR\APPLICATION DATA\MOVE NETWORKS
[2013/04/21 16:09:21 | 000,000,000 | ---D | M] (VDownloader) -- C:\PROGRAM FILES\VDOWNLOADER\ADDONS\FIREFOX
[2013/04/10 02:58:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/04/03 21:23:48 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2005/09/01 11:34:42 | 001,312,392 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2013/04/10 02:57:54 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/04/10 02:57:54 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\HP_Administrator\Application Data\Move Networks\plugins\npqmp071706000001.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Motive Management Plug-in (Enabled) = C:\Program Files\Common Files\Motive\npMotiveRequest.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: VDownloader (Enabled) = C:\Program Files\VDownloader\Addons\npVDownloader.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - Extension: Docs = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Motive Extension = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec\1.0_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\
CHR - Extension: Gmail = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/04/27 19:59:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Do Not Track Plus) - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files\DoNotTrackPlus\IE\DNTPAddon.dll (Abine)
O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
O3 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe (Iomega Corporation)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Comcast_McciTrayApp] C:\Program Files\Comcast\pcTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe (Iomega)
O4 - HKLM..\Run: [DiscUpdateManager] C:\Program Files\DISC\DISCUpdateMgr.exe (Digital Interactive Systems Corporation, Inc.)
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1252510432\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\Imgicon.exe (Iomega)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008..\Run: [Second Copy] C:\Program Files\SecCopy\SecCopy.exe (Centered Systems)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: &Translate English Word - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Translate Page into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\NPJPI150_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Natural Reader - {0DF757C4-9999-463C-A4EB-B6BF1D8D8D3D} - C:\Program Files\NaturalReaders\Natural Voice Text To Speech Software Standard\read.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Do Not Track Plus © Abine - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files\DoNotTrackPlus\IE\DNTPAddon.dll (Abine)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..Trusted Domains: com ([www.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-2296229634-219738001-2420873020-1008\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1343956335625 (MUWebControl Class)
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} http://152.1.131.130/activex/AMC.cab (AxisMediaControl Class)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.ms...ine/install.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {C2B78FF1-6E5A-4854-AC24-E09A0E2411BA} http://static1.meetu...etUploader5.cab (MeetUploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://naturalsolut...nbr/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: NameServer = 66.228.116.178,66.228.116.179
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9678551D-6B7D-408B-AB72-4C4E985A0BC3}: NameServer = 66.228.116.178,66.228.116.179
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97D91CA9-5CE7-4DA6-8A9D-71B038242AE2}: DhcpNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C11E18B4-E11F-4A36-8FC5-4C20AEA0F3FF}: NameServer = 66.228.116.178,66.228.116.179
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/23 21:37:52 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 20:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2010/07/22 10:42:45 | 000,000,000 | ---D | M] - G:\AUTOMOTIVE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2013/04/27 21:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/04/27 20:36:24 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/04/27 14:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Sophos
[2013/04/27 14:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2013/04/26 23:00:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\SpyHunter
[2013/04/26 23:00:43 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/04/26 23:00:43 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/04/26 23:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013/04/21 23:52:07 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/04/21 23:52:07 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/04/21 23:52:07 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/04/21 23:01:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Video Download Capture
[2013/04/21 15:55:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\AppData
[2013/04/21 15:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\File Type Helper
[2013/04/21 15:55:17 | 000,000,000 | ---D | C] -- C:\Program Files\Fast Free Converter
[2013/04/21 15:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Browser
[2013/04/21 15:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\dnsshield
[2013/04/21 15:51:58 | 000,000,000 | ---D | C] -- C:\Program Files\Social Privacy
[2013/04/21 15:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Shield
[2013/04/21 15:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/04/21 12:08:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent
[2013/04/17 21:11:22 | 000,044,064 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2013/04/14 16:49:47 | 000,274,432 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpfinst.dll
[2013/04/06 12:38:44 | 000,000,000 | ---D | C] -- C:\GEARView Basic Dev
[2013/04/03 21:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/04/03 21:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2013/04/03 21:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/04/03 21:24:01 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/04/03 21:23:42 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/04/03 21:23:42 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/04/03 21:23:42 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/03/29 22:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/03/24 01:14:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2013/03/23 22:58:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Spoon
[2013/03/23 14:07:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Streaming Video Recorder
[2013/03/23 13:53:16 | 000,429,816 | -H-- | C] (Bytescout) -- C:\WINDOWS\System32\BytescoutScreenCapturing.dll
[2013/03/23 13:53:16 | 000,261,880 | -H-- | C] (Bytescout) -- C:\WINDOWS\System32\BytescoutScreenCapturingFilter.dll
[2013/03/23 13:53:16 | 000,175,864 | -H-- | C] (Bytescout) -- C:\WINDOWS\System32\BytescoutVideoMixerFilter.dll
[2013/03/23 13:53:16 | 000,026,080 | ---- | C] (Wondershare) -- C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys
[2013/03/23 13:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Apowersoft
[2013/03/23 13:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\Apowersoft
[2013/03/23 13:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Apowersoft
[2013/03/23 00:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2013/03/19 01:11:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2013/03/19 01:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2013/03/15 00:37:30 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013/03/15 00:37:30 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013/03/12 15:43:47 | 000,000,000 | ---D | C] -- C:\SECURITY PROGS ad on
[2013/03/08 00:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2013/04/27 21:49:00 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/27 21:25:27 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/04/27 21:25:14 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/04/27 21:22:54 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/04/27 21:17:05 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/04/27 21:15:59 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2296229634-219738001-2420873020-1008.job
[2013/04/27 21:15:25 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2296229634-219738001-2420873020-1008.job
[2013/04/27 21:15:23 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2296229634-219738001-2420873020-1008.job
[2013/04/27 21:14:19 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/27 21:13:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/04/27 21:05:10 | 000,015,923 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\SAVED CHROME LINKS FAVORITeS to trans to explorer).odt
[2013/04/27 19:59:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/04/27 14:17:58 | 000,002,096 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Sophos Virus Removal Tool.lnk
[2013/04/26 23:19:52 | 000,001,489 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2013/04/26 23:00:59 | 000,002,006 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\SpyHunter.lnk
[2013/04/26 07:06:57 | 000,050,828 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat
[2013/04/25 07:51:41 | 000,525,780 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/04/25 07:51:41 | 000,096,518 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/04/24 21:16:02 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2296229634-219738001-2420873020-1008.job
[2013/04/21 23:30:58 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/04/21 23:30:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/04/21 23:12:53 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Mozilla Firefox (2).lnk
[2013/04/21 22:58:49 | 000,001,089 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to Video Download Capture.exe.lnk
[2013/04/21 22:50:19 | 000,001,002 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Video Download Capture.lnk
[2013/04/21 22:50:19 | 000,000,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Video Download Capture.lnk
[2013/04/21 15:55:50 | 000,000,032 | ---- | M] () -- C:\END
[2013/04/21 15:55:04 | 000,002,213 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Facebook.lnk
[2013/04/21 15:55:04 | 000,002,211 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Youtube.lnk
[2013/04/21 15:55:03 | 000,001,141 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Browser.lnk
[2013/04/21 15:55:02 | 000,001,123 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Internet Browser.lnk
[2013/04/21 15:24:44 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/04/21 15:24:43 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/04/21 15:02:49 | 016,948,292 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Firefox 19.0.2 (en-US) - 2013-04-21.pcv
[2013/04/18 21:36:40 | 000,688,861 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\1402000.013\Cat.DB
[2013/04/18 21:36:04 | 000,014,818 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\1402000.013\VT20130115.021
[2013/04/17 22:36:37 | 000,235,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/04/16 23:28:27 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013/04/16 23:28:27 | 000,007,446 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013/04/16 23:28:27 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013/04/13 13:12:09 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/04/04 05:35:08 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/04/04 05:30:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/04/04 05:29:44 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/04/03 22:43:08 | 005,115,028 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\NKAH.mp3
[2013/04/03 21:25:57 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/04/03 21:24:01 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/04/03 21:23:42 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/04/03 21:23:42 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/04/03 21:23:42 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/04/01 01:08:48 | 000,000,222 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\default.pls
[2013/04/01 01:08:30 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/03/29 22:09:07 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/03/24 01:14:45 | 000,001,774 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/03/24 01:14:44 | 000,001,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2013/03/23 13:53:27 | 000,001,026 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Streaming Video Recorder.lnk
[2013/03/23 13:53:27 | 000,001,008 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Streaming Video Recorder.lnk
[2013/03/23 00:51:27 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/03/20 20:25:19 | 000,130,560 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/19 18:04:22 | 000,030,957 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\HUMOROUS AD GANG RAPE.jpg
[2013/03/19 18:03:39 | 000,037,477 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\C9976B2739FC6CDD1772CA5F6E1E_h316_w628_m5_cPfcEUTnl.jpg
[2013/03/19 18:03:28 | 000,389,785 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\143FD6473184AF36088A23D8074CB_h316_w628_m5_clEaRjECz.png
[2013/03/19 18:03:08 | 000,346,414 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\076DB50DD8DA67F9624E8195F3DE8_h316_w628_m5_cTvxIKVng.png
[2013/03/19 18:02:17 | 000,042,008 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\3171B3711855881CA1879A57ED4A_h316_w628_m5_cSiHyVVBW.jpg
[2013/03/19 18:01:45 | 000,027,697 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\humorous ad placement carrot ladyjpg.jpg
[2013/03/19 18:01:16 | 000,031,473 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\AF2C2874E2CEFD9FDABD06B5E98F_h316_w628_m5_cmdVshhFz.jpg
[2013/03/19 18:01:00 | 000,037,320 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\humorous ad placement mens club.jpg
[2013/03/19 17:59:54 | 000,029,083 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\humorous airline ad.jpg
[2013/03/18 00:26:46 | 000,013,856 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\AGENDA_TODAYS SCRATCHPAD.odt
[2013/03/12 01:10:56 | 000,237,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013/03/08 04:36:22 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll
[2013/03/08 04:36:22 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2013/03/07 22:12:08 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll
[2013/03/07 22:12:08 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/03/07 22:12:08 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/03/07 22:01:58 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/06 21:32:25 | 002,149,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2013/03/06 21:32:25 | 002,149,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013/03/06 21:28:24 | 002,193,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013/03/06 20:50:30 | 002,028,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013/03/06 20:50:30 | 002,028,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2013/03/06 20:50:28 | 002,070,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013/03/06 17:11:25 | 008,499,191 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(9).3gp
[2013/03/06 17:11:09 | 007,106,867 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS_ptracking.flv
[2013/03/06 17:10:39 | 005,907,976 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(5).mp4
[2013/03/06 17:10:15 | 004,035,660 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(8).3gp
[2013/03/06 17:10:13 | 004,722,772 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(7).3gp
[2013/03/06 17:09:54 | 003,111,987 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(1).mp4
[2013/03/06 17:09:46 | 003,371,436 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(6).mp4
[2013/03/06 17:09:31 | 002,168,423 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(4).3gp
[2013/03/06 17:09:29 | 001,368,562 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(7).mp4
[2013/03/06 17:09:16 | 001,770,669 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(2).mp4
[2013/03/06 17:09:08 | 001,337,233 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(3).3gp
[2013/03/06 17:09:05 | 001,006,168 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(6).3gp
[2013/03/06 17:09:04 | 000,700,828 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(1).3gp
[2013/03/06 17:08:29 | 000,995,954 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(5).3gp
[2013/03/06 17:08:28 | 001,015,250 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(1).flv
[2013/03/06 17:08:27 | 000,529,463 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(2).flv
[2013/03/06 17:08:20 | 000,566,602 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(3).mp4
[2013/03/06 17:08:16 | 000,535,170 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS.mp4
[2013/03/06 17:08:08 | 001,015,250 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS.flv
[2013/03/06 17:08:05 | 000,715,619 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(4).mp4
[2013/03/06 17:07:57 | 000,121,713 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(2).3gp
[2013/03/06 17:07:56 | 000,070,232 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS.3gp
[2013/03/01 22:06:31 | 001,212,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013/03/01 22:06:31 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013/03/01 22:06:31 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/03/01 22:06:31 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013/03/01 22:06:31 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/03/01 22:06:30 | 006,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/03/01 22:06:30 | 002,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/03/01 22:06:30 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013/03/01 22:06:30 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/03/01 22:06:30 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013/03/01 22:06:30 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/03/01 22:06:30 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013/03/01 22:06:30 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/03/01 22:06:30 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/03/01 22:06:30 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/03/01 22:06:30 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013/03/01 22:06:30 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013/03/01 22:06:30 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/03/01 22:06:30 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013/03/01 22:06:30 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/03/01 22:06:30 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013/03/01 22:06:30 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/03/01 22:06:30 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013/03/01 22:06:30 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/03/01 22:06:29 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/03/01 22:06:29 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/03/01 22:06:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013/03/01 22:06:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/03/01 21:25:02 | 001,867,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2013/03/01 21:25:02 | 001,867,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2013/03/01 21:08:48 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/03/01 21:08:48 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013/03/01 21:08:47 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013/02/27 03:56:51 | 002,067,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/27 21:25:14 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/04/27 21:25:13 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/04/27 20:53:34 | 000,015,923 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\SAVED CHROME LINKS FAVORITeS to trans to explorer).odt
[2013/04/27 14:17:58 | 000,002,096 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Sophos Virus Removal Tool.lnk
[2013/04/26 23:00:59 | 000,002,006 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\SpyHunter.lnk
[2013/04/21 23:12:53 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Mozilla Firefox (2).lnk
[2013/04/21 22:58:49 | 000,001,089 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to Video Download Capture.exe.lnk
[2013/04/21 22:50:19 | 000,001,002 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Video Download Capture.lnk
[2013/04/21 22:50:19 | 000,000,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Video Download Capture.lnk
[2013/04/21 15:55:42 | 000,000,032 | ---- | C] () -- C:\END
[2013/04/21 15:55:04 | 000,002,213 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Facebook.lnk
[2013/04/21 15:55:03 | 000,002,211 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Youtube.lnk
[2013/04/21 15:55:03 | 000,001,141 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Browser.lnk
[2013/04/21 15:55:02 | 000,001,123 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Internet Browser.lnk
[2013/04/21 15:24:43 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/04/21 15:24:43 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2013/04/21 15:24:43 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/04/21 15:02:23 | 016,948,292 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Firefox 19.0.2 (en-US) - 2013-04-21.pcv
[2013/04/16 21:34:05 | 000,000,300 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2296229634-219738001-2420873020-1008.job
[2013/04/15 07:58:09 | 000,315,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/04/13 13:12:08 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/03 21:30:26 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2296229634-219738001-2420873020-1008.job
[2013/04/03 21:25:56 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/03/29 22:09:04 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/03/29 22:09:04 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/03/24 01:14:44 | 000,001,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2013/03/24 01:14:27 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/03/23 13:53:27 | 000,001,026 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Streaming Video Recorder.lnk
[2013/03/23 13:53:27 | 000,001,008 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Streaming Video Recorder.lnk
[2013/03/23 00:51:27 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/03/19 18:04:22 | 000,030,957 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\HUMOROUS AD GANG RAPE.jpg
[2013/03/19 18:03:39 | 000,037,477 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\C9976B2739FC6CDD1772CA5F6E1E_h316_w628_m5_cPfcEUTnl.jpg
[2013/03/19 18:03:28 | 000,389,785 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\143FD6473184AF36088A23D8074CB_h316_w628_m5_clEaRjECz.png
[2013/03/19 18:03:08 | 000,346,414 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\076DB50DD8DA67F9624E8195F3DE8_h316_w628_m5_cTvxIKVng.png
[2013/03/19 18:02:17 | 000,042,008 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\3171B3711855881CA1879A57ED4A_h316_w628_m5_cSiHyVVBW.jpg
[2013/03/19 18:01:45 | 000,027,697 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\humorous ad placement carrot ladyjpg.jpg
[2013/03/19 18:01:16 | 000,031,473 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\AF2C2874E2CEFD9FDABD06B5E98F_h316_w628_m5_cmdVshhFz.jpg
[2013/03/19 18:01:00 | 000,037,320 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\humorous ad placement mens club.jpg
[2013/03/19 17:59:54 | 000,029,083 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\humorous airline ad.jpg
[2013/03/17 16:24:30 | 000,013,856 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\AGENDA_TODAYS SCRATCHPAD.odt
[2013/03/06 17:07:28 | 008,499,191 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(9).3gp
[2013/03/06 17:07:27 | 004,722,772 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(7).3gp
[2013/03/06 17:07:27 | 004,035,660 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(8).3gp
[2013/03/06 17:07:26 | 001,006,168 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(6).3gp
[2013/03/06 17:07:26 | 000,995,954 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(5).3gp
[2013/03/06 17:07:25 | 002,168,423 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(4).3gp
[2013/03/06 17:07:25 | 001,337,233 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(3).3gp
[2013/03/06 17:07:24 | 000,700,828 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(1).3gp
[2013/03/06 17:07:24 | 000,121,713 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(2).3gp
[2013/03/06 17:07:23 | 003,371,436 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(6).mp4
[2013/03/06 17:07:23 | 001,368,562 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(7).mp4
[2013/03/06 17:07:23 | 000,070,232 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS.3gp
[2013/03/06 17:07:22 | 005,907,976 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(5).mp4
[2013/03/06 17:07:22 | 000,715,619 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(4).mp4
[2013/03/06 17:07:21 | 003,111,987 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(1).mp4
[2013/03/06 17:07:21 | 001,770,669 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(2).mp4
[2013/03/06 17:07:21 | 000,566,602 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(3).mp4
[2013/03/06 17:07:20 | 000,535,170 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS.mp4
[2013/03/06 17:07:20 | 000,529,463 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(2).flv
[2013/03/06 17:07:19 | 007,106,867 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS_ptracking.flv
[2013/03/06 17:07:19 | 001,015,250 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS(1).flv
[2013/03/06 17:07:18 | 001,015,250 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Dr_Pribut_On_Iliotibial_Band_Syndrome_ITBS.flv
[2013/01/01 12:57:59 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012/12/15 23:26:22 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/12/15 23:26:22 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/12/15 23:26:22 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/12/15 23:26:22 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/12/15 23:26:22 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/12/13 00:33:09 | 000,000,579 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/07/05 23:58:24 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2012/06/22 12:01:32 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\ESGScanner.sys
[2012/06/22 12:01:32 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\EsgScanner.sys
[2012/05/12 13:59:48 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2012/02/15 07:27:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/26 21:11:25 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2011/06/14 23:37:47 | 000,000,243 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2011/06/14 23:37:47 | 000,000,094 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2011/06/14 23:37:32 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011/06/14 23:37:32 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011/06/14 23:36:56 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat
[2011/06/14 23:36:46 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2011/05/12 14:30:02 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/12 14:24:59 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/05/20 12:38:47 | 000,001,559 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\.recently-used.xbel
[2010/05/03 14:19:45 | 002,374,788 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\.websiteauditor.properties
[2010/02/19 17:09:03 | 000,459,417 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\.spyglass.properties
[2010/02/19 16:55:57 | 000,452,958 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\.linkassistant.properties
[2010/02/19 16:55:12 | 000,520,667 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\.ranktracker.properties
[2009/10/21 17:49:49 | 000,000,222 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\default.pls
[2009/09/12 12:31:43 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2009/09/09 23:24:55 | 000,050,828 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat
[2009/09/08 20:33:47 | 000,130,560 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/08 14:06:21 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/31 07:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/07/18 12:05:06 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Files - Unicode (All) ==========
[2013/02/15 03:00:07 | 133,075,541 | ---- | M] ()(C:\Documents and Settings\HP_Administrator\My Documents\women_wrestling_?????_55570430_mp4_h264_aac.flv) -- C:\Documents and Settings\HP_Administrator\My Documents\women_wrestling_Видео_55570430_mp4_h264_aac.flv
[2013/02/15 02:39:05 | 058,099,359 | ---- | M] ()(C:\Documents and Settings\HP_Administrator\My Documents\girls_wrestling_14_?????_49831585_mp4_h264_aac.flv) -- C:\Documents and Settings\HP_Administrator\My Documents\girls_wrestling_14_Видео_49831585_mp4_h264_aac.flv
[2013/02/15 02:23:56 | 133,075,541 | ---- | C] ()(C:\Documents and Settings\HP_Administrator\My Documents\women_wrestling_?????_55570430_mp4_h264_aac.flv) -- C:\Documents and Settings\HP_Administrator\My Documents\women_wrestling_Видео_55570430_mp4_h264_aac.flv
[2013/02/15 02:23:15 | 058,099,359 | ---- | C] ()(C:\Documents and Settings\HP_Administrator\My Documents\girls_wrestling_14_?????_49831585_mp4_h264_aac.flv) -- C:\Documents and Settings\HP_Administrator\My Documents\girls_wrestling_14_Видео_49831585_mp4_h264_aac.flv

< End of report >


OTL Extras logfile created on: 4/27/2013 10:17:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = G:\PRIORITY VIEWING
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 49.47% Memory free
4.69 Gb Paging File | 3.79 Gb Available in Paging File | 80.93% Paging File free
Paging file location(s): C:\pagefile.sys 2973 2973 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 225.41 Gb Total Space | 92.85 Gb Free Space | 41.19% Space Free | Partition Type: NTFS
Drive D: | 7.45 Gb Total Space | 0.48 Gb Free Space | 6.40% Space Free | Partition Type: FAT32
Drive G: | 931.50 Gb Total Space | 457.32 Gb Free Space | 49.10% Space Free | Partition Type: NTFS

Computer Name: MAIN | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2296229634-219738001-2420873020-1008\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [Browse with XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1403:TCP" = 1403:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\DISC\DISCover.exe" = C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System -- (Digital Interactive Systems Corporation)
"C:\Program Files\DISC\DiscStreamHub.exe" = C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\DISC\myFTP.exe" = C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\aol\1252510432\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1252510432\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC)
"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\AOL 9.1a\waol.exe" = C:\Program Files\AOL 9.1a\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\FrostWire 5\FrostWire.exe" = C:\Program Files\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Common Files\Motive\pcServiceHost.exe" = C:\Program Files\Common Files\Motive\pcServiceHost.exe:*:Enabled:pcServiceHost -- (Alcatel-Lucent)
"C:\Program Files\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe" = C:\Program Files\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe:*:Enabled:Streaming Video Recorder -- (Apowersoft)
"C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll" = C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll:*:Enabled:Streaming Video Recorder -- ()
"C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll" = C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll:*:Enabled:Streaming Video Recorder -- ()
"C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll" = C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll:*:Enabled:Streaming Video Recorder -- ()
"C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll" = C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll:*:Enabled:Streaming Video Recorder -- ()
"C:\Program Files\Apowersoft\Video Download Capture\Video Download Capture.exe" = C:\Program Files\Apowersoft\Video Download Capture\Video Download Capture.exe:*:Enabled:Video Download Capture -- (Apowersoft)
"C:\Program Files\Apowersoft\Video Download Capture\ApowersoftSrv.dll" = C:\Program Files\Apowersoft\Video Download Capture\ApowersoftSrv.dll:*:Enabled:Video Download Capture -- ()
"C:\Program Files\Apowersoft\Video Download Capture\ApowersoftDump.dll" = C:\Program Files\Apowersoft\Video Download Capture\ApowersoftDump.dll:*:Enabled:Video Download Capture -- ()
"C:\Program Files\Apowersoft\Video Download Capture\ApowersoftAC.dll" = C:\Program Files\Apowersoft\Video Download Capture\ApowersoftAC.dll:*:Enabled:Video Download Capture -- ()
"C:\Program Files\Apowersoft\Video Download Capture\ApowersoftPlayer.dll" = C:\Program Files\Apowersoft\Video Download Capture\ApowersoftPlayer.dll:*:Enabled:Video Download Capture -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AC0F1B2-61C7-4B6E-ACEF-58FCC0B94835}" = SpyHunter
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX890_series" = Canon MX890 series MP Drivers
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{1DB2FBA5-D57A-42A7-8E87-5B3EEBED8283}" = Wal-Mart Music Downloads Store
"{202F0D54-4BB2-9176-EB3F-C4841B7927D1}" = Instant Traffic Locator
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BA09774-34F7-4A06-8C7E-B69E44CB9EB0}" = DriverBoost
"{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}" = HP Deskjet Printer Preload
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1" = Streaming Video Recorder V4.3.2
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{382E94C0-6E22-44e4-B003-8EB31DFE296F}" = cp_LightScribeConfig
"{3912A629-0020-0005-3757-2FBA74D4DF0A}" = InterVideo WinDVD Player
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1" = Video Download Capture V4.3.9
"{3E386744-10FA-44b2-98C9-DF7A270DECB3}" = HP PSC & OfficeJet 5.3.A
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{44374584-FC41-4BEC-B046-7A97871EFBA2}" = Newshosting
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{458A67E4-33F7-479C-87C2-EA82E394BA93}_is1" = eIMAGE Recovery DEMO
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51071D66-D034-4239-94E0-723FCA10B6FE}" = OpenOffice.org 3.4
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{567C23E1-7580-4185-B8C2-30805677297C}" = NewCopy_CDA
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5E33D30D-D896-4D92-B033-5F45819B2937}" = Strongvault Online Backup
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin
"{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77BE790A-2F0E-277A-B1D5-24AE58CA1C5E}" = CherryPicker
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{80E4B2D6-BFF2-402C-96C4-3942DF24CABB}_is1" = FVD Suite 3.0.0
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{911C5B68-E2F7-45D3-8E23-FFAE40FEC8BB}" = Video Screen Trapper PRO
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A6558E2A-FAF9-4570-AA49-6328D0354517}" = SavetheChildren Reminder by We-Care.com v4.1.21.4
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B276997E-4367-4b1b-A39C-4CAE7464337A}" = AiO_Scan_CDA
"{B28B351F-1232-46EA-85EF-B8EA91641033}" = Nero 7 Essentials
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B60E7826-F117-4d26-8165-D2DC5A494AB0}" = Fax_CDA
"{B64E3AFC-59EF-4f18-BF11-E751462450D3}" = AiOSoftwareNPI
"{B6EC7388-E277-4A5B-8C8F-71067A41BA64}" = TextPad 5
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1" = Eraser 5.8
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C104580B-1C79-4d73-9BF0-CA0B184296A4}" = cp_LightScribePlugin
"{C3820075-1413-4159-B27F-0069F0A9BB72}" = Natrual Voice Text to Speech Reader Standard
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C83A12B9-B31B-461A-BBD4-CE9B988094F1}" = HP Photosmart Cameras 5.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D518592A-0F1E-40ca-BECB-3D3F026C6B0D}" = CameraDrivers
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DFB0FED6-0010-4E9B-A402-E513F2459161}" = muvee autoProducer unPlugged 1.2
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E7137AFD-4E43-47A6-BDC7-533808F72B36}" = muvee autoProducer 4.5
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F768F6BA-F164-4599-BC26-DCCFC2F76855}_is1" = Verbarrator
"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"038D56DF-B15D-47F7-959F-59FA1FBB63FC" = Snowboard SuperJam from HP Media Center (remove only)
"049D60AF-B425-4F8A-BD66-9D8C1B519D59" = Barnyard Invasion from HP Media Center (remove only)
"0AA27562-3C4E-4860-8742-7ADEBE2EFC43" = Ricochet Lost Worlds from HP Media Center (remove only)
"1FFA88DF-0AC3-4D9E-9139-5FF98813C12C" = Polar Bowler from HP Media Center (remove only)
"3320769C-062B-4670-BD6B-AA4B3D0E9903" = FATE from HP Media Center (remove only)
"5DAA9E44-1B31-41CD-88A8-228EDED6E36E" = Bounce Symphony from HP Media Center (remove only)
"7-Zip 9.20" = 7-Zip 9.20
"90EA5584-4290-407B-B8F2-D6E6D65A4796" = Boggle Supreme from HP Media Center (remove only)
"9844050E-4CA4-4901-A53D-A5D14C63789B" = Lexibox Deluxe from HP Media Center (remove only)
"ABC Amber Audio Converter" = ABC Amber Audio Converter
"Activ E-Book Compiler 4.22_is1" = Activ E-Book Compiler 4.22
"Active Disk" = Active Disk
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"AI RoboForm" = AI RoboForm (All Users)
"AIM_7" = AIM 7
"Amazon Kindle" = Amazon Kindle
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Applian FLV Player2.0.24" = Applian FLV Player
"ATI Display Driver" = ATI Display Driver
"AwayMode160" = Microsoft Away Mode
"AXIS Media Control" = AXIS Media Control
"AxySnake_is1" = AxySnake version 1.19
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"B3FF79F4-CDA8-4845-A7C0-9CE017719F36" = Tradewinds from HP Media Center (remove only)
"Belarc Advisor 2.0" = Belarc Advisor 7.2
"Cam Video Downloader_is1" = Cam Video Downloader ver 1.0.47
"CamStudio" = CamStudio
"Canon MX890 series On-screen Manual" = Canon MX890 series On-screen Manual
"Canon MX890 series User Registration" = Canon MX890 series User Registration
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"CherryPickerLive" = CherryPicker
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Comcast" = EasySolve
"Compare It!_is1" = Compare It!
"Copyright Records Search" = Copyright Records Search
"CopyToy_is1" = CopyToy 8.0.0.0
"Daniusoft iPod Music Transfer_is1" = Daniusoft iPod Music Transfer(Build 1.2.10)
"Data Extractor" = Data Extractor
"Desktop Spider_is1" = Desktop Spider 3.0
"Digsby" = Digsby
"DISCover" = DISCover
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"dnschange" = DNS Shield
"Do Not Track Plus Add-on_is1" = Do Not Track Plus Add-on 2.2.0.705
"E44A47AF-C94B-4E3F-81A0-979FBA9DAC57" = AstroPop Deluxe from HP Media Center (remove only)
"E59F75D0-A38B-40F4-ABA2-CA35A7735473" = Bookworm Deluxe from HP Media Center (remove only)
"Easy JPEG Printer" = Easy JPEG Printer
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Fast Free Converter" = Fast Free Converter
"FastStone Image Viewer" = FastStone Image Viewer 4.6
"FileZilla Client" = FileZilla Client 3.3.0.1
"Final Draft 8.0" = Final Draft 8.0
"FLV Player" = FLV Player 2.0 (build 25)
"Forte Agent" = Forté Agent
"Free Cache View_is1" = Free Cache View v 1.0
"Free Download Manager_is1" = Free Download Manager 3.0
"FrostWire" = FrostWire 4.20.7
"FrostWire 5" = FrostWire 5.3.8
"Good Keywords v2_is1" = Good Keywords v2.0.031906
"Google Chrome" = Google Chrome
"hp deskjet 930c series" = hp deskjet 930c series (Remove only)
"HP Document Viewer" = HP Document Viewer 5.3
"HP Game Console" = HP Game Console and games
"HP Image Zone for Media Center PC" = HP Image Zone for Media Center PC
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Photo & Imaging" = HP Image Zone 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPOOVClient-9972322 Uninstaller" = Updates from HP (remove only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"IntelliMover Data Transfer Demo" = Remove IntelliMover Demo
"InternetResearchTool.0E8DA7534D2BCA093AC38E65AEDA6A440E4CDA81.1" = Instant Traffic Locator
"IomegaWare" = IomegaWare 4.0.2
"IrfanView" = IrfanView (remove only)
"Keyword Sniper Pro_is1" = Keyword Sniper Pro v2.10
"LSI Soft Modem" = LSI PCI-SV92PP Soft Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MasterSplitter" = MasterSplitter Program
"Maxthon2" = Maxthon2
"McAfee Security Scan" = McAfee Security Scan Plus
"Medisoft Advanced Patient Accounting 8.0 sp1" = Medisoft Advanced Patient Accounting 8.0 sp1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Modern Warfare - SHAREWARE" = Modern Warfare - SHAREWARE
"Money2005b" = Microsoft Money 2005
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator 2.2" = Canon MP Navigator 2.2
"MP Navigator EX 5.1" = Canon MP Navigator EX 5.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"N360" = Norton Security Suite
"Niche Explorer_is1" = Niche Explorer
"NTREGOPT_is1" = NTREGOPT 1.1j
"Nvu_is1" = Nvu 1.0PR
"Office Hours Professional 8.0" = Office Hours Professional 8.0
"PalTalk8.2" = PaltalkScene
"PIXresizer_is1" = PIXresizer 1.0.8
"PrimoPDF2.0" = PrimoPDF
"ProcessScanner_is1" = Uniblue ProcessScanner
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"QuickPar" = QuickPar 0.9
"Radar Screensaver_is1" = Radar Screensaver version 1.72
"RealPlayer 16.0" = RealPlayer
"Reimage Repair" = Reimage Repair
"Riot" = Riot - Radical Image Optimization Tool
"Second Copy (7.0)" = Second Copy (7.0)
"Secure Viewer_is1" = Secure Viewer 2.7
"seopowersuite" = Rank Tracker
"ShHelper" = Reset Your Browser
"Signature995" = Signature995
"[email protected]" = Social Privacy
"Speed Dial Utility" = Canon Speed Dial Utility
"ST6UNST #1" = Karen's Directory Printer
"ToneGen" = NCH Tone Generator
"TotalRecorder" = Total Recorder 5.3
"Traffic Travis_is1" = Traffic Travis 3.1.8
"Ultimate ZIP Cracker" = Ultimate ZIP Cracker
"Unit Conversion Tool Evaluation Version_is1" = Unit Conversion Tool Evaluation Version 5.1
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"Winmx Community 1" = Winmx Community 1
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archiver
"WinX Video Converter_is1" = WinX Video Converter 4.5
"WinZip" = WinZip
"WM Capture" = WM Capture
"WM Recorder 12.0" = WM Recorder 12.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XHeader" = XHeader
"XnView_is1" = XnView 1.97.8
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2296229634-219738001-2420873020-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"b38ce2ac5e817c22" = Epic Traffic Systems Software Suite
"CNET TechTracker" = CNET TechTracker
"Dropbox" = Dropbox
"Flux" = F.lux
"GoToMeeting" = GoToMeeting 5.1.0.880
"Move Media Player" = Move Media Player
"Shield" = Internet Browser

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/27/2013 8:32:29 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:03:28 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:09:22 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:09:48 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:10:15 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:16:01 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:16:03 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:16:37 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:16:47 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:17:09 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ Application Events ]
Error - 4/27/2013 8:32:29 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:03:28 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:09:22 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:09:48 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:10:15 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:16:01 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:16:03 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:16:37 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:16:47 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2013 10:17:09 PM | Computer Name = MAIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 4/27/2013 7:26:19 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7000
Description = The Common Client Job Manager Service service failed to start due
to the following error: %%3

Error - 4/27/2013 7:26:27 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 4/27/2013 7:39:42 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7034
Description = The SpyHunter 4 Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 4/27/2013 7:45:31 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7034
Description = The FastFreeConverterUpdt service terminated unexpectedly. It has
done this 1 time(s).

Error - 4/27/2013 8:15:41 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7000
Description = The Norton PC Checkup Application Launcher service failed to start
due to the following error: %%2

Error - 4/27/2013 8:15:41 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7000
Description = The Common Client Job Manager Service service failed to start due
to the following error: %%3

Error - 4/27/2013 8:16:06 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 4/27/2013 9:14:46 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7000
Description = The Norton PC Checkup Application Launcher service failed to start
due to the following error: %%2

Error - 4/27/2013 9:14:46 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7000
Description = The Common Client Job Manager Service service failed to start due
to the following error: %%3

Error - 4/27/2013 9:15:18 PM | Computer Name = MAIN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2


< End of report >

Edited by Vorkus, 28 April 2013 - 09:10 AM.

  • 0

Advertisements

#2
gringo_pr
Posted 30 April 2013 - 12:44 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Vorkus

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
Vorkus
Posted 02 May 2013 - 04:37 AM

Vorkus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Thanks for the help. I ran the suggested programs and here is the output.



# AdwCleaner v2.300 - Logfile created 05/01/2013 at 22:18:31
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : HP_Administrator - MAIN
# Boot Mode : Normal
# Running from : G:\PRIORITY VIEWING\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
File Deleted : C:\END
File Deleted : C:\WINDOWS\system32\conduitEngine.tmp
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Inbox Toolbar
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\Giant Savings
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\prefs.js

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7330 octets] - [01/05/2013 22:18:31]

########## EOF - C:\AdwCleaner[S1].txt - [7390 octets] ##########

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : HP_Administrator [Admin rights]
Mode : Remove -- Date : 05/01/2013 22:31:15
| ARK || FAK || MBR |

¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH] arservice.exe -- C:\WINDOWS\arservice.exe [7] -> KILLED [TermProc]
[SUSP PATH] arpwrmsg.exe -- C:\WINDOWS\arpwrmsg.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 5 ¤¤¤
[DNS] HKLM\[...]\ControlSet003\Services\Tcpip\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : NameServer (66.228.116.178,66.228.116.179) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet003\Services\Tcpip\Interfaces\{9678551D-6B7D-408B-AB72-4C4E985A0BC3} : NameServer (66.228.116.178,66.228.116.179) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet003\Services\Tcpip\Interfaces\{C11E18B4-E11F-4A36-8FC5-4C20AEA0F3FF} : NameServer (66.228.116.178,66.228.116.179) -> NOT REMOVED, USE DNSFIX
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[12] : NtAlertResumeThread @ 0x805D4BDC -> HOOKED (Unknown @ 0x8A61D8E0)
SSDT[13] : NtAlertThread @ 0x805D4B8C -> HOOKED (Unknown @ 0x8A61D348)
SSDT[17] : NtAllocateVirtualMemory @ 0x805A8AC2 -> HOOKED (Unknown @ 0x8A624280)
SSDT[19] : NtAssignProcessToJobObject @ 0x805D66A0 -> HOOKED (Unknown @ 0x8A6357E8)
SSDT[31] : NtConnectPort @ 0x805A45D8 -> HOOKED (Unknown @ 0x8A3296A0)
SSDT[43] : NtCreateMutant @ 0x806177F2 -> HOOKED (Unknown @ 0x8A6312C0)
SSDT[52] : NtCreateSymbolicLinkObject @ 0x805C3A02 -> HOOKED (Unknown @ 0x8A638188)
SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0x8A9FA328)
SSDT[57] : NtDebugActiveProcess @ 0x80643C82 -> HOOKED (Unknown @ 0x8A635D80)
SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0x8A6D08C0)
SSDT[83] : NtFreeVirtualMemory @ 0x805B2FBA -> HOOKED (Unknown @ 0x8A643330)
SSDT[89] : NtImpersonateAnonymousToken @ 0x805F9332 -> HOOKED (Unknown @ 0x8A616370)
SSDT[91] : NtImpersonateThread @ 0x805D7860 -> HOOKED (Unknown @ 0x8A616908)
SSDT[97] : NtLoadDriver @ 0x80584172 -> HOOKED (Unknown @ 0x8A6B4C98)
SSDT[108] : unknown @ 0x805B2042 -> HOOKED (Unknown @ 0x8A681200)
SSDT[114] : NtOpenEvent @ 0x8060F1B0 -> HOOKED (Unknown @ 0x8A6827E8)
SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0x8A6D0D08)
SSDT[123] : NtOpenProcessToken @ 0x805EE000 -> HOOKED (Unknown @ 0x8A642398)
SSDT[125] : NtOpenSection @ 0x805AA3F4 -> HOOKED (Unknown @ 0x8A66C7C0)
SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0x8A6E6710)
SSDT[137] : NtProtectVirtualMemory @ 0x805B8426 -> HOOKED (Unknown @ 0x8A63C2D0)
SSDT[206] : NtResumeThread @ 0x805D4A18 -> HOOKED (Unknown @ 0x8A61AD80)
SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0x8A62AD80)
SSDT[228] : NtSetInformationProcess @ 0x805CDEA0 -> HOOKED (Unknown @ 0x8A61D268)
SSDT[240] : NtSetSystemInformation @ 0x8060FE68 -> HOOKED (Unknown @ 0x8A636D80)
SSDT[253] : NtSuspendProcess @ 0x805D4AE0 -> HOOKED (Unknown @ 0x8A624D80)
SSDT[254] : NtSuspendThread @ 0x805D4952 -> HOOKED (Unknown @ 0x8A619D30)
SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0x8A99D310)
SSDT[258] : unknown @ 0x805D24D2 -> HOOKED (Unknown @ 0x8A619798)
SSDT[267] : NtUnmapViewOfSection @ 0x805B2E50 -> HOOKED (Unknown @ 0x8A63C370)
SSDT[277] : NtWriteVirtualMemory @ 0x805B43D4 -> HOOKED (Unknown @ 0x8A62C330)
S_SSDT[307] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x8A34AE38)
S_SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x8A9354A8)
S_SSDT[414] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x8A93E220)
S_SSDT[416] : NtUserGetKeyState -> HOOKED (Unknown @ 0x8A9313B0)
S_SSDT[428] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x8A676898)
S_SSDT[460] : NtUserMessageCall -> HOOKED (Unknown @ 0x8A624DE0)
S_SSDT[475] : NtUserPostMessage -> HOOKED (Unknown @ 0x8A635DE0)
S_SSDT[476] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x8A6163D0)
S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8A9432B8)
S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8A630658)

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3250823AS +++++
--- User ---
[MBR] d1c10759b3a146ee75d64b48c9a73f5b
[BSP] 8a7884da59e414827f91c43dcf324e78 : Toshiba MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 7648 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 15664320 | Size: 230816 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST31000528AS +++++
--- User ---
[MBR] 59755847a214c90f7a3e1ff6c161dd5e
[BSP] 2707f3ae2396da5c91de2206ef8163e2 : Empty MBR Code
Partition table:
1 - [ACTIVE] EXTEN (0x05) [VISIBLE] Offset (sectors): 15120 | Size: 953859 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_05012013_02d2231.txt >>
RKreport[1]_S_05012013_02d2230.txt ; RKreport[2]_D_05012013_02d2231.txt



Results of screen317's Security Check version 0.99.63
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton Security Suite
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SpyHunter
Spybot - Search & Destroy
Windows Defender
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
EasyCleaner
Java 7 Update 21
Adobe Flash Player 11.6.602.180
Adobe Reader XI
Mozilla Firefox (20.0.1)
Google Chrome 26.0.1410.64
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Windows Defender MSMpEng.exe
Windows Defender MsMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 1%
````````````````````End of Log``````````````````````
  • 0

#4
Vorkus
Posted 02 May 2013 - 04:38 AM

Vorkus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Oh, by the way, my firefox will load and freeze saying there is a visual C++ runtime error. CPT failed to load. I is unresponsive so I cant do anything with it.
  • 0

#5
gringo_pr
Posted 02 May 2013 - 07:52 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Vorkus

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#6
Vorkus
Posted 02 May 2013 - 09:37 PM

Vorkus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
HERE IS MY COMBOFIX LOG Please be advised that I uninstalled google chrome prior to scanning. I understand that some chrome files do not get deleted during uninstall and can remain behind and cause a problem. I was told they need to be removed manually. If that is the case, please let me know. thanks for the help.



ComboFix 13-05-01.03 - HP_Administrator 05/02/2013 22:53:27.6.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.995 [GMT -4:00]
Running from: g:\priority viewing\ComboFix.exe
AV: Norton Security Suite *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((( Files Created from 2013-04-03 to 2013-05-03 )))))))))))))))))))))))))))))))
.
.
2013-04-30 06:21 . 2013-04-10 03:08 6906960 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{538AF223-2C03-4A31-846C-F030480434B1}\mpengine.dll
2013-04-28 05:42 . 2013-04-28 05:43 -------- d-----w- c:\windows\system32\NtmsData
2013-04-28 04:30 . 2013-04-28 04:30 -------- d-----w- C:\_OTL
2013-04-27 18:18 . 2013-04-27 18:18 73728 ----a-r- c:\documents and settings\HP_Administrator\Application Data\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-04-27 18:18 . 2013-04-27 18:18 73728 ----a-r- c:\documents and settings\HP_Administrator\Application Data\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-04-27 18:18 . 2013-04-27 18:18 73728 ----a-r- c:\documents and settings\HP_Administrator\Application Data\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2013-04-27 18:17 . 2013-04-27 18:17 -------- d-----w- c:\program files\Sophos
2013-04-27 03:01 . 2013-04-27 03:01 110080 ----a-r- c:\documents and settings\HP_Administrator\Application Data\Microsoft\Installer\{0AC0F1B2-61C7-4B6E-ACEF-58FCC0B94835}\IconF7A21AF7.exe
2013-04-27 03:01 . 2013-04-27 03:01 110080 ----a-r- c:\documents and settings\HP_Administrator\Application Data\Microsoft\Installer\{0AC0F1B2-61C7-4B6E-ACEF-58FCC0B94835}\IconD7F16134.exe
2013-04-27 03:01 . 2013-04-27 03:01 110080 ----a-r- c:\documents and settings\HP_Administrator\Application Data\Microsoft\Installer\{0AC0F1B2-61C7-4B6E-ACEF-58FCC0B94835}\IconCF33A0CE.exe
2013-04-27 03:00 . 2013-04-27 03:01 -------- d-----w- C:\sh4ldr
2013-04-27 03:00 . 2013-04-27 03:00 -------- d-----w- c:\program files\Enigma Software Group
2013-04-27 03:00 . 2013-04-27 03:01 -------- d-----w- c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP
2013-04-27 03:00 . 2013-04-27 03:00 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-04-22 03:52 . 2013-04-04 09:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-22 03:37 . 2005-09-01 15:34 1312392 ----a-w- c:\program files\Mozilla Firefox\plugins\NPSWF32.dll
2013-04-22 03:37 . 2005-08-27 17:38 128648 ----a-w- c:\program files\Mozilla Firefox\plugins\GetFlash.exe
2013-04-21 19:55 . 2013-04-21 19:55 -------- d-----w- c:\windows\system32\config\systemprofile\AppData
2013-04-21 19:55 . 2013-04-21 19:55 -------- d-----w- c:\documents and settings\NetworkService\AppData
2013-04-21 19:55 . 2013-04-21 19:55 -------- d-----w- c:\documents and settings\LocalService\AppData
2013-04-21 19:55 . 2013-04-21 19:55 -------- d-----w- c:\documents and settings\HP_Administrator\AppData
2013-04-21 19:55 . 2013-04-21 19:55 -------- d-----w- c:\documents and settings\Administrator\AppData
2013-04-21 19:55 . 2013-04-21 19:55 -------- d-----w- c:\program files\File Type Helper
2013-04-21 19:55 . 2013-04-21 19:55 -------- d-----w- c:\program files\Fast Free Converter
2013-04-21 19:51 . 2013-04-21 19:52 -------- d-----w- c:\program files\dnsshield
2013-04-21 19:51 . 2013-04-27 23:59 -------- d-----w- c:\program files\Social Privacy
2013-04-21 19:51 . 2013-04-26 01:18 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Shield
2013-04-18 03:52 . 2013-04-19 01:36 -------- d-----w- c:\windows\system32\drivers\N360\1402000.013
2013-04-18 01:11 . 2012-08-09 01:50 44064 ----a-r- c:\windows\system32\drivers\SymIM.sys
2013-04-14 20:49 . 2006-01-14 00:36 274432 ------w- c:\windows\system32\hpfinst.dll
2013-04-06 16:38 . 2013-04-06 16:38 -------- d-----w- C:\GEARView Basic Dev
2013-04-04 01:25 . 2013-04-04 01:25 -------- d-----w- c:\program files\RealNetworks
2013-04-04 01:25 . 2013-04-04 01:25 -------- d-----w- c:\documents and settings\All Users\Application Data\RealNetworks
2013-04-04 01:24 . 2013-04-04 01:24 -------- d-----w- c:\program files\Common Files\xing shared
2013-04-04 01:24 . 2013-04-04 01:24 153736 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-04-04 01:23 . 2013-04-04 01:23 124504 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpplugin.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-22 03:30 . 2012-03-29 01:41 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-22 03:30 . 2011-06-26 06:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-17 03:28 . 2010-03-11 03:32 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-04-10 03:08 . 2009-09-17 03:49 6906960 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-04-04 18:50 . 2010-03-25 22:01 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-12 05:10 . 2009-10-03 22:08 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-08 08:36 . 2004-08-10 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-08 02:12 . 2013-02-21 02:55 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-08 02:12 . 2012-06-17 05:51 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-08 02:12 . 2010-05-01 14:38 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-07 01:32 . 2004-08-10 19:00 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2004-08-10 19:00 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06 . 2004-08-10 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:06 . 2004-08-10 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-03-02 02:06 . 2004-08-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:25 . 2004-08-10 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08 . 2004-08-10 12:00 385024 ------w- c:\windows\system32\html.iec
2013-02-27 07:56 . 2004-08-10 12:00 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-12 00:32 . 2009-09-09 02:09 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2004-08-10 12:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-08 02:44 . 2013-03-23 17:53 175864 ---ha-w- c:\windows\system32\BytescoutVideoMixerFilter.dll
2013-02-08 02:44 . 2013-03-23 17:53 429816 ---ha-w- c:\windows\system32\BytescoutScreenCapturing.dll
2013-02-08 02:44 . 2013-03-23 17:53 261880 ---ha-w- c:\windows\system32\BytescoutScreenCapturingFilter.dll
2010-01-26 15:11 . 2011-09-27 01:11 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2013-04-10 06:58 . 2013-04-21 19:24 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Second Copy"="c:\program files\SecCopy\SecCopy.exe" [2006-01-09 915456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"DiscUpdateManager"="c:\program files\DISC\DiscUpdateMgr.exe" [2005-09-27 61440]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"HostManager"="c:\program files\Common Files\AOL\1252510432\ee\AOLSoftware.exe" [2008-06-24 41824]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2006-01-14 196608]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"ADUserMon"="c:\program files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-24 147456]
"Iomega Drive Icons"="c:\program files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]
"Deskup"="c:\program files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]
"DiscWizardMonitor.exe"="c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe" [2008-06-24 1325848]
"AcronisTimounterMonitor"="c:\program files\Seagate\DiscWizard\TimounterMonitor.exe" [2008-06-25 904768]
"Seagate Scheduler2 Service"="c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe" [2008-06-24 136472]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"Comcast_McciTrayApp"="c:\program files\Comcast\pcTrayApp.exe" [2012-04-03 1939968]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1637496]
"IJNetworkScannerSelectorEX"="c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-07-25 468112]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-04-04 295512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
c:\documents and settings\Default User\Start Menu\Programs\Startup\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2005-12-23 27136]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=DrvTrNTm.dll
"wave"=DrvTrNTm.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\PalTalk.lnk
backup=c:\windows\pss\PalTalk.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^CNET TechTracker.lnk]
path=c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\CNET TechTracker.lnk
backup=c:\windows\pss\CNET TechTracker.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
path=c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk]
path=c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.4.lnk
backup=c:\windows\pss\OpenOffice.org 3.4.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DISCover]
2005-09-27 07:43 1060864 ----a-w- c:\program files\DISC\DISCover.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing]
c:\program files\TechSmith\Jing\Jing.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2010-03-19 21:27 5248312 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
2009-09-11 04:03 160832 ----a-w- c:\program files\Siber Systems\AI RoboForm\robotaskbaricon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Second Copy]
2006-01-09 16:45 915456 ----a-w- c:\progra~1\SecCopy\SecCopy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\DISC\\DISCover.exe"=
"c:\\Program Files\\DISC\\DiscStreamHub.exe"=
"c:\\Program Files\\DISC\\myFTP.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\aol\\1252510432\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.1\\waol.exe"=
"c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"=
"c:\\Program Files\\AOL 9.1a\\waol.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\HP_Administrator\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\FrostWire 5\\FrostWire.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Motive\\pcServiceHost.exe"=
"c:\\Program Files\\Apowersoft\\Streaming Video Recorder\\Streaming Video Recorder.exe"=
"c:\\Program Files\\Apowersoft\\Streaming Video Recorder\\ApowersoftSrv.dll"=
"c:\\Program Files\\Apowersoft\\Streaming Video Recorder\\ApowersoftDump.dll"=
"c:\\Program Files\\Apowersoft\\Streaming Video Recorder\\ApowersoftAC.dll"=
"c:\\Program Files\\Apowersoft\\Streaming Video Recorder\\ApowersoftPlayer.dll"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\Video Download Capture.exe"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\ApowersoftSrv.dll"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\ApowersoftDump.dll"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\ApowersoftAC.dll"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\ApowersoftPlayer.dll"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1403:TCP"= 1403:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1402000.013\symds.sys [4/17/2013 11:52 PM 368288]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1402000.013\symefa.sys [4/17/2013 11:52 PM 927904]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys [4/13/2013 12:09 AM 1000024]
R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360\1402000.013\ccsetx86.sys [4/17/2013 11:52 PM 134304]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1402000.013\ironx86.sys [4/17/2013 11:52 PM 175264]
R2 Learning Like Crazy: Verbarrator update permissions manager. 8545.;Learning Like Crazy: Verbarrator update permissions manager. 8545.;c:\program files\Learning Like Crazy\Verbarrator\update.exe -PermissionManagerRun --> c:\program files\Learning Like Crazy\Verbarrator\update.exe -PermissionManagerRun [?]
R2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\20.2.0.19\ccsvchst.exe [4/17/2013 11:52 PM 143928]
R2 pcCMService;pcCMService;c:\program files\Common Files\Motive\pcCMService.exe [6/3/2012 4:10 PM 369152]
R2 pcServiceHost;pcServiceHost;c:\program files\Common Files\Motive\pcServiceHost.exe [10/14/2012 5:38 PM 342016]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [3/6/2013 2:21 AM 39056]
R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\Common Files\Seagate\Schedule2\schedul2.exe [6/24/2008 7:56 PM 431384]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [3/23/2013 1:53 PM 26080]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [1/19/2013 2:44 AM 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130502.001\IDSXpx86.sys [5/2/2013 8:10 PM 373728]
S2 FastFreeConverterUpdt;FastFreeConverterUpdt;c:\program files\Fast Free Converter\FastFreeConverterUpdt.exe [11/26/2012 9:30 AM 687104]
S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup\Engine\2.0.2.547\SymcPCCULaunchSvc.exe /s --> c:\program files\Norton PC Checkup\Engine\2.0.2.547\SymcPCCULaunchSvc.exe [?]
S2 PCCUJobMgr;Common Client Job Manager Service;"c:\program files\Norton PC Checkup\Engine\2.0.2.547\ccSvcHst.exe" /s "PCCUJobMgr" /m "c:\program files\Norton PC Checkup\Engine\2.0.2.547\diMaster.dll" /prefetch:1 --> c:\program files\Norton PC Checkup\Engine\2.0.2.547\ccSvcHst.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 1:28 PM 160944]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [1/14/2013 10:33 PM 769920]
S3 cpuz128;cpuz128;\??\c:\docume~1\HP_ADM~1\LOCALS~1\Temp\cpuz_x32.sys --> c:\docume~1\HP_ADM~1\LOCALS~1\Temp\cpuz_x32.sys [?]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [5/6/2011 4:57 PM 13904]
S3 EsgScanner;EsgScanner;c:\windows\system32\drivers\EsgScanner.sys [6/22/2012 12:01 PM 19984]
S3 ICDUSB3;ICDUSB3;c:\windows\system32\drivers\ICDUSB3.sys [5/7/2010 11:41 PM 11264]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [2/5/2013 11:48 AM 235216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-28 01:24 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-01 07:29]
.
2013-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-01 07:29]
.
2013-05-02 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
.
2013-05-03 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2296229634-219738001-2420873020-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 15:36]
.
2013-05-03 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2296229634-219738001-2420873020-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 15:36]
.
2013-05-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2296229634-219738001-2420873020-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 15:36]
.
2013-05-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2296229634-219738001-2420873020-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 15:36]
.
2013-02-03 c:\windows\Tasks\tonegenShakeIcon.job
- c:\program files\NCH Software\ToneGen\tonegen.exe [2011-08-25 04:34]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uInternet Settings,ProxyOverride = <-loopback>
IE: &AOL Toolbar Search - c:\documents and settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
Trusted Zone: com\www.msi
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: trymedia.com
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: NameServer = 66.228.116.178,66.228.116.179
TCP: Interfaces\{9678551D-6B7D-408B-AB72-4C4E985A0BC3}: NameServer = 66.228.116.178,66.228.116.179
TCP: Interfaces\{C11E18B4-E11F-4A36-8FC5-4C20AEA0F3FF}: NameServer = 66.228.116.178,66.228.116.179
DPF: {C2B78FF1-6E5A-4854-AC24-E09A0E2411BA} - hxxp://static1.meetupstatic.com/applet/MeetUploader5.cab
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\yit874pd.default\
FF - prefs.js: browser.startup.homepage - hxxp://proxy.allsearchapp.com/app/start/
FF - ExtSQL: !HIDDEN! 2009-11-19 01:08; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-02 23:21
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3250823AS rev.3.03 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys iomdisk.sys hal.dll ACPI.sys atapi.sys pciide.sys
c:\docume~1\HP_ADM~1\LOCALS~1\Temp\catchme.sys
c:\windows\system32\drivers\iomdisk.sys Iomega Corporation Microsoft® Windows NT® Operating System
1 ntkrnlpa!IofCallDriver[0x804EF200] -> \Device\Harddisk0\DR0[0x8AA07AB8]
3 CLASSPNP[0xBA118FD7] -> ntkrnlpa!IofCallDriver[0x804EF200] -> [0x8AA5DAF8]
5 iomdisk[0xBA340BC3] -> ntkrnlpa!IofCallDriver[0x804EF200] -> \Device\00000086[0x8AA6BE98]
7 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EF200] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8AA16398]
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x5c; }
detected disk devices:
\Device\Parallel0.5 -> \??\LPTENUM#IMGVP0#4&11086fbe&0&LPT1.5#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
user & kernel MBR OK
.
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ldap]
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Learning Like Crazy: Verbarrator update permissions manager. 8545.]
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\PCCUJobMgr]
"ImagePath"="\"c:\program files\Norton PC Checkup\Engine\2.0.2.547\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Engine\2.0.2.547\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Iomega Activity Disk2]
"ImagePath"="\"\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1616)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(1680)
c:\windows\system32\relog_ap.dll
.
Completion time: 2013-05-02 23:31:00
ComboFix-quarantined-files.txt 2013-05-03 03:30
ComboFix2.txt 2013-04-28 00:03
.
Pre-Run: 100,149,633,024 bytes free
Post-Run: 100,259,954,688 bytes free
.
- - End Of File - - 1384CFF683DA5B2A0A04794934532380

Edited by Vorkus, 02 May 2013 - 09:39 PM.

  • 0

#7
gringo_pr
Posted 03 May 2013 - 05:06 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Vorkus


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

#8
Vorkus
Posted 03 May 2013 - 07:17 PM

Vorkus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
I ran tdskiller and it reported no problems found I am pasting the report..
Please be advised that I tried to run malarebytes anti rootkit but it wont load and gives me the message Visial Basic Runtime
failed dou to error R6030 CRT failed to initialize.

The tdskiller gave me 2 reports

20:32:54.0890 7172 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:32:56.0171 7172 ============================================================
20:32:56.0171 7172 Current date / time: 2013/05/03 20:32:56.0171
20:32:56.0171 7172 SystemInfo:
20:32:56.0171 7172
20:32:56.0171 7172 OS Version: 5.1.2600 ServicePack: 3.0
20:32:56.0171 7172 Product type: Workstation
20:32:56.0171 7172 ComputerName: MAIN
20:32:56.0171 7172 UserName: HP_Administrator
20:32:56.0171 7172 Windows directory: C:\WINDOWS
20:32:56.0171 7172 System windows directory: C:\WINDOWS
20:32:56.0171 7172 Processor architecture: Intel x86
20:32:56.0171 7172 Number of processors: 2
20:32:56.0171 7172 Page size: 0x1000
20:32:56.0171 7172 Boot type: Normal boot
20:32:56.0171 7172 ============================================================
20:32:57.0562 7172 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
20:32:57.0562 7172 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
20:32:57.0625 7172 ============================================================
20:32:57.0625 7172 \Device\Harddisk0\DR0:
20:32:57.0625 7172 MBR partitions:
20:32:57.0625 7172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xEF0481
20:32:57.0625 7172 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xEF04C0, BlocksNum 0x1C2D0200
20:32:57.0625 7172 \Device\Harddisk1\DR1:
20:32:57.0625 7172 MBR partitions:
20:32:57.0640 7172 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3B4F, BlocksNum 0x74701AC1
20:32:57.0640 7172 ============================================================
20:32:57.0687 7172 C: <-> \Device\Harddisk0\DR0\Partition2
20:32:57.0687 7172 D: <-> \Device\Harddisk0\DR0\Partition1
20:32:57.0718 7172 G: <-> \Device\Harddisk1\DR1\Partition1
20:32:57.0718 7172 ============================================================
20:32:57.0718 7172 Initialize success
20:32:57.0718 7172 ============================================================
20:33:03.0625 4000 ============================================================
20:33:03.0625 4000 Scan started
20:33:03.0625 4000 Mode: Manual;
20:33:03.0625 4000 ============================================================
20:33:04.0375 4000 ================ Scan system memory ========================
20:33:07.0671 4000 System memory - ok
20:33:07.0671 4000 ================ Scan services =============================
20:33:07.0921 4000 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll
20:33:07.0921 4000 6to4 - ok
20:33:07.0953 4000 Abiosdsk - ok
20:33:07.0953 4000 abp480n5 - ok
20:33:08.0015 4000 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:33:08.0031 4000 ACPI - ok
20:33:08.0062 4000 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:33:08.0062 4000 ACPIEC - ok
20:33:08.0078 4000 adpu160m - ok
20:33:08.0125 4000 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:33:08.0171 4000 aec - ok
20:33:08.0218 4000 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:33:08.0234 4000 AFD - ok
20:33:08.0328 4000 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
20:33:08.0343 4000 AgereModemAudio - ok
20:33:08.0406 4000 [ 7560F465F1CE69C53BF17559EE195548 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
20:33:08.0453 4000 AgereSoftModem - ok
20:33:08.0453 4000 Aha154x - ok
20:33:08.0468 4000 aic78u2 - ok
20:33:08.0484 4000 aic78xx - ok
20:33:08.0671 4000 [ 7F26D024355CBADB60838F53DFB171EC ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
20:33:08.0843 4000 ALCXWDM - ok
20:33:08.0890 4000 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:33:08.0890 4000 Alerter - ok
20:33:08.0937 4000 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
20:33:08.0937 4000 ALG - ok
20:33:08.0937 4000 AliIde - ok
20:33:09.0000 4000 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
20:33:09.0000 4000 AmdK8 - ok
20:33:09.0000 4000 amsint - ok
20:33:09.0171 4000 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
20:33:09.0171 4000 AOL ACS - ok
20:33:09.0218 4000 [ 548CCBD8B48FDF7E2435AD6017920A7F ] Apowersoft_AudioDevice C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys
20:33:09.0234 4000 Apowersoft_AudioDevice - ok
20:33:09.0328 4000 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:33:09.0359 4000 Apple Mobile Device - ok
20:33:09.0406 4000 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:33:09.0406 4000 AppMgmt - ok
20:33:09.0468 4000 [ 00523019E3579C8F8A94457FE25F0F24 ] aracpi C:\WINDOWS\system32\DRIVERS\aracpi.sys
20:33:09.0468 4000 aracpi - ok
20:33:09.0484 4000 [ 9FEDAA46EB1A572AC4D9EE6B5F123CF2 ] arhidfltr C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
20:33:09.0484 4000 arhidfltr - ok
20:33:09.0500 4000 [ 82969576093CD983DD559F5A86F382B4 ] arkbcfltr C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
20:33:09.0500 4000 arkbcfltr - ok
20:33:09.0515 4000 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] armoucfltr C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
20:33:09.0515 4000 armoucfltr - ok
20:33:09.0578 4000 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:33:09.0578 4000 Arp1394 - ok
20:33:09.0593 4000 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] ARPolicy C:\WINDOWS\system32\DRIVERS\arpolicy.sys
20:33:09.0593 4000 ARPolicy - ok
20:33:09.0656 4000 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] ARSVC C:\WINDOWS\arservice.exe
20:33:10.0843 4000 ARSVC - ok
20:33:10.0859 4000 asc - ok
20:33:10.0875 4000 asc3350p - ok
20:33:10.0890 4000 asc3550 - ok
20:33:11.0078 4000 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:33:11.0093 4000 aspnet_state - ok
20:33:11.0109 4000 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:33:11.0109 4000 AsyncMac - ok
20:33:11.0140 4000 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:33:11.0156 4000 atapi - ok
20:33:11.0156 4000 Atdisk - ok
20:33:11.0234 4000 [ D21352BCAAB174948EB9672BC203BB0F ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
20:33:11.0234 4000 Ati HotKey Poller - ok
20:33:11.0343 4000 [ 7A6CF9F411A9C5BD5C442A1CD46AF401 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:33:11.0390 4000 ati2mtag - ok
20:33:11.0453 4000 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:33:11.0453 4000 Atmarpc - ok
20:33:11.0500 4000 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:33:11.0500 4000 AudioSrv - ok
20:33:11.0515 4000 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:33:11.0515 4000 audstub - ok
20:33:11.0578 4000 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
20:33:11.0578 4000 BANTExt - ok
20:33:11.0593 4000 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:33:11.0593 4000 Beep - ok
20:33:11.0984 4000 [ 89BF5550E4FC31E3FE728E68C558BF10 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys
20:33:12.0015 4000 BHDrvx86 - ok
20:33:12.0093 4000 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
20:33:12.0203 4000 BITS - ok
20:33:12.0296 4000 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:33:12.0312 4000 Bonjour Service - ok
20:33:12.0375 4000 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
20:33:12.0375 4000 Browser - ok
20:33:12.0593 4000 catchme - ok
20:33:12.0625 4000 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:33:12.0625 4000 cbidf2k - ok
20:33:12.0640 4000 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:33:12.0640 4000 CCDECODE - ok
20:33:12.0718 4000 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360 C:\WINDOWS\system32\drivers\N360\1402000.013\ccSetx86.sys
20:33:12.0734 4000 ccSet_N360 - ok
20:33:12.0734 4000 cd20xrnt - ok
20:33:12.0781 4000 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:33:12.0781 4000 Cdaudio - ok
20:33:12.0859 4000 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:33:12.0859 4000 Cdfs - ok
20:33:12.0875 4000 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:33:12.0890 4000 Cdrom - ok
20:33:12.0890 4000 Changer - ok
20:33:12.0937 4000 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:33:12.0937 4000 CiSvc - ok
20:33:12.0953 4000 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:33:12.0953 4000 ClipSrv - ok
20:33:13.0031 4000 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:33:13.0140 4000 clr_optimization_v2.0.50727_32 - ok
20:33:13.0203 4000 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:33:13.0359 4000 clr_optimization_v4.0.30319_32 - ok
20:33:13.0375 4000 CmdIde - ok
20:33:13.0390 4000 COMSysApp - ok
20:33:13.0406 4000 Cpqarray - ok
20:33:13.0421 4000 cpuz128 - ok
20:33:13.0437 4000 cpuz132 - ok
20:33:13.0484 4000 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:33:13.0484 4000 CryptSvc - ok
20:33:13.0500 4000 dac2w2k - ok
20:33:13.0500 4000 dac960nt - ok
20:33:13.0562 4000 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:33:13.0578 4000 DcomLaunch - ok
20:33:13.0656 4000 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:33:13.0671 4000 Dhcp - ok
20:33:13.0718 4000 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:33:13.0718 4000 Disk - ok
20:33:13.0734 4000 dmadmin - ok
20:33:13.0796 4000 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:33:13.0828 4000 dmboot - ok
20:33:13.0843 4000 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:33:13.0843 4000 dmio - ok
20:33:13.0875 4000 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:33:13.0875 4000 dmload - ok
20:33:13.0875 4000 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:33:13.0890 4000 dmserver - ok
20:33:13.0937 4000 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:33:13.0937 4000 DMusic - ok
20:33:14.0000 4000 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:33:14.0000 4000 Dnscache - ok
20:33:14.0062 4000 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:33:14.0062 4000 Dot3svc - ok
20:33:14.0078 4000 dpti2o - ok
20:33:14.0078 4000 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:33:14.0093 4000 drmkaud - ok
20:33:14.0125 4000 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:33:14.0125 4000 EapHost - ok
20:33:14.0187 4000 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:33:14.0203 4000 eeCtrl - ok
20:33:14.0296 4000 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
20:33:14.0312 4000 ehRecvr - ok
20:33:14.0375 4000 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
20:33:14.0375 4000 ehSched - ok
20:33:14.0421 4000 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:33:14.0437 4000 EraserUtilRebootDrv - ok
20:33:14.0500 4000 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:33:14.0500 4000 ERSvc - ok
20:33:14.0578 4000 [ 2407B8164E966755BC6A4242FC9DE31E ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
20:33:14.0578 4000 esgiguard - ok
20:33:14.0593 4000 [ 01CE484FF6D70A39479BC6D619DE7ED6 ] EsgScanner C:\WINDOWS\system32\DRIVERS\EsgScanner.sys
20:33:14.0593 4000 EsgScanner - ok
20:33:14.0640 4000 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
20:33:14.0656 4000 Eventlog - ok
20:33:14.0687 4000 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
20:33:14.0703 4000 EventSystem - ok
20:33:14.0750 4000 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:33:14.0750 4000 Fastfat - ok
20:33:14.0875 4000 [ 83158CA47591AF55A9759B5C648B0462 ] FastFreeConverterUpdt C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe
20:33:14.0906 4000 FastFreeConverterUpdt - ok
20:33:14.0968 4000 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:33:14.0968 4000 FastUserSwitchingCompatibility - ok
20:33:15.0015 4000 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
20:33:15.0015 4000 Fax - ok
20:33:15.0046 4000 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:33:15.0046 4000 Fdc - ok
20:33:15.0062 4000 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:33:15.0078 4000 Fips - ok
20:33:15.0078 4000 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:33:15.0078 4000 Flpydisk - ok
20:33:15.0140 4000 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:33:15.0140 4000 FltMgr - ok
20:33:15.0203 4000 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:33:15.0218 4000 FontCache3.0.0.0 - ok
20:33:15.0234 4000 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:33:15.0234 4000 Fs_Rec - ok
20:33:15.0250 4000 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:33:15.0250 4000 Ftdisk - ok
20:33:15.0265 4000 ftsata2 - ok
20:33:15.0296 4000 [ 5AE3A887ECE5BBB72CFAB273C2FD1CFA ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:33:15.0296 4000 GEARAspiWDM - ok
20:33:15.0359 4000 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:33:15.0359 4000 Gpc - ok
20:33:15.0406 4000 [ 6003BC70F1A8307262BD3C941BDA0B7E ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
20:33:15.0406 4000 grmnusb - ok
20:33:15.0546 4000 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:33:15.0546 4000 gupdate - ok
20:33:15.0562 4000 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:33:15.0562 4000 gupdatem - ok
20:33:15.0593 4000 [ 41BBAD646A8C842BC30EF6745A4F6FF3 ] hcwPP2 C:\WINDOWS\system32\DRIVERS\hcwPP2.sys
20:33:15.0593 4000 hcwPP2 - ok
20:33:15.0703 4000 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:33:15.0703 4000 helpsvc - ok
20:33:15.0750 4000 [ BB1A6FB7D35A91E599973FA74A619056 ] HidIr C:\WINDOWS\system32\DRIVERS\hidir.sys
20:33:15.0750 4000 HidIr - ok
20:33:15.0765 4000 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:33:15.0781 4000 HidServ - ok
20:33:15.0812 4000 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:33:15.0812 4000 HidUsb - ok
20:33:15.0968 4000 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:33:15.0968 4000 hkmsvc - ok
20:33:15.0984 4000 hpn - ok
20:33:16.0046 4000 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:33:16.0078 4000 HTTP - ok
20:33:16.0109 4000 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:33:16.0125 4000 HTTPFilter - ok
20:33:16.0140 4000 i2omgmt - ok
20:33:16.0140 4000 i2omp - ok
20:33:16.0187 4000 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:33:16.0218 4000 i8042prt - ok
20:33:16.0359 4000 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
20:33:16.0843 4000 iaStor - ok
20:33:16.0906 4000 [ 89747A423B7F9990F1B44668B302D4D5 ] ICDSPTSV C:\WINDOWS\system32\IcdSptSv.exe
20:33:16.0937 4000 ICDSPTSV - ok
20:33:16.0984 4000 [ 8D083E56EDE3A80B214020DA9F03143A ] ICDUSB3 C:\WINDOWS\system32\Drivers\ICDUSB3.sys
20:33:16.0984 4000 ICDUSB3 - ok
20:33:17.0078 4000 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:33:17.0078 4000 IDriverT - ok
20:33:17.0171 4000 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:33:17.0250 4000 idsvc - ok
20:33:17.0406 4000 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130502.001\IDSxpx86.sys
20:33:17.0406 4000 IDSxpx86 - ok
20:33:17.0453 4000 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:33:17.0453 4000 Imapi - ok
20:33:17.0500 4000 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:33:17.0515 4000 ImapiService - ok
20:33:17.0515 4000 ini910u - ok
20:33:17.0546 4000 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:33:17.0546 4000 IntelIde - ok
20:33:17.0578 4000 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:33:17.0578 4000 intelppm - ok
20:33:17.0593 4000 [ 9D7069D72C0C72952F05E1688A5AE89D ] iomdisk C:\WINDOWS\system32\DRIVERS\iomdisk.sys
20:33:17.0609 4000 iomdisk - ok
20:33:17.0703 4000 [ 19EF7FB809D3073EE60F85464E9C4C51 ] Iomega App Services C:\PROGRA~1\Iomega\System32\AppServices.exe
20:33:17.0703 4000 Iomega App Services - ok
20:33:17.0734 4000 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:33:17.0734 4000 Ip6Fw - ok
20:33:17.0781 4000 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:33:17.0781 4000 IpFilterDriver - ok
20:33:17.0812 4000 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:33:17.0812 4000 IpInIp - ok
20:33:17.0828 4000 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:33:17.0828 4000 IpNat - ok
20:33:17.0921 4000 [ 6E27978A4755F4789F912F5F49392F7C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:33:17.0953 4000 iPod Service - ok
20:33:18.0015 4000 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:33:18.0015 4000 IPSec - ok
20:33:18.0062 4000 [ B43B36B382AEA10861F7C7A37F9D4AE2 ] IrBus C:\WINDOWS\system32\DRIVERS\IrBus.sys
20:33:18.0062 4000 IrBus - ok
20:33:18.0078 4000 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:33:18.0078 4000 IRENUM - ok
20:33:18.0109 4000 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:33:18.0109 4000 isapnp - ok
20:33:18.0421 4000 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
20:33:18.0421 4000 JavaQuickStarterService - ok
20:33:18.0437 4000 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:33:18.0437 4000 Kbdclass - ok
20:33:18.0500 4000 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:33:18.0500 4000 kbdhid - ok
20:33:18.0515 4000 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:33:18.0515 4000 kmixer - ok
20:33:18.0562 4000 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:33:18.0562 4000 KSecDD - ok
20:33:18.0593 4000 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:33:18.0593 4000 lanmanserver - ok
20:33:18.0625 4000 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:33:18.0625 4000 lanmanworkstation - ok
20:33:18.0625 4000 lbrtfdc - ok
20:33:18.0671 4000 Learning Like Crazy: Verbarrator update permissions manager. 8545. - ok
20:33:18.0796 4000 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:33:18.0796 4000 LightScribeService - ok
20:33:18.0843 4000 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:33:18.0859 4000 LmHosts - ok
20:33:18.0953 4000 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
20:33:18.0953 4000 McComponentHostService - ok
20:33:19.0000 4000 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
20:33:19.0000 4000 McrdSvc - ok
20:33:19.0078 4000 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:33:19.0093 4000 MDM - ok
20:33:19.0125 4000 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:33:19.0125 4000 Messenger - ok
20:33:19.0156 4000 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
20:33:19.0156 4000 MHN - ok
20:33:19.0171 4000 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
20:33:19.0187 4000 MHNDRV - ok
20:33:19.0218 4000 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:33:19.0218 4000 mnmdd - ok
20:33:19.0250 4000 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:33:19.0281 4000 mnmsrvc - ok
20:33:19.0343 4000 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:33:19.0343 4000 Modem - ok
20:33:19.0359 4000 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:33:19.0375 4000 Mouclass - ok
20:33:19.0406 4000 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:33:19.0421 4000 mouhid - ok
20:33:19.0453 4000 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:33:19.0453 4000 MountMgr - ok
20:33:19.0500 4000 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:33:19.0500 4000 MozillaMaintenance - ok
20:33:19.0515 4000 mraid35x - ok
20:33:19.0578 4000 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:33:19.0593 4000 MREMP50 - ok
20:33:19.0593 4000 MREMPR5 - ok
20:33:19.0593 4000 MRENDIS5 - ok
20:33:19.0625 4000 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:33:19.0625 4000 MRESP50 - ok
20:33:19.0640 4000 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:33:19.0640 4000 MRxDAV - ok
20:33:19.0703 4000 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:33:19.0718 4000 MRxSmb - ok
20:33:19.0750 4000 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:33:19.0750 4000 MSDTC - ok
20:33:19.0765 4000 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:33:19.0765 4000 Msfs - ok
20:33:19.0781 4000 MSIServer - ok
20:33:19.0812 4000 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:33:19.0812 4000 MSKSSRV - ok
20:33:19.0828 4000 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:33:19.0828 4000 MSPCLOCK - ok
20:33:19.0843 4000 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:33:19.0843 4000 MSPQM - ok
20:33:19.0906 4000 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:33:19.0906 4000 mssmbios - ok
20:33:19.0937 4000 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:33:19.0937 4000 MSTEE - ok
20:33:19.0984 4000 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:33:19.0984 4000 Mup - ok
20:33:20.0093 4000 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe
20:33:20.0093 4000 N360 - ok
20:33:20.0125 4000 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:33:20.0140 4000 NABTSFEC - ok
20:33:20.0187 4000 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:33:20.0187 4000 napagent - ok
20:33:20.0328 4000 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVENG.SYS
20:33:20.0343 4000 NAVENG - ok
20:33:20.0484 4000 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVEX15.SYS
20:33:20.0562 4000 NAVEX15 - ok
20:33:20.0609 4000 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:33:20.0609 4000 NDIS - ok
20:33:20.0640 4000 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:33:20.0640 4000 NdisIP - ok
20:33:20.0687 4000 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:33:20.0687 4000 NdisTapi - ok
20:33:20.0750 4000 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:33:20.0750 4000 Ndisuio - ok
20:33:20.0765 4000 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:33:20.0765 4000 NdisWan - ok
20:33:20.0828 4000 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:33:20.0828 4000 NDProxy - ok
20:33:20.0843 4000 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:33:20.0843 4000 NetBIOS - ok
20:33:20.0875 4000 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:33:20.0875 4000 NetBT - ok
20:33:20.0921 4000 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
20:33:20.0921 4000 NetDDE - ok
20:33:20.0937 4000 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:33:20.0937 4000 NetDDEdsdm - ok
20:33:20.0984 4000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:33:20.0984 4000 Netlogon - ok
20:33:21.0015 4000 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
20:33:21.0015 4000 Netman - ok
20:33:21.0078 4000 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:33:21.0140 4000 NetTcpPortSharing - ok
20:33:21.0171 4000 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:33:21.0187 4000 NIC1394 - ok
20:33:21.0250 4000 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
20:33:21.0281 4000 Nla - ok
20:33:21.0312 4000 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
20:33:21.0312 4000 nm - ok
20:33:21.0406 4000 [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
20:33:21.0421 4000 NMIndexingService - ok
20:33:21.0421 4000 Norton PC Checkup Application Launcher - ok
20:33:21.0468 4000 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:33:21.0468 4000 Npfs - ok
20:33:21.0500 4000 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:33:21.0515 4000 Ntfs - ok
20:33:21.0546 4000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:33:21.0546 4000 NtLmSsp - ok
20:33:21.0593 4000 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:33:21.0609 4000 NtmsSvc - ok
20:33:21.0656 4000 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:33:21.0656 4000 Null - ok
20:33:21.0703 4000 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:33:21.0703 4000 NwlnkFlt - ok
20:33:21.0718 4000 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:33:21.0718 4000 NwlnkFwd - ok
20:33:21.0734 4000 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:33:21.0734 4000 ohci1394 - ok
20:33:21.0765 4000 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:33:21.0765 4000 ose - ok
20:33:21.0828 4000 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:33:21.0828 4000 Parport - ok
20:33:21.0828 4000 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:33:21.0843 4000 PartMgr - ok
20:33:21.0875 4000 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:33:21.0875 4000 ParVdm - ok
20:33:21.0906 4000 [ ACFF877F5C17B9360919919F10DD6072 ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe
20:33:21.0921 4000 pcCMService - ok
20:33:21.0921 4000 PCCUJobMgr - ok
20:33:21.0937 4000 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:33:21.0953 4000 PCI - ok
20:33:21.0953 4000 PCIDump - ok
20:33:21.0968 4000 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:33:21.0968 4000 PCIIde - ok
20:33:21.0984 4000 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:33:22.0000 4000 Pcmcia - ok
20:33:22.0015 4000 [ A4D6449CEBB5931685AE310DC2D7966D ] pcServiceHost C:\Program Files\Common Files\Motive\pcServiceHost.exe
20:33:22.0031 4000 pcServiceHost - ok
20:33:22.0046 4000 PDCOMP - ok
20:33:22.0046 4000 PDFRAME - ok
20:33:22.0062 4000 PDRELI - ok
20:33:22.0062 4000 PDRFRAME - ok
20:33:22.0078 4000 perc2 - ok
20:33:22.0093 4000 perc2hib - ok
20:33:22.0156 4000 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
20:33:22.0156 4000 PlugPlay - ok
20:33:22.0250 4000 [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
20:33:22.0265 4000 Pml Driver HPZ12 - ok
20:33:22.0265 4000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:33:22.0265 4000 PolicyAgent - ok
20:33:22.0328 4000 [ C740D0CB238670629AF1B740414A8F3C ] ppa3 C:\WINDOWS\system32\DRIVERS\ppa3.sys
20:33:22.0328 4000 ppa3 - ok
20:33:22.0343 4000 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:33:22.0343 4000 PptpMiniport - ok
20:33:22.0359 4000 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
20:33:22.0359 4000 Processor - ok
20:33:22.0375 4000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:33:22.0375 4000 ProtectedStorage - ok
20:33:22.0421 4000 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
20:33:22.0421 4000 Ps2 - ok
20:33:22.0437 4000 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:33:22.0437 4000 PSched - ok
20:33:22.0453 4000 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:33:22.0453 4000 Ptilink - ok
20:33:22.0468 4000 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:33:22.0468 4000 PxHelp20 - ok
20:33:22.0484 4000 ql1080 - ok
20:33:22.0500 4000 Ql10wnt - ok
20:33:22.0500 4000 ql12160 - ok
20:33:22.0515 4000 ql1240 - ok
20:33:22.0515 4000 ql1280 - ok
20:33:22.0562 4000 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:33:22.0562 4000 RasAcd - ok
20:33:22.0625 4000 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:33:22.0640 4000 RasAuto - ok
20:33:22.0656 4000 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:33:22.0656 4000 Rasl2tp - ok
20:33:22.0718 4000 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:33:22.0718 4000 RasMan - ok
20:33:22.0734 4000 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:33:22.0734 4000 RasPppoe - ok
20:33:22.0750 4000 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:33:22.0750 4000 Raspti - ok
20:33:22.0781 4000 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:33:22.0781 4000 Rdbss - ok
20:33:22.0796 4000 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:33:22.0796 4000 RDPCDD - ok
20:33:22.0812 4000 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:33:22.0828 4000 rdpdr - ok
20:33:22.0890 4000 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:33:22.0890 4000 RDPWD - ok
20:33:22.0921 4000 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:33:22.0921 4000 RDSessMgr - ok
20:33:23.0000 4000 [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
20:33:23.0015 4000 RealNetworks Downloader Resolver Service - ok
20:33:23.0046 4000 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:33:23.0312 4000 redbook - ok
20:33:23.0343 4000 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:33:23.0375 4000 RemoteAccess - ok
20:33:23.0421 4000 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:33:23.0421 4000 RemoteRegistry - ok
20:33:23.0484 4000 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
20:33:23.0500 4000 rpcapd - ok
20:33:23.0515 4000 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
20:33:23.0515 4000 RpcLocator - ok
20:33:23.0578 4000 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:33:23.0578 4000 RpcSs - ok
20:33:23.0640 4000 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:33:23.0640 4000 RSVP - ok
20:33:23.0687 4000 [ EACD871FDBE85393D112782896C2D7DD ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:33:23.0687 4000 RTL8023xp - ok
20:33:23.0703 4000 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:33:23.0718 4000 rtl8139 - ok
20:33:23.0734 4000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
20:33:23.0750 4000 SamSs - ok
20:33:23.0796 4000 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:33:23.0796 4000 SCardSvr - ok
20:33:23.0859 4000 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:33:23.0859 4000 Schedule - ok
20:33:23.0906 4000 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:33:23.0937 4000 Secdrv - ok
20:33:23.0953 4000 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:33:23.0968 4000 seclogon - ok
20:33:23.0968 4000 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
20:33:23.0984 4000 SENS - ok
20:33:23.0984 4000 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
20:33:23.0984 4000 Serial - ok
20:33:24.0031 4000 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:33:24.0031 4000 Sfloppy - ok
20:33:24.0125 4000 [ D94129B1417148FAC9E4AE3ED8AE9E5D ] SgtSch2Svc C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
20:33:24.0140 4000 SgtSch2Svc - ok
20:33:24.0187 4000 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:33:24.0203 4000 SharedAccess - ok
20:33:24.0265 4000 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:33:24.0281 4000 ShellHWDetection - ok
20:33:24.0328 4000 [ 83409D0F9C886DB038DCC4D377955C6A ] SI3112 C:\WINDOWS\system32\DRIVERS\SI3112.sys
20:33:24.0328 4000 SI3112 - ok
20:33:24.0343 4000 Simbad - ok
20:33:24.0390 4000 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:33:24.0390 4000 SkypeUpdate - ok
20:33:24.0406 4000 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:33:24.0406 4000 SLIP - ok
20:33:24.0437 4000 [ C3BF55189AA92B8F919108EF9E4ACCAE ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
20:33:24.0437 4000 snapman - ok
20:33:24.0453 4000 Sparrow - ok
20:33:24.0500 4000 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:33:24.0500 4000 splitter - ok
20:33:24.0546 4000 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:33:24.0562 4000 Spooler - ok
20:33:24.0703 4000 [ 48AAE4C5E13611ED49C68F06857FF930 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
20:33:24.0718 4000 SpyHunter 4 Service - ok
20:33:24.0734 4000 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:33:24.0750 4000 sr - ok
20:33:24.0796 4000 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
20:33:24.0796 4000 srservice - ok
20:33:24.0984 4000 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\WINDOWS\System32\Drivers\N360\1402000.013\SRTSP.SYS
20:33:25.0000 4000 SRTSP - ok
20:33:25.0046 4000 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\WINDOWS\system32\drivers\N360\1402000.013\SRTSPX.SYS
20:33:25.0062 4000 SRTSPX - ok
20:33:25.0109 4000 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:33:25.0125 4000 Srv - ok
20:33:25.0140 4000 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:33:25.0140 4000 SSDPSRV - ok
20:33:25.0187 4000 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
20:33:25.0187 4000 StillCam - ok
20:33:25.0218 4000 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:33:25.0234 4000 stisvc - ok
20:33:25.0265 4000 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:33:25.0265 4000 streamip - ok
20:33:25.0296 4000 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:33:25.0296 4000 swenum - ok
20:33:25.0359 4000 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:33:25.0359 4000 swmidi - ok
20:33:25.0375 4000 SwPrv - ok
20:33:25.0375 4000 symc810 - ok
20:33:25.0390 4000 symc8xx - ok
20:33:25.0453 4000 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\WINDOWS\system32\drivers\N360\1402000.013\SYMDS.SYS
20:33:25.0453 4000 SymDS - ok
20:33:25.0500 4000 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\WINDOWS\system32\drivers\N360\1402000.013\SYMEFA.SYS
20:33:25.0531 4000 SymEFA - ok
20:33:25.0578 4000 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
20:33:25.0578 4000 SymEvent - ok
20:33:25.0593 4000 SYMFW - ok
20:33:25.0593 4000 SYMIDS - ok
20:33:25.0625 4000 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIM C:\WINDOWS\system32\DRIVERS\SymIM.sys
20:33:25.0625 4000 SymIM - ok
20:33:25.0640 4000 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIMMP C:\WINDOWS\system32\DRIVERS\SymIM.sys
20:33:25.0640 4000 SymIMMP - ok
20:33:25.0671 4000 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\N360\1402000.013\Ironx86.SYS
20:33:25.0687 4000 SymIRON - ok
20:33:25.0687 4000 SYMNDIS - ok
20:33:25.0734 4000 [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI C:\WINDOWS\System32\Drivers\N360\1402000.013\SYMTDI.SYS
20:33:25.0750 4000 SYMTDI - ok
20:33:25.0765 4000 sym_hi - ok
20:33:25.0765 4000 sym_u3 - ok
20:33:25.0828 4000 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:33:25.0828 4000 sysaudio - ok
20:33:25.0875 4000 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:33:25.0875 4000 SysmonLog - ok
20:33:25.0921 4000 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:33:25.0937 4000 TapiSrv - ok
20:33:26.0015 4000 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:33:26.0015 4000 Tcpip - ok
20:33:26.0062 4000 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
20:33:26.0078 4000 Tcpip6 - ok
20:33:26.0093 4000 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:33:26.0109 4000 TDPIPE - ok
20:33:26.0156 4000 [ 3B7B6779EB231F731BBA8F9FE67AADFC ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys
20:33:26.0171 4000 tdrpman - ok
20:33:26.0203 4000 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:33:26.0203 4000 TDTCP - ok
20:33:26.0234 4000 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:33:26.0234 4000 TermDD - ok
20:33:26.0296 4000 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
20:33:26.0312 4000 TermService - ok
20:33:26.0328 4000 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
20:33:26.0343 4000 Themes - ok
20:33:26.0343 4000 [ B0B3122BFF3910E0BA97014045467778 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
20:33:26.0359 4000 tifsfilter - ok
20:33:26.0375 4000 [ 13BFE330880AC0CE8672D00AA5AFF738 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
20:33:26.0390 4000 timounter - ok
20:33:26.0437 4000 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:33:26.0437 4000 TlntSvr - ok
20:33:26.0453 4000 TosIde - ok
20:33:26.0500 4000 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:33:26.0500 4000 TrkWks - ok
20:33:26.0531 4000 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
20:33:26.0531 4000 tunmp - ok
20:33:26.0546 4000 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:33:26.0562 4000 Udfs - ok
20:33:26.0578 4000 ultra - ok
20:33:26.0625 4000 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:33:26.0640 4000 Update - ok
20:33:26.0671 4000 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:33:26.0671 4000 upnphost - ok
20:33:26.0703 4000 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
20:33:26.0718 4000 UPS - ok
20:33:26.0750 4000 [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
20:33:26.0750 4000 USBAAPL - ok
20:33:26.0781 4000 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:33:26.0781 4000 usbaudio - ok
20:33:26.0828 4000 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:33:26.0828 4000 usbccgp - ok
20:33:26.0843 4000 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:33:26.0843 4000 usbehci - ok
20:33:26.0859 4000 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:33:26.0859 4000 usbhub - ok
20:33:26.0875 4000 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:33:26.0890 4000 usbohci - ok
20:33:26.0937 4000 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:33:26.0937 4000 usbprint - ok
20:33:26.0984 4000 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:33:26.0984 4000 usbscan - ok
20:33:27.0000 4000 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:33:27.0000 4000 usbstor - ok
20:33:27.0015 4000 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:33:27.0015 4000 usbuhci - ok
20:33:27.0046 4000 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:33:27.0046 4000 VgaSave - ok
20:33:27.0062 4000 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
20:33:27.0062 4000 ViaIde - ok
20:33:27.0078 4000 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:33:27.0078 4000 VolSnap - ok
20:33:27.0203 4000 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
20:33:27.0218 4000 VSS - ok
20:33:27.0265 4000 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
20:33:27.0265 4000 W32Time - ok
20:33:27.0328 4000 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:33:27.0328 4000 Wanarp - ok
20:33:27.0375 4000 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
20:33:27.0390 4000 wanatw - ok
20:33:27.0437 4000 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:33:27.0453 4000 Wdf01000 - ok
20:33:27.0468 4000 WDICA - ok
20:33:27.0500 4000 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:33:27.0515 4000 wdmaud - ok
20:33:27.0531 4000 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:33:27.0531 4000 WebClient - ok
20:33:27.0625 4000 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
20:33:27.0625 4000 WinDefend - ok
20:33:27.0734 4000 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:33:27.0750 4000 winmgmt - ok
20:33:27.0796 4000 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:33:27.0812 4000 WmdmPmSN - ok
20:33:27.0875 4000 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:33:27.0906 4000 Wmi - ok
20:33:27.0953 4000 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:33:27.0968 4000 WmiApSrv - ok
20:33:28.0046 4000 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:33:28.0093 4000 WMPNetworkSvc - ok
20:33:28.0109 4000 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
20:33:28.0125 4000 WpdUsb - ok
20:33:28.0265 4000 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:33:28.0296 4000 WPFFontCache_v0400 - ok
20:33:28.0328 4000 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:33:28.0343 4000 WS2IFSL - ok
20:33:28.0390 4000 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:33:28.0390 4000 wscsvc - ok
20:33:28.0406 4000 WSearch - ok
20:33:28.0453 4000 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:33:28.0453 4000 WSTCODEC - ok
20:33:28.0531 4000 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:33:28.0546 4000 wuauserv - ok
20:33:28.0609 4000 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:33:28.0656 4000 WudfPf - ok
20:33:28.0687 4000 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:33:29.0000 4000 WudfRd - ok
20:33:29.0046 4000 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:33:29.0078 4000 WudfSvc - ok
20:33:29.0171 4000 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:33:29.0218 4000 WZCSVC - ok
20:33:29.0265 4000 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:33:29.0359 4000 xmlprov - ok
20:33:29.0453 4000 [ B624180218BB196AD9869D5D6B454318 ] _IOMEGA_ACTIVE_DISK_SERVICE_ C:\Program Files\Iomega\AutoDisk\ADService.exe
20:33:29.0453 4000 _IOMEGA_ACTIVE_DISK_SERVICE_ - ok
20:33:29.0468 4000 ================ Scan global ===============================
20:33:29.0515 4000 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:33:29.0562 4000 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
20:33:29.0593 4000 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
20:33:29.0640 4000 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:33:29.0640 4000 [Global] - ok
20:33:29.0640 4000 ================ Scan MBR ==================================
20:33:29.0671 4000 [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
20:33:29.0890 4000 \Device\Harddisk0\DR0 - ok
20:33:29.0906 4000 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:33:29.0953 4000 \Device\Harddisk1\DR1 - ok
20:33:29.0953 4000 ================ Scan VBR ==================================
20:33:29.0968 4000 [ 00B2A6B14D1FE98142CD7AAF32FFAF25 ] \Device\Harddisk0\DR0\Partition1
20:33:29.0968 4000 \Device\Harddisk0\DR0\Partition1 - ok
20:33:29.0968 4000 [ 94B67E041AF120C7E68EC28A1F144593 ] \Device\Harddisk0\DR0\Partition2
20:33:29.0968 4000 \Device\Harddisk0\DR0\Partition2 - ok
20:33:29.0984 4000 [ 6B70A5B23AE906A9D26EEB6C837963DB ] \Device\Harddisk1\DR1\Partition1
20:33:29.0984 4000 \Device\Harddisk1\DR1\Partition1 - ok
20:33:29.0984 4000 ============================================================
20:33:29.0984 4000 Scan finished
20:33:29.0984 4000 ============================================================
20:33:30.0000 6600 Detected object count: 0
20:33:30.0000 6600 Actual detected object count: 0
20:36:10.0828 7524 Deinitialize success



20:43:16.0562 0404 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:43:16.0781 0404 ============================================================
20:43:16.0781 0404 Current date / time: 2013/05/03 20:43:16.0781
20:43:16.0781 0404 SystemInfo:
20:43:16.0781 0404
20:43:16.0781 0404 OS Version: 5.1.2600 ServicePack: 3.0
20:43:16.0781 0404 Product type: Workstation
20:43:16.0781 0404 ComputerName: MAIN
20:43:16.0781 0404 UserName: HP_Administrator
20:43:16.0781 0404 Windows directory: C:\WINDOWS
20:43:16.0781 0404 System windows directory: C:\WINDOWS
20:43:16.0781 0404 Processor architecture: Intel x86
20:43:16.0781 0404 Number of processors: 2
20:43:16.0781 0404 Page size: 0x1000
20:43:16.0781 0404 Boot type: Normal boot
20:43:16.0781 0404 ============================================================
20:43:31.0187 0404 BG loaded
20:43:34.0203 0404 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
20:43:43.0328 0404 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
20:43:43.0750 0404 ============================================================
20:43:43.0750 0404 \Device\Harddisk0\DR0:
20:43:43.0984 0404 MBR partitions:
20:43:43.0984 0404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xEF0481
20:43:43.0984 0404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xEF04C0, BlocksNum 0x1C2D0200
20:43:43.0984 0404 \Device\Harddisk1\DR1:
20:43:43.0984 0404 MBR partitions:
20:43:43.0984 0404 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3B4F, BlocksNum 0x74701AC1
20:43:43.0984 0404 ============================================================
20:43:47.0750 0404 C: <-> \Device\Harddisk0\DR0\Partition2
20:43:47.0765 0404 D: <-> \Device\Harddisk0\DR0\Partition1
20:43:47.0843 0404 G: <-> \Device\Harddisk1\DR1\Partition1
20:43:48.0437 0404 ============================================================
20:43:48.0437 0404 Initialize success
20:43:48.0437 0404 ============================================================
20:44:54.0546 4888 ============================================================
20:44:54.0546 4888 Scan started
20:44:54.0546 4888 Mode: Manual;
20:44:54.0546 4888 ============================================================
20:45:23.0593 4888 ================ Scan system memory ========================
20:46:15.0296 4888 System memory - ok
20:46:15.0296 4888 ================ Scan services =============================
20:47:36.0187 4888 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll
20:47:36.0187 4888 6to4 - ok
20:47:39.0031 4888 Abiosdsk - ok
20:47:39.0031 4888 abp480n5 - ok
20:47:39.0156 4888 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:47:39.0328 4888 ACPI - ok
20:47:39.0468 4888 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:47:39.0515 4888 ACPIEC - ok
20:47:39.0515 4888 adpu160m - ok
20:47:39.0812 4888 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:47:39.0812 4888 aec - ok
20:47:40.0031 4888 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:47:40.0031 4888 AFD - ok
20:47:42.0125 4888 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
20:47:42.0125 4888 AgereModemAudio - ok
20:47:42.0687 4888 [ 7560F465F1CE69C53BF17559EE195548 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
20:47:42.0703 4888 AgereSoftModem - ok
20:47:42.0703 4888 Aha154x - ok
20:47:42.0703 4888 aic78u2 - ok
20:47:42.0703 4888 aic78xx - ok
20:47:42.0890 4888 [ 7F26D024355CBADB60838F53DFB171EC ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
20:47:42.0937 4888 ALCXWDM - ok
20:47:42.0984 4888 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:47:43.0000 4888 Alerter - ok
20:47:43.0015 4888 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
20:47:43.0031 4888 ALG - ok
20:47:43.0031 4888 AliIde - ok
20:47:43.0093 4888 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
20:47:43.0093 4888 AmdK8 - ok
20:47:43.0093 4888 amsint - ok
20:47:43.0546 4888 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
20:47:43.0546 4888 AOL ACS - ok
20:47:43.0593 4888 [ 548CCBD8B48FDF7E2435AD6017920A7F ] Apowersoft_AudioDevice C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys
20:47:43.0593 4888 Apowersoft_AudioDevice - ok
20:47:43.0687 4888 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:47:43.0687 4888 Apple Mobile Device - ok
20:47:43.0953 4888 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:47:43.0984 4888 AppMgmt - ok
20:47:44.0046 4888 [ 00523019E3579C8F8A94457FE25F0F24 ] aracpi C:\WINDOWS\system32\DRIVERS\aracpi.sys
20:47:44.0078 4888 aracpi - ok
20:47:44.0109 4888 [ 9FEDAA46EB1A572AC4D9EE6B5F123CF2 ] arhidfltr C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
20:47:44.0109 4888 arhidfltr - ok
20:47:44.0156 4888 [ 82969576093CD983DD559F5A86F382B4 ] arkbcfltr C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
20:47:44.0156 4888 arkbcfltr - ok
20:47:44.0203 4888 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] armoucfltr C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
20:47:44.0203 4888 armoucfltr - ok
20:47:44.0281 4888 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:47:44.0281 4888 Arp1394 - ok
20:47:44.0328 4888 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] ARPolicy C:\WINDOWS\system32\DRIVERS\arpolicy.sys
20:47:44.0328 4888 ARPolicy - ok
20:47:44.0390 4888 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] ARSVC C:\WINDOWS\arservice.exe
20:47:44.0953 4888 ARSVC - ok
20:47:44.0953 4888 asc - ok
20:47:44.0953 4888 asc3350p - ok
20:47:44.0968 4888 asc3550 - ok
20:47:45.0484 4888 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:47:45.0625 4888 aspnet_state - ok
20:47:45.0656 4888 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:47:45.0671 4888 AsyncMac - ok
20:47:45.0703 4888 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:47:45.0703 4888 atapi - ok
20:47:45.0703 4888 Atdisk - ok
20:47:45.0890 4888 [ D21352BCAAB174948EB9672BC203BB0F ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
20:47:45.0890 4888 Ati HotKey Poller - ok
20:47:46.0656 4888 [ 7A6CF9F411A9C5BD5C442A1CD46AF401 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:47:46.0671 4888 ati2mtag - ok
20:47:46.0812 4888 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:47:46.0828 4888 Atmarpc - ok
20:47:46.0906 4888 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:47:46.0906 4888 AudioSrv - ok
20:47:46.0968 4888 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:47:46.0968 4888 audstub - ok
20:47:47.0031 4888 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
20:47:47.0031 4888 BANTExt - ok
20:47:47.0031 4888 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:47:47.0031 4888 Beep - ok
20:47:47.0890 4888 [ 89BF5550E4FC31E3FE728E68C558BF10 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys
20:47:47.0906 4888 BHDrvx86 - ok
20:47:47.0984 4888 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
20:47:48.0390 4888 BITS - ok
20:47:48.0625 4888 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:47:48.0625 4888 Bonjour Service - ok
20:47:48.0687 4888 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
20:47:48.0687 4888 Browser - ok
20:47:48.0859 4888 catchme - ok
20:47:48.0906 4888 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:47:48.0921 4888 cbidf2k - ok
20:47:48.0937 4888 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:47:48.0953 4888 CCDECODE - ok
20:47:49.0140 4888 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360 C:\WINDOWS\system32\drivers\N360\1402000.013\ccSetx86.sys
20:47:49.0140 4888 ccSet_N360 - ok
20:47:49.0140 4888 cd20xrnt - ok
20:47:49.0171 4888 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:47:49.0171 4888 Cdaudio - ok
20:47:49.0234 4888 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:47:49.0234 4888 Cdfs - ok
20:47:49.0281 4888 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:47:49.0281 4888 Cdrom - ok
20:47:49.0281 4888 Changer - ok
20:47:49.0328 4888 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:47:49.0343 4888 CiSvc - ok
20:47:49.0359 4888 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:47:49.0359 4888 ClipSrv - ok
20:47:49.0453 4888 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:47:49.0796 4888 clr_optimization_v2.0.50727_32 - ok
20:47:49.0906 4888 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:47:50.0437 4888 clr_optimization_v4.0.30319_32 - ok
20:47:50.0437 4888 CmdIde - ok
20:47:50.0453 4888 COMSysApp - ok
20:47:50.0453 4888 Cpqarray - ok
20:47:50.0453 4888 cpuz128 - ok
20:47:50.0453 4888 cpuz132 - ok
20:47:50.0500 4888 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:47:50.0500 4888 CryptSvc - ok
20:47:50.0515 4888 dac2w2k - ok
20:47:50.0515 4888 dac960nt - ok
20:47:50.0578 4888 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:47:50.0593 4888 DcomLaunch - ok
20:47:50.0671 4888 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:47:50.0671 4888 Dhcp - ok
20:47:50.0687 4888 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:47:50.0687 4888 Disk - ok
20:47:50.0687 4888 dmadmin - ok
20:47:50.0984 4888 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:47:51.0609 4888 dmboot - ok
20:47:51.0640 4888 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:47:51.0671 4888 dmio - ok
20:47:51.0718 4888 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:47:51.0718 4888 dmload - ok
20:47:51.0781 4888 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:47:51.0781 4888 dmserver - ok
20:47:51.0796 4888 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:47:51.0796 4888 DMusic - ok
20:47:51.0859 4888 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:47:51.0859 4888 Dnscache - ok
20:47:52.0234 4888 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:47:52.0265 4888 Dot3svc - ok
20:47:52.0265 4888 dpti2o - ok
20:47:52.0390 4888 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:47:52.0390 4888 drmkaud - ok
20:47:52.0546 4888 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:47:52.0546 4888 EapHost - ok
20:47:52.0765 4888 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:47:52.0765 4888 eeCtrl - ok
20:47:53.0312 4888 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
20:47:53.0312 4888 ehRecvr - ok
20:47:53.0375 4888 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
20:47:53.0375 4888 ehSched - ok
20:47:53.0421 4888 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:47:53.0421 4888 EraserUtilRebootDrv - ok
20:47:53.0468 4888 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:47:53.0468 4888 ERSvc - ok
20:47:53.0609 4888 [ 2407B8164E966755BC6A4242FC9DE31E ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
20:47:53.0625 4888 esgiguard - ok
20:47:53.0718 4888 [ 01CE484FF6D70A39479BC6D619DE7ED6 ] EsgScanner C:\WINDOWS\system32\DRIVERS\EsgScanner.sys
20:47:53.0718 4888 EsgScanner - ok
20:47:53.0765 4888 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
20:47:53.0765 4888 Eventlog - ok
20:47:53.0937 4888 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
20:47:53.0953 4888 EventSystem - ok
20:47:54.0015 4888 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:47:54.0015 4888 Fastfat - ok
20:47:54.0390 4888 [ 83158CA47591AF55A9759B5C648B0462 ] FastFreeConverterUpdt C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe
20:47:54.0390 4888 FastFreeConverterUpdt - ok
20:47:54.0500 4888 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:47:54.0500 4888 FastUserSwitchingCompatibility - ok
20:47:54.0953 4888 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
20:47:55.0078 4888 Fax - ok
20:47:55.0125 4888 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:47:55.0125 4888 Fdc - ok
20:47:55.0203 4888 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:47:55.0203 4888 Fips - ok
20:47:55.0250 4888 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:47:55.0250 4888 Flpydisk - ok
20:47:55.0312 4888 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:47:55.0312 4888 FltMgr - ok
20:47:55.0390 4888 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:47:55.0406 4888 FontCache3.0.0.0 - ok
20:47:55.0453 4888 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:47:55.0453 4888 Fs_Rec - ok
20:47:55.0500 4888 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:47:55.0531 4888 Ftdisk - ok
20:47:55.0531 4888 ftsata2 - ok
20:47:55.0578 4888 [ 5AE3A887ECE5BBB72CFAB273C2FD1CFA ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:47:55.0578 4888 GEARAspiWDM - ok
20:47:55.0578 4888 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:47:55.0593 4888 Gpc - ok
20:47:55.0640 4888 [ 6003BC70F1A8307262BD3C941BDA0B7E ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
20:47:55.0640 4888 grmnusb - ok
20:47:55.0796 4888 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:47:55.0796 4888 gupdate - ok
20:47:55.0796 4888 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:47:55.0796 4888 gupdatem - ok
20:47:55.0921 4888 [ 41BBAD646A8C842BC30EF6745A4F6FF3 ] hcwPP2 C:\WINDOWS\system32\DRIVERS\hcwPP2.sys
20:47:55.0921 4888 hcwPP2 - ok
20:47:56.0062 4888 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:47:56.0062 4888 helpsvc - ok
20:47:56.0109 4888 [ BB1A6FB7D35A91E599973FA74A619056 ] HidIr C:\WINDOWS\system32\DRIVERS\hidir.sys
20:47:56.0125 4888 HidIr - ok
20:47:56.0140 4888 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:47:56.0140 4888 HidServ - ok
20:47:56.0187 4888 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:47:56.0187 4888 HidUsb - ok
20:47:56.0234 4888 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:47:56.0250 4888 hkmsvc - ok
20:47:56.0250 4888 hpn - ok
20:47:56.0375 4888 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:47:56.0375 4888 HTTP - ok
20:47:56.0421 4888 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:47:56.0421 4888 HTTPFilter - ok
20:47:56.0437 4888 i2omgmt - ok
20:47:56.0437 4888 i2omp - ok
20:47:56.0453 4888 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:47:56.0453 4888 i8042prt - ok
20:47:56.0765 4888 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
20:47:57.0015 4888 iaStor - ok
20:47:57.0078 4888 [ 89747A423B7F9990F1B44668B302D4D5 ] ICDSPTSV C:\WINDOWS\system32\IcdSptSv.exe
20:47:57.0093 4888 ICDSPTSV - ok
20:47:57.0187 4888 [ 8D083E56EDE3A80B214020DA9F03143A ] ICDUSB3 C:\WINDOWS\system32\Drivers\ICDUSB3.sys
20:47:57.0203 4888 ICDUSB3 - ok
20:47:57.0281 4888 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:47:57.0296 4888 IDriverT - ok
20:47:57.0406 4888 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:47:57.0734 4888 idsvc - ok
20:47:57.0953 4888 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130502.001\IDSxpx86.sys
20:47:57.0968 4888 IDSxpx86 - ok
20:47:58.0015 4888 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:47:58.0015 4888 Imapi - ok
20:47:58.0125 4888 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:47:58.0140 4888 ImapiService - ok
20:47:58.0140 4888 ini910u - ok
20:47:58.0171 4888 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:47:58.0203 4888 IntelIde - ok
20:47:58.0234 4888 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:47:58.0234 4888 intelppm - ok
20:47:58.0296 4888 [ 9D7069D72C0C72952F05E1688A5AE89D ] iomdisk C:\WINDOWS\system32\DRIVERS\iomdisk.sys
20:47:58.0328 4888 iomdisk - ok
20:47:58.0375 4888 [ 19EF7FB809D3073EE60F85464E9C4C51 ] Iomega App Services C:\PROGRA~1\Iomega\System32\AppServices.exe
20:47:58.0375 4888 Iomega App Services - ok
20:47:58.0421 4888 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:47:58.0437 4888 Ip6Fw - ok
20:47:58.0468 4888 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:47:58.0484 4888 IpFilterDriver - ok
20:47:58.0515 4888 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:47:58.0531 4888 IpInIp - ok
20:47:58.0531 4888 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:47:58.0546 4888 IpNat - ok
20:47:58.0656 4888 [ 6E27978A4755F4789F912F5F49392F7C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:47:59.0000 4888 iPod Service - ok
20:47:59.0046 4888 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:47:59.0046 4888 IPSec - ok
20:47:59.0109 4888 [ B43B36B382AEA10861F7C7A37F9D4AE2 ] IrBus C:\WINDOWS\system32\DRIVERS\IrBus.sys
20:47:59.0125 4888 IrBus - ok
20:47:59.0140 4888 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:47:59.0140 4888 IRENUM - ok
20:47:59.0187 4888 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:47:59.0203 4888 isapnp - ok
20:47:59.0593 4888 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
20:47:59.0593 4888 JavaQuickStarterService - ok
20:47:59.0625 4888 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:47:59.0625 4888 Kbdclass - ok
20:47:59.0671 4888 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:47:59.0671 4888 kbdhid - ok
20:47:59.0765 4888 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:47:59.0906 4888 kmixer - ok
20:47:59.0984 4888 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:48:00.0000 4888 KSecDD - ok
20:48:00.0078 4888 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:48:00.0078 4888 lanmanserver - ok
20:48:00.0187 4888 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:48:00.0203 4888 lanmanworkstation - ok
20:48:00.0203 4888 lbrtfdc - ok
20:48:00.0265 4888 Learning Like Crazy: Verbarrator update permissions manager. 8545. - ok
20:48:00.0468 4888 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:48:00.0468 4888 LightScribeService - ok
20:48:00.0531 4888 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:48:00.0531 4888 LmHosts - ok
20:48:00.0765 4888 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
20:48:00.0781 4888 McComponentHostService - ok
20:48:00.0828 4888 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
20:48:00.0828 4888 McrdSvc - ok
20:48:01.0109 4888 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:48:01.0109 4888 MDM - ok
20:48:01.0156 4888 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:48:01.0171 4888 Messenger - ok
20:48:01.0203 4888 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
20:48:01.0234 4888 MHN - ok
20:48:01.0265 4888 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
20:48:01.0265 4888 MHNDRV - ok
20:48:01.0312 4888 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:48:01.0312 4888 mnmdd - ok
20:48:01.0375 4888 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:48:01.0390 4888 mnmsrvc - ok
20:48:01.0437 4888 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:48:01.0437 4888 Modem - ok
20:48:01.0484 4888 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:48:01.0484 4888 Mouclass - ok
20:48:01.0546 4888 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:48:01.0562 4888 mouhid - ok
20:48:01.0593 4888 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:48:01.0593 4888 MountMgr - ok
20:48:01.0703 4888 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:48:01.0718 4888 MozillaMaintenance - ok
20:48:01.0734 4888 mraid35x - ok
20:48:01.0812 4888 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:48:01.0828 4888 MREMP50 - ok
20:48:01.0828 4888 MREMPR5 - ok
20:48:01.0828 4888 MRENDIS5 - ok
20:48:01.0859 4888 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:48:01.0859 4888 MRESP50 - ok
20:48:01.0906 4888 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:48:01.0921 4888 MRxDAV - ok
20:48:02.0046 4888 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:48:02.0062 4888 MRxSmb - ok
20:48:02.0093 4888 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:48:02.0109 4888 MSDTC - ok
20:48:02.0140 4888 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:48:02.0140 4888 Msfs - ok
20:48:02.0140 4888 MSIServer - ok
20:48:02.0187 4888 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:48:02.0203 4888 MSKSSRV - ok
20:48:02.0218 4888 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:48:02.0218 4888 MSPCLOCK - ok
20:48:02.0250 4888 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:48:02.0265 4888 MSPQM - ok
20:48:02.0328 4888 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:48:02.0328 4888 mssmbios - ok
20:48:02.0359 4888 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:48:02.0375 4888 MSTEE - ok
20:48:02.0421 4888 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:48:02.0453 4888 Mup - ok
20:48:02.0625 4888 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe
20:48:02.0640 4888 N360 - ok
20:48:02.0671 4888 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:48:02.0687 4888 NABTSFEC - ok
20:48:02.0828 4888 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:48:02.0968 4888 napagent - ok
20:48:03.0093 4888 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVENG.SYS
20:48:03.0093 4888 NAVENG - ok
20:48:03.0312 4888 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVEX15.SYS
20:48:03.0328 4888 NAVEX15 - ok
20:48:03.0421 4888 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:48:03.0453 4888 NDIS - ok
20:48:03.0468 4888 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:48:03.0468 4888 NdisIP - ok
20:48:03.0562 4888 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:48:03.0562 4888 NdisTapi - ok
20:48:03.0625 4888 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:48:03.0625 4888 Ndisuio - ok
20:48:03.0671 4888 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:48:03.0687 4888 NdisWan - ok
20:48:03.0750 4888 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:48:03.0750 4888 NDProxy - ok
20:48:03.0796 4888 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:48:03.0796 4888 NetBIOS - ok
20:48:03.0906 4888 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:48:03.0906 4888 NetBT - ok
20:48:03.0953 4888 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
20:48:03.0968 4888 NetDDE - ok
20:48:03.0984 4888 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:48:03.0984 4888 NetDDEdsdm - ok
20:48:04.0015 4888 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:48:04.0031 4888 Netlogon - ok
20:48:04.0140 4888 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
20:48:04.0140 4888 Netman - ok
20:48:04.0234 4888 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:48:04.0390 4888 NetTcpPortSharing - ok
20:48:04.0421 4888 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:48:04.0421 4888 NIC1394 - ok
20:48:04.0484 4888 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
20:48:04.0500 4888 Nla - ok
20:48:04.0531 4888 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
20:48:04.0546 4888 nm - ok
20:48:04.0718 4888 [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
20:48:04.0750 4888 NMIndexingService - ok
20:48:04.0750 4888 Norton PC Checkup Application Launcher - ok
20:48:04.0796 4888 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:48:04.0812 4888 Npfs - ok
20:48:05.0015 4888 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:48:05.0421 4888 Ntfs - ok
20:48:05.0468 4888 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:48:05.0468 4888 NtLmSsp - ok
20:48:05.0593 4888 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:48:05.0734 4888 NtmsSvc - ok
20:48:05.0796 4888 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:48:05.0796 4888 Null - ok
20:48:05.0828 4888 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:48:05.0843 4888 NwlnkFlt - ok
20:48:05.0859 4888 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:48:05.0875 4888 NwlnkFwd - ok
20:48:05.0890 4888 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:48:05.0890 4888 ohci1394 - ok
20:48:05.0921 4888 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:48:05.0937 4888 ose - ok
20:48:05.0984 4888 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:48:05.0984 4888 Parport - ok
20:48:06.0015 4888 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:48:06.0046 4888 PartMgr - ok
20:48:06.0062 4888 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:48:06.0078 4888 ParVdm - ok
20:48:06.0156 4888 [ ACFF877F5C17B9360919919F10DD6072 ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe
20:48:06.0171 4888 pcCMService - ok
20:48:06.0171 4888 PCCUJobMgr - ok
20:48:06.0203 4888 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:48:06.0218 4888 PCI - ok
20:48:06.0218 4888 PCIDump - ok
20:48:06.0234 4888 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:48:06.0234 4888 PCIIde - ok
20:48:06.0265 4888 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:48:06.0281 4888 Pcmcia - ok
20:48:06.0343 4888 [ A4D6449CEBB5931685AE310DC2D7966D ] pcServiceHost C:\Program Files\Common Files\Motive\pcServiceHost.exe
20:48:06.0359 4888 pcServiceHost - ok
20:48:06.0359 4888 PDCOMP - ok
20:48:06.0359 4888 PDFRAME - ok
20:48:06.0375 4888 PDRELI - ok
20:48:06.0375 4888 PDRFRAME - ok
20:48:06.0375 4888 perc2 - ok
20:48:06.0390 4888 perc2hib - ok
20:48:06.0468 4888 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
20:48:06.0468 4888 PlugPlay - ok
20:48:06.0656 4888 [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
20:48:06.0671 4888 Pml Driver HPZ12 - ok
20:48:06.0703 4888 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:48:06.0703 4888 PolicyAgent - ok
20:48:06.0781 4888 [ C740D0CB238670629AF1B740414A8F3C ] ppa3 C:\WINDOWS\system32\DRIVERS\ppa3.sys
20:48:06.0781 4888 ppa3 - ok
20:48:06.0843 4888 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:48:06.0843 4888 PptpMiniport - ok
20:48:06.0890 4888 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
20:48:06.0890 4888 Processor - ok
20:48:06.0906 4888 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:48:06.0921 4888 ProtectedStorage - ok
20:48:06.0953 4888 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
20:48:06.0953 4888 Ps2 - ok
20:48:07.0000 4888 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:48:07.0000 4888 PSched - ok
20:48:07.0078 4888 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:48:07.0078 4888 Ptilink - ok
20:48:07.0109 4888 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:48:07.0140 4888 PxHelp20 - ok
20:48:07.0140 4888 ql1080 - ok
20:48:07.0156 4888 Ql10wnt - ok
20:48:07.0156 4888 ql12160 - ok
20:48:07.0171 4888 ql1240 - ok
20:48:07.0171 4888 ql1280 - ok
20:48:07.0203 4888 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:48:07.0203 4888 RasAcd - ok
20:48:07.0281 4888 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:48:07.0281 4888 RasAuto - ok
20:48:07.0328 4888 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:48:07.0328 4888 Rasl2tp - ok
20:48:07.0468 4888 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:48:07.0468 4888 RasMan - ok
20:48:07.0484 4888 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:48:07.0500 4888 RasPppoe - ok
20:48:07.0515 4888 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:48:07.0531 4888 Raspti - ok
20:48:07.0578 4888 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:48:07.0593 4888 Rdbss - ok
20:48:07.0625 4888 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:48:07.0625 4888 RDPCDD - ok
20:48:07.0687 4888 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:48:07.0687 4888 rdpdr - ok
20:48:07.0750 4888 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:48:07.0765 4888 RDPWD - ok
20:48:07.0781 4888 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:48:07.0812 4888 RDSessMgr - ok
20:48:07.0921 4888 [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
20:48:07.0921 4888 RealNetworks Downloader Resolver Service - ok
20:48:07.0953 4888 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:48:07.0953 4888 redbook - ok
20:48:08.0062 4888 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:48:08.0078 4888 RemoteAccess - ok
20:48:08.0125 4888 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:48:08.0125 4888 RemoteRegistry - ok
20:48:08.0218 4888 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
20:48:08.0234 4888 rpcapd - ok
20:48:08.0265 4888 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
20:48:08.0281 4888 RpcLocator - ok
20:48:08.0531 4888 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:48:08.0546 4888 RpcSs - ok
20:48:08.0656 4888 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:48:08.0703 4888 RSVP - ok
20:48:08.0781 4888 [ EACD871FDBE85393D112782896C2D7DD ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:48:08.0796 4888 RTL8023xp - ok
20:48:08.0875 4888 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:48:08.0906 4888 rtl8139 - ok
20:48:08.0968 4888 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
20:48:08.0968 4888 SamSs - ok
20:48:09.0046 4888 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:48:09.0046 4888 SCardSvr - ok
20:48:09.0156 4888 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:48:09.0171 4888 Schedule - ok
20:48:09.0218 4888 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:48:09.0234 4888 Secdrv - ok
20:48:09.0250 4888 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:48:09.0265 4888 seclogon - ok
20:48:09.0281 4888 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
20:48:09.0296 4888 SENS - ok
20:48:09.0328 4888 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
20:48:09.0328 4888 Serial - ok
20:48:09.0375 4888 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:48:09.0375 4888 Sfloppy - ok
20:48:09.0671 4888 [ D94129B1417148FAC9E4AE3ED8AE9E5D ] SgtSch2Svc C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
20:48:09.0671 4888 SgtSch2Svc - ok
20:48:09.0828 4888 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:48:09.0843 4888 SharedAccess - ok
20:48:09.0937 4888 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:48:09.0953 4888 ShellHWDetection - ok
20:48:10.0125 4888 [ 83409D0F9C886DB038DCC4D377955C6A ] SI3112 C:\WINDOWS\system32\DRIVERS\SI3112.sys
20:48:10.0156 4888 SI3112 - ok
20:48:10.0156 4888 Simbad - ok
20:48:10.0187 4888 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:48:10.0187 4888 SkypeUpdate - ok
20:48:10.0218 4888 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:48:10.0234 4888 SLIP - ok
20:48:10.0281 4888 [ C3BF55189AA92B8F919108EF9E4ACCAE ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
20:48:10.0312 4888 snapman - ok
20:48:10.0312 4888 Sparrow - ok
20:48:10.0359 4888 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:48:10.0359 4888 splitter - ok
20:48:10.0453 4888 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:48:10.0468 4888 Spooler - ok
20:48:10.0750 4888 [ 48AAE4C5E13611ED49C68F06857FF930 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
20:48:10.0765 4888 SpyHunter 4 Service - ok
20:48:10.0796 4888 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:48:10.0828 4888 sr - ok
20:48:10.0921 4888 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
20:48:10.0921 4888 srservice - ok
20:48:11.0171 4888 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\WINDOWS\System32\Drivers\N360\1402000.013\SRTSP.SYS
20:48:11.0187 4888 SRTSP - ok
20:48:11.0218 4888 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\WINDOWS\system32\drivers\N360\1402000.013\SRTSPX.SYS
20:48:11.0218 4888 SRTSPX - ok
20:48:11.0375 4888 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:48:11.0375 4888 Srv - ok
20:48:11.0421 4888 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:48:11.0421 4888 SSDPSRV - ok
20:48:11.0484 4888 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
20:48:11.0500 4888 StillCam - ok
20:48:11.0562 4888 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:48:11.0562 4888 stisvc - ok
20:48:11.0609 4888 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:48:11.0625 4888 streamip - ok
20:48:11.0640 4888 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:48:11.0640 4888 swenum - ok
20:48:11.0656 4888 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:48:11.0671 4888 swmidi - ok
20:48:11.0671 4888 SwPrv - ok
20:48:11.0671 4888 symc810 - ok
20:48:11.0671 4888 symc8xx - ok
20:48:11.0781 4888 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\WINDOWS\system32\drivers\N360\1402000.013\SYMDS.SYS
20:48:11.0843 4888 SymDS - ok
20:48:11.0984 4888 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\WINDOWS\system32\drivers\N360\1402000.013\SYMEFA.SYS
20:48:12.0171 4888 SymEFA - ok
20:48:12.0265 4888 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
20:48:12.0281 4888 SymEvent - ok
20:48:12.0281 4888 SYMFW - ok
20:48:12.0281 4888 SYMIDS - ok
20:48:12.0328 4888 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIM C:\WINDOWS\system32\DRIVERS\SymIM.sys
20:48:12.0328 4888 SymIM - ok
20:48:12.0343 4888 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIMMP C:\WINDOWS\system32\DRIVERS\SymIM.sys
20:48:12.0343 4888 SymIMMP - ok
20:48:12.0375 4888 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\N360\1402000.013\Ironx86.SYS
20:48:12.0390 4888 SymIRON - ok
20:48:12.0390 4888 SYMNDIS - ok
20:48:12.0421 4888 [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI C:\WINDOWS\System32\Drivers\N360\1402000.013\SYMTDI.SYS
20:48:12.0437 4888 SYMTDI - ok
20:48:12.0437 4888 sym_hi - ok
20:48:12.0437 4888 sym_u3 - ok
20:48:12.0500 4888 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:48:12.0500 4888 sysaudio - ok
20:48:12.0546 4888 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:48:12.0562 4888 SysmonLog - ok
20:48:12.0625 4888 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:48:12.0625 4888 TapiSrv - ok
20:48:12.0703 4888 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:48:12.0703 4888 Tcpip - ok
20:48:12.0750 4888 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
20:48:12.0750 4888 Tcpip6 - ok
20:48:12.0765 4888 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:48:12.0781 4888 TDPIPE - ok
20:48:12.0828 4888 [ 3B7B6779EB231F731BBA8F9FE67AADFC ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys
20:48:12.0859 4888 tdrpman - ok
20:48:12.0890 4888 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:48:12.0906 4888 TDTCP - ok
20:48:12.0921 4888 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:48:12.0937 4888 TermDD - ok
20:48:13.0093 4888 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
20:48:13.0093 4888 TermService - ok
20:48:13.0125 4888 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
20:48:13.0140 4888 Themes - ok
20:48:13.0156 4888 [ B0B3122BFF3910E0BA97014045467778 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
20:48:13.0156 4888 tifsfilter - ok
20:48:13.0312 4888 [ 13BFE330880AC0CE8672D00AA5AFF738 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
20:48:13.0390 4888 timounter - ok
20:48:13.0437 4888 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:48:13.0453 4888 TlntSvr - ok
20:48:13.0468 4888 TosIde - ok
20:48:13.0500 4888 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:48:13.0500 4888 TrkWks - ok
20:48:13.0546 4888 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
20:48:13.0546 4888 tunmp - ok
20:48:13.0578 4888 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:48:13.0578 4888 Udfs - ok
20:48:13.0593 4888 ultra - ok
20:48:13.0765 4888 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:48:13.0765 4888 Update - ok
20:48:13.0796 4888 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:48:13.0812 4888 upnphost - ok
20:48:13.0843 4888 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
20:48:13.0859 4888 UPS - ok
20:48:13.0875 4888 [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
20:48:13.0890 4888 USBAAPL - ok
20:48:13.0953 4888 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:48:13.0968 4888 usbaudio - ok
20:48:14.0015 4888 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:48:14.0031 4888 usbccgp - ok
20:48:14.0062 4888 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:48:14.0062 4888 usbehci - ok
20:48:14.0109 4888 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:48:14.0125 4888 usbhub - ok
20:48:14.0156 4888 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:48:14.0156 4888 usbohci - ok
20:48:14.0218 4888 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:48:14.0218 4888 usbprint - ok
20:48:14.0281 4888 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:48:14.0296 4888 usbscan - ok
20:48:14.0328 4888 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:48:14.0328 4888 usbstor - ok
20:48:14.0406 4888 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:48:14.0421 4888 usbuhci - ok
20:48:14.0453 4888 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:48:14.0453 4888 VgaSave - ok
20:48:14.0500 4888 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
20:48:14.0515 4888 ViaIde - ok
20:48:14.0546 4888 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:48:14.0578 4888 VolSnap - ok
20:48:14.0609 4888 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
20:48:14.0625 4888 VSS - ok
20:48:14.0671 4888 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
20:48:14.0671 4888 W32Time - ok
20:48:14.0718 4888 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:48:14.0718 4888 Wanarp - ok
20:48:14.0781 4888 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
20:48:14.0781 4888 wanatw - ok
20:48:14.0906 4888 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:48:14.0937 4888 Wdf01000 - ok
20:48:14.0937 4888 WDICA - ok
20:48:14.0984 4888 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:48:14.0984 4888 wdmaud - ok
20:48:15.0000 4888 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:48:15.0000 4888 WebClient - ok
20:48:15.0125 4888 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
20:48:15.0125 4888 WinDefend - ok
20:48:15.0375 4888 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:48:15.0375 4888 winmgmt - ok
20:48:15.0468 4888 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:48:15.0500 4888 WmdmPmSN - ok
20:48:15.0671 4888 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:48:15.0687 4888 Wmi - ok
20:48:15.0718 4888 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:48:15.0734 4888 WmiApSrv - ok
20:48:16.0062 4888 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:48:16.0281 4888 WMPNetworkSvc - ok
20:48:16.0343 4888 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
20:48:16.0343 4888 WpdUsb - ok
20:48:16.0625 4888 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:48:16.0671 4888 WPFFontCache_v0400 - ok
20:48:16.0703 4888 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:48:16.0703 4888 WS2IFSL - ok
20:48:16.0750 4888 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:48:16.0750 4888 wscsvc - ok
20:48:16.0765 4888 WSearch - ok
20:48:16.0796 4888 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:48:16.0812 4888 WSTCODEC - ok
20:48:16.0843 4888 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:48:16.0859 4888 wuauserv - ok
20:48:16.0890 4888 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:48:16.0906 4888 WudfPf - ok
20:48:16.0937 4888 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:48:16.0953 4888 WudfRd - ok
20:48:16.0968 4888 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:48:16.0984 4888 WudfSvc - ok
20:48:17.0031 4888 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:48:17.0031 4888 WZCSVC - ok
20:48:17.0078 4888 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:48:17.0125 4888 xmlprov - ok
20:48:17.0265 4888 [ B624180218BB196AD9869D5D6B454318 ] _IOMEGA_ACTIVE_DISK_SERVICE_ C:\Program Files\Iomega\AutoDisk\ADService.exe
20:48:17.0265 4888 _IOMEGA_ACTIVE_DISK_SERVICE_ - ok
20:48:17.0265 4888 ================ Scan global ===============================
20:48:17.0375 4888 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:48:17.0546 4888 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
20:48:17.0687 4888 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
20:48:17.0734 4888 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:48:17.0734 4888 [Global] - ok
20:48:17.0734 4888 ================ Scan MBR ==================================
20:48:17.0765 4888 [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
20:48:18.0703 4888 \Device\Harddisk0\DR0 - ok
20:48:18.0703 4888 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:48:18.0750 4888 \Device\Harddisk1\DR1 - ok
20:48:18.0750 4888 ================ Scan VBR ==================================
20:48:18.0765 4888 [ 00B2A6B14D1FE98142CD7AAF32FFAF25 ] \Device\Harddisk0\DR0\Partition1
20:48:18.0765 4888 \Device\Harddisk0\DR0\Partition1 - ok
20:48:18.0781 4888 [ 94B67E041AF120C7E68EC28A1F144593 ] \Device\Harddisk0\DR0\Partition2
20:48:18.0781 4888 \Device\Harddisk0\DR0\Partition2 - ok
20:48:18.0781 4888 [ 6B70A5B23AE906A9D26EEB6C837963DB ] \Device\Harddisk1\DR1\Partition1
20:48:18.0781 4888 \Device\Harddisk1\DR1\Partition1 - ok
20:48:18.0781 4888 ================ Scan active images ========================
20:48:18.0781 4888 [ 8F861EDA21C05857EB8197300A92501C ] C:\WINDOWS\system32\drivers\tunmp.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\tunmp.sys - ok
20:48:18.0781 4888 [ 59301936898AE62245A6F09C0ABA9475 ] C:\WINDOWS\system32\drivers\AmdK8.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\AmdK8.sys - ok
20:48:18.0781 4888 [ 00523019E3579C8F8A94457FE25F0F24 ] C:\WINDOWS\system32\drivers\aracpi.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\aracpi.sys - ok
20:48:18.0781 4888 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\videoprt.sys - ok
20:48:18.0781 4888 [ 7A6CF9F411A9C5BD5C442A1CD46AF401 ] C:\WINDOWS\system32\drivers\ati2mtag.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
20:48:18.0781 4888 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\usbport.sys - ok
20:48:18.0781 4888 [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\usbohci.sys - ok
20:48:18.0781 4888 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\usbehci.sys - ok
20:48:18.0781 4888 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\imapi.sys - ok
20:48:18.0781 4888 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\cdrom.sys - ok
20:48:18.0781 4888 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\ks.sys - ok
20:48:18.0781 4888 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\redbook.sys - ok
20:48:18.0781 4888 [ 5AE3A887ECE5BBB72CFAB273C2FD1CFA ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
20:48:18.0781 4888 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\usbd.sys - ok
20:48:18.0781 4888 [ 7560F465F1CE69C53BF17559EE195548 ] C:\WINDOWS\system32\drivers\AGRSM.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\AGRSM.sys - ok
20:48:18.0781 4888 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\modem.sys - ok
20:48:18.0781 4888 [ 41BBAD646A8C842BC30EF6745A4F6FF3 ] C:\WINDOWS\system32\drivers\hcwPP2.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\hcwPP2.sys - ok
20:48:18.0781 4888 [ EACD871FDBE85393D112782896C2D7DD ] C:\WINDOWS\system32\drivers\Rtnicxp.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\Rtnicxp.sys - ok
20:48:18.0781 4888 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\nic1394.sys - ok
20:48:18.0781 4888 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\drmk.sys - ok
20:48:18.0781 4888 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\portcls.sys - ok
20:48:18.0781 4888 [ 7F26D024355CBADB60838F53DFB171EC ] C:\WINDOWS\system32\drivers\ALCXWDM.SYS
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\ALCXWDM.SYS - ok
20:48:18.0781 4888 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
20:48:18.0781 4888 C:\WINDOWS\system32\drivers\parport.sys - ok
20:48:18.0796 4888 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
20:48:18.0796 4888 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\mouclass.sys - ok
20:48:18.0796 4888 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] C:\WINDOWS\system32\drivers\armoucfltr.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\armoucfltr.sys - ok
20:48:18.0796 4888 [ 390C204CED3785609AB24E9C52054A84 ] C:\WINDOWS\system32\drivers\PS2.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\PS2.sys - ok
20:48:18.0796 4888 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
20:48:18.0796 4888 [ 82969576093CD983DD559F5A86F382B4 ] C:\WINDOWS\system32\drivers\arkbcfltr.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\arkbcfltr.sys - ok
20:48:18.0796 4888 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] C:\WINDOWS\system32\drivers\arpolicy.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\arpolicy.sys - ok
20:48:18.0796 4888 [ 548CCBD8B48FDF7E2435AD6017920A7F ] C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys - ok
20:48:18.0796 4888 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\audstub.sys - ok
20:48:18.0796 4888 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
20:48:18.0796 4888 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
20:48:18.0796 4888 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
20:48:18.0796 4888 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
20:48:18.0796 4888 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\tdi.sys - ok
20:48:18.0796 4888 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\raspptp.sys - ok
20:48:18.0796 4888 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\psched.sys - ok
20:48:18.0796 4888 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\msgpc.sys - ok
20:48:18.0796 4888 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\ptilink.sys - ok
20:48:18.0796 4888 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\raspti.sys - ok
20:48:18.0796 4888 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] C:\WINDOWS\system32\drivers\wanatw4.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\wanatw4.sys - ok
20:48:18.0796 4888 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
20:48:18.0796 4888 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\termdd.sys - ok
20:48:18.0796 4888 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] C:\WINDOWS\system32\drivers\SymIM.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\SymIM.sys - ok
20:48:18.0796 4888 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\swenum.sys - ok
20:48:18.0796 4888 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\update.sys - ok
20:48:18.0796 4888 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
20:48:18.0796 4888 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
20:48:18.0796 4888 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\usbhub.sys - ok
20:48:18.0796 4888 [ C740D0CB238670629AF1B740414A8F3C ] C:\WINDOWS\system32\drivers\ppa3.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\ppa3.sys - ok
20:48:18.0796 4888 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\fdc.sys - ok
20:48:18.0796 4888 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
20:48:18.0796 4888 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
20:48:18.0796 4888 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] C:\WINDOWS\system32\drivers\N360\1402000.013\ccsetx86.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\N360\1402000.013\ccsetx86.sys - ok
20:48:18.0796 4888 [ 8C9B9036E301A9965CF15BEC91C58A12 ] C:\WINDOWS\system32\drivers\N360\1402000.013\ironx86.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\N360\1402000.013\ironx86.sys - ok
20:48:18.0796 4888 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
20:48:18.0796 4888 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\beep.sys - ok
20:48:18.0796 4888 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
20:48:18.0796 4888 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\hidparse.sys - ok
20:48:18.0796 4888 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
20:48:18.0796 4888 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
20:48:18.0796 4888 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\null.sys - ok
20:48:18.0796 4888 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\vga.sys - ok
20:48:18.0796 4888 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\ipsec.sys - ok
20:48:18.0796 4888 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\msfs.sys - ok
20:48:18.0796 4888 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\npfs.sys - ok
20:48:18.0796 4888 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\rasacd.sys - ok
20:48:18.0796 4888 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
20:48:18.0796 4888 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\tcpip.sys - ok
20:48:18.0796 4888 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
20:48:18.0796 4888 C:\WINDOWS\system32\drivers\ipnat.sys - ok
20:48:18.0812 4888 [ EC979002EBA25C9D109B2FE0E03457DA ] C:\WINDOWS\system32\drivers\N360\1402000.013\symtdi.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\N360\1402000.013\symtdi.sys - ok
20:48:18.0812 4888 [ C940F10C31E2C60CC967FFD6A370720C ] C:\WINDOWS\system32\drivers\SYMEVENT.SYS
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\SYMEVENT.SYS - ok
20:48:18.0812 4888 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\wanarp.sys - ok
20:48:18.0812 4888 [ A717C8721046828520C9EDF31288FC00 ] C:\WINDOWS\system32\drivers\usbprint.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\usbprint.sys - ok
20:48:18.0812 4888 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\arp1394.sys - ok
20:48:18.0812 4888 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\usbstor.sys - ok
20:48:18.0812 4888 [ C19BF2A07BE972A110220DF6B1E89D14 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130502.001\IDSXpx86.sys
20:48:18.0812 4888 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130502.001\IDSXpx86.sys - ok
20:48:18.0812 4888 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\netbt.sys - ok
20:48:18.0812 4888 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] C:\WINDOWS\system32\drivers\tcpip6.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\tcpip6.sys - ok
20:48:18.0812 4888 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
20:48:18.0812 4888 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\afd.sys - ok
20:48:18.0812 4888 [ 3BB22519A194418D5FEC05D800A19AD0 ] C:\WINDOWS\system32\drivers\ip6fw.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\ip6fw.sys - ok
20:48:18.0812 4888 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\netbios.sys - ok
20:48:18.0812 4888 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\processr.sys - ok
20:48:18.0812 4888 [ 21AC3AE81E8263061624C4ED3B11509A ] C:\WINDOWS\system32\drivers\N360\1402000.013\srtspx.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\N360\1402000.013\srtspx.sys - ok
20:48:18.0812 4888 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\rdbss.sys - ok
20:48:18.0812 4888 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
20:48:18.0812 4888 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\fips.sys - ok
20:48:18.0812 4888 [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:48:18.0812 4888 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
20:48:18.0812 4888 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:48:18.0812 4888 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
20:48:18.0812 4888 [ 89BF5550E4FC31E3FE728E68C558BF10 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys
20:48:18.0812 4888 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys - ok
20:48:18.0812 4888 [ 5D7BE7B19E827125E016325334E58FF1 ] C:\WINDOWS\system32\drivers\BANTExt.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\BANTExt.sys - ok
20:48:18.0812 4888 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
20:48:18.0812 4888 C:\WINDOWS\system32\smss.exe - ok
20:48:18.0812 4888 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
20:48:18.0812 4888 C:\WINDOWS\system32\ntdll.dll - ok
20:48:18.0812 4888 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
20:48:18.0812 4888 C:\WINDOWS\system32\autochk.exe - ok
20:48:18.0812 4888 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\fastfat.sys - ok
20:48:18.0812 4888 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
20:48:18.0812 4888 C:\WINDOWS\system32\sfcfiles.dll - ok
20:48:18.0812 4888 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\wmilib.sys - ok
20:48:18.0812 4888 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\atapi.sys - ok
20:48:18.0812 4888 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\dxapi.sys - ok
20:48:18.0812 4888 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
20:48:18.0812 4888 C:\WINDOWS\system32\watchdog.sys - ok
20:48:18.0812 4888 [ 860AC2E4711D2DACF12D98A42105A611 ] C:\WINDOWS\system32\win32k.sys
20:48:18.0812 4888 C:\WINDOWS\system32\win32k.sys - ok
20:48:18.0812 4888 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
20:48:18.0812 4888 C:\WINDOWS\system32\csrss.exe - ok
20:48:18.0812 4888 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
20:48:18.0812 4888 C:\WINDOWS\system32\csrsrv.dll - ok
20:48:18.0812 4888 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:48:18.0812 4888 C:\WINDOWS\system32\basesrv.dll - ok
20:48:18.0812 4888 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
20:48:18.0812 4888 C:\WINDOWS\system32\winsrv.dll - ok
20:48:18.0812 4888 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
20:48:18.0812 4888 C:\WINDOWS\system32\gdi32.dll - ok
20:48:18.0812 4888 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
20:48:18.0812 4888 C:\WINDOWS\system32\kernel32.dll - ok
20:48:18.0812 4888 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
20:48:18.0812 4888 C:\WINDOWS\system32\user32.dll - ok
20:48:18.0812 4888 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\dxg.sys - ok
20:48:18.0812 4888 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
20:48:18.0812 4888 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
20:48:18.0812 4888 [ DB657A9A87C7382DFD572E37497DEFBD ] C:\WINDOWS\system32\ati2cqag.dll
20:48:18.0812 4888 C:\WINDOWS\system32\ati2cqag.dll - ok
20:48:18.0812 4888 [ BB75D5D6A3E35683E5E228E265628271 ] C:\WINDOWS\system32\ati2dvag.dll
20:48:18.0812 4888 C:\WINDOWS\system32\ati2dvag.dll - ok
20:48:18.0812 4888 [ 52EBB5246A0141AE4642A5698B18261D ] C:\WINDOWS\system32\atikvmag.dll
20:48:18.0812 4888 C:\WINDOWS\system32\atikvmag.dll - ok
20:48:18.0812 4888 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
20:48:18.0812 4888 C:\WINDOWS\system32\vga.dll - ok
20:48:18.0812 4888 [ 73B59BE8CFEF9C4E3074CB22CCEB3ADC ] C:\WINDOWS\system32\ati3duag.dll
20:48:18.0812 4888 C:\WINDOWS\system32\ati3duag.dll - ok
20:48:18.0812 4888 [ 26064DDB01A4FCC152304A5ACBE0180D ] C:\WINDOWS\system32\ativvaxx.dll
20:48:18.0812 4888 C:\WINDOWS\system32\ativvaxx.dll - ok
20:48:18.0812 4888 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
20:48:18.0812 4888 C:\WINDOWS\system32\advapi32.dll - ok
20:48:18.0812 4888 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
20:48:18.0812 4888 C:\WINDOWS\system32\winlogon.exe - ok
20:48:18.0828 4888 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
20:48:18.0828 4888 C:\WINDOWS\system32\rpcrt4.dll - ok
20:48:18.0828 4888 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\secur32.dll - ok
20:48:18.0828 4888 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
20:48:18.0828 4888 C:\WINDOWS\system32\authz.dll - ok
20:48:18.0828 4888 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
20:48:18.0828 4888 C:\WINDOWS\system32\msvcrt.dll - ok
20:48:18.0828 4888 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\crypt32.dll - ok
20:48:18.0828 4888 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
20:48:18.0828 4888 C:\WINDOWS\system32\msasn1.dll - ok
20:48:18.0828 4888 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
20:48:18.0828 4888 C:\WINDOWS\system32\nddeapi.dll - ok
20:48:18.0828 4888 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\netapi32.dll - ok
20:48:18.0828 4888 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
20:48:18.0828 4888 C:\WINDOWS\system32\profmap.dll - ok
20:48:18.0828 4888 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
20:48:18.0828 4888 C:\WINDOWS\system32\userenv.dll - ok
20:48:18.0828 4888 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
20:48:18.0828 4888 C:\WINDOWS\system32\psapi.dll - ok
20:48:18.0828 4888 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
20:48:18.0828 4888 C:\WINDOWS\system32\regapi.dll - ok
20:48:18.0828 4888 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
20:48:18.0828 4888 C:\WINDOWS\system32\setupapi.dll - ok
20:48:18.0828 4888 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
20:48:18.0828 4888 C:\WINDOWS\system32\version.dll - ok
20:48:18.0828 4888 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
20:48:18.0828 4888 C:\WINDOWS\system32\winsta.dll - ok
20:48:18.0828 4888 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
20:48:18.0828 4888 C:\WINDOWS\system32\wintrust.dll - ok
20:48:18.0828 4888 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
20:48:18.0828 4888 C:\WINDOWS\system32\imagehlp.dll - ok
20:48:18.0828 4888 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\ws2_32.dll - ok
20:48:18.0828 4888 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
20:48:18.0828 4888 C:\WINDOWS\system32\ws2help.dll - ok
20:48:18.0828 4888 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\imm32.dll - ok
20:48:18.0828 4888 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
20:48:18.0828 4888 C:\WINDOWS\system32\kbdus.dll - ok
20:48:18.0828 4888 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
20:48:18.0828 4888 C:\WINDOWS\system32\msgina.dll - ok
20:48:18.0828 4888 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\comctl32.dll - ok
20:48:18.0828 4888 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\odbc32.dll - ok
20:48:18.0828 4888 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\comdlg32.dll - ok
20:48:18.0828 4888 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\shell32.dll - ok
20:48:18.0828 4888 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
20:48:18.0828 4888 C:\WINDOWS\system32\shlwapi.dll - ok
20:48:18.0828 4888 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
20:48:18.0828 4888 C:\WINDOWS\system32\sxs.dll - ok
20:48:18.0828 4888 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
20:48:18.0828 4888 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
20:48:18.0828 4888 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
20:48:18.0828 4888 C:\WINDOWS\system32\odbcint.dll - ok
20:48:18.0828 4888 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
20:48:18.0828 4888 C:\WINDOWS\system32\shsvcs.dll - ok
20:48:18.0828 4888 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
20:48:18.0828 4888 C:\WINDOWS\system32\sfc.dll - ok
20:48:18.0828 4888 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
20:48:18.0828 4888 C:\WINDOWS\system32\sfc_os.dll - ok
20:48:18.0828 4888 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\ole32.dll - ok
20:48:18.0828 4888 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
20:48:18.0828 4888 C:\WINDOWS\system32\apphelp.dll - ok
20:48:18.0828 4888 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:48:18.0828 4888 C:\WINDOWS\system32\services.exe - ok
20:48:18.0828 4888 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
20:48:18.0828 4888 C:\WINDOWS\system32\ncobjapi.dll - ok
20:48:18.0828 4888 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
20:48:18.0828 4888 C:\WINDOWS\system32\msvcp60.dll - ok
20:48:18.0828 4888 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
20:48:18.0828 4888 C:\WINDOWS\system32\lsasrv.dll - ok
20:48:18.0828 4888 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
20:48:18.0828 4888 C:\WINDOWS\system32\lsass.exe - ok
20:48:18.0828 4888 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
20:48:18.0828 4888 C:\WINDOWS\system32\scesrv.dll - ok
20:48:18.0828 4888 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
20:48:18.0828 4888 C:\WINDOWS\system32\mpr.dll - ok
20:48:18.0828 4888 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
20:48:18.0828 4888 C:\WINDOWS\system32\umpnpmgr.dll - ok
20:48:18.0828 4888 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
20:48:18.0828 4888 C:\WINDOWS\system32\ntdsapi.dll - ok
20:48:18.0828 4888 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
20:48:18.0828 4888 C:\WINDOWS\system32\dnsapi.dll - ok
20:48:18.0828 4888 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
20:48:18.0828 4888 C:\WINDOWS\system32\shimeng.dll - ok
20:48:18.0828 4888 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
20:48:18.0828 4888 C:\WINDOWS\AppPatch\acadproc.dll - ok
20:48:18.0828 4888 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
20:48:18.0828 4888 C:\WINDOWS\system32\samlib.dll - ok
20:48:18.0828 4888 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
20:48:18.0828 4888 C:\WINDOWS\system32\samsrv.dll - ok
20:48:18.0828 4888 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\wldap32.dll - ok
20:48:18.0828 4888 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
20:48:18.0828 4888 C:\WINDOWS\AppPatch\acgenral.dll - ok
20:48:18.0828 4888 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
20:48:18.0828 4888 C:\WINDOWS\system32\cryptdll.dll - ok
20:48:18.0828 4888 [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
20:48:18.0828 4888 C:\WINDOWS\system32\oleaut32.dll - ok
20:48:18.0843 4888 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
20:48:18.0843 4888 C:\WINDOWS\system32\winmm.dll - ok
20:48:18.0843 4888 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
20:48:18.0843 4888 C:\WINDOWS\system32\msacm32.dll - ok
20:48:18.0843 4888 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
20:48:18.0843 4888 C:\WINDOWS\system32\uxtheme.dll - ok
20:48:18.0843 4888 [ 4FADE0EC0C3306D1800B5F7B248F45E7 ] C:\WINDOWS\system32\DrvTrNTm.dll
20:48:18.0843 4888 C:\WINDOWS\system32\DrvTrNTm.dll - ok
20:48:18.0843 4888 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
20:48:18.0843 4888 C:\WINDOWS\system32\msapsspc.dll - ok
20:48:18.0843 4888 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
20:48:18.0843 4888 C:\WINDOWS\system32\msvcrt40.dll - ok
20:48:18.0843 4888 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
20:48:18.0843 4888 C:\WINDOWS\system32\schannel.dll - ok
20:48:18.0843 4888 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
20:48:18.0843 4888 C:\WINDOWS\system32\digest.dll - ok
20:48:18.0843 4888 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
20:48:18.0843 4888 C:\WINDOWS\system32\msnsspc.dll - ok
20:48:18.0843 4888 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
20:48:18.0843 4888 C:\WINDOWS\system32\msprivs.dll - ok
20:48:18.0843 4888 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
20:48:18.0843 4888 C:\WINDOWS\system32\kerberos.dll - ok
20:48:18.0843 4888 [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
20:48:18.0843 4888 C:\WINDOWS\system32\msctfime.ime - ok
20:48:18.0843 4888 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
20:48:18.0843 4888 C:\WINDOWS\system32\msv1_0.dll - ok
20:48:18.0843 4888 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
20:48:18.0843 4888 C:\WINDOWS\system32\iphlpapi.dll - ok
20:48:18.0843 4888 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
20:48:18.0843 4888 C:\WINDOWS\system32\netlogon.dll - ok
20:48:18.0843 4888 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
20:48:18.0843 4888 C:\WINDOWS\system32\atmfd.dll - ok
20:48:18.0843 4888 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
20:48:18.0843 4888 C:\WINDOWS\system32\w32time.dll - ok
20:48:18.0843 4888 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
20:48:18.0843 4888 C:\WINDOWS\system32\wdigest.dll - ok
20:48:18.0843 4888 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
20:48:18.0843 4888 C:\WINDOWS\system32\rsaenh.dll - ok
20:48:18.0843 4888 [ 15F358C5E19C441014D559AAE6C8A2E5 ] C:\WINDOWS\system32\relog_ap.dll
20:48:18.0843 4888 C:\WINDOWS\system32\relog_ap.dll - ok
20:48:18.0843 4888 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
20:48:18.0843 4888 C:\WINDOWS\system32\winscard.dll - ok
20:48:18.0843 4888 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
20:48:18.0843 4888 C:\WINDOWS\system32\wtsapi32.dll - ok
20:48:18.0843 4888 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
20:48:18.0843 4888 C:\WINDOWS\system32\scecli.dll - ok
20:48:18.0843 4888 [ B0B3122BFF3910E0BA97014045467778 ] C:\WINDOWS\system32\drivers\tifsfilt.sys
20:48:18.0843 4888 C:\WINDOWS\system32\drivers\tifsfilt.sys - ok
20:48:18.0843 4888 [ 48AAE4C5E13611ED49C68F06857FF930 ] C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
20:48:18.0843 4888 C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE - ok
20:48:18.0843 4888 [ 7DE363A7E337159FC4C4B9421BBC62C0 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\UMEngx86.dll
20:48:18.0843 4888 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\UMEngx86.dll - ok
20:48:18.0843 4888 [ AE0B91AABE110D8B97BD4302908B198D ] C:\PROGRA~1\ENIGMA~1\SPYHUN~1\Common.dll
20:48:18.0843 4888 C:\PROGRA~1\ENIGMA~1\SPYHUN~1\Common.dll - ok
20:48:18.0843 4888 [ D21352BCAAB174948EB9672BC203BB0F ] C:\WINDOWS\system32\ati2evxx.exe
20:48:18.0843 4888 C:\WINDOWS\system32\ati2evxx.exe - ok
20:48:18.0843 4888 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
20:48:18.0843 4888 C:\WINDOWS\system32\ntmarta.dll - ok
20:48:18.0843 4888 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
20:48:18.0843 4888 C:\WINDOWS\system32\svchost.exe - ok
20:48:18.0843 4888 [ 43098CEBE1EAD67130A5440F7A17DF40 ] C:\WINDOWS\system32\ati2edxx.dll
20:48:18.0843 4888 C:\WINDOWS\system32\ati2edxx.dll - ok
20:48:18.0843 4888 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
20:48:18.0843 4888 C:\WINDOWS\system32\rpcss.dll - ok
20:48:18.0843 4888 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
20:48:18.0843 4888 C:\WINDOWS\system32\eventlog.dll - ok
20:48:18.0843 4888 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
20:48:18.0843 4888 C:\WINDOWS\system32\logonui.exe - ok
20:48:18.0843 4888 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
20:48:18.0843 4888 C:\WINDOWS\system32\duser.dll - ok
20:48:18.0843 4888 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
20:48:18.0843 4888 C:\WINDOWS\system32\xpsp2res.dll - ok
20:48:18.0843 4888 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
20:48:18.0843 4888 C:\WINDOWS\system32\msimg32.dll - ok
20:48:18.0843 4888 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
20:48:18.0843 4888 C:\WINDOWS\system32\oleacc.dll - ok
20:48:18.0843 4888 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
20:48:18.0843 4888 C:\WINDOWS\system32\clbcatq.dll - ok
20:48:18.0843 4888 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
20:48:18.0843 4888 C:\WINDOWS\system32\comres.dll - ok
20:48:18.0843 4888 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
20:48:18.0843 4888 C:\WINDOWS\system32\shgina.dll - ok
20:48:18.0843 4888 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
20:48:18.0843 4888 C:\WINDOWS\system32\mswsock.dll - ok
20:48:18.0843 4888 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
20:48:18.0843 4888 C:\WINDOWS\system32\hnetcfg.dll - ok
20:48:18.0843 4888 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
20:48:18.0843 4888 C:\WINDOWS\system32\wshtcpip.dll - ok
20:48:18.0843 4888 [ 60B8C0DB5A8E4D7B4712DF66D6FF2788 ] C:\WINDOWS\system32\wship6.dll
20:48:18.0843 4888 C:\WINDOWS\system32\wship6.dll - ok
20:48:18.0843 4888 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
20:48:18.0843 4888 C:\WINDOWS\system32\winrnr.dll - ok
20:48:18.0843 4888 [ 5F2917842D9FBB4CB11F76B0C00A1F5B ] C:\Program Files\Bonjour\mdnsNSP.dll
20:48:18.0843 4888 C:\Program Files\Bonjour\mdnsNSP.dll - ok
20:48:18.0843 4888 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
20:48:18.0843 4888 C:\WINDOWS\system32\rasadhlp.dll - ok
20:48:18.0843 4888 [ F45DD1E1365D857DD08BC23563370D0E ] C:\Program Files\Windows Defender\MsMpEng.exe
20:48:18.0843 4888 C:\Program Files\Windows Defender\MsMpEng.exe - ok
20:48:18.0843 4888 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
20:48:18.0843 4888 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
20:48:18.0859 4888 [ 64898BEA32C12BADDA4218BE88DBD595 ] C:\Program Files\Windows Defender\MpSvc.dll
20:48:18.0859 4888 C:\Program Files\Windows Defender\MpSvc.dll - ok
20:48:18.0859 4888 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
20:48:18.0859 4888 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
20:48:18.0859 4888 [ 6F44DD636C791B70ADE78FE974BE0A1D ] C:\Program Files\Windows Defender\MpClient.dll
20:48:18.0859 4888 C:\Program Files\Windows Defender\MpClient.dll - ok
20:48:18.0859 4888 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
20:48:18.0859 4888 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
20:48:18.0859 4888 [ 92AF7C28C332C1AA1D9F1ED46CCEA7A2 ] C:\WINDOWS\system32\ati2evxx.dll
20:48:18.0859 4888 C:\WINDOWS\system32\ati2evxx.dll - ok
20:48:18.0859 4888 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
20:48:18.0859 4888 C:\WINDOWS\system32\dhcpcsvc.dll - ok
20:48:18.0859 4888 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
20:48:18.0859 4888 C:\WINDOWS\system32\dnsrslvr.dll - ok
20:48:18.0859 4888 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
20:48:18.0859 4888 C:\WINDOWS\system32\cscdll.dll - ok
20:48:18.0859 4888 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
20:48:18.0859 4888 C:\WINDOWS\system32\dimsntfy.dll - ok
20:48:18.0859 4888 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
20:48:18.0859 4888 C:\WINDOWS\system32\wlnotify.dll - ok
20:48:18.0859 4888 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
20:48:18.0859 4888 C:\WINDOWS\system32\winspool.drv - ok
20:48:18.0859 4888 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
20:48:18.0859 4888 C:\WINDOWS\system32\lmhsvc.dll - ok
20:48:18.0859 4888 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
20:48:18.0859 4888 C:\WINDOWS\system32\wzcsvc.dll - ok
20:48:18.0859 4888 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
20:48:18.0859 4888 C:\WINDOWS\system32\rtutils.dll - ok
20:48:18.0859 4888 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
20:48:18.0859 4888 C:\WINDOWS\system32\wmi.dll - ok
20:48:18.0859 4888 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
20:48:18.0859 4888 C:\WINDOWS\system32\eapolqec.dll - ok
20:48:18.0859 4888 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
20:48:18.0859 4888 C:\WINDOWS\system32\atl.dll - ok
20:48:18.0859 4888 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
20:48:18.0859 4888 C:\WINDOWS\system32\qutil.dll - ok
20:48:18.0859 4888 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
20:48:18.0859 4888 C:\WINDOWS\system32\dot3api.dll - ok
20:48:18.0859 4888 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
20:48:18.0859 4888 C:\WINDOWS\system32\esent.dll - ok
20:48:18.0859 4888 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
20:48:18.0859 4888 C:\WINDOWS\system32\rastls.dll - ok
20:48:18.0859 4888 [ 5FC8307E040C2E95EA4F486C8379FB64 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{AE64BFDB-A95A-4523-A80C-226ECA3A38D9}\mpengine.dll
20:48:18.0859 4888 C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{AE64BFDB-A95A-4523-A80C-226ECA3A38D9}\mpengine.dll - ok
20:48:18.0859 4888 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
20:48:18.0859 4888 C:\WINDOWS\system32\cryptui.dll - ok
20:48:18.0859 4888 [ DA5B96A293B006572209E5EAC9F3A045 ] C:\WINDOWS\system32\wininet.dll
20:48:18.0859 4888 C:\WINDOWS\system32\wininet.dll - ok
20:48:18.0859 4888 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
20:48:18.0859 4888 C:\WINDOWS\system32\normaliz.dll - ok
20:48:18.0859 4888 [ A9D17E2AFAB5EB5C4920D8E07505D3CA ] C:\WINDOWS\system32\urlmon.dll
20:48:18.0859 4888 C:\WINDOWS\system32\urlmon.dll - ok
20:48:18.0859 4888 [ BD485DBD15FFA3286A75906E4C4DD914 ] C:\WINDOWS\system32\iertutil.dll
20:48:18.0859 4888 C:\WINDOWS\system32\iertutil.dll - ok
20:48:18.0859 4888 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
20:48:18.0859 4888 C:\WINDOWS\system32\mprapi.dll - ok
20:48:18.0859 4888 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
20:48:18.0859 4888 C:\WINDOWS\system32\activeds.dll - ok
20:48:18.0859 4888 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
20:48:18.0859 4888 C:\WINDOWS\system32\adsldpc.dll - ok
20:48:18.0859 4888 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
20:48:18.0859 4888 C:\WINDOWS\system32\rasapi32.dll - ok
20:48:18.0859 4888 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
20:48:18.0859 4888 C:\WINDOWS\system32\rasman.dll - ok
20:48:18.0859 4888 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
20:48:18.0859 4888 C:\WINDOWS\system32\tapi32.dll - ok
20:48:18.0859 4888 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
20:48:18.0859 4888 C:\WINDOWS\system32\riched20.dll - ok
20:48:18.0859 4888 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
20:48:18.0859 4888 C:\WINDOWS\system32\raschap.dll - ok
20:48:18.0859 4888 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
20:48:18.0859 4888 C:\WINDOWS\system32\schedsvc.dll - ok
20:48:18.0859 4888 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
20:48:18.0859 4888 C:\WINDOWS\system32\msidle.dll - ok
20:48:18.0859 4888 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
20:48:18.0859 4888 C:\WINDOWS\system32\spoolsv.exe - ok
20:48:18.0859 4888 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
20:48:18.0859 4888 C:\WINDOWS\system32\audiosrv.dll - ok
20:48:18.0859 4888 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
20:48:18.0859 4888 C:\WINDOWS\system32\wkssvc.dll - ok
20:48:18.0859 4888 [ 84C07D29912726032A583AEA2FF29B7D ] C:\Program Files\Windows Defender\MpRtPlug.dll
20:48:18.0859 4888 C:\Program Files\Windows Defender\MpRtPlug.dll - ok
20:48:18.0859 4888 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
20:48:18.0859 4888 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
20:48:18.0859 4888 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
20:48:18.0859 4888 C:\WINDOWS\system32\webclnt.dll - ok
20:48:18.0859 4888 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
20:48:18.0859 4888 C:\WINDOWS\system32\drivers\serial.sys - ok
20:48:18.0859 4888 [ 6416F9B6B220F0A890525C38235AFAD7 ] C:\Program Files\LSI SoftModem\agrsmsvc.exe
20:48:18.0859 4888 C:\Program Files\LSI SoftModem\agrsmsvc.exe - ok
20:48:18.0859 4888 [ 85180CF88C5EBAD73B452A43A004CA51 ] C:\Program Files\Common Files\aol\acs\AOLacsd.exe
20:48:18.0859 4888 C:\Program Files\Common Files\aol\acs\AOLacsd.exe - ok
20:48:18.0859 4888 [ 386914F677F489C8AFCB1ED53092968B ] C:\Program Files\Common Files\aol\acs\AOLacsd.dll
20:48:18.0859 4888 C:\Program Files\Common Files\aol\acs\AOLacsd.dll - ok
20:48:18.0859 4888 [ 4B8FF89DCC1AB4ACA9B6B2A0B3814131 ] C:\Program Files\Common Files\aol\acs\xpat.dll
20:48:18.0859 4888 C:\Program Files\Common Files\aol\acs\xpat.dll - ok
20:48:18.0859 4888 [ C6B2AD321E6C12E12898D1CAE587D0D5 ] C:\Program Files\Common Files\aol\acs\shfolder.dll
20:48:18.0859 4888 C:\Program Files\Common Files\aol\acs\shfolder.dll - ok
20:48:18.0859 4888 [ A9FFC3CDCD2785D11B9460509B056413 ] C:\Program Files\Common Files\aol\acs\ACSMDiag.dll
20:48:18.0859 4888 C:\Program Files\Common Files\aol\acs\ACSMDiag.dll - ok
20:48:18.0875 4888 [ 628C28F3B0F227266573EFD19FAA9EB6 ] C:\Program Files\Common Files\aol\AOLDiag\tbdiag.dll
20:48:18.0875 4888 C:\Program Files\Common Files\aol\AOLDiag\tbdiag.dll - ok
20:48:18.0875 4888 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:48:18.0875 4888 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
20:48:18.0875 4888 [ DDDD1D04D5F4360371BC99C7C476F70D ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
20:48:18.0875 4888 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
20:48:18.0875 4888 [ A78F8B9BDD0027D17FB5BA5179944122 ] C:\Program Files\Common Files\aol\acs\ACSCmn.dll
20:48:18.0875 4888 C:\Program Files\Common Files\aol\acs\ACSCmn.dll - ok
20:48:18.0875 4888 [ BC485253D079F28BA398294465D13A21 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
20:48:18.0875 4888 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
20:48:18.0875 4888 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
20:48:18.0875 4888 C:\WINDOWS\system32\wsock32.dll - ok
20:48:18.0875 4888 [ CEF20CB83B36EC2DBB99D38DC80FC826 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
20:48:18.0875 4888 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
20:48:18.0875 4888 [ 554BD99F802FCC7BFE7FA7102384A2D2 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
20:48:18.0875 4888 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
20:48:18.0875 4888 [ C9680F06E51DB8B9A0772C20F3E10DB6 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
20:48:18.0875 4888 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
20:48:18.0875 4888 [ F64A630C746DCEFB640FE724F911D317 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
20:48:18.0875 4888 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
20:48:18.0875 4888 [ 39C821EF59F82FF6CDCCA768E5E36BBE ] C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll
20:48:18.0875 4888 C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll - ok
20:48:18.0875 4888 [ 3075B86A8EE385CADA46F69386430FCF ] C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll
20:48:18.0875 4888 C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll - ok
20:48:18.0875 4888 [ 608E159EC424C6B54D04ABFDF2E8F8B0 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll
20:48:18.0875 4888 C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll - ok
20:48:18.0875 4888 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] C:\WINDOWS\arservice.exe
20:48:18.0875 4888 C:\WINDOWS\arservice.exe - ok
20:48:18.0875 4888 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
20:48:18.0875 4888 C:\WINDOWS\system32\powrprof.dll - ok
20:48:18.0875 4888 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
20:48:18.0875 4888 C:\WINDOWS\system32\wdmaud.drv - ok
20:48:18.0875 4888 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
20:48:18.0875 4888 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
20:48:18.0875 4888 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
20:48:18.0875 4888 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
20:48:18.0875 4888 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
20:48:18.0875 4888 C:\WINDOWS\system32\drivers\splitter.sys - ok
20:48:18.0875 4888 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
20:48:18.0875 4888 C:\WINDOWS\system32\drivers\aec.sys - ok
20:48:18.0875 4888 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
20:48:18.0875 4888 C:\WINDOWS\system32\drivers\swmidi.sys - ok
20:48:18.0875 4888 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
20:48:18.0875 4888 C:\WINDOWS\system32\drivers\dmusic.sys - ok
20:48:18.0875 4888 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
20:48:18.0875 4888 C:\WINDOWS\system32\drivers\kmixer.sys - ok
20:48:18.0875 4888 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
20:48:18.0875 4888 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
20:48:18.0875 4888 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
20:48:18.0875 4888 C:\WINDOWS\system32\midimap.dll - ok
20:48:18.0875 4888 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
20:48:18.0875 4888 C:\WINDOWS\system32\msacm32.drv - ok
20:48:18.0875 4888 [ 673CF4F6BB1FBE09331B526802FBB892 ] C:\Program Files\Bonjour\mDNSResponder.exe
20:48:18.0875 4888 C:\Program Files\Bonjour\mDNSResponder.exe - ok
20:48:18.0875 4888 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:48:18.0875 4888 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
20:48:18.0875 4888 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
20:48:18.0875 4888 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
20:48:18.0875 4888 [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
20:48:18.0875 4888 C:\WINDOWS\system32\mscoree.dll - ok
20:48:18.0875 4888 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
20:48:18.0875 4888 C:\WINDOWS\system32\cryptsvc.dll - ok
20:48:18.0875 4888 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] C:\WINDOWS\ehome\ehrecvr.exe
20:48:18.0875 4888 C:\WINDOWS\ehome\ehrecvr.exe - ok
20:48:18.0875 4888 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
20:48:18.0875 4888 C:\WINDOWS\system32\faultrep.dll - ok
20:48:18.0875 4888 [ 6D280BC969218AE4A72180F907C32913 ] C:\WINDOWS\ehome\ehTrace.dll
20:48:18.0875 4888 C:\WINDOWS\ehome\ehTrace.dll - ok
20:48:18.0875 4888 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
20:48:18.0875 4888 C:\WINDOWS\system32\certcli.dll - ok
20:48:18.0875 4888 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
20:48:18.0875 4888 C:\WINDOWS\system32\dmserver.dll - ok
20:48:18.0875 4888 [ A53243709439AC2A4C216B817F8D7411 ] C:\WINDOWS\ehome\ehSched.exe
20:48:18.0875 4888 C:\WINDOWS\ehome\ehSched.exe - ok
20:48:18.0875 4888 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
20:48:18.0875 4888 C:\WINDOWS\system32\ersvc.dll - ok
20:48:18.0875 4888 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
20:48:18.0875 4888 C:\WINDOWS\system32\es.dll - ok
20:48:18.0875 4888 [ 008DF0C9D81BD814480DD9C052893E8C ] C:\WINDOWS\ehome\ehRec.exe
20:48:18.0875 4888 C:\WINDOWS\ehome\ehRec.exe - ok
20:48:18.0875 4888 [ 83158CA47591AF55A9759B5C648B0462 ] C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe
20:48:18.0875 4888 C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe - ok
20:48:18.0875 4888 [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
20:48:18.0875 4888 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
20:48:18.0875 4888 [ 926AFC4848FF3297BB264333BF51E21F ] C:\WINDOWS\system32\sbe.dll
20:48:18.0875 4888 C:\WINDOWS\system32\sbe.dll - ok
20:48:18.0875 4888 [ E325BCDBB6DED6C89F679B8AE89E975C ] C:\WINDOWS\system32\msvidctl.dll
20:48:18.0875 4888 C:\WINDOWS\system32\msvidctl.dll - ok
20:48:18.0875 4888 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
20:48:18.0875 4888 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok
20:48:18.0875 4888 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
20:48:18.0875 4888 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok
20:48:18.0875 4888 [ CE07EC3A1BE1EA0CCDE20C45D757FE32 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
20:48:18.0875 4888 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - ok
20:48:18.0875 4888 [ BF107ACF2CDD552AABE14E8C3E62E3FC ] C:\WINDOWS\system32\quartz.dll
20:48:18.0875 4888 C:\WINDOWS\system32\quartz.dll - ok
20:48:18.0875 4888 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
20:48:18.0875 4888 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
20:48:18.0875 4888 [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files\Google\Update\1.3.21.145\goopdate.dll
20:48:18.0875 4888 C:\Program Files\Google\Update\1.3.21.145\goopdate.dll - ok
20:48:18.0875 4888 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
20:48:18.0875 4888 C:\WINDOWS\system32\msi.dll - ok
20:48:18.0875 4888 [ D3B05D063A0929BFCA6C6D7FE2F3129C ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
20:48:18.0875 4888 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok
20:48:18.0890 4888 [ AA5E22854F56C68148EB3345DBD62970 ] C:\WINDOWS\system32\devenum.dll
20:48:18.0890 4888 C:\WINDOWS\system32\devenum.dll - ok
20:48:18.0890 4888 [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
20:48:18.0890 4888 C:\WINDOWS\system32\msdmo.dll - ok
20:48:18.0890 4888 [ F1941197A42F9F373CC70042FC82C950 ] C:\WINDOWS\system32\ksproxy.ax
20:48:18.0890 4888 C:\WINDOWS\system32\ksproxy.ax - ok
20:48:18.0890 4888 [ 15914E0BF4DDA56CF797993DCCB637D1 ] C:\WINDOWS\system32\ksuser.dll
20:48:18.0890 4888 C:\WINDOWS\system32\ksuser.dll - ok
20:48:18.0890 4888 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
20:48:18.0890 4888 C:\WINDOWS\system32\msvfw32.dll - ok
20:48:18.0890 4888 [ 577E496F0D41411BF149394D80959D53 ] C:\WINDOWS\system32\imaadp32.acm
20:48:18.0890 4888 C:\WINDOWS\system32\imaadp32.acm - ok
20:48:18.0890 4888 [ C5648BE5409E0AABDA8C9047BAC8F603 ] C:\WINDOWS\system32\msadp32.acm
20:48:18.0890 4888 C:\WINDOWS\system32\msadp32.acm - ok
20:48:18.0890 4888 [ 33271A2667334B9A8842C65A079EF375 ] C:\WINDOWS\system32\msg711.acm
20:48:18.0890 4888 C:\WINDOWS\system32\msg711.acm - ok
20:48:18.0890 4888 [ 3A9846E207DAFC13009C048A2F6F8C2A ] C:\WINDOWS\system32\msgsm32.acm
20:48:18.0890 4888 C:\WINDOWS\system32\msgsm32.acm - ok
20:48:18.0890 4888 [ E8CD0D7E169ECCE2D4FD829DAAB786ED ] C:\WINDOWS\system32\tssoft32.acm
20:48:18.0890 4888 C:\WINDOWS\system32\tssoft32.acm - ok
20:48:18.0890 4888 [ 735F504DEEFE4E2AD06360FCE2842DD4 ] C:\WINDOWS\system32\tsd32.dll
20:48:18.0890 4888 C:\WINDOWS\system32\tsd32.dll - ok
20:48:18.0890 4888 [ B87F759738C52E8D6FBCDAAA84C6486F ] C:\WINDOWS\system32\msg723.acm
20:48:18.0890 4888 C:\WINDOWS\system32\msg723.acm - ok
20:48:18.0890 4888 [ 55AEEA66C5E84E3FD6CD3E933397D478 ] C:\WINDOWS\system32\msaud32.acm
20:48:18.0890 4888 C:\WINDOWS\system32\msaud32.acm - ok
20:48:18.0890 4888 [ 0DBB250A89E2E1C9281009AC269F0805 ] C:\WINDOWS\system32\sl_anet.acm
20:48:18.0890 4888 C:\WINDOWS\system32\sl_anet.acm - ok
20:48:18.0890 4888 [ 877C90686858D899B042BBA45E9B7F2C ] C:\WINDOWS\system32\iac25_32.ax
20:48:18.0890 4888 C:\WINDOWS\system32\iac25_32.ax - ok
20:48:18.0890 4888 [ C30B851A482C4549125F4209788791E6 ] C:\WINDOWS\system32\iacenc.dll
20:48:18.0890 4888 C:\WINDOWS\system32\iacenc.dll - ok
20:48:18.0890 4888 [ 807C86A105EFD58D1E3D187D2D5ECF92 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9a2b2e7c\mscorlib.dll
20:48:18.0890 4888 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9a2b2e7c\mscorlib.dll - ok
20:48:18.0890 4888 [ F3946B534CC197CBFFD9A2ECFD1F556F ] C:\WINDOWS\system32\l3codeca.acm
20:48:18.0890 4888 C:\WINDOWS\system32\l3codeca.acm - ok
20:48:18.0890 4888 [ CF1C4265A73D50A1CE97FD308CE1AFC9 ] C:\WINDOWS\system32\sirenacm.dll
20:48:18.0890 4888 C:\WINDOWS\system32\sirenacm.dll - ok
20:48:18.0890 4888 [ 01CFA88F8DEE91EC9F8E0988F49D106E ] C:\WINDOWS\system32\avicap32.dll
20:48:18.0890 4888 C:\WINDOWS\system32\avicap32.dll - ok
20:48:18.0890 4888 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
20:48:18.0890 4888 C:\WINDOWS\system32\dsound.dll - ok
20:48:18.0890 4888 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
20:48:18.0890 4888 C:\WINDOWS\system32\dbghelp.dll - ok
20:48:18.0890 4888 [ 264C642770CB6269A67AC8E0ED74419F ] C:\WINDOWS\system32\kstvtune.ax
20:48:18.0890 4888 C:\WINDOWS\system32\kstvtune.ax - ok
20:48:18.0890 4888 [ 09515D23C06928F749546E57C2400B0E ] C:\WINDOWS\system32\encapi.dll
20:48:18.0890 4888 C:\WINDOWS\system32\encapi.dll - ok
20:48:18.0890 4888 [ 94BA90C6AF5C50FF5F7A6392514C4642 ] C:\WINDOWS\system32\vidcap.ax
20:48:18.0890 4888 C:\WINDOWS\system32\vidcap.ax - ok
20:48:18.0890 4888 [ 4B834226811C402B1846DF4F7F69E6DD ] C:\WINDOWS\system32\hcwECP.ax
20:48:18.0890 4888 C:\WINDOWS\system32\hcwECP.ax - ok
20:48:18.0890 4888 [ F064DDA02AAA42BA062FF612E93E3E59 ] C:\WINDOWS\system32\hcwUtl32.dll
20:48:18.0890 4888 C:\WINDOWS\system32\hcwUtl32.dll - ok
20:48:18.0890 4888 [ C9EF69B25DFA1C0E7932CB02FB8A7E91 ] C:\WINDOWS\system32\kswdmcap.ax
20:48:18.0890 4888 C:\WINDOWS\system32\kswdmcap.ax - ok
20:48:18.0890 4888 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
20:48:18.0890 4888 C:\WINDOWS\system32\mfc42.dll - ok
20:48:18.0890 4888 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
20:48:18.0890 4888 C:\WINDOWS\system32\drivers\http.sys - ok
20:48:18.0890 4888 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
20:48:18.0890 4888 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
20:48:18.0890 4888 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
20:48:18.0890 4888 C:\WINDOWS\system32\hidserv.dll - ok
20:48:18.0890 4888 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
20:48:18.0890 4888 C:\WINDOWS\system32\hid.dll - ok
20:48:18.0890 4888 [ F9D82B82F1B7C0B2D2606A987073F58C ] C:\PROGRA~1\WIFD1F~1\MpShHook.dll
20:48:18.0890 4888 C:\PROGRA~1\WIFD1F~1\MpShHook.dll - ok
20:48:18.0890 4888 [ 19EF7FB809D3073EE60F85464E9C4C51 ] C:\PROGRA~1\Iomega\System32\AppServices.exe
20:48:18.0890 4888 C:\PROGRA~1\Iomega\System32\AppServices.exe - ok
20:48:18.0890 4888 [ BAD59648BA099DA4A17680B39730CB3D ] C:\WINDOWS\system32\drivers\mspqm.sys
20:48:18.0890 4888 C:\WINDOWS\system32\drivers\mspqm.sys - ok
20:48:18.0890 4888 [ D5C3D43D0616FF699DB771928AC0E2CD ] C:\WINDOWS\system32\ksxbar.ax
20:48:18.0890 4888 C:\WINDOWS\system32\ksxbar.ax - ok
20:48:18.0890 4888 [ 84BBA0BE8B158949AFFB18047386C461 ] C:\WINDOWS\system32\mpg2splt.ax
20:48:18.0890 4888 C:\WINDOWS\system32\mpg2splt.ax - ok
20:48:18.0890 4888 [ 5739F2821D49975CEDE6BF0153D0CF01 ] C:\Program Files\Java\jre7\bin\jqs.exe
20:48:18.0890 4888 C:\Program Files\Java\jre7\bin\jqs.exe - ok
20:48:18.0890 4888 [ 994AD0D8550B8B26990A6E3AA0791502 ] C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll
20:48:18.0890 4888 C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll - ok
20:48:18.0890 4888 [ 708ACD96E3FF9D2517C90FBA27489A4E ] C:\WINDOWS\system32\VBICodec.ax
20:48:18.0890 4888 C:\WINDOWS\system32\VBICodec.ax - ok
20:48:18.0890 4888 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
20:48:18.0890 4888 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
20:48:18.0890 4888 [ A4BD412FA3BE813C7BCC61F8ED21AEEB ] C:\WINDOWS\system32\encdec.dll
20:48:18.0890 4888 C:\WINDOWS\system32\encdec.dll - ok
20:48:18.0890 4888 [ 773E0B3E52D00AAE61AAAD1DD87FEBEF ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
20:48:18.0890 4888 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok
20:48:18.0890 4888 [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
20:48:18.0890 4888 C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
20:48:18.0890 4888 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
20:48:18.0906 4888 C:\WINDOWS\system32\mstask.dll - ok
20:48:18.0906 4888 [ 84B68C6EC17C99943F0EA68215BB2238 ] C:\WINDOWS\system32\wmdrmsdk.dll
20:48:18.0906 4888 C:\WINDOWS\system32\wmdrmsdk.dll - ok
20:48:18.0906 4888 [ 55C30168142479C602BD456AC4E230B0 ] C:\WINDOWS\system32\MFPLAT.dll
20:48:18.0906 4888 C:\WINDOWS\system32\MFPLAT.dll - ok
20:48:18.0906 4888 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
20:48:18.0906 4888 C:\WINDOWS\system32\pdh.dll - ok
20:48:18.0906 4888 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
20:48:18.0906 4888 C:\WINDOWS\system32\odbcbcp.dll - ok
20:48:18.0906 4888 [ E989E4BADCCCF78E18AABF3D42B306CE ] C:\WINDOWS\system32\drmv2clt.dll
20:48:18.0906 4888 C:\WINDOWS\system32\drmv2clt.dll - ok
20:48:18.0906 4888 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
20:48:18.0906 4888 C:\WINDOWS\system32\srvsvc.dll - ok
20:48:18.0906 4888 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
20:48:18.0906 4888 C:\WINDOWS\system32\netmsg.dll - ok
20:48:18.0906 4888 [ 7EAD5B1095AA4A481271A0998397FE83 ] C:\Program Files\Learning Like Crazy\Verbarrator\update.exe
20:48:18.0906 4888 C:\Program Files\Learning Like Crazy\Verbarrator\update.exe - ok
20:48:18.0906 4888 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
20:48:18.0906 4888 C:\WINDOWS\system32\drivers\srv.sys - ok
20:48:18.0906 4888 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
20:48:18.0906 4888 C:\WINDOWS\system32\perfos.dll - ok
20:48:18.0906 4888 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
20:48:18.0906 4888 C:\WINDOWS\system32\perfdisk.dll - ok
20:48:18.0906 4888 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
20:48:18.0906 4888 C:\WINDOWS\system32\spoolss.dll - ok
20:48:18.0906 4888 [ 515383A387685564CA99542739D48E55 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
20:48:18.0906 4888 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok
20:48:18.0906 4888 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
20:48:18.0906 4888 C:\WINDOWS\system32\localspl.dll - ok
20:48:18.0906 4888 [ 73B44FE5423982B2709D6EA2F674B807 ] C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
20:48:18.0906 4888 C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll - ok
20:48:18.0906 4888 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
20:48:18.0906 4888 C:\WINDOWS\system32\cnbjmon.dll - ok
20:48:18.0906 4888 [ D390D81293F69C5724263449ACA17AE6 ] C:\WINDOWS\system32\CNCALAZ.DLL
20:48:18.0906 4888 C:\WINDOWS\system32\CNCALAZ.DLL - ok
20:48:18.0906 4888 [ 559C9B7800FAC92FC515CD0003D7C631 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:48:18.0906 4888 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
20:48:18.0906 4888 [ DF6BE05B03F506A62B3EB786D0336ED1 ] C:\WINDOWS\system32\CNMLM7Q.DLL
20:48:18.0906 4888 C:\WINDOWS\system32\CNMLM7Q.DLL - ok
20:48:18.0906 4888 [ 938437451AFFAE8F76E0145D81D7960C ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
20:48:18.0906 4888 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
20:48:18.0906 4888 [ 0389A3348F370E9B0DCF77E55B80281F ] C:\WINDOWS\system32\CNMLMAZ.DLL
20:48:18.0906 4888 C:\WINDOWS\system32\CNMLMAZ.DLL - ok
20:48:18.0906 4888 [ CF259D14E763F6EF88767655F9D64D0E ] C:\Program Files\Common Files\LightScribe\LSLog.dll
20:48:18.0906 4888 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
20:48:18.0906 4888 [ 11F714F85530A2BD134074DC30E99FCA ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:48:18.0906 4888 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
20:48:18.0906 4888 [ 28BD81378C1D1B267E66827B628114DD ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
20:48:18.0906 4888 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok
20:48:18.0906 4888 [ 915BC36C1F6BF3FAA55E2BC3CED08101 ] C:\WINDOWS\system32\CNMNPPM.DLL
20:48:18.0906 4888 C:\WINDOWS\system32\CNMNPPM.DLL - ok
20:48:18.0906 4888 [ 8BA39E5F79366F45AF9759C1DAE346AE ] C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
20:48:18.0906 4888 C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll - ok
20:48:18.0906 4888 [ 4A9258B9597A31DB68EC9740F3A8A70B ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccsvchst.exe
20:48:18.0906 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccsvchst.exe - ok
20:48:18.0906 4888 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\msvcp100.dll
20:48:18.0906 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\msvcp100.dll - ok
20:48:18.0906 4888 [ CF9EEA7F51101A281B99FCA7AFFA2524 ] C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
20:48:18.0906 4888 C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll - ok
20:48:18.0906 4888 [ 952FDCF800BB46B5CF8DDA72FFFDABB2 ] C:\WINDOWS\system32\CNCF2Lb.DLL
20:48:18.0906 4888 C:\WINDOWS\system32\CNCF2Lb.DLL - ok
20:48:18.0906 4888 [ 0967D9749326622FA8FDE688CA126736 ] C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
20:48:18.0906 4888 C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll - ok
20:48:18.0906 4888 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
20:48:18.0906 4888 C:\WINDOWS\system32\drivers\cdfs.sys - ok
20:48:18.0906 4888 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\msvcr100.dll
20:48:18.0906 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\msvcr100.dll - ok
20:48:18.0906 4888 [ E0B83ADFB16D794A0D207FE119D03182 ] C:\WINDOWS\system32\HPTcpMon.dll
20:48:18.0906 4888 C:\WINDOWS\system32\HPTcpMon.dll - ok
20:48:18.0906 4888 [ B6335A2EFBF0B4B7D4080E8B933A9F9B ] C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
20:48:18.0906 4888 C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll - ok
20:48:18.0906 4888 [ B85EC14C7A5F7B2C8D70D4443486DD77 ] C:\WINDOWS\system32\hpzjrd01.dll
20:48:18.0906 4888 C:\WINDOWS\system32\hpzjrd01.dll - ok
20:48:18.0906 4888 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
20:48:18.0906 4888 C:\WINDOWS\system32\clusapi.dll - ok
20:48:18.0906 4888 [ 2F1C8714F66F3F0DDCB6D5A16F8CB32E ] C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
20:48:18.0906 4888 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok
20:48:18.0906 4888 [ 5CC3838902A9257B79BD43F56D8B7275 ] C:\WINDOWS\system32\HPTcpMUI.dll
20:48:18.0906 4888 C:\WINDOWS\system32\HPTcpMUI.dll - ok
20:48:18.0906 4888 [ 36247C6D5E1FE03A56EE81BB99D7E68C ] C:\WINDOWS\system32\HPTcpMib.dll
20:48:18.0906 4888 C:\WINDOWS\system32\HPTcpMib.dll - ok
20:48:18.0906 4888 [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll
20:48:18.0906 4888 C:\WINDOWS\system32\mgmtapi.dll - ok
20:48:18.0906 4888 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
20:48:18.0906 4888 C:\WINDOWS\system32\snmpapi.dll - ok
20:48:18.0906 4888 [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
20:48:18.0906 4888 C:\WINDOWS\system32\wsnmp32.dll - ok
20:48:18.0906 4888 [ 6B94178802A0F6AB5418DF08C7554020 ] C:\WINDOWS\system32\hpzlnt04.dll
20:48:18.0906 4888 C:\WINDOWS\system32\hpzlnt04.dll - ok
20:48:18.0906 4888 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll
20:48:18.0906 4888 C:\WINDOWS\system32\mdimon.dll - ok
20:48:18.0906 4888 [ CC6292CA575E851E5B74BF8883AB967A ] C:\WINDOWS\system32\fxsmon.dll
20:48:18.0906 4888 C:\WINDOWS\system32\fxsmon.dll - ok
20:48:18.0906 4888 [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
20:48:18.0906 4888 C:\WINDOWS\system32\fxsevent.dll - ok
20:48:18.0906 4888 [ 1574DD9D409F2DC45CF82C22B99164A4 ] C:\WINDOWS\system32\pdfcmnnt.dll
20:48:18.0906 4888 C:\WINDOWS\system32\pdfcmnnt.dll - ok
20:48:18.0906 4888 [ 947D20D286D8C8D9405158DD13EC7D00 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccl120u.dll
20:48:18.0906 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccl120u.dll - ok
20:48:18.0906 4888 [ 174DC729DC08EA761F1262CDD0D05AE4 ] C:\Documents and Settings\All Users\DRM\Cache\Indiv02.key
20:48:18.0906 4888 C:\Documents and Settings\All Users\DRM\Cache\Indiv02.key - ok
20:48:18.0906 4888 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
20:48:18.0906 4888 C:\WINDOWS\system32\pjlmon.dll - ok
20:48:18.0921 4888 [ 5C112CB49B85449C418814BDFD537379 ] C:\WINDOWS\system32\Primomonnt.dll
20:48:18.0921 4888 C:\WINDOWS\system32\Primomonnt.dll - ok
20:48:18.0921 4888 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
20:48:18.0921 4888 C:\WINDOWS\system32\tcpmon.dll - ok
20:48:18.0921 4888 [ 7B68605D297B65DAC2A2F1488C33CD62 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_b9163843\System.dll
20:48:18.0921 4888 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_b9163843\System.dll - ok
20:48:18.0921 4888 [ 8357809E111E09393633039769D96281 ] C:\WINDOWS\system32\tcpmib.dll
20:48:18.0921 4888 C:\WINDOWS\system32\tcpmib.dll - ok
20:48:18.0921 4888 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
20:48:18.0921 4888 C:\WINDOWS\system32\usbmon.dll - ok
20:48:18.0921 4888 [ FEC3ACE4D5E9B8B13C401941EE50F476 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD7Q.DLL
20:48:18.0921 4888 C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD7Q.DLL - ok
20:48:18.0921 4888 [ 1F1EAD2698F7FB15317EE12757C81B47 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAZ.DLL
20:48:18.0921 4888 C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAZ.DLL - ok
20:48:18.0921 4888 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
20:48:18.0921 4888 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
20:48:18.0921 4888 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
20:48:18.0921 4888 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
20:48:18.0921 4888 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
20:48:18.0921 4888 C:\WINDOWS\system32\win32spl.dll - ok
20:48:18.0921 4888 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
20:48:18.0921 4888 C:\WINDOWS\system32\netman.dll - ok
20:48:18.0921 4888 [ 2C148C79EEDCD3AB9830E8B66413A891 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccvrtrst.dll
20:48:18.0921 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccvrtrst.dll - ok
20:48:18.0921 4888 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
20:48:18.0921 4888 C:\WINDOWS\system32\netrap.dll - ok
20:48:18.0921 4888 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
20:48:18.0921 4888 C:\WINDOWS\system32\inetpp.dll - ok
20:48:18.0921 4888 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
20:48:18.0921 4888 C:\WINDOWS\system32\netshell.dll - ok
20:48:18.0921 4888 [ 296B4C4BF16C4DFAB2DD72D60459C223 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\efacli.dll
20:48:18.0921 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\efacli.dll - ok
20:48:18.0921 4888 [ 43A9F4F75CD6AE062817CA2091807557 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\CNCARAZ.DLL
20:48:18.0921 4888 C:\WINDOWS\system32\spool\drivers\w32x86\3\CNCARAZ.DLL - ok
20:48:18.0921 4888 [ 42500A9FC8D6A025CF2D839053A240DE ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccsvc.dll
20:48:18.0921 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccsvc.dll - ok
20:48:18.0921 4888 [ 52ABC8C57DFEE5A7AAA210CE2E9DFE73 ] C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll
20:48:18.0921 4888 C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll - ok
20:48:18.0921 4888 [ ACFF877F5C17B9360919919F10DD6072 ] C:\Program Files\Common Files\Motive\pcCMService.exe
20:48:18.0921 4888 C:\Program Files\Common Files\Motive\pcCMService.exe - ok
20:48:18.0921 4888 [ 2393B4D684AF9E3FBD26C37ACF7FB629 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\srtsp32.dll
20:48:18.0921 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\srtsp32.dll - ok
20:48:18.0921 4888 [ A93F23E481B4730AC66EF01DB51803C1 ] C:\WINDOWS\system32\hcwXDS.dll
20:48:18.0921 4888 C:\WINDOWS\system32\hcwXDS.dll - ok
20:48:18.0921 4888 [ DFFEC6479C5E00A103A44AC33A1058AA ] C:\WINDOWS\system32\WMVCore.dll
20:48:18.0921 4888 C:\WINDOWS\system32\WMVCore.dll - ok
20:48:18.0921 4888 [ 6DC6C59DCBD3AB604A9F3703BE770790 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccipc.dll
20:48:18.0921 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccipc.dll - ok
20:48:18.0921 4888 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
20:48:18.0921 4888 C:\WINDOWS\system32\credui.dll - ok
20:48:18.0921 4888 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
20:48:18.0921 4888 C:\WINDOWS\system32\dot3dlg.dll - ok
20:48:18.0921 4888 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
20:48:18.0921 4888 C:\WINDOWS\system32\onex.dll - ok
20:48:18.0921 4888 [ A4D6449CEBB5931685AE310DC2D7966D ] C:\Program Files\Common Files\Motive\pcServiceHost.exe
20:48:18.0921 4888 C:\Program Files\Common Files\Motive\pcServiceHost.exe - ok
20:48:18.0921 4888 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
20:48:18.0921 4888 C:\WINDOWS\system32\eappcfg.dll - ok
20:48:18.0921 4888 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
20:48:18.0921 4888 C:\WINDOWS\system32\eappprxy.dll - ok
20:48:18.0921 4888 [ 8F1DE0C717BEE342D9838C6A9E78DA6B ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\dimaster.dll
20:48:18.0921 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\dimaster.dll - ok
20:48:18.0921 4888 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
20:48:18.0921 4888 C:\WINDOWS\system32\wzcsapi.dll - ok
20:48:18.0921 4888 [ 254CCDC043DFADC5D5EF99B533BB1DC2 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
20:48:18.0921 4888 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll - ok
20:48:18.0921 4888 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
20:48:18.0921 4888 C:\WINDOWS\system32\winhttp.dll - ok
20:48:18.0921 4888 [ 66946DE593185983B6D05F837D452262 ] C:\WINDOWS\ehome\ehui.dll
20:48:18.0921 4888 C:\WINDOWS\ehome\ehui.dll - ok
20:48:18.0921 4888 [ 7365B5CA9747C84178D42CCA72486277 ] C:\WINDOWS\system32\wmasf.dll
20:48:18.0921 4888 C:\WINDOWS\system32\wmasf.dll - ok
20:48:18.0921 4888 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
20:48:18.0921 4888 C:\WINDOWS\system32\msftedit.dll - ok
20:48:18.0921 4888 [ 5EF95EC020E8772D12742A74F235DE4B ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccset.dll
20:48:18.0921 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccset.dll - ok
20:48:18.0921 4888 [ 7AC813E17BD960987C5DA788AF295361 ] C:\WINDOWS\ehome\ehdebug.dll
20:48:18.0921 4888 C:\WINDOWS\ehome\ehdebug.dll - ok
20:48:18.0921 4888 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
20:48:18.0921 4888 C:\WINDOWS\system32\mlang.dll - ok
20:48:18.0921 4888 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
20:48:18.0921 4888 C:\WINDOWS\system32\shfolder.dll - ok
20:48:18.0921 4888 [ 8B09F292C71D2BEDDEEF3C5466D42A6C ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\isdatasv.dll
20:48:18.0921 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\isdatasv.dll - ok
20:48:18.0921 4888 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
20:48:18.0921 4888 C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok
20:48:18.0921 4888 [ 2B2DE038AB6E84134ABD1641E2A5E451 ] C:\WINDOWS\system32\hcwCCnv2.ax
20:48:18.0921 4888 C:\WINDOWS\system32\hcwCCnv2.ax - ok
20:48:18.0921 4888 [ 4E48EA036F83BD5286578F44DDB4A6B2 ] C:\WINDOWS\system32\qasf.dll
20:48:18.0921 4888 C:\WINDOWS\system32\qasf.dll - ok
20:48:18.0921 4888 [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE
20:48:18.0921 4888 C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE - ok
20:48:18.0921 4888 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
20:48:18.0921 4888 C:\WINDOWS\system32\ipsecsvc.dll - ok
20:48:18.0921 4888 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
20:48:18.0921 4888 C:\WINDOWS\system32\oakley.dll - ok
20:48:18.0921 4888 [ DA00B148E85819771D47A357708C0B1E ] C:\WINDOWS\system32\WMVXENCD.dll
20:48:18.0921 4888 C:\WINDOWS\system32\WMVXENCD.dll - ok
20:48:18.0921 4888 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
20:48:18.0921 4888 C:\WINDOWS\system32\winipsec.dll - ok
20:48:18.0921 4888 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
20:48:18.0921 4888 C:\WINDOWS\system32\pstorsvc.dll - ok
20:48:18.0921 4888 [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
20:48:18.0921 4888 C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
20:48:18.0921 4888 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
20:48:18.0921 4888 C:\WINDOWS\system32\psbase.dll - ok
20:48:18.0921 4888 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
20:48:18.0921 4888 C:\WINDOWS\system32\msvcr100.dll - ok
20:48:18.0937 4888 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
20:48:18.0937 4888 C:\WINDOWS\system32\dssenh.dll - ok
20:48:18.0937 4888 [ CE9358C90C30074FDF4713CAE03E6DC4 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_9b3d6364\System.Xml.dll
20:48:18.0937 4888 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_9b3d6364\System.Xml.dll - ok
20:48:18.0937 4888 [ BA26DDBB7C725C2914D125377777E24F ] C:\WINDOWS\system32\WMVDECOD.dll
20:48:18.0937 4888 C:\WINDOWS\system32\WMVDECOD.dll - ok
20:48:18.0937 4888 [ 378D2F34B3E266BC15A54DD3A7664614 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\isDataPr.dll
20:48:18.0937 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\isDataPr.dll - ok
20:48:18.0937 4888 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
20:48:18.0937 4888 C:\WINDOWS\system32\regsvc.dll - ok
20:48:18.0937 4888 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
20:48:18.0937 4888 C:\WINDOWS\system32\seclogon.dll - ok
20:48:18.0937 4888 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
20:48:18.0937 4888 C:\WINDOWS\system32\sens.dll - ok
20:48:18.0937 4888 [ D94129B1417148FAC9E4AE3ED8AE9E5D ] C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
20:48:18.0937 4888 C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe - ok
20:48:18.0937 4888 [ 3550DFA6FFFBD7604DABB28DF4ABF096 ] C:\WINDOWS\ehome\custsat.dll
20:48:18.0937 4888 C:\WINDOWS\ehome\custsat.dll - ok
20:48:18.0937 4888 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe
20:48:18.0937 4888 C:\Program Files\Skype\Updater\Updater.exe - ok
20:48:18.0937 4888 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
20:48:18.0937 4888 C:\WINDOWS\system32\srsvc.dll - ok
20:48:18.0937 4888 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
20:48:18.0937 4888 C:\WINDOWS\system32\ssdpsrv.dll - ok
20:48:18.0937 4888 [ 576FF75D51B79536C3AE7659B482B7D5 ] C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
20:48:18.0937 4888 C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll - ok
20:48:18.0937 4888 [ DB5AC0F93742D926BDEAA7BB6CE591C1 ] C:\WINDOWS\system32\wmvds32.ax
20:48:18.0937 4888 C:\WINDOWS\system32\wmvds32.ax - ok
20:48:18.0937 4888 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
20:48:18.0937 4888 C:\WINDOWS\system32\termsrv.dll - ok
20:48:18.0937 4888 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
20:48:18.0937 4888 C:\WINDOWS\system32\tapisrv.dll - ok
20:48:18.0937 4888 [ B624180218BB196AD9869D5D6B454318 ] C:\Program Files\Iomega\AutoDisk\ADService.exe
20:48:18.0937 4888 C:\Program Files\Iomega\AutoDisk\ADService.exe - ok
20:48:18.0937 4888 [ 0F0F5B564C5A3C9B38A6220230252567 ] C:\WINDOWS\ehome\ehProxy.dll
20:48:18.0937 4888 C:\WINDOWS\ehome\ehProxy.dll - ok
20:48:18.0937 4888 [ 1910121659436768388ECCAB85AF4071 ] C:\Program Files\Iomega\AutoDisk\ioReady.dll
20:48:18.0937 4888 C:\Program Files\Iomega\AutoDisk\ioReady.dll - ok
20:48:18.0937 4888 [ 7C300C535ECE3301C029DFE0E17930BC ] C:\WINDOWS\system32\wmv8ds32.ax
20:48:18.0937 4888 C:\WINDOWS\system32\wmv8ds32.ax - ok
20:48:18.0937 4888 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
20:48:18.0937 4888 C:\WINDOWS\system32\trkwks.dll - ok
20:48:18.0937 4888 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
20:48:18.0937 4888 C:\WINDOWS\system32\icaapi.dll - ok
20:48:18.0937 4888 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
20:48:18.0937 4888 C:\WINDOWS\system32\mstlsapi.dll - ok
20:48:18.0937 4888 [ 6F640DC052CF77161A23E29261593793 ] C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
20:48:18.0937 4888 C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll - ok
20:48:18.0937 4888 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
20:48:18.0937 4888 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
20:48:18.0937 4888 [ 1B07A175D99D789F340D0C270F8AC1EB ] C:\Program Files\Iomega\AutoDisk\IomIcons.dll
20:48:18.0937 4888 C:\Program Files\Iomega\AutoDisk\IomIcons.dll - ok
20:48:18.0937 4888 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
20:48:18.0937 4888 C:\WINDOWS\system32\wiaservc.dll - ok
20:48:18.0937 4888 [ C8FDD26CBF4426F0B4528FF53E6C15B3 ] C:\WINDOWS\system32\WMVENCOD.dll
20:48:18.0937 4888 C:\WINDOWS\system32\WMVENCOD.dll - ok
20:48:18.0937 4888 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
20:48:18.0937 4888 C:\WINDOWS\system32\vssapi.dll - ok
20:48:18.0937 4888 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
20:48:18.0937 4888 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
20:48:18.0937 4888 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
20:48:18.0937 4888 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
20:48:18.0937 4888 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
20:48:18.0937 4888 C:\WINDOWS\system32\cfgmgr32.dll - ok
20:48:18.0937 4888 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
20:48:18.0937 4888 C:\WINDOWS\system32\wuauserv.dll - ok
20:48:18.0937 4888 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
20:48:18.0937 4888 C:\WINDOWS\system32\wuaueng.dll - ok
20:48:18.0937 4888 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
20:48:18.0937 4888 C:\WINDOWS\system32\mscms.dll - ok
20:48:18.0937 4888 [ 30D9CFDDDE206082A5A3CF71AAB6C9C3 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
20:48:18.0937 4888 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
20:48:18.0937 4888 [ EA08C74D9BE05E53D3C92456413AA656 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
20:48:18.0937 4888 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll - ok
20:48:18.0937 4888 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
20:48:18.0937 4888 C:\WINDOWS\system32\comsvcs.dll - ok
20:48:18.0937 4888 [ D425465BFFE1C1CCE431ACC9EAE847D5 ] C:\Program Files\Common Files\Ahead\DSFilter\NeVideoHD.ax
20:48:18.0937 4888 C:\Program Files\Common Files\Ahead\DSFilter\NeVideoHD.ax - ok
20:48:18.0937 4888 [ DF0A511F38F16016BF658FCA0090CB87 ] C:\WINDOWS\ehome\mcrdsvc.exe
20:48:18.0937 4888 C:\WINDOWS\ehome\mcrdsvc.exe - ok
20:48:18.0937 4888 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
20:48:18.0937 4888 C:\WINDOWS\system32\ssdpapi.dll - ok
20:48:18.0937 4888 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
20:48:18.0937 4888 C:\WINDOWS\system32\cabinet.dll - ok
20:48:18.0937 4888 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
20:48:18.0937 4888 C:\WINDOWS\system32\mspatcha.dll - ok
20:48:18.0937 4888 [ 7778BDFA3F6F6FBA0E75B9594098F737 ] C:\WINDOWS\system32\searchindexer.exe
20:48:18.0937 4888 C:\WINDOWS\system32\searchindexer.exe - ok
20:48:18.0937 4888 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
20:48:18.0937 4888 C:\WINDOWS\system32\actxprxy.dll - ok
20:48:18.0937 4888 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Common Files\Ahead\DSFilter\msvcr71.dll
20:48:18.0937 4888 C:\Program Files\Common Files\Ahead\DSFilter\msvcr71.dll - ok
20:48:18.0937 4888 [ C07D5197410AAB28D0D93F943F59656D ] C:\WINDOWS\system32\6to4svc.dll
20:48:18.0937 4888 C:\WINDOWS\system32\6to4svc.dll - ok
20:48:18.0937 4888 [ 0CBD1906F74BEB539FCEF6493095B933 ] C:\WINDOWS\system32\tquery.dll
20:48:18.0937 4888 C:\WINDOWS\system32\tquery.dll - ok
20:48:18.0937 4888 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
20:48:18.0937 4888 C:\WINDOWS\system32\browser.dll - ok
20:48:18.0937 4888 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Common Files\Ahead\DSFilter\msvcp71.dll
20:48:18.0937 4888 C:\Program Files\Common Files\Ahead\DSFilter\msvcp71.dll - ok
20:48:18.0953 4888 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
20:48:18.0953 4888 C:\WINDOWS\system32\rasmans.dll - ok
20:48:18.0953 4888 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
20:48:18.0953 4888 C:\WINDOWS\system32\colbact.dll - ok
20:48:18.0953 4888 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
20:48:18.0953 4888 C:\WINDOWS\system32\mtxclu.dll - ok
20:48:18.0953 4888 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
20:48:18.0953 4888 C:\WINDOWS\system32\netcfgx.dll - ok
20:48:18.0953 4888 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
20:48:18.0953 4888 C:\WINDOWS\system32\resutils.dll - ok
20:48:18.0953 4888 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
20:48:18.0953 4888 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wbem\esscli.dll - ok
20:48:18.0953 4888 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wbem\fastprox.dll - ok
20:48:18.0953 4888 [ 89D74683C859B7982056D15938BACA3E ] C:\WINDOWS\system32\propsys.dll
20:48:18.0953 4888 C:\WINDOWS\system32\propsys.dll - ok
20:48:18.0953 4888 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
20:48:18.0953 4888 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
20:48:18.0953 4888 C:\WINDOWS\system32\ipnathlp.dll - ok
20:48:18.0953 4888 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wscsvc.dll - ok
20:48:18.0953 4888 [ E65C5F612400B39D7AA83E7057D798C2 ] C:\WINDOWS\system32\mssrch.dll
20:48:18.0953 4888 C:\WINDOWS\system32\mssrch.dll - ok
20:48:18.0953 4888 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
20:48:18.0953 4888 [ 5E84BF363C370E7D257BB8A57DE18492 ] C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll
20:48:18.0953 4888 C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll - ok
20:48:18.0953 4888 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
20:48:18.0953 4888 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
20:48:18.0953 4888 C:\WINDOWS\system32\rastapi.dll - ok
20:48:18.0953 4888 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
20:48:18.0953 4888 C:\WINDOWS\system32\unimdm.tsp - ok
20:48:18.0953 4888 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
20:48:18.0953 4888 C:\WINDOWS\system32\uniplat.dll - ok
20:48:18.0953 4888 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wups.dll - ok
20:48:18.0953 4888 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wups2.dll - ok
20:48:18.0953 4888 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
20:48:18.0953 4888 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
20:48:18.0953 4888 C:\WINDOWS\system32\unimdmat.dll - ok
20:48:18.0953 4888 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
20:48:18.0953 4888 C:\WINDOWS\system32\modemui.dll - ok
20:48:18.0953 4888 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
20:48:18.0953 4888 C:\WINDOWS\system32\kmddsp.tsp - ok
20:48:18.0953 4888 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
20:48:18.0953 4888 C:\WINDOWS\system32\ndptsp.tsp - ok
20:48:18.0953 4888 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
20:48:18.0953 4888 C:\WINDOWS\system32\ipconf.tsp - ok
20:48:18.0953 4888 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
20:48:18.0953 4888 C:\WINDOWS\system32\h323.tsp - ok
20:48:18.0953 4888 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
20:48:18.0953 4888 C:\WINDOWS\system32\hidphone.tsp - ok
20:48:18.0953 4888 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
20:48:18.0953 4888 C:\WINDOWS\system32\wbem\wbemess.dll - ok
20:48:18.0953 4888 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
20:48:18.0953 4888 C:\WINDOWS\system32\rasppp.dll - ok
20:48:18.0968 4888 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
20:48:18.0968 4888 C:\WINDOWS\system32\ntlsapi.dll - ok
20:48:18.0968 4888 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
20:48:18.0968 4888 C:\WINDOWS\system32\rasqec.dll - ok
20:48:18.0968 4888 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
20:48:18.0968 4888 C:\WINDOWS\system32\wuauclt.exe - ok
20:48:18.0968 4888 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
20:48:18.0968 4888 C:\WINDOWS\system32\wuapi.dll - ok
20:48:18.0968 4888 [ 43E4758953F454090CAD65C303796ED5 ] C:\WINDOWS\system32\query.dll
20:48:18.0968 4888 C:\WINDOWS\system32\query.dll - ok
20:48:18.0968 4888 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] C:\WINDOWS\system32\rasauto.dll
20:48:18.0968 4888 C:\WINDOWS\system32\rasauto.dll - ok
20:48:18.0968 4888 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
20:48:18.0968 4888 C:\WINDOWS\system32\wbem\ncprov.dll - ok
20:48:18.0968 4888 [ D6E858F9496F7869D18B559AC5565C08 ] C:\WINDOWS\system32\WMSPDMOE.dll
20:48:18.0968 4888 C:\WINDOWS\system32\WMSPDMOE.dll - ok
20:48:18.0968 4888 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
20:48:18.0968 4888 C:\WINDOWS\system32\icmp.dll - ok
20:48:18.0968 4888 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
20:48:18.0968 4888 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
20:48:18.0968 4888 [ 033F4C2023DDFC096C0877CAAEAB9872 ] C:\WINDOWS\system32\WMADMOE.dll
20:48:18.0968 4888 C:\WINDOWS\system32\WMADMOE.dll - ok
20:48:18.0968 4888 [ 8255FCEEF3566C44E6F2BCFE15EB198F ] C:\WINDOWS\system32\WMADMOD.dll
20:48:18.0968 4888 C:\WINDOWS\system32\WMADMOD.dll - ok
20:48:18.0968 4888 [ D1E18F4AE94FFEC7270BE0A10C0B295E ] C:\WINDOWS\system32\xmllite.dll
20:48:18.0968 4888 C:\WINDOWS\system32\xmllite.dll - ok
20:48:18.0968 4888 [ 3AED76082731F7DA2E6E0F58E525F186 ] C:\WINDOWS\system32\msadds32.ax
20:48:18.0968 4888 C:\WINDOWS\system32\msadds32.ax - ok
20:48:18.0968 4888 [ FFB3115AA757ABEFBA7FBA90BAD5DD0A ] C:\WINDOWS\system32\en-us\tquery.dll.mui
20:48:18.0968 4888 C:\WINDOWS\system32\en-us\tquery.dll.mui - ok
20:48:18.0968 4888 [ FF3BF3DCBB9603ECFE22DEA8D6A02D78 ] C:\WINDOWS\system32\sbeio.dll
20:48:18.0968 4888 C:\WINDOWS\system32\sbeio.dll - ok
20:48:18.0968 4888 [ 8F580BCC5296ECC9DC8A649D75BE6BA5 ] C:\WINDOWS\system32\msscb.dll
20:48:18.0968 4888 C:\WINDOWS\system32\msscb.dll - ok
20:48:18.0968 4888 [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\system32\perfproc.dll
20:48:18.0968 4888 C:\WINDOWS\system32\perfproc.dll - ok
20:48:18.0968 4888 [ 0A9BA6AF531AFE7FA5E4FB973852D863 ] C:\WINDOWS\system32\dllhost.exe
20:48:18.0968 4888 C:\WINDOWS\system32\dllhost.exe - ok
20:48:18.0968 4888 [ 8BEAF2B4BCDE405AF7EC46A9E03B2D65 ] C:\WINDOWS\system32\mssprxy.dll
20:48:18.0968 4888 C:\WINDOWS\system32\mssprxy.dll - ok
20:48:18.0968 4888 [ 17E0CF9C8CBB717D05948656BCD86EFA ] C:\WINDOWS\system32\txflog.dll
20:48:18.0968 4888 C:\WINDOWS\system32\txflog.dll - ok
20:48:18.0968 4888 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
20:48:18.0968 4888 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
20:48:18.0968 4888 [ 61A656A85397B5583CDA6833BFE2B3E0 ] C:\WINDOWS\system32\DrvTrNTl.dll
20:48:18.0968 4888 C:\WINDOWS\system32\DrvTrNTl.dll - ok
20:48:18.0968 4888 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
20:48:18.0968 4888 C:\WINDOWS\system32\alg.exe - ok
20:48:18.0968 4888 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
20:48:18.0968 4888 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
20:48:18.0968 4888 [ 9627EE26C7F3FD023D87DB50C62F5111 ] C:\WINDOWS\ehome\sqldb20.dll
20:48:18.0968 4888 C:\WINDOWS\ehome\sqldb20.dll - ok
20:48:18.0968 4888 [ 160762386084A0BB69F91BB694114D14 ] C:\WINDOWS\ehome\sqlse20.dll
20:48:18.0968 4888 C:\WINDOWS\ehome\sqlse20.dll - ok
20:48:18.0968 4888 [ A3AE51C21160328EA11F734392A0F269 ] C:\WINDOWS\ehome\sqlqp20.dll
20:48:18.0968 4888 C:\WINDOWS\ehome\sqlqp20.dll - ok
20:48:18.0968 4888 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
20:48:18.0968 4888 C:\WINDOWS\system32\wbem\framedyn.dll - ok
20:48:18.0968 4888 [ D1E73B6F78DF0AA59B9F160F7B84377F ] C:\Program Files\Java\jre7\bin\awt.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\awt.dll - ok
20:48:18.0968 4888 [ 36E652727134278104147DB2014BF878 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
20:48:18.0968 4888 [ 6969F61969CBEE95A22AF2242003564D ] C:\Program Files\Java\jre7\bin\dcpr.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
20:48:18.0968 4888 [ D34F8AA27DAB10341BC325D13C25676E ] C:\Program Files\Java\jre7\bin\deploy.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\deploy.dll - ok
20:48:18.0968 4888 [ E9E9143730A7627CEFCCBCF563BC92F5 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
20:48:18.0968 4888 [ 2A4318112B14E4D015C0B6975153859B ] C:\Program Files\Java\jre7\bin\java.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\java.dll - ok
20:48:18.0968 4888 [ AE5F5021FC66A380FD46B17A3E30E8E8 ] C:\Program Files\Java\jre7\bin\javaw.exe
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\javaw.exe - ok
20:48:18.0968 4888 [ DF1F6DD4158FE3A2B1F4A232DC9E2079 ] C:\Program Files\Java\jre7\bin\jp2native.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
20:48:18.0968 4888 [ E76A2F1EB29CFF5E7C0D705A1674A0F7 ] C:\Program Files\Java\jre7\bin\jpeg.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
20:48:18.0968 4888 [ 98FDE200AA094D5AEC67B02B550CEEEF ] C:\Program Files\Java\jre7\bin\net.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\net.dll - ok
20:48:18.0968 4888 [ A817834EA027BDFEE103B2AE70250699 ] C:\Program Files\Java\jre7\bin\nio.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\nio.dll - ok
20:48:18.0968 4888 [ 60A52B2FA76513F590C52DFA59E16C84 ] C:\Program Files\Java\jre7\bin\verify.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\verify.dll - ok
20:48:18.0968 4888 [ C6F079BFD89C22903B22D94D93D45061 ] C:\Program Files\Java\jre7\bin\zip.dll
20:48:18.0968 4888 C:\Program Files\Java\jre7\bin\zip.dll - ok
20:48:18.0968 4888 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
20:48:18.0968 4888 C:\WINDOWS\system32\msxml3.dll - ok
20:48:18.0968 4888 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
20:48:18.0968 4888 C:\WINDOWS\system32\security.dll - ok
20:48:18.0968 4888 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
20:48:18.0968 4888 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
20:48:18.0968 4888 [ C4894B3B448B647BEDC9E916D181BDBE ] C:\WINDOWS\system32\searchprotocolhost.exe
20:48:18.0968 4888 C:\WINDOWS\system32\searchprotocolhost.exe - ok
20:48:18.0968 4888 [ 4774D83BE60B7F47C612E25D6FE0F010 ] C:\WINDOWS\system32\msshooks.dll
20:48:18.0968 4888 C:\WINDOWS\system32\msshooks.dll - ok
20:48:18.0968 4888 [ 6E914EEDD145C5ACCE56F4D5F3D606FC ] C:\WINDOWS\system32\mssph.dll
20:48:18.0968 4888 C:\WINDOWS\system32\mssph.dll - ok
20:48:18.0968 4888 [ A2180B455AE266D66F38634DE018E7CE ] C:\WINDOWS\system32\ieframe.dll
20:48:18.0968 4888 C:\WINDOWS\system32\ieframe.dll - ok
20:48:18.0968 4888 [ E81BBE78A8EF85ACD490B3E64EF63A7C ] C:\WINDOWS\system32\mapi32.dll
20:48:18.0968 4888 C:\WINDOWS\system32\mapi32.dll - ok
20:48:18.0968 4888 [ 08335EDD4D07FEFF9BFAA6DC528BE18A ] C:\WINDOWS\system32\msfeeds.dll
20:48:18.0968 4888 C:\WINDOWS\system32\msfeeds.dll - ok
20:48:18.0984 4888 [ D59A7119054D70FC745A1BF9C06DCC65 ] C:\WINDOWS\system32\oeph.dll
20:48:18.0984 4888 C:\WINDOWS\system32\oeph.dll - ok
20:48:18.0984 4888 [ 79ED352549EB6D5B1A454916C37D2E85 ] C:\WINDOWS\system32\UncPH.dll
20:48:18.0984 4888 C:\WINDOWS\system32\UncPH.dll - ok
20:48:18.0984 4888 [ 87889A983C015080FA813D7E32910D1E ] C:\WINDOWS\system32\searchfilterhost.exe
20:48:18.0984 4888 C:\WINDOWS\system32\searchfilterhost.exe - ok
20:48:18.0984 4888 [ 20FA028CB6506591A99C51432A3C0174 ] C:\WINDOWS\system32\langwrbk.dll
20:48:18.0984 4888 C:\WINDOWS\system32\langwrbk.dll - ok
20:48:18.0984 4888 [ B6932761058DC21BEAA7A1245B1B20E6 ] C:\WINDOWS\system32\infosoft.dll
20:48:18.0984 4888 C:\WINDOWS\system32\infosoft.dll - ok
20:48:18.0984 4888 [ 29B6A85A733ABE65B371023F790B2599 ] C:\WINDOWS\system32\shmedia.dll
20:48:18.0984 4888 C:\WINDOWS\system32\shmedia.dll - ok
20:48:18.0984 4888 [ 382668323400BD3BCFE9FFF249515975 ] C:\WINDOWS\system32\avifil32.dll
20:48:18.0984 4888 C:\WINDOWS\system32\avifil32.dll - ok
20:48:18.0984 4888 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
20:48:18.0984 4888 C:\WINDOWS\system32\cscui.dll - ok
20:48:18.0984 4888 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
20:48:18.0984 4888 C:\WINDOWS\system32\dpcdll.dll - ok
20:48:18.0984 4888 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
20:48:18.0984 4888 C:\WINDOWS\system32\drprov.dll - ok
20:48:18.0984 4888 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
20:48:18.0984 4888 C:\WINDOWS\system32\ntlanman.dll - ok
20:48:18.0984 4888 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
20:48:18.0984 4888 C:\WINDOWS\system32\netui0.dll - ok
20:48:18.0984 4888 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
20:48:18.0984 4888 C:\WINDOWS\system32\netui1.dll - ok
20:48:18.0984 4888 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
20:48:18.0984 4888 C:\WINDOWS\system32\davclnt.dll - ok
20:48:18.0984 4888 [ 69A5ADF546505F4C69EF3046BF798B49 ] C:\WINDOWS\system32\mprui.dll
20:48:18.0984 4888 C:\WINDOWS\system32\mprui.dll - ok
20:48:18.0984 4888 [ 1414E666316CA7D9823DBD2D4ADA5971 ] C:\WINDOWS\system32\netui2.dll
20:48:18.0984 4888 C:\WINDOWS\system32\netui2.dll - ok
20:48:18.0984 4888 [ 335FF3E253F33D774BE397DBC8BDD654 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\npctray.dll
20:48:18.0984 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\npctray.dll - ok
20:48:18.0984 4888 [ DE955485DF0140A80C079C925EA1F961 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\uimain.dll
20:48:18.0984 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\uimain.dll - ok
20:48:18.0984 4888 [ 0607CBC6FA20114CB491EFE4B2F9EFAD ] C:\WINDOWS\system32\d3d9.dll
20:48:18.0984 4888 C:\WINDOWS\system32\d3d9.dll - ok
20:48:18.0984 4888 [ 31B067C412FA1A9BAD3CA2A63D7DA440 ] C:\WINDOWS\system32\d3d8thk.dll
20:48:18.0984 4888 C:\WINDOWS\system32\d3d8thk.dll - ok
20:48:18.0984 4888 [ 102008784225A3DEB2709626B82D43B6 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\symhtml.dll
20:48:18.0984 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\symhtml.dll - ok
20:48:18.0984 4888 [ C916116D04CEEFCEF1B5A046123E431C ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\distrptr.dll
20:48:18.0984 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\distrptr.dll - ok
20:48:18.0984 4888 [ 5F63E2B2A72E1E6448123E0920D31530 ] C:\WINDOWS\system32\windowscodecs.dll
20:48:18.0984 4888 C:\WINDOWS\system32\windowscodecs.dll - ok
20:48:18.0984 4888 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
20:48:18.0984 4888 C:\WINDOWS\system32\userinit.exe - ok
20:48:18.0984 4888 [ B04ABC47319CB3C808A3A5525F2F3F2F ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
20:48:18.0984 4888 C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
20:48:18.0984 4888 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
20:48:18.0984 4888 C:\WINDOWS\explorer.exe - ok
20:48:18.0984 4888 [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll
20:48:18.0984 4888 C:\WINDOWS\system32\wbem\wmiprov.dll - ok
20:48:18.0984 4888 [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
20:48:18.0984 4888 C:\WINDOWS\system32\msvcp100.dll - ok
20:48:18.0984 4888 [ 0EDAACBC028C1B50A57899E64EE60E9B ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
20:48:18.0984 4888 C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
20:48:18.0984 4888 [ 1290853C52D8BD47683FED043D79BC21 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
20:48:18.0984 4888 C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
20:48:18.0984 4888 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
20:48:18.0984 4888 C:\WINDOWS\system32\browseui.dll - ok
20:48:18.0984 4888 [ 0A1D88669C38B3DCD2E8AD9CC3756361 ] C:\WINDOWS\system32\shdocvw.dll
20:48:18.0984 4888 C:\WINDOWS\system32\shdocvw.dll - ok
20:48:18.0984 4888 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
20:48:18.0984 4888 C:\WINDOWS\system32\sensapi.dll - ok
20:48:18.0984 4888 [ 6D74290856347CF8682277A54B433D4B ] C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll
20:48:18.0984 4888 C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll - ok
20:48:18.0984 4888 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\msvcp71.dll
20:48:18.0984 4888 C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\msvcp71.dll - ok
20:48:18.0984 4888 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\msvcr71.dll
20:48:18.0984 4888 C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\msvcr71.dll - ok
20:48:18.0984 4888 [ 594ABBFE371EDCBD67D7269ECCF4196E ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\bushell.dll
20:48:18.0984 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\bushell.dll - ok
20:48:18.0984 4888 [ C88C65DF1ED4DFD34CFBD11CDFE519A3 ] C:\WINDOWS\system32\wucltui.dll
20:48:18.0984 4888 C:\WINDOWS\system32\wucltui.dll - ok
20:48:18.0984 4888 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
20:48:18.0984 4888 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
20:48:18.0984 4888 [ C31DD4CEC06D2908AE5F212A0B13805B ] C:\WINDOWS\system32\wuaucpl.cpl
20:48:18.0984 4888 C:\WINDOWS\system32\wuaucpl.cpl - ok
20:48:18.0984 4888 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
20:48:18.0984 4888 C:\WINDOWS\system32\desk.cpl - ok
20:48:18.0984 4888 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
20:48:18.0984 4888 C:\WINDOWS\system32\themeui.dll - ok
20:48:18.0984 4888 [ BBDFDBEAD1B7A1CFD44BFFFD177FB627 ] C:\WINDOWS\system32\mucltui.dll
20:48:18.0984 4888 C:\WINDOWS\system32\mucltui.dll - ok
20:48:18.0984 4888 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
20:48:18.0984 4888 C:\WINDOWS\system32\cmd.exe - ok
20:48:18.0984 4888 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
20:48:18.0984 4888 C:\WINDOWS\system32\cryptnet.dll - ok
20:48:18.0984 4888 [ 95074AF211C572FC20D5DC1CEB487B7C ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coSvcPlg.dll
20:48:18.0984 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coSvcPlg.dll - ok
20:48:18.0984 4888 [ 48E33D9B6C2E9ED45E3E63ECBCED2941 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccgevt.dll
20:48:18.0984 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccgevt.dll - ok
20:48:18.0984 4888 [ 130EA63F8E1760FDB1A0FF5368610F36 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccglog.dll
20:48:18.0984 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccglog.dll - ok
20:48:18.0984 4888 [ 3E70456EBFE83CA3DD8876F3E4540A14 ] C:\Program Files\FileZilla FTP Client\fzshellext.dll
20:48:18.0984 4888 C:\Program Files\FileZilla FTP Client\fzshellext.dll - ok
20:48:18.0984 4888 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
20:48:18.0984 4888 C:\WINDOWS\system32\mydocs.dll - ok
20:48:19.0000 4888 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
20:48:19.0000 4888 C:\WINDOWS\system32\ntshrui.dll - ok
20:48:19.0000 4888 [ 5B5F77CFC1D2AD465A4639259BD2C937 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccjobmgr.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccjobmgr.dll - ok
20:48:19.0000 4888 [ 5848CACC81F3C081EC43967DD4B51D74 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccsubeng.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccsubeng.dll - ok
20:48:19.0000 4888 [ 2AA004DFB51A92D2DE779B292F3E658D ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coFFPlgn.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coFFPlgn.dll - ok
20:48:19.0000 4888 [ E0C464D663F4D362F619120BBC0F6AAC ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccemlpxy.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccemlpxy.dll - ok
20:48:19.0000 4888 [ 5A79B1723A1128E57239B5A713377E8E ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\iron.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\iron.dll - ok
20:48:19.0000 4888 [ 2146C133412A3E09E60D7D08CDD387DF ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\symredir.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\symredir.dll - ok
20:48:19.0000 4888 [ D0F2ED77E20B1E3E5A0B6EA0C56667D8 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\busvc.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\busvc.dll - ok
20:48:19.0000 4888 [ CB1C8439ED43D461C52928F7F8C13E8D ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\bucomm.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\bucomm.dll - ok
20:48:19.0000 4888 [ 5D0883F60FA3E3E6BADBDF4671EDC037 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\bueng.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\bueng.dll - ok
20:48:19.0000 4888 [ 6A9A804175AC6015F8843838D1FB9970 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\sndsvc.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\sndsvc.dll - ok
20:48:19.0000 4888 [ A10F446963B39EEAB50868944A3D8E99 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\symrdrsv.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\symrdrsv.dll - ok
20:48:19.0000 4888 [ 618C716D47910C575F89F22A17EF303E ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\hncore.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\hncore.dll - ok
20:48:19.0000 4888 [ A2A729F6925252E3DB9ADF3E4FA39A48 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\symneti.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\symneti.dll - ok
20:48:19.0000 4888 [ EFAD4EBB5C0F3359A76E54B4FD5884D9 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\appmgr32.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\appmgr32.dll - ok
20:48:19.0000 4888 [ 421553807EA94BB1DA98FC73643B733A ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ncw.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ncw.dll - ok
20:48:19.0000 4888 [ 4E8374EA870FF75CFCA9759A16F09EDC ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\avmodule.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\avmodule.dll - ok
20:48:19.0000 4888 [ A329EE5A003E92538DF55D72CAF17A80 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\defutdcd.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\defutdcd.dll - ok
20:48:19.0000 4888 [ FFC9128367BA19F175562CAFE23BAF8F ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ducclib.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ducclib.dll - ok
20:48:19.0000 4888 [ EE08B2980F2E472A70E7CB639A8F930E ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\avpsvc32.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\avpsvc32.dll - ok
20:48:19.0000 4888 [ 7735DB4DA857915D4270D0C3B36F083B ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\cltpe.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\cltpe.dll - ok
20:48:19.0000 4888 [ 9A69BFE3B99D31B9B0ACBF72583DE694 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\sqsvc.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\sqsvc.dll - ok
20:48:19.0000 4888 [ 6963189184AE11B9E552FD59E6972F0D ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\avifc.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\avifc.dll - ok
20:48:19.0000 4888 [ 14D289F63D9538306CB560C4CD12172F ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130502.001\IDSxpx86.dll
20:48:19.0000 4888 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130502.001\IDSxpx86.dll - ok
20:48:19.0000 4888 [ 556241BBC3F4B22EAFB5FE301824A0B7 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\codatapr.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\codatapr.dll - ok
20:48:19.0000 4888 [ C76DD749BFD788CE22557EA0CA009332 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coshdobj.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coshdobj.dll - ok
20:48:19.0000 4888 [ 5B2B0479AB99D21306D7D3827AB2C022 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\budatacl.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\budatacl.dll - ok
20:48:19.0000 4888 [ 5C0EDB94D4C363FE711500F3C3234412 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\tudatapr.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\tudatapr.dll - ok
20:48:19.0000 4888 [ AB77DCB4E93BDAEA27AC56B11FE1CEE3 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\buprov.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\buprov.dll - ok
20:48:19.0000 4888 [ 4FC36B1BA8C8642EDD310A93D36008B1 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\gwrks32.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\gwrks32.dll - ok
20:48:19.0000 4888 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] C:\WINDOWS\system32\drivers\N360\1402000.013\srtsp.sys
20:48:19.0000 4888 C:\WINDOWS\system32\drivers\N360\1402000.013\srtsp.sys - ok
20:48:19.0000 4888 [ 00120204D347C4FECE76F18E2A2EE295 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\gearaw32.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\gearaw32.dll - ok
20:48:19.0000 4888 [ 291AF50F1AE4F7BC8F8CCFA7CF65C4D5 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ispwd.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ispwd.dll - ok
20:48:19.0000 4888 [ DACDAFCC3AA61AFC6D3C50BC28EC753C ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\qsplugin.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\qsplugin.dll - ok
20:48:19.0000 4888 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVEX15.SYS
20:48:19.0000 4888 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVEX15.SYS - ok
20:48:19.0000 4888 [ 8F233549D204B3B557613DEF847E60F7 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\cltlms.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\cltlms.dll - ok
20:48:19.0000 4888 [ 7D7A3BC6640C1A0D1442816B30856928 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVENG.SYS
20:48:19.0000 4888 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVENG.SYS - ok
20:48:19.0000 4888 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\temp\C8C82CEF-C429-4776-8177-91DD529BFBA2.exe
20:48:19.0000 4888 C:\DOCUME~1\HP_ADM~1\LOCALS~1\temp\C8C82CEF-C429-4776-8177-91DD529BFBA2.exe - ok
20:48:19.0000 4888 [ C37DA71CC1666F1034C1E53D55825B7F ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\avmail.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\avmail.dll - ok
20:48:19.0000 4888 [ 8B6D1DF2AE9B007387A3CBC31A6D5CB6 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\asengine.dll
20:48:19.0000 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\asengine.dll - ok
20:48:19.0000 4888 [ E8A3670314B3DDFE6DD18C4B501A9476 ] C:\Program Files\Windows Desktop Search\deskbar.dll
20:48:19.0000 4888 C:\Program Files\Windows Desktop Search\deskbar.dll - ok
20:48:19.0000 4888 [ 2A0B76FCC5138AC0321A01766C980387 ] C:\Program Files\Windows Desktop Search\en-US\dbres.dll.mui
20:48:19.0000 4888 C:\Program Files\Windows Desktop Search\en-US\dbres.dll.mui - ok
20:48:19.0015 4888 [ F2ECE68ACF2C051EFFB305708C3AEFA9 ] C:\Program Files\Windows Desktop Search\dbres.dll
20:48:19.0015 4888 C:\Program Files\Windows Desktop Search\dbres.dll - ok
20:48:19.0015 4888 [ B5B27B057B97A947C31B41F0EF3B4D44 ] C:\Program Files\Windows Desktop Search\wordwheel.dll
20:48:19.0015 4888 C:\Program Files\Windows Desktop Search\wordwheel.dll - ok
20:48:19.0015 4888 [ 0E28E671281EBF1F1F8FE093D2BD4A7B ] C:\Program Files\Windows Desktop Search\en-US\MSNLExtRes.dll.mui
20:48:19.0015 4888 C:\Program Files\Windows Desktop Search\en-US\MSNLExtRes.dll.mui - ok
20:48:19.0015 4888 [ 2996FAECA864EE4938AA247B2386A69B ] C:\Program Files\Windows Desktop Search\MSNLExtRes.dll
20:48:19.0015 4888 C:\Program Files\Windows Desktop Search\MSNLExtRes.dll - ok
20:48:19.0015 4888 [ 1FD37C00535502429DD964EC53D66FB8 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\bhsvcplg.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\bhsvcplg.dll - ok
20:48:19.0015 4888 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\66575396.sys
20:48:19.0015 4888 C:\WINDOWS\system32\drivers\66575396.sys - ok
20:48:19.0015 4888 [ 6A30447888A32EC1E789B512F17E2AEB ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\spocclnt.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\spocclnt.dll - ok
20:48:19.0015 4888 [ 7A21E06385E748E9CB0252F1BBC493F1 ] C:\WINDOWS\ehome\ehtray.exe
20:48:19.0015 4888 C:\WINDOWS\ehome\ehtray.exe - ok
20:48:19.0015 4888 [ B596347A26DC054EBB44EB3BC8E95B0A ] C:\WINDOWS\arpwrmsg.exe
20:48:19.0015 4888 C:\WINDOWS\arpwrmsg.exe - ok
20:48:19.0015 4888 [ 3BF2BA1D4AB36149C34CC89B7792A811 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\dscli.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\dscli.dll - ok
20:48:19.0015 4888 [ 03A905FBA1D62317087DB5C21C0F8F62 ] C:\WINDOWS\ehome\ehmsas.exe
20:48:19.0015 4888 C:\WINDOWS\ehome\ehmsas.exe - ok
20:48:19.0015 4888 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
20:48:19.0015 4888 C:\WINDOWS\system32\linkinfo.dll - ok
20:48:19.0015 4888 [ 4F113169A2DE985D043A5530987AD6D0 ] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
20:48:19.0015 4888 C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe - ok
20:48:19.0015 4888 [ 21850AF423E983904CD63D43A560387D ] C:\WINDOWS\armcex.dll
20:48:19.0015 4888 C:\WINDOWS\armcex.dll - ok
20:48:19.0015 4888 [ 8D1805727E8642FF88DE9DAEB088ADEF ] C:\WINDOWS\system32\fpalsu.dll
20:48:19.0015 4888 C:\WINDOWS\system32\fpalsu.dll - ok
20:48:19.0015 4888 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
20:48:19.0015 4888 C:\WINDOWS\system32\webcheck.dll - ok
20:48:19.0015 4888 [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
20:48:19.0015 4888 C:\WINDOWS\system32\advpack.dll - ok
20:48:19.0015 4888 [ CA0D17C1DD55F0832F405FBC4E8B8849 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\datastor.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\datastor.dll - ok
20:48:19.0015 4888 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
20:48:19.0015 4888 C:\WINDOWS\system32\stobject.dll - ok
20:48:19.0015 4888 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
20:48:19.0015 4888 C:\WINDOWS\system32\batmeter.dll - ok
20:48:19.0015 4888 [ 5C4ADB808B54126C1ED2FBA0EAE06C63 ] C:\WINDOWS\system32\upnpui.dll
20:48:19.0015 4888 C:\WINDOWS\system32\upnpui.dll - ok
20:48:19.0015 4888 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
20:48:19.0015 4888 C:\WINDOWS\system32\upnp.dll - ok
20:48:19.0015 4888 [ 1EB1EC4C57B8DDBB9598FC040D4C75B2 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\sqlite.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\sqlite.dll - ok
20:48:19.0015 4888 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
20:48:19.0015 4888 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
20:48:19.0015 4888 [ A03B1E55EDE5FFA21161F88ADF255E70 ] C:\Program Files\DISC\DISCUpdateMgr.exe
20:48:19.0015 4888 C:\Program Files\DISC\DISCUpdateMgr.exe - ok
20:48:19.0015 4888 [ D91EE56D00661C87EE7DEB547093CC9E ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\comm.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\comm.dll - ok
20:48:19.0015 4888 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
20:48:19.0015 4888 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
20:48:19.0015 4888 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
20:48:19.0015 4888 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
20:48:19.0015 4888 [ 6ECF7DF7D31CE2509FEB0411A3ACE8D8 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
20:48:19.0015 4888 C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe - ok
20:48:19.0015 4888 [ 1E3E02A9F1457E8084199CACCFDB0CC2 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHEngine.dll
20:48:19.0015 4888 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHEngine.dll - ok
20:48:19.0015 4888 [ 4D83DC461F8F4370274CF6E9AC9A34F4 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
20:48:19.0015 4888 C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
20:48:19.0015 4888 [ 23511B7C2D462D4D1D0F69707A68B211 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\nahelper.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\nahelper.dll - ok
20:48:19.0015 4888 [ 7446F60479ACD132F142FECDE892D81E ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\proxyclt.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\proxyclt.dll - ok
20:48:19.0015 4888 [ 22870F235504152FE8873986A3D94905 ] C:\Program Files\Common Files\aol\1252510432\ee\aolsoftware.exe
20:48:19.0015 4888 C:\Program Files\Common Files\aol\1252510432\ee\aolsoftware.exe - ok
20:48:19.0015 4888 [ C5D664FCEFE3B7E1541B38529A9E994A ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ipsplug.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ipsplug.dll - ok
20:48:19.0015 4888 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
20:48:19.0015 4888 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
20:48:19.0015 4888 [ 5CCE0787CAFAC66ECE38D5DD0CF705FA ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\fwcore.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\fwcore.dll - ok
20:48:19.0015 4888 [ 7C6B5065E7326E3C91A62800DF3A31FA ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
20:48:19.0015 4888 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe - ok
20:48:19.0015 4888 [ F6334C6F8D02B904C2C4C1E6D879243D ] C:\Program Files\Common Files\aol\1252510432\ee\AOLSvcMgr.dll
20:48:19.0015 4888 C:\Program Files\Common Files\aol\1252510432\ee\AOLSvcMgr.dll - ok
20:48:19.0015 4888 [ C81BE1B951C36E97D3DA90DA745DA5F7 ] C:\hp\KBD\kbd.exe
20:48:19.0015 4888 C:\hp\KBD\kbd.exe - ok
20:48:19.0015 4888 [ D9BFD66AFA50D266FF3789269E043BF4 ] C:\Program Files\Common Files\aol\1252510432\ee\xprt6.dll
20:48:19.0015 4888 C:\Program Files\Common Files\aol\1252510432\ee\xprt6.dll - ok
20:48:19.0015 4888 [ 2BAD84B393AF47006D80BA2F03B18029 ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
20:48:19.0015 4888 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok
20:48:19.0015 4888 [ 2AB78E9B2E37475C4137FF6C58EC4A49 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\fwgenplg.dll
20:48:19.0015 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\fwgenplg.dll - ok
20:48:19.0015 4888 [ F68A3F0D63BE926ED65ED1C8C5B03A3D ] C:\hp\KBD\led.dll
20:48:19.0015 4888 C:\hp\KBD\led.dll - ok
20:48:19.0015 4888 [ F8C008DA6F620E822394781C894A06DB ] C:\hp\KBD\usb.dll
20:48:19.0015 4888 C:\hp\KBD\usb.dll - ok
20:48:19.0015 4888 [ 2AE54F20144B2AF570587A8478D02885 ] C:\hp\KBD\PS2.dll
20:48:19.0015 4888 C:\hp\KBD\PS2.dll - ok
20:48:19.0015 4888 [ DEF3BCFBF5DD73886408754B2CEF8058 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzr3204.dll
20:48:19.0015 4888 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzr3204.dll - ok
20:48:19.0015 4888 [ 205DB5A0DD15DF2657EFD4B64D0CC4A3 ] C:\hp\KBD\msg.dll
20:48:19.0015 4888 C:\hp\KBD\msg.dll - ok
20:48:19.0031 4888 [ D6E82206798F57521805BBB46D79C3A8 ] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
20:48:19.0031 4888 C:\Program Files\Iomega\AutoDisk\ADUserMon.exe - ok
20:48:19.0031 4888 [ 5F1EC8079DCC3ACB3315966A9A7E2391 ] C:\hp\KBD\OSD.DLL
20:48:19.0031 4888 C:\hp\KBD\OSD.DLL - ok
20:48:19.0031 4888 [ 1C5B55CDAAD2ECC2F5CC847EB8580421 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ashelper.dll
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ashelper.dll - ok
20:48:19.0031 4888 [ 18F2D656D28363939DEE16ADE2F7F127 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\bhclient.dll
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\bhclient.dll - ok
20:48:19.0031 4888 [ 7AC23E98BEC7A2E9C9F5754506C50C14 ] C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
20:48:19.0031 4888 C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll - ok
20:48:19.0031 4888 [ 2F420C4DCFFACF50F73CAB6C27DDA901 ] C:\hp\KBD\sct.dll
20:48:19.0031 4888 C:\hp\KBD\sct.dll - ok
20:48:19.0031 4888 [ FB8BFCDF02173E59F8336C3EAECE76E5 ] C:\hp\KBD\Onl.dll
20:48:19.0031 4888 C:\hp\KBD\Onl.dll - ok
20:48:19.0031 4888 [ 308C9DDBD043903534514B097396E017 ] C:\hp\KBD\aol.dll
20:48:19.0031 4888 C:\hp\KBD\aol.dll - ok
20:48:19.0031 4888 [ 8BB8B8D1150C344586C46752953C2DA6 ] C:\Program Files\Iomega\DriveIcons\Imgicon.exe
20:48:19.0031 4888 C:\Program Files\Iomega\DriveIcons\Imgicon.exe - ok
20:48:19.0031 4888 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
20:48:19.0031 4888 C:\WINDOWS\system32\oledlg.dll - ok
20:48:19.0031 4888 [ 996FC333026A68A66078A4AB6C9EA54C ] C:\hp\KBD\url.dll
20:48:19.0031 4888 C:\hp\KBD\url.dll - ok
20:48:19.0031 4888 [ CFFFAAF1140F0F94CB6B824424ACDB55 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\asoehook.dll
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\asoehook.dll - ok
20:48:19.0031 4888 [ 261E5E3602941656A1442B255C936B9E ] C:\hp\KBD\cfg.dll
20:48:19.0031 4888 C:\hp\KBD\cfg.dll - ok
20:48:19.0031 4888 [ 53641905572A3503CB2C3DE25EA6DC56 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\fwsetup.dll
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\fwsetup.dll - ok
20:48:19.0031 4888 [ 60DB5561F7B646FA217E9EA6561E6705 ] C:\hp\KBD\msikbdif.dll
20:48:19.0031 4888 C:\hp\KBD\msikbdif.dll - ok
20:48:19.0031 4888 [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll
20:48:19.0031 4888 C:\WINDOWS\system32\msvcirt.dll - ok
20:48:19.0031 4888 [ 68EBC55F843BD47A2EB30FC95CFD55E5 ] C:\Program Files\Iomega\DriveIcons\deskup.exe
20:48:19.0031 4888 C:\Program Files\Iomega\DriveIcons\deskup.exe - ok
20:48:19.0031 4888 [ C79ECC33D5145224214FD82D3E458945 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
20:48:19.0031 4888 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok
20:48:19.0031 4888 [ 4574B2C00EBE70DACA76262FA641BA4B ] C:\Program Files\Iomega\DriveIcons\Imghook.dll
20:48:19.0031 4888 C:\Program Files\Iomega\DriveIcons\Imghook.dll - ok
20:48:19.0031 4888 [ 8466167F57EA91C4D106F48C4FBA71F4 ] C:\Program Files\Iomega\DriveIcons\SHORTCTS.DLL
20:48:19.0031 4888 C:\Program Files\Iomega\DriveIcons\SHORTCTS.DLL - ok
20:48:19.0031 4888 [ A38B27123C17301503FCAAE56E1AEFFF ] C:\PROGRA~1\Iomega\AutoDisk\AutoLib.dll
20:48:19.0031 4888 C:\PROGRA~1\Iomega\AutoDisk\AutoLib.dll - ok
20:48:19.0031 4888 [ 153241DF0B44D47DB2AA2EE755EA62C9 ] C:\PROGRA~1\Iomega\AutoDisk\shfolder.dll
20:48:19.0031 4888 C:\PROGRA~1\Iomega\AutoDisk\shfolder.dll - ok
20:48:19.0031 4888 [ 2AE5462168C8C4F792883A2F0BBBD2FA ] C:\Program Files\Iomega\AutoDisk\ADRes.dll
20:48:19.0031 4888 C:\Program Files\Iomega\AutoDisk\ADRes.dll - ok
20:48:19.0031 4888 [ 701D3F59B3E35C46BBC5EFB65D656C29 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_7a4dcdbc\System.Windows.Forms.dll
20:48:19.0031 4888 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_7a4dcdbc\System.Windows.Forms.dll - ok
20:48:19.0031 4888 [ 1910121659436768388ECCAB85AF4071 ] C:\WINDOWS\system32\ioReady.dll
20:48:19.0031 4888 C:\WINDOWS\system32\ioReady.dll - ok
20:48:19.0031 4888 [ 963E668A6185A40FD0293B821B39CEF1 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\avpapp32.dll
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\avpapp32.dll - ok
20:48:19.0031 4888 [ 1511E3FF120FDC870CBEF0E71F2C63FA ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\buuiplg.dll
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\buuiplg.dll - ok
20:48:19.0031 4888 [ 134C8ACCDDFE7A9CC1F74ED80E09CF98 ] C:\Program Files\Iomega\Common\IoATLDrv.dll
20:48:19.0031 4888 C:\Program Files\Iomega\Common\IoATLDrv.dll - ok
20:48:19.0031 4888 [ 1910121659436768388ECCAB85AF4071 ] C:\Program Files\Iomega\Common\ioReady.dll
20:48:19.0031 4888 C:\Program Files\Iomega\Common\ioReady.dll - ok
20:48:19.0031 4888 [ DC3078BA1B58562416C843582A42284C ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
20:48:19.0031 4888 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
20:48:19.0031 4888 [ E139610FCEE825F15626C79A2AFE9FF1 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\fwhelper.dll
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\fwhelper.dll - ok
20:48:19.0031 4888 [ 165AE7A443F2139DD2C078AD87699F91 ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
20:48:19.0031 4888 C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
20:48:19.0031 4888 [ ADD7A08E7016694FE1C73DD7498DEAD6 ] C:\WINDOWS\system32\aspnet_counters.dll
20:48:19.0031 4888 C:\WINDOWS\system32\aspnet_counters.dll - ok
20:48:19.0031 4888 [ 1B07A175D99D789F340D0C270F8AC1EB ] C:\WINDOWS\system32\IomIcons.dll
20:48:19.0031 4888 C:\WINDOWS\system32\IomIcons.dll - ok
20:48:19.0031 4888 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
20:48:19.0031 4888 C:\WINDOWS\system32\rasdlg.dll - ok
20:48:19.0031 4888 [ F4E9693F449600A30088A0B16079F3CD ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
20:48:19.0031 4888 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll - ok
20:48:19.0031 4888 [ C8C7DE6765F98F0F5341692991F4E75E ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\cltaldis.dll
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\cltaldis.dll - ok
20:48:19.0031 4888 [ F1430F5D20F4BB71A003209C3DB3ADDF ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
20:48:19.0031 4888 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - ok
20:48:19.0031 4888 [ 6CF16A22EE332110D0826E6819D42E38 ] C:\Program Files\Norton Security Suite\MUI\20.2.0.19\09\01\cltres.loc
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\MUI\20.2.0.19\09\01\cltres.loc - ok
20:48:19.0031 4888 [ CFF6A4C1B4DD2707CD578819B91B52A6 ] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
20:48:19.0031 4888 C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe - ok
20:48:19.0031 4888 [ E772C48238BA6D163FB8C7AE6A972E1E ] C:\Program Files\DISC\DiscObjsLib.dll
20:48:19.0031 4888 C:\Program Files\DISC\DiscObjsLib.dll - ok
20:48:19.0031 4888 [ 8D79650FE1AF415D02DE87CBA6690928 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\fwsesal.dll
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\fwsesal.dll - ok
20:48:19.0031 4888 [ 90A9B542C9300E540864D9FE1C42A130 ] C:\WINDOWS\system32\fxsst.dll
20:48:19.0031 4888 C:\WINDOWS\system32\fxsst.dll - ok
20:48:19.0031 4888 [ F1AA467825079B05D590D475432B4066 ] C:\WINDOWS\system32\msscntrs.dll
20:48:19.0031 4888 C:\WINDOWS\system32\msscntrs.dll - ok
20:48:19.0031 4888 [ 5F53F85E6FC0F6F242B34931777938EC ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccscanw.dll
20:48:19.0031 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccscanw.dll - ok
20:48:19.0031 4888 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\msvcp71.dll
20:48:19.0031 4888 C:\WINDOWS\system32\msvcp71.dll - ok
20:48:19.0031 4888 [ 6A3C3FF4437675DA77EAAB64FC235F58 ] C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL
20:48:19.0031 4888 C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL - ok
20:48:19.0031 4888 [ DF695E9850F66CCCC70659975184DF2A ] C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
20:48:19.0031 4888 C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
20:48:19.0046 4888 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\msvcr71.dll
20:48:19.0046 4888 C:\WINDOWS\system32\msvcr71.dll - ok
20:48:19.0046 4888 [ EC586B7470D8A5B9F8A36B0D2B44F690 ] C:\Program Files\Iomega\DriveIcons\IomUpdateIcons.exe
20:48:19.0046 4888 C:\Program Files\Iomega\DriveIcons\IomUpdateIcons.exe - ok
20:48:19.0046 4888 [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
20:48:19.0046 4888 C:\WINDOWS\system32\fxsapi.dll - ok
20:48:19.0046 4888 [ 8F883BA2208AEFA2D4424734D86E6FD1 ] C:\Program Files\Common Files\Seagate\Common\resource.dll
20:48:19.0046 4888 C:\Program Files\Common Files\Seagate\Common\resource.dll - ok
20:48:19.0046 4888 [ 7EB8D9157EFBBBAF1F0EEC2C01980B53 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coactmgr.dll
20:48:19.0046 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coactmgr.dll - ok
20:48:19.0046 4888 [ D3D8B0C00CFCE5D293953A1516576940 ] C:\Program Files\Common Files\Seagate\Common\gc.dll
20:48:19.0046 4888 C:\Program Files\Common Files\Seagate\Common\gc.dll - ok
20:48:19.0046 4888 [ F890C197ADF21D08DBA4643C9AA54B9F ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ecmldr32.dll
20:48:19.0046 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ecmldr32.dll - ok
20:48:19.0046 4888 [ 45D5610E63EA3EAFCE94B12EC3F3EF7E ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\wincfi39.dll
20:48:19.0046 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\wincfi39.dll - ok
20:48:19.0046 4888 [ 77E9CE0672E3D3D0399D9DE2C657DA2D ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL
20:48:19.0046 4888 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL - ok
20:48:19.0046 4888 [ 481B1AD6127A6D79910B331EE8667418 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_861bb736\System.Drawing.dll
20:48:19.0046 4888 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_861bb736\System.Drawing.dll - ok
20:48:19.0046 4888 [ A64D397FA2CA9A9EFD39E204A3070603 ] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
20:48:19.0046 4888 C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe - ok
20:48:19.0046 4888 [ B9147DA6EBA75637551BF997B24D6FE7 ] C:\Program Files\Common Files\Seagate\Common\rpc_client.dll
20:48:19.0046 4888 C:\Program Files\Common Files\Seagate\Common\rpc_client.dll - ok
20:48:19.0046 4888 [ 623A33C9C13AECED1ECF233068978687 ] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
20:48:19.0046 4888 C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe - ok
20:48:19.0046 4888 [ D66D82989DCF0D0C269DC21E413E2208 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\ECMSVR32.DLL
20:48:19.0046 4888 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\ECMSVR32.DLL - ok
20:48:19.0046 4888 [ 483302397A9A1334FB9D44DD16638898 ] C:\Program Files\Common Files\aol\1252510432\ee\services\os\ver5_2_1_1\os.dll
20:48:19.0046 4888 C:\Program Files\Common Files\aol\1252510432\ee\services\os\ver5_2_1_1\os.dll - ok
20:48:19.0046 4888 [ 96BCEF192A0A3E61494CF2B75E63E1C8 ] C:\Program Files\Seagate\DiscWizard\fox.dll
20:48:19.0046 4888 C:\Program Files\Seagate\DiscWizard\fox.dll - ok
20:48:19.0046 4888 [ 1087649B78D941BFF585E079D8B4D39A ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\sdkcmn.dll
20:48:19.0046 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\sdkcmn.dll - ok
20:48:19.0046 4888 [ C93AB037A8C792D5F8A1A9FC88A7C7C5 ] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
20:48:19.0046 4888 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe - ok
20:48:19.0046 4888 [ BF9D64E0ECD591BC1B38BD335156B66F ] C:\Program Files\Common Files\aol\1252510432\ee\xprt5.dll
20:48:19.0046 4888 C:\Program Files\Common Files\aol\1252510432\ee\xprt5.dll - ok
20:48:19.0046 4888 [ B4459D13473D07FCB43365C02732DE16 ] C:\WINDOWS\system32\pschdprf.dll
20:48:19.0046 4888 C:\WINDOWS\system32\pschdprf.dll - ok
20:48:19.0046 4888 [ 956019F9950947A06389BAA6BE8438CA ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVEX32A.DLL
20:48:19.0046 4888 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVEX32A.DLL - ok
20:48:19.0046 4888 [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINDOWS\system32\traffic.dll
20:48:19.0046 4888 C:\WINDOWS\system32\traffic.dll - ok
20:48:19.0046 4888 [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\system32\rsvpperf.dll
20:48:19.0046 4888 C:\WINDOWS\system32\rsvpperf.dll - ok
20:48:19.0046 4888 [ 0AEE5668EB59912F32FF245BFA72465F ] C:\Program Files\QuickTime\QTTask.exe
20:48:19.0046 4888 C:\Program Files\QuickTime\QTTask.exe - ok
20:48:19.0046 4888 [ 1337EF044854F38B9DFD085E56EBC3A2 ] C:\Program Files\Common Files\aol\1252510432\ee\services\os\ver5_2_1_1\AOLIdleMon.dll
20:48:19.0046 4888 C:\Program Files\Common Files\aol\1252510432\ee\services\os\ver5_2_1_1\AOLIdleMon.dll - ok
20:48:19.0046 4888 [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\system32\tapiperf.dll
20:48:19.0046 4888 C:\WINDOWS\system32\tapiperf.dll - ok
20:48:19.0046 4888 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
20:48:19.0046 4888 C:\WINDOWS\system32\hhctrl.ocx - ok
20:48:19.0046 4888 [ 272DDA68347F2A265F4B9A12FDBF01DF ] C:\Program Files\Common Files\aol\1252510432\ee\services\notification\ver6_4_1_1\Notify.dll
20:48:19.0046 4888 C:\Program Files\Common Files\aol\1252510432\ee\services\notification\ver6_4_1_1\Notify.dll - ok
20:48:19.0046 4888 [ 18C8A54EC323F530FFB82CFC514FA4E6 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\uialert.dll
20:48:19.0046 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\uialert.dll - ok
20:48:19.0046 4888 [ 255AF34C14E3F5CE45CC515EFB65FC41 ] C:\Program Files\Common Files\aol\1252510432\ee\services\localStorage\ver7_3_3_1\clsSvc.dll
20:48:19.0046 4888 C:\Program Files\Common Files\aol\1252510432\ee\services\localStorage\ver7_3_3_1\clsSvc.dll - ok
20:48:19.0046 4888 [ 876AFFC7ED37A39109E85E32947ABBF7 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVENG32.DLL
20:48:19.0046 4888 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130503.004\NAVENG32.DLL - ok
20:48:19.0046 4888 [ 068F1A5F1B2368C1EC441CE87EB28832 ] C:\Program Files\Comcast\pcTrayApp.exe
20:48:19.0046 4888 C:\Program Files\Comcast\pcTrayApp.exe - ok
20:48:19.0046 4888 [ 7B59D1D1F458B322A722E95554BB591E ] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
20:48:19.0046 4888 C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE - ok
20:48:19.0046 4888 [ C1DDF24C40BA13D1015890431A9D7B5F ] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
20:48:19.0046 4888 C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe - ok
20:48:19.0046 4888 [ 2B971747903AB2F55F1708D0EE3C4195 ] C:\Program Files\Common Files\Seagate\Common\icu34.dll
20:48:19.0046 4888 C:\Program Files\Common Files\Seagate\Common\icu34.dll - ok
20:48:19.0046 4888 [ 6705D86C9BCF2D3EABBFE64B7C1A9CC6 ] C:\Program Files\Canon\Solution Menu EX\CCL.DLL
20:48:19.0046 4888 C:\Program Files\Canon\Solution Menu EX\CCL.DLL - ok
20:48:19.0046 4888 [ C2307DA9F94E1CB73295F08E2EEFAB76 ] C:\Program Files\Common Files\Motive\pcContextX.dll
20:48:19.0046 4888 C:\Program Files\Common Files\Motive\pcContextX.dll - ok
20:48:19.0046 4888 [ 8A473A9DB2B1EEA71F01E743245B4468 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\userctxt.dll
20:48:19.0046 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\userctxt.dll - ok
20:48:19.0046 4888 [ 85F3FB3089300F7CD1DD68C14C0A1036 ] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNSS_ENU.dll
20:48:19.0046 4888 C:\Program Files\Canon\IJ Network Scanner Selector EX\CNSS_ENU.dll - ok
20:48:19.0046 4888 [ 0ED5D2B6263E1E2539F03A7836199269 ] C:\Program Files\Common Files\Seagate\Common\icudt34.dll
20:48:19.0046 4888 C:\Program Files\Common Files\Seagate\Common\icudt34.dll - ok
20:48:19.0046 4888 [ 7204F76E069854A2785796A0911AFB27 ] C:\Program Files\Common Files\aol\1252510432\ee\services\metrics\ver3_6_16_1\cmls.dll
20:48:19.0046 4888 C:\Program Files\Common Files\aol\1252510432\ee\services\metrics\ver3_6_16_1\cmls.dll - ok
20:48:19.0046 4888 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:48:19.0046 4888 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
20:48:19.0046 4888 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
20:48:19.0046 4888 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll - ok
20:48:19.0046 4888 [ C8E17690581C1DC393A5A24F69D0C1BD ] C:\Program Files\Common Files\Motive\pcContextDetectorWin32_DSR.dll
20:48:19.0046 4888 C:\Program Files\Common Files\Motive\pcContextDetectorWin32_DSR.dll - ok
20:48:19.0046 4888 [ 2DB9A35DBE4DA58D4077655EDDD10A0D ] C:\Program Files\Common Files\aol\1252510432\ee\services\miniXML\ver1_6_1_2\XMLMini.dll
20:48:19.0046 4888 C:\Program Files\Common Files\aol\1252510432\ee\services\miniXML\ver1_6_1_2\XMLMini.dll - ok
20:48:19.0046 4888 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
20:48:19.0046 4888 C:\WINDOWS\system32\imapi.exe - ok
20:48:19.0046 4888 [ 7F2691FD961C9A704DA221745CCE6295 ] C:\Program Files\Real\RealPlayer\Update\realsched.exe
20:48:19.0046 4888 C:\Program Files\Real\RealPlayer\Update\realsched.exe - ok
20:48:19.0046 4888 [ B038DA4595173BC6DA35810DE62F3AB6 ] C:\Program Files\Norton Security Suite\Engine\20.2.0.19\imcfg.dll
20:48:19.0046 4888 C:\Program Files\Norton Security Suite\Engine\20.2.0.19\imcfg.dll - ok
20:48:19.0046 4888 [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
20:48:19.0046 4888 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
20:48:19.0062 4888 [ 21FFD43EFDED7D772F7D719E366CF79A ] C:\Program Files\SecCopy\SecCopy.exe
20:48:19.0062 4888 C:\Program Files\SecCopy\SecCopy.exe - ok
20:48:19.0062 4888 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
20:48:19.0062 4888 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
20:48:19.0062 4888 [ B1F6F05AB4E8A9467F731810693F03DF ] C:\Program Files\Canon\Solution Menu EX\CNSEMLNG.DLL
20:48:19.0062 4888 C:\Program Files\Canon\Solution Menu EX\CNSEMLNG.DLL - ok
20:48:19.0062 4888 [ 6B5070F063CE5536A6C883B671E05884 ] C:\WINDOWS\twain_32.dll
20:48:19.0062 4888 C:\WINDOWS\twain_32.dll - ok
20:48:19.0062 4888 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
20:48:19.0062 4888 C:\WINDOWS\system32\ctfmon.exe - ok
20:48:19.0062 4888 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
20:48:19.0062 4888 C:\WINDOWS\system32\msisip.dll - ok
20:48:19.0062 4888 [ AFF1C482BE6C8FF9D63CB74564E0209D ] C:\Program Files\Common Files\Motive\pcContextHook_DSR.dll
20:48:19.0062 4888 C:\Program Files\Common Files\Motive\pcContextHook_DSR.dll - ok
20:48:19.0062 4888 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
20:48:19.0062 4888 C:\WINDOWS\system32\msctf.dll - ok
20:48:19.0062 4888 [ 84AA73DAEAA9F60413B74617CE381638 ] C:\Program Files\Common Files\Motive\pcContextDetectorEmail_DSR.dll
20:48:19.0062 4888 C:\Program Files\Common Files\Motive\pcContextDetectorEmail_DSR.dll - ok
20:48:19.0062 4888 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
20:48:19.0062 4888 C:\WINDOWS\system32\wshext.dll - ok
20:48:19.0062 4888 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
20:48:19.0062 4888 C:\WINDOWS\system32\msutb.dll - ok
20:48:19.0062 4888 [ 40FA2F035ED88108850757CA51DAD942 ] C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL
20:48:19.0062 4888 C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL - ok
20:48:19.0062 4888 [ 0DFA4D5E8205614EDA53394E637812E4 ] C:\WINDOWS\system32\vdmdbg.dll
20:48:19.0062 4888 C:\WINDOWS\system32\vdmdbg.dll - ok
20:48:19.0062 4888 [ F36BC7FB3A87DE9138AAECC40F7BC116 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
20:48:19.0062 4888 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
20:48:19.0062 4888 ============================================================
20:48:19.0062 4888 Scan finished
20:48:19.0062 4888 ============================================================
20:48:19.0062 4880 Detected object count: 0
20:48:19.0062 4880 Actual detected object count: 0
21:02:05.0921 1384 Deinitialize success
  • 0

#9
gringo_pr
Posted 03 May 2013 - 07:44 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
how are things now?


gringo
  • 0

#10
Vorkus
Posted 04 May 2013 - 06:30 PM

Vorkus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Internet explorer works better now. FIREFOX still crashes at startup saying visual basic runtime C++ error. And one of the malware remover tools you suggested gives C++ error too and wont run. I reinstalled chrome but it still gives the allsearch redirect proxy. (http://proxy.allsear...com/app/start/} I was informed by the producers of spyhunter that this error cannot be removed from chrome totally automatically. You have to unisnstall it THEN REMOVE CERTAIN FILES MANUALLY. THey sent a list. I am going to remove those files then I will let you know. However I would appreciate any help on the runtime C++ failure.
  • 0

Advertisements

#11
gringo_pr
Posted 04 May 2013 - 07:05 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


reinstall this and see if it fixes the runtime error


http://support.microsoft.com/kb/290887


grinmgo
  • 0

#12
Vorkus
Posted 04 May 2013 - 07:24 PM

Vorkus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
HEY THAT runtime reinstall worked great for making firefox open. Now, when the firefox loads, it immediately displays a message saying THAT WEBSITE IS NOT VALID and it doesnt connect to a site. That means something is trying to tell it to go to some site. It must be some kind of redirect. The address bar does not have an address in it. It just says TYPE IN A WEB ADDRESS.


Also I became frustratied when i followed the spyhunter directions telling me to manually remove files. The files they named did not exsist. so I just did a search on my computer for ANY file that said CHROME and deleted them all. Then I deleted the whole google file from the progs folder then I cleaned the registry. I reinstaalled chrome and guess what. The sucker is BACK, it tstill has allsearch as he proxy in the address bar. I cant believe it.
  • 0

#13
gringo_pr
Posted 04 May 2013 - 07:40 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Vorkus

I want you to reset firefox back to defaults, this will remove everything from Firefox

I will let you keep your bookmarks so to do that you can go here - Export BookMarks

Now to reset firefox do the following.

  • At the top of the Firefox window, click the "Firefox" button,
  • go over to the "Help" sub-menu
    • (on Windows XP, click the Help menu at the top of the Firefox window) and select "Troubleshooting Information".
  • Click the "Reset Firefox" button in the upper-right corner of the Troubleshooting Information page.
  • click "Reset Firefox" in the confirmation window that opens.
  • Firefox will close and be reset. When it's done. Click "Finish" and Firefox will open.

restart the computer and check firefox for me now

Gringo
  • 0

#14
Vorkus
Posted 04 May 2013 - 09:05 PM

Vorkus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
OK this is getting crazy now. When I went to reopen firefox the second time, tha allsearch com appeared again in the address bar and the program crashed and woudlnt respond. It is importing the allsearch thing from chrome i think. So I reloaded the visual runtime again and it still crashed. Then, I totally removed both firefox and chrome, then searched for chrome files again and deleted them manually. I reloaded firefox but not chrome. I tried to open firefox and it wont even load, it just gives a microsoft error message now!!!
  • 0

#15
gringo_pr
Posted 04 May 2013 - 09:21 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Vorkus

I would like you to rerun OTL for me and send me the fresh scan for me.

Run New OTL Scan


  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP