Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

UKASH Virus [Solved]


  • This topic is locked This topic is locked

#1
Steviep

Steviep

    Member

  • Member
  • PipPipPip
  • 311 posts
Hi my laptop seems to have picked up the Ukash virus, I noticed other posts with the same problem and I've run Frst and have attached the log, thanks in advance

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-05-2013
Ran by SYSTEM on 07-05-2013 16:56:54
Running from H:\
Windows 7 Home Premium (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [7711264 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-14] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe [2077536 2012-01-26] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 [x]
HKLM\...\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction [x]
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM\...\Run: [] [x]
HKLM\...\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" [1573576 2012-10-29] (Ask)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-24] (Apple Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$23ceaf3e03eb15df900fdffb4f8e63b1\n. ATTENTION! ====> ZeroAccess
HKU\Ants\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [ 2012-03-08] (Microsoft Corporation)
HKU\Ants\...\Run: [lime pro] "C:\Program Files\Lime PRO\LimePro.exe" -h [x]
HKU\Ants\...\Run: [Facebook Update] "C:\Users\Ants\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [ 2012-07-11] (Facebook Inc.)
HKU\Ants\...\Winlogon: [Shell] C:\Users\Ants\AppData\Roaming\i.ini,explorer.exe <==== ATTENTION
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

========================== Services (Whitelisted) =================

S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
S2 avg9wd; C:\Program Files\AVG\AVG9\avgwdsvc.exe [308136 2010-06-22] (AVG Technologies CZ, s.r.o.)
S2 avgfws9; C:\Program Files\AVG\AVG9\avgfws9.exe [2331544 2010-11-24] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [5897808 2010-06-22] (AVG Technologies CZ, s.r.o.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 NIS; C:\Program Files\Norton Internet Security\Engine\19.1.0.28\diMaster.dll [303544 2011-08-11] (Symantec Corporation)
S2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
S2 WajamUpdater; C:\Program Files\Wajam\Updater\WajamUpdater.exe [109064 2012-10-05] (Wajam)

==================== Drivers (Whitelisted) ====================

S1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [24856 2010-03-30] (AVG Technologies CZ, s.r.o.)
S3 AVGIDSDriverw7x; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys [122448 2010-06-22] (AVG Technologies CZ, s.r.o. )
S0 AVGIDSErHrw7x; C:\Windows\System32\Drivers\AVGIDSwx.sys [25168 2010-06-22] (AVG Technologies CZ, s.r.o. )
S3 AVGIDSFilterw7x; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys [30288 2010-06-22] (AVG Technologies CZ, s.r.o. )
S3 AVGIDSShimw7x; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys [20560 2010-06-22] (AVG Technologies CZ, s.r.o. )
S1 AvgLdx86; C:\Windows\System32\Drivers\avgldx86.sys [216400 2010-06-22] (AVG Technologies CZ, s.r.o.)
S1 AvgMfx86; C:\Windows\System32\Drivers\avgmfx86.sys [29712 2011-09-12] (AVG Technologies CZ, s.r.o.)
S0 AvgRkx86; C:\Windows\System32\Drivers\avgrkx86.sys [52872 2010-03-30] (AVG Technologies CZ, s.r.o.)
S1 AvgTdiX; C:\Windows\System32\Drivers\avgtdix.sys [243152 2011-05-05] (AVG Technologies CZ, s.r.o.)
S1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHDrvx86.sys [995488 2012-08-10] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1301000.01C\ccSetx86.sys [132744 2011-08-08] (Symantec Corporation)
S1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-08-15] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2012-08-15] (Symantec Corporation)
S1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120822.001\IDSvix86.sys [386208 2012-08-21] (Symantec Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [21104 2012-12-14] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120822.034\NAVENG.SYS [92704 2012-08-21] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120822.034\NAVEX15.SYS [1601184 2012-08-21] (Symantec Corporation)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2010-12-02] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2010-12-02] (Nokia)
S1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-27] (SAMSUNG ELECTRONICS)
S3 SRTSP; C:\Windows\system32\drivers\NIS\1301000.01C\SRTSP.SYS [566904 2011-08-02] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NIS\1301000.01C\SRTSPX.SYS [31864 2011-08-02] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NIS\1301000.01C\SYMDS.SYS [340088 2011-07-25] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NIS\1301000.01C\SYMEFA.SYS [897656 2011-07-28] (Symantec Corporation)
S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT.SYS [127096 2012-07-23] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NIS\1301000.01C\Ironx86.SYS [149624 2011-07-25] (Symantec Corporation)
S1 SymNetS; C:\Windows\system32\drivers\NIS\1301000.01C\SYMNETS.SYS [314488 2011-07-25] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-07 16:56 - 2013-05-07 16:56 - 00000000 ____D C:\FRST
2013-05-07 07:23 - 2013-05-07 07:23 - 00000000 ____D C:\Users\Ants\AppData\Local\{84637207-12FE-4DFB-883B-0742C92A5756}
2013-05-02 10:55 - 2013-05-02 10:55 - 00000000 ____D C:\ProgramData\usij
2013-05-02 10:53 - 2013-05-02 10:53 - 00185336 ____A (Hilgraeve, Inc.) C:\Users\Ants\Desktop\fdia.tmp
2013-05-02 09:44 - 2013-05-02 09:44 - 00000000 ____D C:\Users\Ants\AppData\Local\{B9FE0390-E383-491E-84C3-F6B5EA4F461E}
2013-04-30 07:40 - 2013-04-30 07:40 - 00000000 ____D C:\Users\Ants\AppData\Local\{ED17CB2B-858F-4CAB-9A8F-365270891108}
2013-04-29 10:18 - 2013-04-29 10:19 - 00000000 ____D C:\Users\Ants\AppData\Local\{AA47AB50-8EF7-4D8F-B41D-87553D87FE32}
2013-04-27 03:45 - 2013-04-27 03:45 - 00000000 ____D C:\Users\Ants\AppData\Local\{A5D6C57A-67E1-4FF3-9CD3-39EEF9FBCFD8}
2013-04-26 12:45 - 2013-04-26 12:45 - 00000000 ____D C:\Users\Ants\AppData\Local\{7C49B9B0-D5C7-46F8-8614-D824C03BB068}
2013-04-25 06:44 - 2013-04-25 06:44 - 00000000 ____D C:\Users\Ants\AppData\Local\{30B59BCB-5F5F-4DC3-9D18-B6BD72C70356}
2013-04-24 06:27 - 2013-04-24 06:28 - 00000000 ____D C:\Users\Ants\AppData\Local\{E56404B4-9053-49BB-982F-D67380DA42B4}
2013-04-23 09:37 - 2013-04-12 05:45 - 01211752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-23 09:30 - 2013-04-23 09:30 - 00000000 ____D C:\Users\Ants\AppData\Local\{4D7F5676-6D7D-425F-82BB-4582AF90296A}
2013-04-22 02:28 - 2013-04-22 02:29 - 00000000 ____D C:\Users\Ants\AppData\Local\{64679DE0-EF34-47B3-9D13-6C27884594D8}
2013-04-20 11:17 - 2013-04-20 11:17 - 00000000 ____D C:\Users\Ants\AppData\Local\{BC2ABBC5-2562-4F2F-A5D7-5F243787CA9E}
2013-04-19 23:16 - 2013-04-19 23:17 - 00000000 ____D C:\Users\Ants\AppData\Local\{87E48C0A-4A40-408B-A10C-D54183448949}
2013-04-19 22:42 - 2013-04-19 22:42 - 00000000 ____D C:\Users\Ants\AppData\Local\{A508021D-7691-431A-A1D0-5EBB320F09AB}
2013-04-19 14:58 - 2013-04-19 14:58 - 00000000 ____D C:\Users\Ants\AppData\Local\{61A8F3A4-FFAD-4303-AAA6-9CF2E0B3945A}
2013-04-18 06:11 - 2013-04-18 06:11 - 00000000 ____D C:\Users\Ants\AppData\Local\{D1A9E8FD-98D3-4B70-AC42-C34F7B46A2C8}
2013-04-17 06:18 - 2013-04-17 06:18 - 00000000 ____D C:\Users\Ants\AppData\Local\{E23472E9-E4B1-4CCB-BEF7-39103B50C63A}
2013-04-16 07:16 - 2013-04-16 07:16 - 00000000 ____D C:\Users\Ants\AppData\Local\{AF671264-F52E-4175-B415-FF328FF6E99A}
2013-04-15 12:04 - 2013-04-15 12:04 - 00000000 ____D C:\Users\Ants\AppData\Local\{2BFAA136-56F6-452A-9C18-D845FE42700B}
2013-04-15 00:03 - 2013-04-15 00:04 - 00000000 ____D C:\Users\Ants\AppData\Local\{DF3244A7-F54E-4472-9725-806797D77CA7}
2013-04-14 12:03 - 2013-04-14 12:03 - 00000000 ____D C:\Users\Ants\AppData\Local\{424D716D-2655-49E3-9B96-C3FDB0604964}
2013-04-13 17:18 - 2013-04-13 17:18 - 00000000 ____D C:\Users\Ants\AppData\Local\{AAA9DA7B-08A4-44C8-B0BB-00A9AF52BBF7}
2013-04-13 14:56 - 2013-04-13 14:56 - 00000000 ____D C:\Users\Ants\AppData\Local\{B726B0F6-CBDC-4055-AE6E-F35A2226F0FF}
2013-04-12 05:15 - 2013-04-12 05:15 - 00000000 ____D C:\Users\Ants\AppData\Local\{E28F7DE0-0716-4716-8119-DDDAE2DEAAC8}
2013-04-11 17:10 - 2013-04-11 17:11 - 00000000 ____D C:\Users\Ants\AppData\Local\{8186FF53-6F8F-45EB-9E64-417F226D5DA5}
2013-04-11 05:10 - 2013-04-11 05:10 - 00000000 ____D C:\Users\Ants\AppData\Local\{8FDCA9C2-6014-4904-B3EA-FA74C8DCEED5}
2013-04-10 18:02 - 2013-02-21 02:30 - 01766912 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-04-10 18:02 - 2013-02-21 02:30 - 01129984 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-04-10 18:02 - 2013-02-21 02:30 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-04-10 18:02 - 2013-02-21 02:29 - 14323200 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-04-10 18:02 - 2013-02-21 02:29 - 13761024 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-04-10 18:02 - 2013-02-21 02:29 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-04-10 18:02 - 2013-02-21 02:29 - 02046464 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-04-10 18:02 - 2013-02-21 02:29 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-04-10 18:02 - 2013-02-21 02:29 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-04-10 18:02 - 2013-02-21 02:29 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-04-10 18:02 - 2013-02-21 02:29 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-04-10 18:02 - 2013-02-21 02:29 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-04-10 18:02 - 2013-02-21 02:29 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-04-10 18:02 - 2013-02-21 02:29 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-04-10 18:02 - 2013-02-19 04:01 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-04-10 18:02 - 2013-02-19 03:10 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-10 17:09 - 2013-04-10 17:10 - 00000000 ____D C:\Users\Ants\AppData\Local\{A180E1FE-0ECB-4525-BB0F-EE199CCE9183}
2013-04-10 05:16 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-04-10 05:16 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-04-10 05:16 - 2013-03-18 20:48 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-04-10 05:16 - 2013-03-18 18:49 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-04-10 05:16 - 2013-02-28 19:09 - 02347008 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-04-10 05:16 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-04-10 05:16 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-04-10 05:16 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-04-10 05:16 - 2013-01-23 20:47 - 00196328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-04-10 05:09 - 2013-04-10 05:09 - 00000000 ____D C:\Users\Ants\AppData\Local\{D033449A-D1D7-4660-9CF9-232FA1ACEAE5}
2013-04-09 04:09 - 2013-04-09 04:09 - 00000000 ____D C:\Users\Ants\AppData\Local\{D83CD0B7-6C28-49A7-A926-6373EF3F6152}
2013-04-08 06:52 - 2013-04-08 06:52 - 00000000 ____D C:\Users\Ants\AppData\Local\{59477288-5848-4EF6-8F7B-7AD208557C9C}
2013-04-07 03:13 - 2013-04-07 15:14 - 00000000 ____D C:\Users\Ants\AppData\Local\{732A5EF8-DD2B-4023-8192-DAFAB7A850CC}

==================== One Month Modified Files and Folders ========

2013-05-07 16:56 - 2013-05-07 16:56 - 00000000 ____D C:\FRST
2013-05-07 07:26 - 2009-09-16 22:44 - 01082803 ____A C:\Windows\WindowsUpdate.log
2013-05-07 07:26 - 2009-07-13 20:34 - 00015056 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-07 07:26 - 2009-07-13 20:34 - 00015056 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-07 07:23 - 2013-05-07 07:23 - 00000000 ____D C:\Users\Ants\AppData\Local\{84637207-12FE-4DFB-883B-0742C92A5756}
2013-05-07 07:23 - 2012-03-30 15:03 - 00000922 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1131658597-4005637612-88016806-1000UA.job
2013-05-07 07:23 - 2012-03-30 15:03 - 00000900 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1131658597-4005637612-88016806-1000Core.job
2013-05-07 07:23 - 2010-03-30 14:37 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-02 10:58 - 2010-04-17 02:13 - 00000000 ____D C:\Users\Ants\Tracing
2013-05-02 10:58 - 2010-03-30 14:37 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-02 10:58 - 2009-09-16 23:19 - 01273072 ____A C:\Windows\PFRO.log
2013-05-02 10:58 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-02 10:58 - 2009-07-13 20:39 - 00178968 ____A C:\Windows\setupact.log
2013-05-02 10:55 - 2013-05-02 10:55 - 00000000 ____D C:\ProgramData\usij
2013-05-02 10:53 - 2013-05-02 10:53 - 00185336 ____A (Hilgraeve, Inc.) C:\Users\Ants\Desktop\fdia.tmp
2013-05-02 10:53 - 2010-03-30 13:28 - 00000000 ____D C:\users\Ants
2013-05-02 09:44 - 2013-05-02 09:44 - 00000000 ____D C:\Users\Ants\AppData\Local\{B9FE0390-E383-491E-84C3-F6B5EA4F461E}
2013-04-30 07:40 - 2013-04-30 07:40 - 00000000 ____D C:\Users\Ants\AppData\Local\{ED17CB2B-858F-4CAB-9A8F-365270891108}
2013-04-29 10:19 - 2013-04-29 10:18 - 00000000 ____D C:\Users\Ants\AppData\Local\{AA47AB50-8EF7-4D8F-B41D-87553D87FE32}
2013-04-29 10:18 - 2013-01-30 12:00 - 00000000 ____A C:\END
2013-04-27 03:45 - 2013-04-27 03:45 - 00000000 ____D C:\Users\Ants\AppData\Local\{A5D6C57A-67E1-4FF3-9CD3-39EEF9FBCFD8}
2013-04-27 03:45 - 2012-08-16 14:46 - 00000000 ____D C:\Users\Ants\AppData\Local\CrashDumps
2013-04-26 12:45 - 2013-04-26 12:45 - 00000000 ____D C:\Users\Ants\AppData\Local\{7C49B9B0-D5C7-46F8-8614-D824C03BB068}
2013-04-25 11:41 - 2012-04-08 09:03 - 00000400 ___AH C:\Windows\Tasks\Norton Security Scan for Ants.job
2013-04-25 06:44 - 2013-04-25 06:44 - 00000000 ____D C:\Users\Ants\AppData\Local\{30B59BCB-5F5F-4DC3-9D18-B6BD72C70356}
2013-04-24 06:28 - 2013-04-24 06:27 - 00000000 ____D C:\Users\Ants\AppData\Local\{E56404B4-9053-49BB-982F-D67380DA42B4}
2013-04-23 09:30 - 2013-04-23 09:30 - 00000000 ____D C:\Users\Ants\AppData\Local\{4D7F5676-6D7D-425F-82BB-4582AF90296A}
2013-04-22 02:29 - 2013-04-22 02:28 - 00000000 ____D C:\Users\Ants\AppData\Local\{64679DE0-EF34-47B3-9D13-6C27884594D8}
2013-04-20 11:17 - 2013-04-20 11:17 - 00000000 ____D C:\Users\Ants\AppData\Local\{BC2ABBC5-2562-4F2F-A5D7-5F243787CA9E}
2013-04-19 23:17 - 2013-04-19 23:16 - 00000000 ____D C:\Users\Ants\AppData\Local\{87E48C0A-4A40-408B-A10C-D54183448949}
2013-04-19 22:43 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF
2013-04-19 22:42 - 2013-04-19 22:42 - 00000000 ____D C:\Users\Ants\AppData\Local\{A508021D-7691-431A-A1D0-5EBB320F09AB}
2013-04-19 14:58 - 2013-04-19 14:58 - 00000000 ____D C:\Users\Ants\AppData\Local\{61A8F3A4-FFAD-4303-AAA6-9CF2E0B3945A}
2013-04-18 06:11 - 2013-04-18 06:11 - 00000000 ____D C:\Users\Ants\AppData\Local\{D1A9E8FD-98D3-4B70-AC42-C34F7B46A2C8}
2013-04-17 06:23 - 2009-07-26 12:06 - 00792128 ____A C:\Windows\System32\PerfStringBackup.INI
2013-04-17 06:18 - 2013-04-17 06:18 - 00000000 ____D C:\Users\Ants\AppData\Local\{E23472E9-E4B1-4CCB-BEF7-39103B50C63A}
2013-04-16 07:16 - 2013-04-16 07:16 - 00000000 ____D C:\Users\Ants\AppData\Local\{AF671264-F52E-4175-B415-FF328FF6E99A}
2013-04-15 12:04 - 2013-04-15 12:04 - 00000000 ____D C:\Users\Ants\AppData\Local\{2BFAA136-56F6-452A-9C18-D845FE42700B}
2013-04-15 00:04 - 2013-04-15 00:03 - 00000000 ____D C:\Users\Ants\AppData\Local\{DF3244A7-F54E-4472-9725-806797D77CA7}
2013-04-14 12:03 - 2013-04-14 12:03 - 00000000 ____D C:\Users\Ants\AppData\Local\{424D716D-2655-49E3-9B96-C3FDB0604964}
2013-04-13 17:18 - 2013-04-13 17:18 - 00000000 ____D C:\Users\Ants\AppData\Local\{AAA9DA7B-08A4-44C8-B0BB-00A9AF52BBF7}
2013-04-13 14:56 - 2013-04-13 14:56 - 00000000 ____D C:\Users\Ants\AppData\Local\{B726B0F6-CBDC-4055-AE6E-F35A2226F0FF}
2013-04-12 05:45 - 2013-04-23 09:37 - 01211752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-12 05:15 - 2013-04-12 05:15 - 00000000 ____D C:\Users\Ants\AppData\Local\{E28F7DE0-0716-4716-8119-DDDAE2DEAAC8}
2013-04-11 17:11 - 2013-04-11 17:10 - 00000000 ____D C:\Users\Ants\AppData\Local\{8186FF53-6F8F-45EB-9E64-417F226D5DA5}
2013-04-11 05:10 - 2013-04-11 05:10 - 00000000 ____D C:\Users\Ants\AppData\Local\{8FDCA9C2-6014-4904-B3EA-FA74C8DCEED5}
2013-04-11 03:10 - 2009-07-13 20:33 - 00418352 ____A C:\Windows\System32\FNTCACHE.DAT
2013-04-10 18:02 - 2010-03-30 13:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-04-10 17:10 - 2013-04-10 17:09 - 00000000 ____D C:\Users\Ants\AppData\Local\{A180E1FE-0ECB-4525-BB0F-EE199CCE9183}
2013-04-10 10:53 - 2012-05-29 11:32 - 00002129 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-04-10 05:09 - 2013-04-10 05:09 - 00000000 ____D C:\Users\Ants\AppData\Local\{D033449A-D1D7-4660-9CF9-232FA1ACEAE5}
2013-04-09 04:09 - 2013-04-09 04:09 - 00000000 ____D C:\Users\Ants\AppData\Local\{D83CD0B7-6C28-49A7-A926-6373EF3F6152}
2013-04-08 06:52 - 2013-04-08 06:52 - 00000000 ____D C:\Users\Ants\AppData\Local\{59477288-5848-4EF6-8F7B-7AD208557C9C}
2013-04-07 15:14 - 2013-04-07 03:13 - 00000000 ____D C:\Users\Ants\AppData\Local\{732A5EF8-DD2B-4023-8192-DAFAB7A850CC}

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-1131658597-4005637612-88016806-1000\$23ceaf3e03eb15df900fdffb4f8e63b1

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$23ceaf3e03eb15df900fdffb4f8e63b1

Other Malware:
===========
C:\Users\Ants\AppData\Roaming\i.ini
C:\Users\Ants\Application Data\i.ini

==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-04-07 10:00:40
Restore point made on: 2013-04-10 18:00:51
Restore point made on: 2013-04-14 12:34:55
Restore point made on: 2013-04-22 02:38:33
Restore point made on: 2013-04-24 06:31:19
Restore point made on: 2013-04-29 10:28:29

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 3004.61 MB
Available physical RAM: 2537.93 MB
Total Pagefile: 3000.83 MB
Available Pagefile: 2546.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1960.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:108.89 GB) (Free:52.95 GB) NTFS
Drive e: () (Fixed) (Total:108.89 GB) (Free:9.29 GB) NTFS
Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:4.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: () (Removable) (Total:7.45 GB) (Free:7.25 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
============================== MBR & Partition Table ==================

====================================================================
Disk: 0 (Size: 233 GB) (Disk ID: 07A54FFB)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=109 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=109 GB) - (Type=07 NTFS)

====================================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=07 NTFS)


Last Boot: 2013-04-25 11:40

==================== End Of Log ============================
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Steviep

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flash drive as fixlist.txt

HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$23ceaf3e03eb15df900fdffb4f8e63b1\n. ATTENTION! ====> ZeroAccess
HKU\Ants\...\Winlogon: [Shell] C:\Users\Ants\AppData\Roaming\i.ini,explorer.exe <==== ATTENTION
2013-05-02 10:55 - 2013-05-02 10:55 - 00000000 ____D C:\ProgramData\usij
2013-05-02 10:53 - 2013-05-02 10:53 - 00185336 ____A (Hilgraeve, Inc.) C:\Users\Ants\Desktop\fdia.tmp
C:\$Recycle.Bin\S-1-5-21-1131658597-4005637612-88016806-1000\$23ceaf3e03eb15df900fdffb4f8e63b1
C:\$Recycle.Bin\S-1-5-18\$23ceaf3e03eb15df900fdffb4f8e63b1
C:\Users\Ants\AppData\Roaming\i.ini
C:\Users\Ants\Application Data\i.ini


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.

Run FRST again like we did before but this time press the Fix button just once and wait.
The tool will make a log on the flash drive (Fixlog.txt) please post it to your reply.

Also boot the computer into normal mode and let me know how things are looking.

Gringo
  • 0

#3
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
Hi Gringo, laptop booted up as normal and seems to be working ok

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-05-2013
Ran by SYSTEM at 2013-05-07 18:23:47 Run:1
Running from H:\
Boot Mode: Recovery

==============================================

HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
HKEY_USERS\Ants\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
C:\ProgramData\usij => Moved successfully.
C:\Users\Ants\Desktop\fdia.tmp => Moved successfully.
C:\$Recycle.Bin\S-1-5-21-1131658597-4005637612-88016806-1000\$23ceaf3e03eb15df900fdffb4f8e63b1 => Moved successfully.
C:\$Recycle.Bin\S-1-5-18\$23ceaf3e03eb15df900fdffb4f8e63b1 => Moved successfully.
C:\Users\Ants\AppData\Roaming\i.ini => Moved successfully.
C:\Users\Ants\Application Data\i.ini => File/Directory not found.

==== End of Fixlog ====

Edited by Steviep, 07 May 2013 - 11:32 AM.

  • 0

#4
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Steviep


These are the programs I would like you to run next, if you have any problems with these just skip it and move on to the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#5
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Ants [Admin rights]
Mode : Remove -- Date : 05/07/2013 19:06:49
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-1131658597-4005637612-88016806-1000\$23ceaf3e03eb15df900fdffb4f8e63b1\n.) [x] -> REPLACED (C:\windows\system32\shell32.dll)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[13] : NtAlertResumeThread @ 0x832DF615 -> HOOKED (Unknown @ 0x87070930)
SSDT[14] : NtAlertThread @ 0x83267C01 -> HOOKED (Unknown @ 0x87075090)
SSDT[19] : NtAllocateVirtualMemory @ 0x83214FD5 -> HOOKED (Unknown @ 0x875785F0)
SSDT[22] : NtAlpcConnectPort @ 0x832280F1 -> HOOKED (Unknown @ 0x87573098)
SSDT[43] : NtAssignProcessToJobObject @ 0x832808E4 -> HOOKED (Unknown @ 0x87079028)
SSDT[74] : NtCreateMutant @ 0x832772B7 -> HOOKED (Unknown @ 0x87076958)
SSDT[86] : NtCreateSymbolicLinkObject @ 0x831F61D5 -> HOOKED (Unknown @ 0x87085BD0)
SSDT[87] : NtCreateThread @ 0x832DD836 -> HOOKED (Unknown @ 0x87062368)
SSDT[88] : NtCreateThreadEx @ 0x832668F3 -> HOOKED (Unknown @ 0x87085C78)
SSDT[96] : NtDebugActiveProcess @ 0x832AFFC4 -> HOOKED (Unknown @ 0x870790C8)
SSDT[111] : NtDuplicateObject @ 0x832629A7 -> HOOKED (Unknown @ 0x8757AFC0)
SSDT[131] : NtFreeVirtualMemory @ 0x8308825C -> HOOKED (Unknown @ 0x8757A678)
SSDT[145] : NtImpersonateAnonymousToken @ 0x8325B328 -> HOOKED (Unknown @ 0x87076A48)
SSDT[147] : NtImpersonateThread @ 0x83239362 -> HOOKED (Unknown @ 0x87070870)
SSDT[155] : NtLoadDriver @ 0x831AC474 -> HOOKED (Unknown @ 0x87117D98)
SSDT[168] : NtMapViewOfSection @ 0x83241C7E -> HOOKED (Unknown @ 0x87072060)
SSDT[177] : NtOpenEvent @ 0x83238022 -> HOOKED (Unknown @ 0x87086328)
SSDT[191] : NtOpenProcessToken @ 0x8326134F -> HOOKED (Unknown @ 0x877D4CE8)
SSDT[194] : NtOpenSection @ 0x83270AE0 -> HOOKED (Unknown @ 0x8707F300)
SSDT[198] : NtOpenThread @ 0x83279C29 -> HOOKED (Unknown @ 0x870868F0)
SSDT[215] : NtProtectVirtualMemory @ 0x83248595 -> HOOKED (Unknown @ 0x8707F138)
SSDT[304] : NtResumeThread @ 0x83233DC9 -> HOOKED (Unknown @ 0x87085798)
SSDT[316] : NtSetContextThread @ 0x832DF0C1 -> HOOKED (Unknown @ 0x877D66F0)
SSDT[333] : NtSetInformationProcess @ 0x832122FE -> HOOKED (Unknown @ 0x874E9718)
SSDT[350] : NtSetSystemInformation @ 0x831EF664 -> HOOKED (Unknown @ 0x870791A8)
SSDT[366] : NtSuspendProcess @ 0x832DF54F -> HOOKED (Unknown @ 0x8707F3C0)
SSDT[367] : NtSuspendThread @ 0x83299463 -> HOOKED (Unknown @ 0x870857D0)
SSDT[385] : NtUnmapViewOfSection @ 0x832645FA -> HOOKED (Unknown @ 0x877D6998)
S_SSDT[318] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x87B26FD0)
S_SSDT[448] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x883FC948)
S_SSDT[490] : NtUserMessageCall -> HOOKED (Unknown @ 0x87BFBFC0)
S_SSDT[508] : NtUserPostMessage -> HOOKED (Unknown @ 0x883FBB90)
S_SSDT[509] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x883FBAC0)
S_SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x88421A20)

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

˙ţ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM250HI +++++
--- User ---
[MBR] b56368d5d993569828e5b4c19b59f3db
[BSP] c3a66a28150484df6b93cfc91deec495 : KIWI Image system MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 111505 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 260026368 | Size: 111508 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_05072013_02d1906.txt >>
RKreport[1]_S_05072013_02d1905.txt ; RKreport[2]_D_05072013_02d1906.txt


# AdwCleaner v2.300 - Logfile created 05/07/2013 at 18:59:03
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Ants - ANTS-PC
# Boot Mode : Normal
# Running from : C:\Users\Ants\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : WajamUpdater

***** [Files / Folders] *****

File Deleted : C:\END
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Wajam
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Ants\AppData\Local\APN
Folder Deleted : C:\Users\Ants\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\Ants\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Ants\AppData\Local\Wajam
Folder Deleted : C:\Users\Ants\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Ants\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Ants\AppData\LocalLow\Hotbar
Folder Deleted : C:\Users\Ants\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\Ants\AppData\Roaming\PerformerSoft
Folder Deleted : C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Hotbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [Hotbar 11.0.175.0]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Ants\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [9211 octets] - [07/05/2013 18:59:03]

########## EOF - C:\AdwCleaner[S1].txt - [9271 octets] ##########
  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Steviep

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#7
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
ComboFix 13-05-07.02 - Ants 07/05/2013 21:03:46.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3005.1769 [GMT 1:00]
Running from: c:\users\Ants\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1366f84d-530c-480d-9e08-efeb30ff3ae8
c:\programdata\FullRemove.exe
c:\programdata\windows
c:\programdata\windows\dumd.dat
c:\programdata\windows\xdor.dat
c:\users\Ants\AppData\Roaming\.#
c:\users\Ants\AppData\Roaming\.#\[email protected]@1482760.###
c:\users\Ants\AppData\Roaming\.#\[email protected]@1482790.###
c:\windows\system32\roboot.exe
c:\windows\system32\system
.
Infected copy of c:\windows\system32\userinit.exe was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-04-07 to 2013-05-07 )))))))))))))))))))))))))))))))
.
.
2013-05-08 00:56 . 2013-05-08 00:56 -------- d-----w- C:\FRST
2013-05-07 20:11 . 2013-05-07 20:13 -------- d-----w- c:\users\Ants\AppData\Local\temp
2013-05-07 20:11 . 2013-05-07 20:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-29 18:39 . 2013-04-29 18:39 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-23 17:37 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 13:16 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 13:16 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 13:16 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 13:16 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 13:16 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 13:16 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 13:16 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 13:16 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 13:16 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-04 13:50 . 2012-11-25 14:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-01 14:28 . 2013-04-01 14:28 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-01 14:28 . 2013-04-01 14:28 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-04-01 14:28 . 2013-04-01 14:28 158720 ----a-w- c:\windows\system32\msls31.dll
2013-04-01 14:28 . 2013-04-01 14:28 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-04-01 14:28 . 2013-04-01 14:28 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-04-01 14:28 . 2013-04-01 14:28 138752 ----a-w- c:\windows\system32\wextract.exe
2013-04-01 14:28 . 2013-04-01 14:28 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-01 14:28 . 2013-04-01 14:28 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-01 14:28 . 2013-04-01 14:28 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-04-01 14:28 . 2013-04-01 14:28 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-01 14:28 . 2013-04-01 14:28 12800 ----a-w- c:\windows\system32\mshta.exe
2013-04-01 14:28 . 2013-04-01 14:28 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-01 14:28 . 2013-04-01 14:28 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-01 14:28 . 2013-04-01 14:28 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-04-01 14:28 . 2013-04-01 14:28 361984 ----a-w- c:\windows\system32\html.iec
2013-04-01 14:28 . 2013-04-01 14:28 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-01 14:28 . 2013-04-01 14:28 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-12 04:48 . 2013-03-13 20:32 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 20:32 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 03:32 . 2013-03-20 20:13 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Ants\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-19 7711264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-14 1541416]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-01-26 2077536]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [x]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSErHrw7x;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSwx.sys [x]
S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1301000.01C\SYMDS.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1301000.01C\SYMEFA.SYS [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [x]
S1 AvgTdiX;AVG Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [x]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHDrvx86.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1301000.01C\ccSetx86.sys [x]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120822.001\IDSvix86.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1301000.01C\Ironx86.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NIS\1301000.01C\SYMNETS.SYS [x]
S2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [x]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [x]
S3 AVGIDSDriverw7x;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys [x]
S3 AVGIDSFilterw7x;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys [x]
S3 AVGIDSShimw7x;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 18:53 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1131658597-4005637612-88016806-1000Core.job
- c:\users\Ants\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-30 21:10]
.
2013-05-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1131658597-4005637612-88016806-1000UA.job
- c:\users\Ants\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-30 21:10]
.
2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 22:37]
.
2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 22:37]
.
2013-04-25 c:\windows\Tasks\Norton Security Scan for Ants.job
- c:\progra~1\NORTON~2\Engine\371~1.4\Nss.exe [2012-04-08 03:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-lime pro - c:\program files\Lime PRO\LimePro.exe
HKLM-Run-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe
HKLM-Run-HF_G_Jul - c:\program files\AVG Secure Search\HF_G_Jul.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-McAfee Security Scan - c:\program files\McAfee Security Scan\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.1.0.28\diMaster.dll\" /prefetch:1"
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files\Samsung\Samsung Update Plus\SUPBackground.exe
c:\program files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\DllHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\eHome\EhTray.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2013-05-07 21:19:31 - machine was rebooted
ComboFix-quarantined-files.txt 2013-05-07 20:19
.
Pre-Run: 57,046,876,160 bytes free
Post-Run: 57,634,484,224 bytes free
.
- - End Of File - - B27FEB83763A8E36F6F7115448CBEE6C


Laptop seems to be running ok
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Steviep

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::



Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

  • 0

#9
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
ComboFix 13-05-07.02 - Ants 07/05/2013 21:55:00.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3005.1912 [GMT 1:00]
Running from: c:\users\Ants\Desktop\ComboFix.exe
Command switches used :: c:\users\Ants\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infected copy of c:\windows\system32\drivers\ntfs.sys was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.21499_none_a6ca371f976169bc\ntfs.sys
.
.
((((((((((((((((((((((((( Files Created from 2013-04-07 to 2013-05-07 )))))))))))))))))))))))))))))))
.
.
2013-05-08 00:56 . 2013-05-08 00:56 -------- d-----w- C:\FRST
2013-05-07 21:01 . 2013-05-07 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-07 20:11 . 2013-05-07 21:03 -------- d-----w- c:\users\Ants\AppData\Local\temp
2013-04-29 18:39 . 2013-04-29 18:39 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-23 17:37 . 2013-04-12 15:59 1211240 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 13:16 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 13:16 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 13:16 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 13:16 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 13:16 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 13:16 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 13:16 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 13:16 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 13:16 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-04 13:50 . 2012-11-25 14:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-01 14:28 . 2013-04-01 14:28 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-01 14:28 . 2013-04-01 14:28 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-04-01 14:28 . 2013-04-01 14:28 158720 ----a-w- c:\windows\system32\msls31.dll
2013-04-01 14:28 . 2013-04-01 14:28 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-04-01 14:28 . 2013-04-01 14:28 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-04-01 14:28 . 2013-04-01 14:28 138752 ----a-w- c:\windows\system32\wextract.exe
2013-04-01 14:28 . 2013-04-01 14:28 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-01 14:28 . 2013-04-01 14:28 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-01 14:28 . 2013-04-01 14:28 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-04-01 14:28 . 2013-04-01 14:28 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-01 14:28 . 2013-04-01 14:28 12800 ----a-w- c:\windows\system32\mshta.exe
2013-04-01 14:28 . 2013-04-01 14:28 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-01 14:28 . 2013-04-01 14:28 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-01 14:28 . 2013-04-01 14:28 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-04-01 14:28 . 2013-04-01 14:28 361984 ----a-w- c:\windows\system32\html.iec
2013-04-01 14:28 . 2013-04-01 14:28 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-01 14:28 . 2013-04-01 14:28 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-12 04:48 . 2013-03-13 20:32 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 20:32 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 03:32 . 2013-03-20 20:13 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Ants\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-19 7711264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-14 1541416]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-01-26 2077536]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [x]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSErHrw7x;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSwx.sys [x]
S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1301000.01C\SYMDS.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1301000.01C\SYMEFA.SYS [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [x]
S1 AvgTdiX;AVG Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [x]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHDrvx86.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1301000.01C\ccSetx86.sys [x]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120822.001\IDSvix86.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1301000.01C\Ironx86.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NIS\1301000.01C\SYMNETS.SYS [x]
S2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [x]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [x]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [x]
S3 AVGIDSDriverw7x;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys [x]
S3 AVGIDSFilterw7x;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys [x]
S3 AVGIDSShimw7x;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - MBAMSwissArmy
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 18:53 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1131658597-4005637612-88016806-1000Core.job
- c:\users\Ants\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-30 21:10]
.
2013-05-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1131658597-4005637612-88016806-1000UA.job
- c:\users\Ants\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-30 21:10]
.
2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 22:37]
.
2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 22:37]
.
2013-04-25 c:\windows\Tasks\Norton Security Scan for Ants.job
- c:\progra~1\NORTON~2\Engine\371~1.4\Nss.exe [2012-04-08 03:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.1.0.28\diMaster.dll\" /prefetch:1"
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Samsung\Samsung Update Plus\SUPBackground.exe
c:\program files\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\eHome\EhTray.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2013-05-07 22:08:42 - machine was rebooted
ComboFix-quarantined-files.txt 2013-05-07 21:08
ComboFix2.txt 2013-05-07 20:19
.
Pre-Run: 57,674,702,848 bytes free
Post-Run: 57,615,863,808 bytes free
.
- - End Of File - - 98AF2E7CC5E0E5CE699BD28EF2214C2C
  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Steviep


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

Advertisements


#11
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
18:49:21.0764 3936 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:49:22.0450 3936 ============================================================
18:49:22.0450 3936 Current date / time: 2013/05/08 18:49:22.0450
18:49:22.0450 3936 SystemInfo:
18:49:22.0450 3936
18:49:22.0450 3936 OS Version: 6.1.7601 ServicePack: 1.0
18:49:22.0450 3936 Product type: Workstation
18:49:22.0450 3936 ComputerName: ANTS-PC
18:49:22.0450 3936 UserName: Ants
18:49:22.0450 3936 Windows directory: C:\windows
18:49:22.0450 3936 System windows directory: C:\windows
18:49:22.0450 3936 Processor architecture: Intel x86
18:49:22.0450 3936 Number of processors: 2
18:49:22.0450 3936 Page size: 0x1000
18:49:22.0450 3936 Boot type: Normal boot
18:49:22.0450 3936 ============================================================
18:49:22.0887 3936 BG loaded
18:49:23.0823 3936 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:49:23.0823 3936 ============================================================
18:49:23.0823 3936 \Device\Harddisk0\DR0:
18:49:23.0823 3936 MBR partitions:
18:49:23.0823 3936 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
18:49:23.0823 3936 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xD9C8800
18:49:23.0823 3936 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xF7FB000, BlocksNum 0xD9CA000
18:49:23.0823 3936 ============================================================
18:49:23.0885 3936 C: <-> \Device\Harddisk0\DR0\Partition2
18:49:24.0135 3936 D: <-> \Device\Harddisk0\DR0\Partition3
18:49:24.0151 3936 ============================================================
18:49:24.0151 3936 Initialize success
18:49:24.0151 3936 ============================================================
18:51:53.0527 4844 ============================================================
18:51:53.0527 4844 Scan started
18:51:53.0527 4844 Mode: Manual; SigCheck; TDLFS;
18:51:53.0527 4844 ============================================================
18:51:54.0260 4844 ================ Scan system memory ========================
18:51:54.0260 4844 System memory - ok
18:51:54.0260 4844 ================ Scan services =============================
18:51:54.0494 4844 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:51:54.0650 4844 1394ohci - ok
18:51:54.0697 4844 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:51:54.0728 4844 ACPI - ok
18:51:54.0791 4844 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:51:54.0884 4844 AcpiPmi - ok
18:51:55.0009 4844 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:51:55.0040 4844 AdobeARMservice - ok
18:51:55.0103 4844 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
18:51:55.0149 4844 adp94xx - ok
18:51:55.0181 4844 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
18:51:55.0227 4844 adpahci - ok
18:51:55.0259 4844 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
18:51:55.0274 4844 adpu320 - ok
18:51:55.0337 4844 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:51:55.0415 4844 AeLookupSvc - ok
18:51:55.0493 4844 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
18:51:55.0586 4844 AFD - ok
18:51:55.0633 4844 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
18:51:55.0649 4844 agp440 - ok
18:51:55.0727 4844 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
18:51:55.0758 4844 aic78xx - ok
18:51:55.0805 4844 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
18:51:55.0883 4844 ALG - ok
18:51:55.0914 4844 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
18:51:55.0929 4844 aliide - ok
18:51:55.0992 4844 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
18:51:56.0007 4844 amdagp - ok
18:51:56.0070 4844 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
18:51:56.0085 4844 amdide - ok
18:51:56.0132 4844 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
18:51:56.0210 4844 AmdK8 - ok
18:51:56.0241 4844 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
18:51:56.0304 4844 AmdPPM - ok
18:51:56.0351 4844 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
18:51:56.0382 4844 amdsata - ok
18:51:56.0413 4844 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
18:51:56.0444 4844 amdsbs - ok
18:51:56.0460 4844 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:51:56.0491 4844 amdxata - ok
18:51:56.0569 4844 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
18:51:57.0053 4844 AppID - ok
18:51:57.0115 4844 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:51:57.0209 4844 AppIDSvc - ok
18:51:57.0255 4844 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
18:51:57.0333 4844 Appinfo - ok
18:51:57.0443 4844 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:51:57.0458 4844 Apple Mobile Device - ok
18:51:57.0536 4844 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
18:51:57.0552 4844 arc - ok
18:51:57.0583 4844 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
18:51:57.0614 4844 arcsas - ok
18:51:57.0661 4844 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:51:57.0801 4844 AsyncMac - ok
18:51:57.0864 4844 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
18:51:57.0895 4844 atapi - ok
18:51:57.0973 4844 [ 2EB96571FE865F07ED1FD6017575026F ] athr C:\windows\system32\DRIVERS\athr.sys
18:51:58.0051 4844 athr - ok
18:51:58.0129 4844 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:51:58.0191 4844 AudioEndpointBuilder - ok
18:51:58.0207 4844 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
18:51:58.0254 4844 Audiosrv - ok
18:51:58.0379 4844 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
18:51:58.0394 4844 AVG Security Toolbar Service - ok
18:51:58.0472 4844 [ C4D15594DB5BE042D3346EA58DF87D89 ] avg9wd C:\Program Files\AVG\AVG9\avgwdsvc.exe
18:51:58.0503 4844 avg9wd - ok
18:51:58.0566 4844 [ 26A4640A8F16F8CE39B93329C83BB15A ] Avgfwfd C:\windows\system32\DRIVERS\avgfwd6x.sys
18:51:58.0581 4844 Avgfwfd - ok
18:51:58.0706 4844 [ 0F38E92D794DF187BA060939C552484F ] avgfws9 C:\Program Files\AVG\AVG9\avgfws9.exe
18:51:58.0784 4844 avgfws9 - ok
18:51:59.0003 4844 [ ABC81401A433F90414168E027AA6CC48 ] AVGIDSAgent C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
18:51:59.0174 4844 AVGIDSAgent - ok
18:51:59.0252 4844 [ 9E6B5BC75FD68B0D56A6F68A2D967241 ] AVGIDSDriverw7x C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys
18:51:59.0268 4844 AVGIDSDriverw7x - ok
18:51:59.0299 4844 [ 25D906E3419EC2E7813D0627DD054032 ] AVGIDSErHrw7x C:\windows\system32\Drivers\AVGIDSwx.sys
18:51:59.0315 4844 AVGIDSErHrw7x - ok
18:51:59.0346 4844 [ 57B9A71774C9E334DC8EF97657FF18A1 ] AVGIDSFilterw7x C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys
18:51:59.0361 4844 AVGIDSFilterw7x - ok
18:51:59.0408 4844 [ C996C03D160137938A122A951305D645 ] AVGIDSShimw7x C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys
18:51:59.0439 4844 AVGIDSShimw7x - ok
18:51:59.0455 4844 [ B8C187439D27ABA430DD69FDCF1FA657 ] AvgLdx86 C:\windows\system32\Drivers\avgldx86.sys
18:51:59.0471 4844 AvgLdx86 - ok
18:51:59.0533 4844 [ 80FF2B1B7EEDA966394F0BAA895BBF4B ] AvgMfx86 C:\windows\system32\Drivers\avgmfx86.sys
18:51:59.0549 4844 AvgMfx86 - ok
18:51:59.0564 4844 [ 5BBCD8646074A3AF4EE9B321D12C2B64 ] AvgRkx86 C:\windows\system32\Drivers\avgrkx86.sys
18:51:59.0580 4844 AvgRkx86 - ok
18:51:59.0611 4844 [ 9A7A93388F503A34E7339AE7F9997449 ] AvgTdiX C:\windows\system32\Drivers\avgtdix.sys
18:51:59.0627 4844 AvgTdiX - ok
18:51:59.0673 4844 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
18:51:59.0767 4844 AxInstSV - ok
18:51:59.0829 4844 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
18:51:59.0892 4844 b06bdrv - ok
18:51:59.0923 4844 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
18:51:59.0985 4844 b57nd60x - ok
18:52:00.0063 4844 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
18:52:00.0079 4844 BcmSqlStartupSvc - ok
18:52:00.0188 4844 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
18:52:00.0251 4844 BDESVC - ok
18:52:00.0266 4844 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
18:52:00.0329 4844 Beep - ok
18:52:00.0391 4844 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
18:52:00.0453 4844 BFE - ok
18:52:00.0719 4844 [ 080BE9BAD2B41B8D91A4BC96C092AA9E ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHDrvx86.sys
18:52:00.0765 4844 BHDrvx86 - ok
18:52:00.0843 4844 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\system32\qmgr.dll
18:52:00.0921 4844 BITS - ok
18:52:00.0953 4844 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
18:52:00.0968 4844 blbdrive - ok
18:52:01.0062 4844 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:52:01.0093 4844 Bonjour Service - ok
18:52:01.0140 4844 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:52:01.0202 4844 bowser - ok
18:52:01.0218 4844 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
18:52:01.0296 4844 BrFiltLo - ok
18:52:01.0311 4844 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
18:52:01.0358 4844 BrFiltUp - ok
18:52:01.0389 4844 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
18:52:01.0452 4844 BridgeMP - ok
18:52:01.0467 4844 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
18:52:01.0530 4844 Browser - ok
18:52:01.0577 4844 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:52:01.0639 4844 Brserid - ok
18:52:01.0655 4844 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:52:01.0701 4844 BrSerWdm - ok
18:52:01.0733 4844 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:52:01.0779 4844 BrUsbMdm - ok
18:52:01.0795 4844 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:52:01.0857 4844 BrUsbSer - ok
18:52:01.0889 4844 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
18:52:01.0935 4844 BTHMODEM - ok
18:52:01.0982 4844 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
18:52:02.0045 4844 bthserv - ok
18:52:02.0201 4844 catchme - ok
18:52:02.0310 4844 [ 2B2F9B4A08190334A9C36446B208BAE9 ] ccSet_NIS C:\windows\system32\drivers\NIS\1301000.01C\ccSetx86.sys
18:52:02.0325 4844 ccSet_NIS - ok
18:52:02.0357 4844 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:52:02.0419 4844 cdfs - ok
18:52:02.0481 4844 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
18:52:02.0528 4844 cdrom - ok
18:52:02.0575 4844 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
18:52:02.0637 4844 CertPropSvc - ok
18:52:02.0669 4844 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
18:52:02.0715 4844 circlass - ok
18:52:02.0747 4844 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
18:52:02.0778 4844 CLFS - ok
18:52:02.0856 4844 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:52:02.0918 4844 clr_optimization_v2.0.50727_32 - ok
18:52:03.0012 4844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:52:03.0059 4844 clr_optimization_v4.0.30319_32 - ok
18:52:03.0090 4844 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
18:52:03.0121 4844 CmBatt - ok
18:52:03.0152 4844 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
18:52:03.0183 4844 cmdide - ok
18:52:03.0215 4844 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
18:52:03.0246 4844 CNG - ok
18:52:03.0277 4844 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
18:52:03.0308 4844 Compbatt - ok
18:52:03.0355 4844 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
18:52:03.0402 4844 CompositeBus - ok
18:52:03.0417 4844 COMSysApp - ok
18:52:03.0433 4844 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
18:52:03.0464 4844 crcdisk - ok
18:52:03.0511 4844 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
18:52:03.0573 4844 CryptSvc - ok
18:52:03.0620 4844 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
18:52:03.0698 4844 DcomLaunch - ok
18:52:03.0729 4844 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
18:52:03.0792 4844 defragsvc - ok
18:52:03.0839 4844 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:52:03.0901 4844 DfsC - ok
18:52:03.0948 4844 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
18:52:04.0010 4844 Dhcp - ok
18:52:04.0026 4844 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
18:52:04.0073 4844 discache - ok
18:52:04.0119 4844 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
18:52:04.0151 4844 Disk - ok
18:52:04.0182 4844 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
18:52:04.0229 4844 Dnscache - ok
18:52:04.0275 4844 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
18:52:04.0338 4844 dot3svc - ok
18:52:04.0400 4844 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
18:52:04.0463 4844 DPS - ok
18:52:04.0494 4844 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:52:04.0541 4844 drmkaud - ok
18:52:04.0587 4844 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:52:04.0634 4844 DXGKrnl - ok
18:52:04.0665 4844 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
18:52:04.0728 4844 EapHost - ok
18:52:04.0837 4844 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
18:52:04.0962 4844 ebdrv - ok
18:52:05.0071 4844 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:52:05.0087 4844 eeCtrl - ok
18:52:05.0133 4844 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
18:52:05.0196 4844 EFS - ok
18:52:05.0274 4844 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
18:52:05.0367 4844 ehRecvr - ok
18:52:05.0399 4844 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
18:52:05.0461 4844 ehSched - ok
18:52:05.0523 4844 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
18:52:05.0555 4844 elxstor - ok
18:52:05.0617 4844 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:52:05.0648 4844 EraserUtilRebootDrv - ok
18:52:05.0648 4844 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
18:52:05.0711 4844 ErrDev - ok
18:52:05.0773 4844 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
18:52:05.0835 4844 EventSystem - ok
18:52:05.0867 4844 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
18:52:05.0929 4844 exfat - ok
18:52:05.0945 4844 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
18:52:06.0023 4844 fastfat - ok
18:52:06.0069 4844 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
18:52:06.0132 4844 Fax - ok
18:52:06.0163 4844 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
18:52:06.0210 4844 fdc - ok
18:52:06.0241 4844 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
18:52:06.0303 4844 fdPHost - ok
18:52:06.0335 4844 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
18:52:06.0397 4844 FDResPub - ok
18:52:06.0413 4844 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:52:06.0444 4844 FileInfo - ok
18:52:06.0459 4844 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:52:06.0522 4844 Filetrace - ok
18:52:06.0553 4844 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
18:52:06.0584 4844 flpydisk - ok
18:52:06.0631 4844 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:52:06.0647 4844 FltMgr - ok
18:52:06.0709 4844 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\windows\system32\FntCache.dll
18:52:06.0787 4844 FontCache - ok
18:52:06.0834 4844 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:52:06.0849 4844 FontCache3.0.0.0 - ok
18:52:06.0881 4844 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:52:06.0896 4844 FsDepends - ok
18:52:06.0943 4844 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
18:52:06.0959 4844 fssfltr - ok
18:52:07.0052 4844 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
18:52:07.0115 4844 fsssvc - ok
18:52:07.0161 4844 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:52:07.0177 4844 Fs_Rec - ok
18:52:07.0224 4844 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:52:07.0255 4844 fvevol - ok
18:52:07.0302 4844 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
18:52:07.0333 4844 gagp30kx - ok
18:52:07.0364 4844 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:52:07.0380 4844 GEARAspiWDM - ok
18:52:07.0442 4844 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
18:52:07.0505 4844 gpsvc - ok
18:52:07.0598 4844 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:52:07.0614 4844 gupdate - ok
18:52:07.0645 4844 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:52:07.0661 4844 gupdatem - ok
18:52:07.0707 4844 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:52:07.0739 4844 gusvc - ok
18:52:07.0770 4844 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:52:07.0832 4844 hcw85cir - ok
18:52:07.0879 4844 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:52:07.0910 4844 HdAudAddService - ok
18:52:07.0973 4844 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
18:52:08.0019 4844 HDAudBus - ok
18:52:08.0035 4844 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
18:52:08.0082 4844 HidBatt - ok
18:52:08.0113 4844 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
18:52:08.0160 4844 HidBth - ok
18:52:08.0191 4844 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
18:52:08.0238 4844 HidIr - ok
18:52:08.0285 4844 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
18:52:08.0347 4844 hidserv - ok
18:52:08.0409 4844 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
18:52:08.0456 4844 HidUsb - ok
18:52:08.0487 4844 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
18:52:08.0550 4844 hkmsvc - ok
18:52:08.0581 4844 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:52:08.0643 4844 HomeGroupListener - ok
18:52:08.0675 4844 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:52:08.0737 4844 HomeGroupProvider - ok
18:52:08.0784 4844 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:52:08.0815 4844 HpSAMD - ok
18:52:08.0877 4844 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:52:08.0924 4844 HTTP - ok
18:52:08.0971 4844 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:52:09.0002 4844 hwpolicy - ok
18:52:09.0049 4844 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
18:52:09.0080 4844 i8042prt - ok
18:52:09.0158 4844 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
18:52:09.0174 4844 iaStor - ok
18:52:09.0236 4844 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:52:09.0267 4844 iaStorV - ok
18:52:09.0330 4844 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:52:09.0377 4844 idsvc - ok
18:52:09.0486 4844 [ D0A4C9031B57295D6B1078E3CFA45DB4 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120822.001\IDSvix86.sys
18:52:09.0517 4844 IDSVix86 - ok
18:52:09.0751 4844 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
18:52:09.0969 4844 igfx - ok
18:52:10.0016 4844 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
18:52:10.0047 4844 iirsp - ok
18:52:10.0110 4844 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
18:52:10.0172 4844 IKEEXT - ok
18:52:10.0313 4844 [ 5CEEF2CCCB4FE00D3FFBFEB12BCFA07F ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
18:52:10.0406 4844 IntcAzAudAddService - ok
18:52:10.0437 4844 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
18:52:10.0453 4844 intelide - ok
18:52:10.0500 4844 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:52:10.0547 4844 intelppm - ok
18:52:10.0578 4844 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:52:10.0656 4844 IPBusEnum - ok
18:52:10.0687 4844 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:52:10.0765 4844 IpFilterDriver - ok
18:52:10.0843 4844 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
18:52:10.0905 4844 iphlpsvc - ok
18:52:10.0937 4844 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:52:10.0983 4844 IPMIDRV - ok
18:52:11.0015 4844 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:52:11.0077 4844 IPNAT - ok
18:52:11.0155 4844 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:52:11.0186 4844 iPod Service - ok
18:52:11.0217 4844 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
18:52:11.0311 4844 IRENUM - ok
18:52:11.0342 4844 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
18:52:11.0373 4844 isapnp - ok
18:52:11.0405 4844 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:52:11.0436 4844 iScsiPrt - ok
18:52:11.0483 4844 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
18:52:11.0498 4844 kbdclass - ok
18:52:11.0529 4844 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
18:52:11.0561 4844 kbdhid - ok
18:52:11.0592 4844 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
18:52:11.0607 4844 KeyIso - ok
18:52:11.0654 4844 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:52:11.0685 4844 KSecDD - ok
18:52:11.0701 4844 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:52:11.0732 4844 KSecPkg - ok
18:52:11.0763 4844 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
18:52:11.0841 4844 KtmRm - ok
18:52:11.0873 4844 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll
18:52:11.0935 4844 LanmanServer - ok
18:52:11.0966 4844 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:52:12.0044 4844 LanmanWorkstation - ok
18:52:12.0091 4844 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:52:12.0138 4844 lltdio - ok
18:52:12.0169 4844 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
18:52:12.0231 4844 lltdsvc - ok
18:52:12.0247 4844 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
18:52:12.0325 4844 lmhosts - ok
18:52:12.0356 4844 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
18:52:12.0372 4844 LSI_FC - ok
18:52:12.0387 4844 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
18:52:12.0419 4844 LSI_SAS - ok
18:52:12.0434 4844 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
18:52:12.0465 4844 LSI_SAS2 - ok
18:52:12.0481 4844 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
18:52:12.0512 4844 LSI_SCSI - ok
18:52:12.0543 4844 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
18:52:12.0621 4844 luafv - ok
18:52:12.0715 4844 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
18:52:12.0746 4844 McComponentHostService - ok
18:52:12.0793 4844 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
18:52:12.0824 4844 Mcx2Svc - ok
18:52:12.0840 4844 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
18:52:12.0871 4844 megasas - ok
18:52:12.0902 4844 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
18:52:12.0933 4844 MegaSR - ok
18:52:13.0011 4844 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:52:13.0027 4844 Microsoft Office Groove Audit Service - ok
18:52:13.0058 4844 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
18:52:13.0136 4844 MMCSS - ok
18:52:13.0152 4844 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
18:52:13.0199 4844 Modem - ok
18:52:13.0245 4844 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:52:13.0277 4844 monitor - ok
18:52:13.0323 4844 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
18:52:13.0339 4844 mouclass - ok
18:52:13.0386 4844 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
18:52:13.0433 4844 mouhid - ok
18:52:13.0448 4844 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:52:13.0479 4844 mountmgr - ok
18:52:13.0511 4844 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
18:52:13.0542 4844 mpio - ok
18:52:13.0557 4844 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:52:13.0620 4844 mpsdrv - ok
18:52:13.0682 4844 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
18:52:13.0745 4844 MpsSvc - ok
18:52:13.0776 4844 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:52:13.0823 4844 MRxDAV - ok
18:52:13.0885 4844 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:52:13.0947 4844 mrxsmb - ok
18:52:13.0979 4844 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:52:14.0025 4844 mrxsmb10 - ok
18:52:14.0057 4844 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:52:14.0088 4844 mrxsmb20 - ok
18:52:14.0103 4844 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
18:52:14.0135 4844 msahci - ok
18:52:14.0166 4844 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:52:14.0197 4844 msdsm - ok
18:52:14.0213 4844 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
18:52:14.0259 4844 MSDTC - ok
18:52:14.0306 4844 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
18:52:14.0369 4844 Msfs - ok
18:52:14.0400 4844 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:52:14.0462 4844 mshidkmdf - ok
18:52:14.0493 4844 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:52:14.0525 4844 msisadrv - ok
18:52:14.0556 4844 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:52:14.0618 4844 MSiSCSI - ok
18:52:14.0634 4844 msiserver - ok
18:52:14.0665 4844 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:52:14.0727 4844 MSKSSRV - ok
18:52:14.0759 4844 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:52:14.0821 4844 MSPCLOCK - ok
18:52:14.0837 4844 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:52:14.0899 4844 MSPQM - ok
18:52:14.0930 4844 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:52:14.0961 4844 MsRPC - ok
18:52:15.0008 4844 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
18:52:15.0024 4844 mssmbios - ok
18:52:15.0071 4844 MSSQL$MSSMLBIZ - ok
18:52:15.0102 4844 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
18:52:15.0117 4844 MSSQLServerADHelper - ok
18:52:15.0149 4844 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:52:15.0195 4844 MSTEE - ok
18:52:15.0211 4844 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
18:52:15.0258 4844 MTConfig - ok
18:52:15.0289 4844 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
18:52:15.0320 4844 Mup - ok
18:52:15.0367 4844 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
18:52:15.0429 4844 napagent - ok
18:52:15.0507 4844 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:52:15.0554 4844 NativeWifiP - ok
18:52:15.0632 4844 [ FA0B7D801E71CE79B915BAE5A90DE224 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120822.034\NAVENG.SYS
18:52:15.0648 4844 NAVENG - ok
18:52:15.0710 4844 [ 80BB71A7D14CF14B54514A201BF5B985 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120822.034\NAVEX15.SYS
18:52:15.0773 4844 NAVEX15 - ok
18:52:15.0835 4844 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
18:52:15.0882 4844 NDIS - ok
18:52:15.0913 4844 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:52:15.0975 4844 NdisCap - ok
18:52:15.0991 4844 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:52:16.0053 4844 NdisTapi - ok
18:52:16.0100 4844 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:52:16.0163 4844 Ndisuio - ok
18:52:16.0209 4844 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:52:16.0256 4844 NdisWan - ok
18:52:16.0303 4844 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:52:16.0350 4844 NDProxy - ok
18:52:16.0365 4844 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:52:16.0428 4844 NetBIOS - ok
18:52:16.0475 4844 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:52:16.0521 4844 NetBT - ok
18:52:16.0537 4844 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
18:52:16.0568 4844 Netlogon - ok
18:52:16.0615 4844 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
18:52:16.0693 4844 Netman - ok
18:52:16.0709 4844 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
18:52:16.0787 4844 netprofm - ok
18:52:16.0818 4844 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:52:16.0833 4844 NetTcpPortSharing - ok
18:52:16.0880 4844 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
18:52:16.0911 4844 nfrd960 - ok
18:52:16.0989 4844 [ E127420B7FEB65C7F279EAAC183BBC0E ] NIS C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
18:52:17.0021 4844 NIS - ok
18:52:17.0052 4844 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
18:52:17.0099 4844 NlaSvc - ok
18:52:17.0177 4844 [ 99145C5D4B6C4D6F5CE83EE6ABFFE294 ] nmwcdnsu C:\windows\system32\drivers\nmwcdnsu.sys
18:52:17.0255 4844 nmwcdnsu - ok
18:52:17.0317 4844 [ FAEE7B61C6885B091CEC1FF06DA2E1AB ] nmwcdnsuc C:\windows\system32\drivers\nmwcdnsuc.sys
18:52:17.0364 4844 nmwcdnsuc - ok
18:52:17.0395 4844 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
18:52:17.0473 4844 Npfs - ok
18:52:17.0520 4844 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
18:52:17.0582 4844 nsi - ok
18:52:17.0598 4844 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:52:17.0645 4844 nsiproxy - ok
18:52:17.0723 4844 [ E3B53A54A7AF3B3098701783BA15FF75 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:52:17.0785 4844 Ntfs - ok
18:52:17.0801 4844 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
18:52:17.0863 4844 Null - ok
18:52:17.0925 4844 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
18:52:17.0957 4844 nvraid - ok
18:52:17.0972 4844 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
18:52:18.0003 4844 nvstor - ok
18:52:18.0050 4844 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:52:18.0066 4844 nv_agp - ok
18:52:18.0159 4844 [ B5D5DA8230D3D3525839D939A9196C3E ] OberonGameConsoleService C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
18:52:18.0175 4844 OberonGameConsoleService - ok
18:52:18.0237 4844 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:52:18.0284 4844 odserv - ok
18:52:18.0315 4844 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:52:18.0347 4844 ohci1394 - ok
18:52:18.0378 4844 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:52:18.0409 4844 ose - ok
18:52:18.0456 4844 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:52:18.0503 4844 p2pimsvc - ok
18:52:18.0518 4844 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
18:52:18.0581 4844 p2psvc - ok
18:52:18.0612 4844 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
18:52:18.0643 4844 Parport - ok
18:52:18.0674 4844 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
18:52:18.0705 4844 partmgr - ok
18:52:18.0721 4844 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
18:52:18.0752 4844 Parvdm - ok
18:52:18.0799 4844 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
18:52:18.0846 4844 PcaSvc - ok
18:52:18.0877 4844 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
18:52:18.0908 4844 pci - ok
18:52:18.0939 4844 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
18:52:18.0955 4844 pciide - ok
18:52:18.0986 4844 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
18:52:19.0017 4844 pcmcia - ok
18:52:19.0033 4844 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
18:52:19.0064 4844 pcw - ok
18:52:19.0095 4844 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:52:19.0173 4844 PEAUTH - ok
18:52:19.0251 4844 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
18:52:19.0329 4844 pla - ok
18:52:19.0392 4844 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:52:19.0470 4844 PlugPlay - ok
18:52:19.0501 4844 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:52:19.0548 4844 PNRPAutoReg - ok
18:52:19.0579 4844 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:52:19.0610 4844 PNRPsvc - ok
18:52:19.0657 4844 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:52:19.0735 4844 PolicyAgent - ok
18:52:19.0766 4844 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
18:52:19.0844 4844 Power - ok
18:52:19.0891 4844 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:52:19.0953 4844 PptpMiniport - ok
18:52:19.0985 4844 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
18:52:20.0031 4844 Processor - ok
18:52:20.0078 4844 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
18:52:20.0125 4844 ProfSvc - ok
18:52:20.0156 4844 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
18:52:20.0172 4844 ProtectedStorage - ok
18:52:20.0203 4844 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:52:20.0281 4844 Psched - ok
18:52:20.0328 4844 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
18:52:20.0390 4844 ql2300 - ok
18:52:20.0421 4844 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
18:52:20.0453 4844 ql40xx - ok
18:52:20.0468 4844 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
18:52:20.0531 4844 QWAVE - ok
18:52:20.0546 4844 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:52:20.0577 4844 QWAVEdrv - ok
18:52:20.0593 4844 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:52:20.0655 4844 RasAcd - ok
18:52:20.0702 4844 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:52:20.0765 4844 RasAgileVpn - ok
18:52:20.0796 4844 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
18:52:20.0858 4844 RasAuto - ok
18:52:20.0889 4844 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:52:20.0967 4844 Rasl2tp - ok
18:52:20.0999 4844 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
18:52:21.0061 4844 RasMan - ok
18:52:21.0092 4844 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:52:21.0155 4844 RasPppoe - ok
18:52:21.0186 4844 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:52:21.0248 4844 RasSstp - ok
18:52:21.0279 4844 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:52:21.0342 4844 rdbss - ok
18:52:21.0357 4844 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
18:52:21.0420 4844 rdpbus - ok
18:52:21.0451 4844 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:52:21.0498 4844 RDPCDD - ok
18:52:21.0529 4844 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:52:21.0576 4844 RDPENCDD - ok
18:52:21.0591 4844 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:52:21.0654 4844 RDPREFMP - ok
18:52:21.0685 4844 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:52:21.0747 4844 RDPWD - ok
18:52:21.0794 4844 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:52:21.0825 4844 rdyboost - ok
18:52:21.0857 4844 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
18:52:21.0919 4844 RemoteAccess - ok
18:52:21.0950 4844 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
18:52:22.0013 4844 RemoteRegistry - ok
18:52:22.0075 4844 [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\windows\system32\Drivers\RimUsb.sys
18:52:22.0122 4844 RimUsb - ok
18:52:22.0137 4844 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:52:22.0215 4844 RpcEptMapper - ok
18:52:22.0231 4844 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
18:52:22.0278 4844 RpcLocator - ok
18:52:22.0309 4844 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\System32\rpcss.dll
18:52:22.0371 4844 RpcSs - ok
18:52:22.0403 4844 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:52:22.0449 4844 rspndr - ok
18:52:22.0496 4844 [ 6465166DD9B2F841DABAD16ABDADBE98 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
18:52:22.0527 4844 RTL8167 - ok
18:52:22.0574 4844 [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI C:\windows\system32\Drivers\SABI.sys
18:52:22.0637 4844 SABI - ok
18:52:22.0652 4844 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
18:52:22.0683 4844 SamSs - ok
18:52:22.0715 4844 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:52:22.0746 4844 sbp2port - ok
18:52:22.0777 4844 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
18:52:22.0855 4844 SCardSvr - ok
18:52:22.0871 4844 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:52:22.0933 4844 scfilter - ok
18:52:22.0995 4844 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
18:52:23.0073 4844 Schedule - ok
18:52:23.0120 4844 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
18:52:23.0167 4844 SCPolicySvc - ok
18:52:23.0214 4844 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:52:23.0261 4844 SDRSVC - ok
18:52:23.0292 4844 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
18:52:23.0354 4844 secdrv - ok
18:52:23.0385 4844 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
18:52:23.0463 4844 seclogon - ok
18:52:23.0479 4844 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
18:52:23.0557 4844 SENS - ok
18:52:23.0588 4844 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
18:52:23.0619 4844 SensrSvc - ok
18:52:23.0651 4844 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
18:52:23.0697 4844 Serenum - ok
18:52:23.0744 4844 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
18:52:23.0775 4844 Serial - ok
18:52:23.0807 4844 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
18:52:23.0838 4844 sermouse - ok
18:52:23.0885 4844 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
18:52:23.0947 4844 SessionEnv - ok
18:52:23.0978 4844 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:52:24.0025 4844 sffdisk - ok
18:52:24.0041 4844 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:52:24.0072 4844 sffp_mmc - ok
18:52:24.0087 4844 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:52:24.0134 4844 sffp_sd - ok
18:52:24.0165 4844 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
18:52:24.0212 4844 sfloppy - ok
18:52:24.0290 4844 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
18:52:24.0337 4844 SharedAccess - ok
18:52:24.0368 4844 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:52:24.0446 4844 ShellHWDetection - ok
18:52:24.0477 4844 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
18:52:24.0493 4844 sisagp - ok
18:52:24.0524 4844 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
18:52:24.0555 4844 SiSRaid2 - ok
18:52:24.0571 4844 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
18:52:24.0602 4844 SiSRaid4 - ok
18:52:24.0633 4844 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
18:52:24.0696 4844 Smb - ok
18:52:24.0758 4844 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:52:24.0789 4844 SNMPTRAP - ok
18:52:24.0821 4844 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
18:52:24.0836 4844 spldr - ok
18:52:24.0883 4844 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
18:52:24.0945 4844 Spooler - ok
18:52:25.0039 4844 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
18:52:25.0164 4844 sppsvc - ok
18:52:25.0211 4844 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
18:52:25.0273 4844 sppuinotify - ok
18:52:25.0304 4844 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:52:25.0335 4844 SQLBrowser - ok
18:52:25.0367 4844 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:52:25.0398 4844 SQLWriter - ok
18:52:25.0476 4844 [ 2C5FBF6A00A4A3DCF643E46E8ACB20C2 ] SRTSP C:\windows\system32\drivers\NIS\1301000.01C\SRTSP.SYS
18:52:25.0523 4844 SRTSP - ok
18:52:25.0569 4844 [ 9034EA58552B55F370E5293A7175C5AC ] SRTSPX C:\windows\system32\drivers\NIS\1301000.01C\SRTSPX.SYS
18:52:25.0585 4844 SRTSPX - ok
18:52:25.0647 4844 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
18:52:25.0694 4844 srv - ok
18:52:25.0725 4844 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:52:25.0772 4844 srv2 - ok
18:52:25.0788 4844 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:52:25.0819 4844 srvnet - ok
18:52:25.0850 4844 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:52:25.0928 4844 SSDPSRV - ok
18:52:25.0944 4844 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
18:52:26.0006 4844 SstpSvc - ok
18:52:26.0037 4844 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
18:52:26.0069 4844 stexstor - ok
18:52:26.0115 4844 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
18:52:26.0178 4844 StiSvc - ok
18:52:26.0225 4844 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
18:52:26.0240 4844 swenum - ok
18:52:26.0271 4844 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
18:52:26.0334 4844 swprv - ok
18:52:26.0381 4844 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\windows\system32\drivers\NIS\1301000.01C\SYMDS.SYS
18:52:26.0412 4844 SymDS - ok
18:52:26.0474 4844 [ A0C7005387BB6F055BB50BD8E779368B ] SymEFA C:\windows\system32\drivers\NIS\1301000.01C\SYMEFA.SYS
18:52:26.0521 4844 SymEFA - ok
18:52:26.0583 4844 [ 98D28D08E68145FB550EE7670B43BAF2 ] SymEvent C:\windows\system32\Drivers\SYMEVENT.SYS
18:52:26.0599 4844 SymEvent - ok
18:52:26.0630 4844 [ 39C35DDBB570E9F334F239248E4DE34D ] SymIRON C:\windows\system32\drivers\NIS\1301000.01C\Ironx86.SYS
18:52:26.0661 4844 SymIRON - ok
18:52:26.0677 4844 [ AF979B363126CF54EFBC46BF61B7D540 ] SymNetS C:\windows\system32\drivers\NIS\1301000.01C\SYMNETS.SYS
18:52:26.0708 4844 SymNetS - ok
18:52:26.0755 4844 [ 7A9025D8F7852B06D6D08ED536135E7E ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
18:52:26.0786 4844 SynTP - ok
18:52:26.0833 4844 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
18:52:26.0895 4844 SysMain - ok
18:52:26.0942 4844 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
18:52:26.0989 4844 TabletInputService - ok
18:52:27.0020 4844 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
18:52:27.0067 4844 TapiSrv - ok
18:52:27.0114 4844 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
18:52:27.0176 4844 TBS - ok
18:52:27.0239 4844 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:52:27.0301 4844 Tcpip - ok
18:52:27.0332 4844 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:52:27.0395 4844 TCPIP6 - ok
18:52:27.0426 4844 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:52:27.0473 4844 tcpipreg - ok
18:52:27.0519 4844 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:52:27.0566 4844 TDPIPE - ok
18:52:27.0582 4844 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:52:27.0629 4844 TDTCP - ok
18:52:27.0675 4844 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:52:27.0722 4844 tdx - ok
18:52:27.0863 4844 [ 8A9828975A857E477EFEF5A61BA45AC0 ] TeamViewer6 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
18:52:27.0941 4844 TeamViewer6 - ok
18:52:27.0956 4844 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
18:52:27.0987 4844 TermDD - ok
18:52:28.0034 4844 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
18:52:28.0097 4844 TermService - ok
18:52:28.0143 4844 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
18:52:28.0190 4844 Themes - ok
18:52:28.0221 4844 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
18:52:28.0268 4844 THREADORDER - ok
18:52:28.0299 4844 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
18:52:28.0362 4844 TrkWks - ok
18:52:28.0440 4844 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:52:28.0487 4844 TrustedInstaller - ok
18:52:28.0533 4844 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:52:28.0596 4844 tssecsrv - ok
18:52:28.0674 4844 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:52:28.0705 4844 TsUsbFlt - ok
18:52:28.0767 4844 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:52:28.0830 4844 tunnel - ok
18:52:28.0861 4844 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
18:52:28.0892 4844 uagp35 - ok
18:52:28.0923 4844 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:52:28.0986 4844 udfs - ok
18:52:29.0017 4844 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
18:52:29.0064 4844 UI0Detect - ok
18:52:29.0111 4844 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:52:29.0142 4844 uliagpkx - ok
18:52:29.0173 4844 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
18:52:29.0189 4844 umbus - ok
18:52:29.0220 4844 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
18:52:29.0251 4844 UmPass - ok
18:52:29.0267 4844 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
18:52:29.0329 4844 upnphost - ok
18:52:29.0391 4844 [ E8C1B9EBAC65288E1B51E8A987D98AF6 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
18:52:29.0391 4844 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
18:52:29.0391 4844 USBAAPL - detected UnsignedFile.Multi.Generic (1)
18:52:29.0407 4844 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
18:52:29.0454 4844 usbccgp - ok
18:52:29.0469 4844 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
18:52:29.0532 4844 usbcir - ok
18:52:29.0547 4844 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
18:52:29.0579 4844 usbehci - ok
18:52:29.0625 4844 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:52:29.0641 4844 usbhub - ok
18:52:29.0672 4844 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
18:52:29.0688 4844 usbohci - ok
18:52:29.0719 4844 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
18:52:29.0750 4844 usbprint - ok
18:52:29.0781 4844 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:52:29.0844 4844 USBSTOR - ok
18:52:29.0844 4844 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
18:52:29.0891 4844 usbuhci - ok
18:52:29.0937 4844 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
18:52:29.0969 4844 usbvideo - ok
18:52:30.0000 4844 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
18:52:30.0062 4844 UxSms - ok
18:52:30.0093 4844 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
18:52:30.0125 4844 VaultSvc - ok
18:52:30.0156 4844 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:52:30.0187 4844 vdrvroot - ok
18:52:30.0234 4844 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
18:52:30.0296 4844 vds - ok
18:52:30.0327 4844 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:52:30.0359 4844 vga - ok
18:52:30.0390 4844 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
18:52:30.0437 4844 VgaSave - ok
18:52:30.0483 4844 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:52:30.0499 4844 vhdmp - ok
18:52:30.0546 4844 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
18:52:30.0577 4844 viaagp - ok
18:52:30.0593 4844 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
18:52:30.0624 4844 ViaC7 - ok
18:52:30.0655 4844 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
18:52:30.0671 4844 viaide - ok
18:52:30.0702 4844 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:52:30.0717 4844 volmgr - ok
18:52:30.0749 4844 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:52:30.0780 4844 volmgrx - ok
18:52:30.0827 4844 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
18:52:30.0858 4844 volsnap - ok
18:52:30.0889 4844 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
18:52:30.0920 4844 vsmraid - ok
18:52:30.0983 4844 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
18:52:31.0076 4844 VSS - ok
18:52:31.0092 4844 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
18:52:31.0139 4844 vwifibus - ok
18:52:31.0185 4844 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
18:52:31.0232 4844 vwififlt - ok
18:52:31.0263 4844 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
18:52:31.0310 4844 vwifimp - ok
18:52:31.0357 4844 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
18:52:31.0435 4844 W32Time - ok
18:52:31.0466 4844 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
18:52:31.0497 4844 WacomPen - ok
18:52:31.0544 4844 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:52:31.0607 4844 WANARP - ok
18:52:31.0607 4844 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:52:31.0669 4844 Wanarpv6 - ok
18:52:31.0747 4844 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
18:52:31.0825 4844 WatAdminSvc - ok
18:52:31.0887 4844 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
18:52:31.0981 4844 wbengine - ok
18:52:32.0012 4844 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:52:32.0075 4844 WbioSrvc - ok
18:52:32.0106 4844 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
18:52:32.0168 4844 wcncsvc - ok
18:52:32.0199 4844 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:52:32.0246 4844 WcsPlugInService - ok
18:52:32.0277 4844 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
18:52:32.0309 4844 Wd - ok
18:52:32.0355 4844 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:52:32.0402 4844 Wdf01000 - ok
18:52:32.0418 4844 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
18:52:32.0511 4844 WdiServiceHost - ok
18:52:32.0511 4844 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
18:52:32.0543 4844 WdiSystemHost - ok
18:52:32.0589 4844 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
18:52:32.0652 4844 WebClient - ok
18:52:32.0683 4844 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
18:52:32.0761 4844 Wecsvc - ok
18:52:32.0792 4844 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
18:52:32.0870 4844 wercplsupport - ok
18:52:32.0901 4844 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
18:52:32.0948 4844 WerSvc - ok
18:52:32.0995 4844 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:52:33.0057 4844 WfpLwf - ok
18:52:33.0089 4844 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:52:33.0104 4844 WIMMount - ok
18:52:33.0182 4844 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:52:33.0229 4844 WinDefend - ok
18:52:33.0229 4844 WinHttpAutoProxySvc - ok
18:52:33.0291 4844 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:52:33.0354 4844 Winmgmt - ok
18:52:33.0416 4844 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
18:52:33.0510 4844 WinRM - ok
18:52:33.0588 4844 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
18:52:33.0619 4844 WinUsb - ok
18:52:33.0666 4844 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
18:52:33.0713 4844 Wlansvc - ok
18:52:33.0837 4844 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:52:33.0915 4844 wlidsvc - ok
18:52:33.0931 4844 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
18:52:33.0978 4844 WmiAcpi - ok
18:52:34.0025 4844 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:52:34.0056 4844 wmiApSrv - ok
18:52:34.0149 4844 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:52:34.0212 4844 WMPNetworkSvc - ok
18:52:34.0243 4844 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
18:52:34.0305 4844 WPCSvc - ok
18:52:34.0337 4844 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:52:34.0368 4844 WPDBusEnum - ok
18:52:34.0399 4844 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:52:34.0477 4844 ws2ifsl - ok
18:52:34.0524 4844 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll
18:52:34.0555 4844 wscsvc - ok
18:52:34.0555 4844 WSearch - ok
18:52:34.0649 4844 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
18:52:34.0711 4844 wuauserv - ok
18:52:34.0758 4844 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:52:34.0789 4844 WudfPf - ok
18:52:34.0820 4844 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
18:52:34.0851 4844 WUDFRd - ok
18:52:34.0898 4844 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:52:34.0945 4844 wudfsvc - ok
18:52:34.0992 4844 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
18:52:35.0023 4844 WwanSvc - ok
18:52:35.0054 4844 ================ Scan global ===============================
18:52:35.0085 4844 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
18:52:35.0132 4844 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
18:52:35.0148 4844 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
18:52:35.0179 4844 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
18:52:35.0226 4844 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
18:52:35.0226 4844 [Global] - ok
18:52:35.0226 4844 ================ Scan MBR ==================================
18:52:35.0241 4844 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
18:52:35.0678 4844 \Device\Harddisk0\DR0 - ok
18:52:35.0678 4844 ================ Scan VBR ==================================
18:52:35.0678 4844 [ F19731E6FE94B6AE3E1F3E18BD062D9A ] \Device\Harddisk0\DR0\Partition1
18:52:35.0678 4844 \Device\Harddisk0\DR0\Partition1 - ok
18:52:35.0694 4844 [ 6F5B5B0BB7D6BC0BBDB96FAA0D8ED977 ] \Device\Harddisk0\DR0\Partition2
18:52:35.0709 4844 \Device\Harddisk0\DR0\Partition2 - ok
18:52:35.0741 4844 [ E8D01968EAEC0949EC1B492C5ADCA0F2 ] \Device\Harddisk0\DR0\Partition3
18:52:35.0741 4844 \Device\Harddisk0\DR0\Partition3 - ok
18:52:35.0741 4844 ================ Scan active images ========================
18:52:35.0741 4844 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
18:52:35.0741 4844 C:\Windows\System32\drivers\crashdmp.sys - ok
18:52:35.0756 4844 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
18:52:35.0756 4844 C:\Windows\System32\drivers\dumpfve.sys - ok
18:52:35.0756 4844 [ D483687EACE0C065EE772481A96E05F5 ] C:\Windows\System32\drivers\iaStor.sys
18:52:35.0756 4844 C:\Windows\System32\drivers\iaStor.sys - ok
18:52:35.0772 4844 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
18:52:35.0772 4844 C:\Windows\System32\drivers\cdrom.sys - ok
18:52:35.0772 4844 [ 2B2F9B4A08190334A9C36446B208BAE9 ] C:\Windows\System32\drivers\NIS\1301000.01C\ccSetx86.sys
18:52:35.0772 4844 C:\Windows\System32\drivers\NIS\1301000.01C\ccSetx86.sys - ok
18:52:35.0787 4844 [ 39C35DDBB570E9F334F239248E4DE34D ] C:\Windows\System32\drivers\NIS\1301000.01C\Ironx86.sys
18:52:35.0787 4844 C:\Windows\System32\drivers\NIS\1301000.01C\Ironx86.sys - ok
18:52:35.0803 4844 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
18:52:35.0803 4844 C:\Windows\System32\drivers\beep.sys - ok
18:52:35.0803 4844 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
18:52:35.0803 4844 C:\Windows\System32\drivers\null.sys - ok
18:52:35.0819 4844 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
18:52:35.0819 4844 C:\Windows\System32\drivers\RDPCDD.sys - ok
18:52:35.0819 4844 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
18:52:35.0819 4844 C:\Windows\System32\drivers\vga.sys - ok
18:52:35.0834 4844 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
18:52:35.0834 4844 C:\Windows\System32\drivers\videoprt.sys - ok
18:52:35.0834 4844 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
18:52:35.0834 4844 C:\Windows\System32\drivers\watchdog.sys - ok
18:52:35.0850 4844 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
18:52:35.0850 4844 C:\Windows\System32\drivers\RDPENCDD.sys - ok
18:52:35.0865 4844 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
18:52:35.0865 4844 C:\Windows\System32\drivers\RDPREFMP.sys - ok
18:52:35.0865 4844 [ 26A4640A8F16F8CE39B93329C83BB15A ] C:\Windows\System32\drivers\avgfwd6x.sys
18:52:35.0865 4844 C:\Windows\System32\drivers\avgfwd6x.sys - ok
18:52:35.0881 4844 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
18:52:35.0881 4844 C:\Windows\System32\drivers\msfs.sys - ok
18:52:35.0881 4844 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
18:52:35.0881 4844 C:\Windows\System32\drivers\npfs.sys - ok
18:52:35.0897 4844 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
18:52:35.0897 4844 C:\Windows\System32\drivers\tdi.sys - ok
18:52:35.0897 4844 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
18:52:35.0897 4844 C:\Windows\System32\drivers\tdx.sys - ok
18:52:35.0912 4844 [ 9A7A93388F503A34E7339AE7F9997449 ] C:\Windows\System32\drivers\avgtdix.sys
18:52:35.0912 4844 C:\Windows\System32\drivers\avgtdix.sys - ok
18:52:35.0928 4844 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
18:52:35.0928 4844 C:\Windows\System32\drivers\netbt.sys - ok
18:52:35.0928 4844 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
18:52:35.0928 4844 C:\Windows\System32\drivers\afd.sys - ok
18:52:35.0943 4844 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
18:52:35.0943 4844 C:\Windows\System32\drivers\pacer.sys - ok
18:52:35.0943 4844 [ 7090D3436EEB4E7DA3373090A23448F7 ] C:\Windows\System32\drivers\vwififlt.sys
18:52:35.0943 4844 C:\Windows\System32\drivers\vwififlt.sys - ok
18:52:35.0959 4844 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
18:52:35.0959 4844 C:\Windows\System32\drivers\wfplwf.sys - ok
18:52:35.0959 4844 [ 6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys
18:52:35.0959 4844 C:\Windows\System32\drivers\ws2ifsl.sys - ok
18:52:35.0975 4844 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
18:52:35.0975 4844 C:\Windows\System32\drivers\netbios.sys - ok
18:52:35.0975 4844 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
18:52:35.0975 4844 C:\Windows\System32\drivers\termdd.sys - ok
18:52:35.0990 4844 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
18:52:35.0990 4844 C:\Windows\System32\drivers\wanarp.sys - ok
18:52:36.0006 4844 [ AF979B363126CF54EFBC46BF61B7D540 ] C:\Windows\System32\drivers\NIS\1301000.01C\symnets.sys
18:52:36.0006 4844 C:\Windows\System32\drivers\NIS\1301000.01C\symnets.sys - ok
18:52:36.0006 4844 [ 98D28D08E68145FB550EE7670B43BAF2 ] C:\Windows\System32\drivers\SYMEVENT.SYS
18:52:36.0006 4844 C:\Windows\System32\drivers\SYMEVENT.SYS - ok
18:52:36.0021 4844 [ 9034EA58552B55F370E5293A7175C5AC ] C:\Windows\System32\drivers\NIS\1301000.01C\srtspx.sys
18:52:36.0021 4844 C:\Windows\System32\drivers\NIS\1301000.01C\srtspx.sys - ok
18:52:36.0021 4844 [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] C:\Windows\System32\drivers\SABI.sys
18:52:36.0021 4844 C:\Windows\System32\drivers\SABI.sys - ok
18:52:36.0037 4844 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
18:52:36.0037 4844 C:\Windows\System32\drivers\nsiproxy.sys - ok
18:52:36.0037 4844 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
18:52:36.0037 4844 C:\Windows\System32\drivers\rdbss.sys - ok
18:52:36.0053 4844 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
18:52:36.0053 4844 C:\Windows\System32\drivers\mssmbios.sys - ok
18:52:36.0068 4844 [ D0A4C9031B57295D6B1078E3CFA45DB4 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120822.001\IDSvix86.sys
18:52:36.0068 4844 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120822.001\IDSvix86.sys - ok
18:52:36.0068 4844 [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:52:36.0068 4844 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
18:52:36.0084 4844 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:52:36.0084 4844 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
18:52:36.0084 4844 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
18:52:36.0084 4844 C:\Windows\System32\drivers\blbdrive.sys - ok
18:52:36.0099 4844 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
18:52:36.0099 4844 C:\Windows\System32\drivers\dfsc.sys - ok
18:52:36.0115 4844 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
18:52:36.0115 4844 C:\Windows\System32\drivers\discache.sys - ok
18:52:36.0115 4844 [ 080BE9BAD2B41B8D91A4BC96C092AA9E ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHDrvx86.sys
18:52:36.0115 4844 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHDrvx86.sys - ok
18:52:36.0131 4844 [ 80FF2B1B7EEDA966394F0BAA895BBF4B ] C:\Windows\System32\drivers\avgmfx86.sys
18:52:36.0131 4844 C:\Windows\System32\drivers\avgmfx86.sys - ok
18:52:36.0131 4844 [ B8C187439D27ABA430DD69FDCF1FA657 ] C:\Windows\System32\drivers\avgldx86.sys
18:52:36.0131 4844 C:\Windows\System32\drivers\avgldx86.sys - ok
18:52:36.0146 4844 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
18:52:36.0146 4844 C:\Windows\System32\drivers\tunnel.sys - ok
18:52:36.0162 4844 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
18:52:36.0162 4844 C:\Windows\System32\ntdll.dll - ok
18:52:36.0162 4844 [ DE91DCC7BC55E940979097E98F743205 ] C:\Windows\System32\smss.exe
18:52:36.0162 4844 C:\Windows\System32\smss.exe - ok
18:52:36.0177 4844 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
18:52:36.0177 4844 C:\Windows\System32\autochk.exe - ok
18:52:36.0177 4844 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] C:\Windows\System32\drivers\igdkmd32.sys
18:52:36.0177 4844 C:\Windows\System32\drivers\igdkmd32.sys - ok
18:52:36.0193 4844 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
18:52:36.0193 4844 C:\Windows\System32\advapi32.dll - ok
18:52:36.0193 4844 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
18:52:36.0193 4844 C:\Windows\System32\drivers\dxgkrnl.sys - ok
18:52:36.0209 4844 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
18:52:36.0209 4844 C:\Windows\System32\user32.dll - ok
18:52:36.0209 4844 [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys
18:52:36.0209 4844 C:\Windows\System32\drivers\dxgmms1.sys - ok
18:52:36.0224 4844 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
18:52:36.0224 4844 C:\Windows\System32\drivers\usbport.sys - ok
18:52:36.0240 4844 [ 68DF884CF41CDADA664BEB01DAF67E3D ] C:\Windows\System32\drivers\usbuhci.sys
18:52:36.0240 4844 C:\Windows\System32\drivers\usbuhci.sys - ok
18:52:36.0240 4844 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
18:52:36.0240 4844 C:\Windows\System32\rpcrt4.dll - ok
18:52:36.0255 4844 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
18:52:36.0255 4844 C:\Windows\System32\drivers\hdaudbus.sys - ok
18:52:36.0255 4844 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
18:52:36.0255 4844 C:\Windows\System32\drivers\usbehci.sys - ok
18:52:36.0271 4844 [ 2EB96571FE865F07ED1FD6017575026F ] C:\Windows\System32\drivers\athr.sys
18:52:36.0271 4844 C:\Windows\System32\drivers\athr.sys - ok
18:52:36.0287 4844 [ DEA805815E587DAD1DD2C502220B5616 ] C:\Windows\System32\drivers\CmBatt.sys
18:52:36.0287 4844 C:\Windows\System32\drivers\CmBatt.sys - ok
18:52:36.0287 4844 [ 6465166DD9B2F841DABAD16ABDADBE98 ] C:\Windows\System32\drivers\Rt86win7.sys
18:52:36.0287 4844 C:\Windows\System32\drivers\Rt86win7.sys - ok
18:52:36.0302 4844 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] C:\Windows\System32\drivers\vwifibus.sys
18:52:36.0302 4844 C:\Windows\System32\drivers\vwifibus.sys - ok
18:52:36.0302 4844 [ 69CB1A65B835EE6ADF9E16ED6D443072 ] C:\Windows\System32\urlmon.dll
18:52:36.0302 4844 C:\Windows\System32\urlmon.dll - ok
18:52:36.0318 4844 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys
18:52:36.0318 4844 C:\Windows\System32\drivers\i8042prt.sys - ok
18:52:36.0318 4844 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
18:52:36.0318 4844 C:\Windows\System32\drivers\kbdclass.sys - ok
18:52:36.0333 4844 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
18:52:36.0333 4844 C:\Windows\System32\drivers\usbd.sys - ok
18:52:36.0349 4844 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
18:52:36.0349 4844 C:\Windows\System32\lpk.dll - ok
18:52:36.0349 4844 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
18:52:36.0349 4844 C:\Windows\System32\psapi.dll - ok
18:52:36.0365 4844 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
18:52:36.0365 4844 C:\Windows\System32\shlwapi.dll - ok
18:52:36.0365 4844 [ 7A9025D8F7852B06D6D08ED536135E7E ] C:\Windows\System32\drivers\SynTP.sys
18:52:36.0365 4844 C:\Windows\System32\drivers\SynTP.sys - ok
18:52:36.0380 4844 [ B5DEC0D4CBBC333CA99FE10B06D4747E ] C:\Windows\System32\iertutil.dll
18:52:36.0380 4844 C:\Windows\System32\iertutil.dll - ok
18:52:36.0380 4844 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
18:52:36.0380 4844 C:\Windows\System32\oleaut32.dll - ok
18:52:36.0396 4844 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
18:52:36.0396 4844 C:\Windows\System32\ole32.dll - ok
18:52:36.0396 4844 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
18:52:36.0396 4844 C:\Windows\System32\shell32.dll - ok
18:52:36.0411 4844 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
18:52:36.0411 4844 C:\Windows\System32\drivers\agilevpn.sys - ok
18:52:36.0427 4844 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
18:52:36.0427 4844 C:\Windows\System32\drivers\CompositeBus.sys - ok
18:52:36.0427 4844 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys
18:52:36.0427 4844 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
18:52:36.0443 4844 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] C:\Windows\System32\drivers\intelppm.sys
18:52:36.0443 4844 C:\Windows\System32\drivers\intelppm.sys - ok
18:52:36.0443 4844 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
18:52:36.0443 4844 C:\Windows\System32\drivers\mouclass.sys - ok
18:52:36.0458 4844 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
18:52:36.0458 4844 C:\Windows\System32\drivers\ndistapi.sys - ok
18:52:36.0458 4844 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
18:52:36.0458 4844 C:\Windows\System32\drivers\ndiswan.sys - ok
18:52:36.0474 4844 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
18:52:36.0474 4844 C:\Windows\System32\drivers\rasl2tp.sys - ok
18:52:36.0489 4844 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
18:52:36.0489 4844 C:\Windows\System32\drivers\raspppoe.sys - ok
18:52:36.0489 4844 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
18:52:36.0489 4844 C:\Windows\System32\drivers\raspptp.sys - ok
18:52:36.0505 4844 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
18:52:36.0505 4844 C:\Windows\System32\drivers\rassstp.sys - ok
18:52:36.0505 4844 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
18:52:36.0505 4844 C:\Windows\System32\drivers\ks.sys - ok
18:52:36.0521 4844 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
18:52:36.0521 4844 C:\Windows\System32\drivers\swenum.sys - ok
18:52:36.0521 4844 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
18:52:36.0521 4844 C:\Windows\System32\drivers\umbus.sys - ok
18:52:36.0536 4844 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
18:52:36.0536 4844 C:\Windows\System32\drivers\usbhub.sys - ok
18:52:36.0536 4844 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
18:52:36.0536 4844 C:\Windows\System32\setupapi.dll - ok
18:52:36.0552 4844 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\System32\usp10.dll
18:52:36.0552 4844 C:\Windows\System32\usp10.dll - ok
18:52:36.0567 4844 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
18:52:36.0567 4844 C:\Windows\System32\comdlg32.dll - ok
18:52:36.0567 4844 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
18:52:36.0567 4844 C:\Windows\System32\ws2_32.dll - ok
18:52:36.0583 4844 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
18:52:36.0583 4844 C:\Windows\System32\clbcatq.dll - ok
18:52:36.0583 4844 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
18:52:36.0583 4844 C:\Windows\System32\gdi32.dll - ok
18:52:36.0599 4844 [ CFE0CEE587F9CEA4C29DEEC6D85FC91C ] C:\Windows\System32\wininet.dll
18:52:36.0599 4844 C:\Windows\System32\wininet.dll - ok
18:52:36.0599 4844 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
18:52:36.0599 4844 C:\Windows\System32\msvcrt.dll - ok
18:52:36.0614 4844 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
18:52:36.0614 4844 C:\Windows\System32\drivers\ndproxy.sys - ok
18:52:36.0614 4844 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
18:52:36.0614 4844 C:\Windows\System32\drivers\drmk.sys - ok
18:52:36.0630 4844 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
18:52:36.0630 4844 C:\Windows\System32\drivers\portcls.sys - ok
18:52:36.0645 4844 [ 5CEEF2CCCB4FE00D3FFBFEB12BCFA07F ] C:\Windows\System32\drivers\RTKVHDA.sys
18:52:36.0645 4844 C:\Windows\System32\drivers\RTKVHDA.sys - ok
18:52:36.0645 4844 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
18:52:36.0645 4844 C:\Windows\System32\imagehlp.dll - ok
18:52:36.0661 4844 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
18:52:36.0661 4844 C:\Windows\System32\normaliz.dll - ok
18:52:36.0661 4844 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
18:52:36.0661 4844 C:\Windows\System32\nsi.dll - ok
18:52:36.0677 4844 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
18:52:36.0677 4844 C:\Windows\System32\Wldap32.dll - ok
18:52:36.0677 4844 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
18:52:36.0677 4844 C:\Windows\System32\difxapi.dll - ok
18:52:36.0692 4844 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
18:52:36.0692 4844 C:\Windows\System32\sechost.dll - ok
18:52:36.0692 4844 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
18:52:36.0692 4844 C:\Windows\System32\imm32.dll - ok
18:52:36.0708 4844 [ AE09B85158C66E2C154C5C9B3C0027B3 ] C:\Windows\System32\kernel32.dll
18:52:36.0708 4844 C:\Windows\System32\kernel32.dll - ok
18:52:36.0708 4844 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
18:52:36.0708 4844 C:\Windows\System32\msctf.dll - ok
18:52:36.0723 4844 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
18:52:36.0723 4844 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
18:52:36.0739 4844 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
18:52:36.0739 4844 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
18:52:36.0739 4844 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
18:52:36.0739 4844 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
18:52:36.0755 4844 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
18:52:36.0755 4844 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
18:52:36.0755 4844 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll
18:52:36.0755 4844 C:\Windows\System32\crypt32.dll - ok
18:52:36.0770 4844 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
18:52:36.0770 4844 C:\Windows\System32\devobj.dll - ok
18:52:36.0770 4844 [ AD88D390C9417C959E08F8BF6F2B8154 ] C:\Windows\System32\KernelBase.dll
18:52:36.0770 4844 C:\Windows\System32\KernelBase.dll - ok
18:52:36.0786 4844 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
18:52:36.0786 4844 C:\Windows\System32\wintrust.dll - ok
18:52:36.0786 4844 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
18:52:36.0786 4844 C:\Windows\System32\comctl32.dll - ok
18:52:36.0801 4844 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
18:52:36.0801 4844 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
18:52:36.0817 4844 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
18:52:36.0817 4844 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
18:52:36.0817 4844 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
18:52:36.0817 4844 C:\Windows\System32\cfgmgr32.dll - ok
18:52:36.0833 4844 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
18:52:36.0833 4844 C:\Windows\System32\msasn1.dll - ok
18:52:36.0833 4844 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
18:52:36.0833 4844 C:\Windows\System32\drivers\dxapi.sys - ok
18:52:36.0848 4844 [ 6FCC2090F055F5C96236DCD057DD705D ] C:\Windows\System32\win32k.sys
18:52:36.0848 4844 C:\Windows\System32\win32k.sys - ok
18:52:36.0848 4844 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
18:52:36.0848 4844 C:\Windows\System32\csrss.exe - ok
18:52:36.0864 4844 [ 23AB7E36551C6BA5370EF7F05142F0EB ] C:\Windows\System32\csrsrv.dll
18:52:36.0864 4844 C:\Windows\System32\csrsrv.dll - ok
18:52:36.0879 4844 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
18:52:36.0879 4844 C:\Windows\System32\basesrv.dll - ok
18:52:36.0879 4844 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\System32\winsrv.dll
18:52:36.0879 4844 C:\Windows\System32\winsrv.dll - ok
18:52:36.0895 4844 [ BD9C55D7023C5DE374507ACC7A14E2AC ] C:\Windows\System32\drivers\usbccgp.sys
18:52:36.0895 4844 C:\Windows\System32\drivers\usbccgp.sys - ok
18:52:36.0895 4844 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] C:\Windows\System32\drivers\usbvideo.sys
18:52:36.0895 4844 C:\Windows\System32\drivers\usbvideo.sys - ok
18:52:36.0911 4844 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
18:52:36.0911 4844 C:\Windows\System32\drivers\monitor.sys - ok
18:52:36.0911 4844 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
18:52:36.0911 4844 C:\Windows\System32\tsddd.dll - ok
18:52:36.0926 4844 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
18:52:36.0926 4844 C:\Windows\System32\sxssrv.dll - ok
18:52:36.0942 4844 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
18:52:36.0942 4844 C:\Windows\System32\wininit.exe - ok
18:52:36.0942 4844 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
18:52:36.0942 4844 C:\Windows\System32\cdd.dll - ok
18:52:36.0957 4844 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
18:52:36.0957 4844 C:\Windows\System32\profapi.dll - ok
18:52:36.0957 4844 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
18:52:36.0957 4844 C:\Windows\System32\RpcRtRemote.dll - ok
18:52:36.0973 4844 [ AB0DDD50695906570E81F21D3481D4A9 ] C:\Windows\System32\KBDUK.DLL
18:52:36.0973 4844 C:\Windows\System32\KBDUK.DLL - ok
18:52:36.0973 4844 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
18:52:36.0973 4844 C:\Windows\System32\WlS0WndH.dll - ok
18:52:36.0989 4844 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
18:52:36.0989 4844 C:\Windows\System32\sxs.dll - ok
18:52:37.0004 4844 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
18:52:37.0004 4844 C:\Windows\System32\cryptbase.dll - ok
18:52:37.0004 4844 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
18:52:37.0004 4844 C:\Windows\System32\apphelp.dll - ok
18:52:37.0020 4844 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
18:52:37.0020 4844 C:\Windows\System32\services.exe - ok
18:52:37.0020 4844 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
18:52:37.0020 4844 C:\Windows\System32\lsm.exe - ok
18:52:37.0035 4844 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
18:52:37.0035 4844 C:\Windows\System32\scesrv.dll - ok
18:52:37.0035 4844 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
18:52:37.0035 4844 C:\Windows\System32\scext.dll - ok
18:52:37.0051 4844 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
18:52:37.0051 4844 C:\Windows\System32\secur32.dll - ok
18:52:37.0051 4844 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
18:52:37.0051 4844 C:\Windows\System32\sspicli.dll - ok
18:52:37.0067 4844 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
18:52:37.0067 4844 C:\Windows\System32\sysntfy.dll - ok
18:52:37.0067 4844 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
18:52:37.0067 4844 C:\Windows\System32\wmsgapi.dll - ok
18:52:37.0082 4844 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
18:52:37.0082 4844 C:\Windows\System32\lsasrv.dll - ok
18:52:37.0098 4844 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
18:52:37.0098 4844 C:\Windows\System32\lsass.exe - ok
18:52:37.0098 4844 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
18:52:37.0098 4844 C:\Windows\System32\srvcli.dll - ok
18:52:37.0113 4844 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
18:52:37.0113 4844 C:\Windows\System32\sspisrv.dll - ok
18:52:37.0113 4844 [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys
18:52:37.0113 4844 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
18:52:37.0129 4844 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
18:52:37.0129 4844 C:\Windows\System32\samsrv.dll - ok
18:52:37.0129 4844 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
18:52:37.0129 4844 C:\Windows\System32\cryptdll.dll - ok
18:52:37.0145 4844 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
18:52:37.0145 4844 C:\Windows\System32\wevtapi.dll - ok
18:52:37.0145 4844 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
18:52:37.0145 4844 C:\Windows\System32\authz.dll - ok
18:52:37.0160 4844 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
18:52:37.0160 4844 C:\Windows\System32\bcrypt.dll - ok
18:52:37.0176 4844 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
18:52:37.0176 4844 C:\Windows\System32\cngaudit.dll - ok
18:52:37.0176 4844 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\System32\ncrypt.dll
18:52:37.0176 4844 C:\Windows\System32\ncrypt.dll - ok
18:52:37.0191 4844 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
18:52:37.0191 4844 C:\Windows\System32\msprivs.dll - ok
18:52:37.0191 4844 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
18:52:37.0191 4844 C:\Windows\System32\kerberos.dll - ok
18:52:37.0207 4844 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
18:52:37.0207 4844 C:\Windows\System32\negoexts.dll - ok
18:52:37.0207 4844 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
18:52:37.0207 4844 C:\Windows\System32\netjoin.dll - ok
18:52:37.0223 4844 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
18:52:37.0223 4844 C:\Windows\System32\cryptsp.dll - ok
18:52:37.0238 4844 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
18:52:37.0238 4844 C:\Windows\System32\mswsock.dll - ok
18:52:37.0238 4844 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
18:52:37.0238 4844 C:\Windows\System32\version.dll - ok
18:52:37.0254 4844 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
18:52:37.0254 4844 C:\Windows\System32\msv1_0.dll - ok
18:52:37.0254 4844 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
18:52:37.0254 4844 C:\Windows\System32\wship6.dll - ok
18:52:37.0269 4844 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
18:52:37.0269 4844 C:\Windows\System32\netlogon.dll - ok
18:52:37.0269 4844 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
18:52:37.0269 4844 C:\Windows\System32\dnsapi.dll - ok
18:52:37.0285 4844 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
18:52:37.0285 4844 C:\Windows\System32\logoncli.dll - ok
18:52:37.0285 4844 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
18:52:37.0285 4844 C:\Windows\System32\schannel.dll - ok
18:52:37.0301 4844 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
18:52:37.0301 4844 C:\Windows\System32\wdigest.dll - ok
18:52:37.0301 4844 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
18:52:37.0301 4844 C:\Windows\System32\winlogon.exe - ok
18:52:37.0316 4844 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
18:52:37.0316 4844 C:\Windows\System32\rsaenh.dll - ok
18:52:37.0316 4844 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
18:52:37.0316 4844 C:\Windows\System32\TSpkg.dll - ok
18:52:37.0332 4844 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
18:52:37.0332 4844 C:\Windows\System32\pku2u.dll - ok
18:52:37.0347 4844 [ 9EDE13F62E7BE92DBA561218EDDC4E21 ] C:\Windows\System32\LIVESSP.DLL
18:52:37.0347 4844 C:\Windows\System32\LIVESSP.DLL - ok
18:52:37.0347 4844 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
18:52:37.0347 4844 C:\Windows\System32\bcryptprimitives.dll - ok
18:52:37.0363 4844 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
18:52:37.0363 4844 C:\Windows\System32\winsta.dll - ok
18:52:37.0363 4844 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
18:52:37.0363 4844 C:\Windows\System32\efslsaext.dll - ok
18:52:37.0379 4844 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
18:52:37.0379 4844 C:\Windows\System32\credssp.dll - ok
18:52:37.0379 4844 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
18:52:37.0379 4844 C:\Windows\System32\scecli.dll - ok
18:52:37.0394 4844 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
18:52:37.0394 4844 C:\Windows\System32\ubpm.dll - ok
18:52:37.0394 4844 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
18:52:37.0394 4844 C:\Windows\System32\svchost.exe - ok
18:52:37.0410 4844 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
18:52:37.0410 4844 C:\Windows\System32\umpnpmgr.dll - ok
18:52:37.0425 4844 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
18:52:37.0425 4844 C:\Windows\System32\SPInf.dll - ok
18:52:37.0425 4844 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
18:52:37.0425 4844 C:\Windows\System32\devrtl.dll - ok
18:52:37.0441 4844 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
18:52:37.0441 4844 C:\Windows\System32\userenv.dll - ok
18:52:37.0441 4844 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
18:52:37.0441 4844 C:\Windows\System32\gpapi.dll - ok
18:52:37.0457 4844 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
18:52:37.0457 4844 C:\Windows\System32\umpo.dll - ok
18:52:37.0457 4844 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
18:52:37.0457 4844 C:\Windows\System32\pcwum.dll - ok
18:52:37.0472 4844 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
18:52:37.0472 4844 C:\Windows\System32\powrprof.dll - ok
18:52:37.0488 4844 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
18:52:37.0488 4844 C:\Windows\System32\drivers\luafv.sys - ok
18:52:37.0488 4844 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
18:52:37.0488 4844 C:\Windows\System32\rpcss.dll - ok
18:52:37.0503 4844 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
18:52:37.0503 4844 C:\Windows\System32\RpcEpMap.dll - ok
18:52:37.0503 4844 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
18:52:37.0503 4844 C:\Windows\System32\WSHTCPIP.DLL - ok
18:52:37.0519 4844 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
18:52:37.0519 4844 C:\Windows\System32\wshqos.dll - ok
18:52:37.0519 4844 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
18:52:37.0519 4844 C:\Windows\System32\FirewallAPI.dll - ok
18:52:37.0535 4844 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
18:52:37.0535 4844 C:\Windows\System32\LogonUI.exe - ok
18:52:37.0535 4844 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
18:52:37.0535 4844 C:\Windows\System32\authui.dll - ok
18:52:37.0550 4844 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
18:52:37.0550 4844 C:\Windows\System32\wevtsvc.dll - ok
18:52:37.0550 4844 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
18:52:37.0550 4844 C:\Windows\System32\cryptui.dll - ok
18:52:37.0566 4844 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
18:52:37.0566 4844 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
18:52:37.0581 4844 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
18:52:37.0581 4844 C:\Windows\System32\audiosrv.dll - ok
18:52:37.0581 4844 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
18:52:37.0581 4844 C:\Windows\System32\netprofm.dll - ok
18:52:37.0597 4844 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
18:52:37.0597 4844 C:\Windows\System32\samlib.dll - ok
18:52:37.0597 4844 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
18:52:37.0597 4844 C:\Windows\System32\shacct.dll - ok
18:52:37.0613 4844 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
18:52:37.0613 4844 C:\Windows\System32\MMDevAPI.dll - ok
18:52:37.0613 4844 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
18:52:37.0613 4844 C:\Windows\System32\propsys.dll - ok
18:52:37.0628 4844 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
18:52:37.0628 4844 C:\Windows\System32\uxtheme.dll - ok
18:52:37.0644 4844 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
18:52:37.0644 4844 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
18:52:37.0644 4844 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
18:52:37.0644 4844 C:\Windows\System32\avrt.dll - ok
18:52:37.0659 4844 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
18:52:37.0659 4844 C:\Windows\System32\mmcss.dll - ok
18:52:37.0659 4844 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
18:52:37.0659 4844 C:\Windows\System32\dui70.dll - ok
18:52:37.0675 4844 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
18:52:37.0675 4844 C:\Windows\System32\duser.dll - ok
18:52:37.0675 4844 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
18:52:37.0675 4844 C:\Windows\System32\SndVolSSO.dll - ok
18:52:37.0691 4844 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
18:52:37.0691 4844 C:\Windows\System32\hid.dll - ok
18:52:37.0691 4844 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
18:52:37.0691 4844 C:\Windows\System32\dwmapi.dll - ok
18:52:37.0706 4844 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
18:52:37.0706 4844 C:\Windows\System32\xmllite.dll - ok
18:52:37.0722 4844 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
18:52:37.0722 4844 C:\Windows\System32\audiodg.exe - ok
18:52:37.0722 4844 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
18:52:37.0722 4844 C:\Windows\System32\ntmarta.dll - ok
18:52:37.0737 4844 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
18:52:37.0737 4844 C:\Windows\System32\wlansvc.dll - ok
18:52:37.0737 4844 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
18:52:37.0737 4844 C:\Windows\System32\adtschema.dll - ok
18:52:37.0753 4844 [ E12C4928B32ACE04610259647F072635 ] C:\Windows\System32\FntCache.dll
18:52:37.0753 4844 C:\Windows\System32\FntCache.dll - ok
18:52:37.0753 4844 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
18:52:37.0753 4844 C:\Windows\System32\gpsvc.dll - ok
18:52:37.0769 4844 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
18:52:37.0769 4844 C:\Windows\System32\atl.dll - ok
18:52:37.0784 4844 [ 50E0DD0A5B8D8BC353578F2F73926697 ] C:\Windows\System32\nlaapi.dll
18:52:37.0784 4844 C:\Windows\System32\nlaapi.dll - ok
18:52:37.0784 4844 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
18:52:37.0784 4844 C:\Windows\System32\profsvc.dll - ok
18:52:37.0800 4844 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
18:52:37.0800 4844 C:\Windows\System32\themeservice.dll - ok
18:52:37.0800 4844 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
18:52:37.0800 4844 C:\Windows\System32\dsrole.dll - ok
18:52:37.0815 4844 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
18:52:37.0815 4844 C:\Windows\System32\es.dll - ok
18:52:37.0815 4844 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
18:52:37.0815 4844 C:\Windows\System32\slc.dll - ok
18:52:37.0831 4844 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
18:52:37.0831 4844 C:\Windows\System32\Sens.dll - ok
18:52:37.0831 4844 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
18:52:37.0831 4844 C:\Windows\System32\uxsms.dll - ok
18:52:37.0847 4844 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
18:52:37.0847 4844 C:\Windows\System32\drivers\lltdio.sys - ok
18:52:37.0847 4844 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
18:52:37.0847 4844 C:\Windows\System32\wtsapi32.dll - ok
18:52:37.0862 4844 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
18:52:37.0862 4844 C:\Windows\System32\drivers\nwifi.sys - ok
18:52:37.0878 4844 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
18:52:37.0878 4844 C:\Windows\System32\drivers\ndisuio.sys - ok
18:52:37.0878 4844 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
18:52:37.0878 4844 C:\Windows\System32\drivers\rspndr.sys - ok
18:52:37.0893 4844 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
18:52:37.0893 4844 C:\Windows\System32\comres.dll - ok
18:52:37.0893 4844 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
18:52:37.0893 4844 C:\Windows\System32\MPSSVC.dll - ok
18:52:37.0909 4844 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
18:52:37.0909 4844 C:\Windows\System32\nsisvc.dll - ok
18:52:37.0909 4844 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
18:52:37.0909 4844 C:\Windows\System32\IPHLPAPI.DLL - ok
18:52:37.0925 4844 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
18:52:37.0925 4844 C:\Windows\System32\lmhsvc.dll - ok
18:52:37.0925 4844 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
18:52:37.0925 4844 C:\Windows\System32\nrpsrv.dll - ok
18:52:37.0940 4844 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
18:52:37.0940 4844 C:\Windows\System32\winnsi.dll - ok
18:52:37.0956 4844 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
18:52:37.0956 4844 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
18:52:37.0956 4844 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
18:52:37.0956 4844 C:\Windows\System32\drivers\fltMgr.sys - ok
18:52:37.0971 4844 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
18:52:37.0971 4844 C:\Windows\System32\dhcpcore.dll - ok
18:52:37.0971 4844 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
18:52:37.0971 4844 C:\Windows\System32\dnsrslvr.dll - ok
18:52:37.0987 4844 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
18:52:37.0987 4844 C:\Windows\System32\keyiso.dll - ok
18:52:38.0003 4844 [ EF71BA5DF59034962B0C62314A71351A ] C:\Windows\System32\dhcpcore6.dll
18:52:38.0003 4844 C:\Windows\System32\dhcpcore6.dll - ok
18:52:38.0003 4844 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
18:52:38.0003 4844 C:\Windows\System32\eapsvc.dll - ok
18:52:38.0018 4844 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
18:52:38.0018 4844 C:\Windows\System32\FWPUCLNT.DLL - ok
18:52:38.0018 4844 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
18:52:38.0018 4844 C:\Windows\System32\PSHED.DLL - ok
18:52:38.0034 4844 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
18:52:38.0034 4844 C:\Windows\System32\eapphost.dll - ok
18:52:38.0034 4844 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
18:52:38.0034 4844 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
18:52:38.0049 4844 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
18:52:38.0049 4844 C:\Windows\System32\umb.dll - ok
18:52:38.0049 4844 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
18:52:38.0049 4844 C:\Windows\System32\wlanmsm.dll - ok
18:52:38.0065 4844 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
18:52:38.0065 4844 C:\Windows\System32\wlansec.dll - ok
18:52:38.0081 4844 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
18:52:38.0081 4844 C:\Windows\System32\onex.dll - ok
18:52:38.0081 4844 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
18:52:38.0081 4844 C:\Windows\System32\dhcpcsvc.dll - ok
18:52:38.0096 4844 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
18:52:38.0096 4844 C:\Windows\System32\eappcfg.dll - ok
18:52:38.0096 4844 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
18:52:38.0096 4844 C:\Windows\System32\eappprxy.dll - ok
18:52:38.0112 4844 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
18:52:38.0112 4844 C:\Windows\System32\l2gpstore.dll - ok
18:52:38.0112 4844 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
18:52:38.0112 4844 C:\Windows\System32\wlgpclnt.dll - ok
18:52:38.0127 4844 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\System32\WindowsCodecs.dll
18:52:38.0127 4844 C:\Windows\System32\WindowsCodecs.dll - ok
18:52:38.0127 4844 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
18:52:38.0127 4844 C:\Windows\System32\winbrand.dll - ok
18:52:38.0143 4844 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
18:52:38.0143 4844 C:\Windows\System32\VaultCredProvider.dll - ok
18:52:38.0143 4844 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
18:52:38.0143 4844 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
18:52:38.0159 4844 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
18:52:38.0159 4844 C:\Windows\System32\BioCredProv.dll - ok
18:52:38.0174 4844 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
18:52:38.0174 4844 C:\Windows\System32\credui.dll - ok
18:52:38.0174 4844 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
18:52:38.0174 4844 C:\Windows\System32\winbio.dll - ok
18:52:38.0190 4844 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
18:52:38.0190 4844 C:\Windows\System32\netapi32.dll - ok
18:52:38.0190 4844 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
18:52:38.0190 4844 C:\Windows\System32\netutils.dll - ok
18:52:38.0205 4844 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
18:52:38.0205 4844 C:\Windows\System32\samcli.dll - ok
18:52:38.0205 4844 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
18:52:38.0205 4844 C:\Windows\System32\vaultcli.dll - ok
18:52:38.0221 4844 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
18:52:38.0221 4844 C:\Windows\System32\wkscli.dll - ok
18:52:38.0237 4844 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
18:52:38.0237 4844 C:\Windows\System32\certCredProvider.dll - ok
18:52:38.0237 4844 [ B230D1B54017C2B56DAFE311DFEB0102 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL
18:52:38.0237 4844 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok
18:52:38.0252 4844 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
18:52:38.0252 4844 C:\Windows\System32\rasplap.dll - ok
18:52:38.0252 4844 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
18:52:38.0252 4844 C:\Windows\System32\rasapi32.dll - ok
18:52:38.0268 4844 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
18:52:38.0268 4844 C:\Windows\System32\rasman.dll - ok
18:52:38.0268 4844 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
18:52:38.0268 4844 C:\Windows\System32\rtutils.dll - ok
18:52:38.0283 4844 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
18:52:38.0283 4844 C:\Windows\System32\oleacc.dll - ok
18:52:38.0299 4844 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\System32\UIAutomationCore.dll
18:52:38.0299 4844 C:\Windows\System32\UIAutomationCore.dll - ok
18:52:38.0299 4844 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
18:52:38.0299 4844 C:\Windows\System32\dnsext.dll - ok
18:52:38.0315 4844 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
18:52:38.0315 4844 C:\Windows\System32\UXInit.dll - ok
18:52:38.0315 4844 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
18:52:38.0315 4844 C:\Windows\System32\WinSCard.dll - ok
18:52:38.0330 4844 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
18:52:38.0330 4844 C:\Windows\System32\wlanutil.dll - ok
18:52:38.0330 4844 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\System32\msxml6.dll
18:52:38.0330 4844 C:\Windows\System32\msxml6.dll - ok
18:52:38.0346 4844 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\System32\dhcpcsvc6.dll
18:52:38.0346 4844 C:\Windows\System32\dhcpcsvc6.dll - ok
18:52:38.0346 4844 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
18:52:38.0346 4844 C:\Windows\System32\shsvcs.dll - ok
18:52:38.0361 4844 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
18:52:38.0361 4844 C:\Windows\System32\schedsvc.dll - ok
18:52:38.0377 4844 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
18:52:38.0377 4844 C:\Windows\System32\ktmw32.dll - ok
18:52:38.0377 4844 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
18:52:38.0377 4844 C:\Windows\System32\fveapi.dll - ok
18:52:38.0393 4844 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
18:52:38.0393 4844 C:\Windows\System32\imageres.dll - ok
18:52:38.0393 4844 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
18:52:38.0393 4844 C:\Windows\System32\tbs.dll - ok
18:52:38.0408 4844 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
18:52:38.0408 4844 C:\Windows\System32\fvecerts.dll - ok
18:52:38.0408 4844 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
18:52:38.0408 4844 C:\Windows\System32\taskcomp.dll - ok
18:52:38.0424 4844 [ 57B9A71774C9E334DC8EF97657FF18A1 ] C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys
18:52:38.0424 4844 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys - ok
18:52:38.0439 4844 [ C996C03D160137938A122A951305D645 ] C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys
18:52:38.0439 4844 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys - ok
18:52:38.0439 4844 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
18:52:38.0439 4844 C:\Windows\System32\drivers\http.sys - ok
18:52:38.0455 4844 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe
18:52:38.0455 4844 C:\Windows\System32\taskeng.exe - ok
18:52:38.0455 4844 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe
18:52:38.0455 4844 C:\Windows\System32\spoolsv.exe - ok
18:52:38.0471 4844 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
18:52:38.0471 4844 C:\Windows\System32\wiarpc.dll - ok
18:52:38.0471 4844 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll
18:52:38.0486 4844 C:\Windows\System32\TSChannel.dll - ok
18:52:38.0486 4844 [ A3901CD2E276484003C2944F78BEB80E ] C:\Windows\System32\lpksetup.exe
18:52:38.0486 4844 C:\Windows\System32\lpksetup.exe - ok
18:52:38.0502 4844 [ 9E6B5BC75FD68B0D56A6F68A2D967241 ] C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys
18:52:38.0502 4844 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys - ok
18:52:38.0502 4844 [ 0C0DF0F05BAEA320FA301F34E256E08B ] C:\Windows\System32\dpx.dll
18:52:38.0502 4844 C:\Windows\System32\dpx.dll - ok
18:52:38.0517 4844 [ ED12110CD5BFE686F645E145A7DD28C5 ] C:\Windows\System32\comsvcs.dll
18:52:38.0517 4844 C:\Windows\System32\comsvcs.dll - ok
18:52:38.0517 4844 [ ABC81401A433F90414168E027AA6CC48 ] C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
18:52:38.0517 4844 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe - ok
18:52:38.0533 4844 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
18:52:38.0533 4844 C:\Windows\System32\netcfgx.dll - ok
18:52:38.0549 4844 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] C:\Windows\System32\drivers\vwifimp.sys
18:52:38.0549 4844 C:\Windows\System32\drivers\vwifimp.sys - ok
18:52:38.0549 4844 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
18:52:38.0549 4844 C:\Windows\System32\winmm.dll - ok
18:52:38.0564 4844 [ CA2F560921B7B8BE1CF555A5A18D54C3 ] C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\msvcr71.dll
18:52:38.0564 4844 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\msvcr71.dll - ok
18:52:38.0564 4844 [ A94DC60A90EFD7A35C36D971E3EE7470 ] C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\msvcp71.dll
18:52:38.0564 4844 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\msvcp71.dll - ok
18:52:38.0580 4844 [ E5322258C0859233BCAEC8E12FC2D05A ] C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\boost_thread-vc71-mt-1_32.dll
18:52:38.0580 4844 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\boost_thread-vc71-mt-1_32.dll - ok
18:52:38.0595 4844 [ 4751DE5B5F266F700BA89ECDCA108AB0 ] C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\boost_log-vc71-mt-1_32.dll
18:52:38.0595 4844 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\boost_log-vc71-mt-1_32.dll - ok
18:52:38.0595 4844 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
18:52:38.0595 4844 C:\Windows\System32\msxml3.dll - ok
18:52:38.0611 4844 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
18:52:38.0611 4844 C:\Windows\System32\dllhost.exe - ok
18:52:38.0611 4844 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
18:52:38.0611 4844 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
18:52:38.0627 4844 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
18:52:38.0627 4844 C:\Windows\System32\IDStore.dll - ok
18:52:38.0627 4844 [ 72E953215CADE1A726C04AAFDF6B463D ] C:\Windows\System32\taskhost.exe
18:52:38.0627 4844 C:\Windows\System32\taskhost.exe - ok
18:52:38.0642 4844 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe
18:52:38.0642 4844 C:\Windows\System32\AtBroker.exe - ok
18:52:38.0642 4844 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
18:52:38.0642 4844 C:\Windows\System32\mpr.dll - ok
18:52:38.0658 4844 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
18:52:38.0658 4844 C:\Windows\System32\HotStartUserAgent.dll - ok
18:52:38.0673 4844 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
18:52:38.0673 4844 C:\Windows\System32\userinit.exe - ok
18:52:38.0673 4844 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
18:52:38.0673 4844 C:\Windows\System32\dwm.exe - ok
18:52:38.0689 4844 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
18:52:38.0689 4844 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
18:52:38.0689 4844 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
18:52:38.0689 4844 C:\Program Files\Bonjour\mdnsNSP.dll - ok
18:52:38.0705 4844 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
18:52:38.0705 4844 C:\Windows\System32\MsCtfMonitor.dll - ok
18:52:38.0705 4844 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
18:52:38.0705 4844 C:\Windows\System32\rasadhlp.dll - ok
18:52:38.0720 4844 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
18:52:38.0720 4844 C:\Windows\System32\localspl.dll - ok
18:52:38.0720 4844 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
18:52:38.0720 4844 C:\Windows\System32\spoolss.dll - ok
18:52:38.0736 4844 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
18:52:38.0736 4844 C:\Windows\explorer.exe - ok
18:52:38.0751 4844 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
18:52:38.0751 4844 C:\Windows\System32\ExplorerFrame.dll - ok
18:52:38.0751 4844 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
18:52:38.0751 4844 C:\Windows\System32\dwmredir.dll - ok
18:52:38.0767 4844 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
18:52:38.0767 4844 C:\Windows\System32\dwmcore.dll - ok
18:52:38.0767 4844 [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\System32\d3d10_1.dll
18:52:38.0767 4844 C:\Windows\System32\d3d10_1.dll - ok
18:52:38.0783 4844 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
18:52:38.0783 4844 C:\Windows\System32\BFE.DLL - ok
18:52:38.0783 4844 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
18:52:38.0783 4844 C:\Windows\System32\drivers\srvnet.sys - ok
18:52:38.0798 4844 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
18:52:38.0798 4844 C:\Windows\System32\msutb.dll - ok
18:52:38.0814 4844 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
18:52:38.0814 4844 C:\Windows\System32\PlaySndSrv.dll - ok
18:52:38.0814 4844 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
18:52:38.0814 4844 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
18:52:38.0829 4844 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
18:52:38.0829 4844 C:\Windows\System32\drivers\bowser.sys - ok
18:52:38.0829 4844 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
18:52:38.0829 4844 C:\Windows\System32\drivers\mpsdrv.sys - ok
18:52:38.0845 4844 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
18:52:38.0845 4844 C:\Windows\System32\drivers\mrxsmb.sys - ok
18:52:38.0845 4844 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
18:52:38.0845 4844 C:\Windows\System32\esent.dll - ok
18:52:38.0861 4844 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
18:52:38.0861 4844 C:\Windows\System32\wfapigp.dll - ok
18:52:38.0876 4844 [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\System32\d3d10_1core.dll
18:52:38.0876 4844 C:\Windows\System32\d3d10_1core.dll - ok
18:52:38.0876 4844 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\System32\dxgi.dll
18:52:38.0876 4844 C:\Windows\System32\dxgi.dll - ok
18:52:38.0876 4844 [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\System32\d3d11.dll
18:52:38.0876 4844 C:\Windows\System32\d3d11.dll - ok
18:52:38.0892 4844 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
18:52:38.0892 4844 C:\Windows\System32\EhStorShell.dll - ok
18:52:38.0907 4844 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
18:52:38.0907 4844 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
18:52:38.0907 4844 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
18:52:38.0907 4844 C:\Windows\System32\drivers\mrxsmb10.sys - ok
18:52:38.0923 4844 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
18:52:38.0923 4844 C:\Windows\System32\drivers\mrxsmb20.sys - ok
18:52:38.0923 4844 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
18:52:38.0923 4844 C:\Windows\System32\winspool.drv - ok
18:52:38.0939 4844 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
18:52:38.0939 4844 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
18:52:38.0939 4844 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
18:52:38.0939 4844 C:\Windows\System32\FXSMON.dll - ok
18:52:38.0954 4844 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
18:52:38.0954 4844 C:\Windows\System32\msonpmon.dll - ok
18:52:38.0970 4844 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
18:52:38.0970 4844 C:\Windows\System32\PrintIsolationProxy.dll - ok
18:52:38.0970 4844 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
18:52:38.0970 4844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
18:52:38.0985 4844 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
18:52:38.0985 4844 C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
18:52:38.0985 4844 [ 06F7D67EC4D15F11A2923268BAA937D3 ] C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
18:52:38.0985 4844 C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe - ok
18:52:39.0001 4844 [ 91592213B1C47D27A6AB7D2DB5409EF2 ] C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
18:52:39.0001 4844 C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll - ok
18:52:39.0017 4844 [ A6154A954F08E99D27CEA4D3B9563172 ] C:\Windows\System32\newdev.dll
18:52:39.0017 4844 C:\Windows\System32\newdev.dll - ok
18:52:39.0017 4844 [ A765B211BD4CF9EA4049B2000B2B9316 ] C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
18:52:39.0017 4844 C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe - ok
18:52:39.0032 4844 [ 64DC778A1447D73CD87F3480AB8381C3 ] C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
18:52:39.0032 4844 C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe - ok
18:52:39.0032 4844 [ 32684C43110CCB4206640F5B0EA8DA94 ] C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
18:52:39.0032 4844 C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe - ok
18:52:39.0048 4844 [ BB25D9B9D206C75C18072078179EEAF8 ] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
18:52:39.0048 4844 C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe - ok
18:52:39.0063 4844 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll
18:52:39.0063 4844 C:\Windows\System32\msi.dll - ok
18:52:39.0063 4844 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
18:52:39.0063 4844 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
18:52:39.0079 4844 [ 845A13B2CEE718E81562FE94EE762D7D ] C:\Program Files\Samsung\EasySpeedUpManager\Sabi3.dll
18:52:39.0079 4844 C:\Program Files\Samsung\EasySpeedUpManager\Sabi3.dll - ok
18:52:39.0079 4844 [ 1498259FFF991A4135737080AA0679D1 ] C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
18:52:39.0079 4844 C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll - ok
18:52:39.0095 4844 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll
18:52:39.0095 4844 C:\Windows\System32\oledlg.dll - ok
18:52:39.0095 4844 [ 845A13B2CEE718E81562FE94EE762D7D ] C:\Program Files\Samsung\Easy Display Manager\Sabi3.dll
18:52:39.0095 4844 C:\Program Files\Samsung\Easy Display Manager\Sabi3.dll - ok
18:52:39.0110 4844 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
18:52:39.0110 4844 C:\Windows\System32\tcpmon.dll - ok
18:52:39.0126 4844 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
18:52:39.0126 4844 C:\Windows\System32\cscapi.dll - ok
18:52:39.0126 4844 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
18:52:39.0126 4844 C:\Windows\System32\snmpapi.dll - ok
18:52:39.0141 4844 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
18:52:39.0141 4844 C:\Windows\System32\wsnmp32.dll - ok
18:52:39.0141 4844 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
18:52:39.0141 4844 C:\Windows\System32\usbmon.dll - ok
18:52:39.0157 4844 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
18:52:39.0157 4844 C:\Windows\System32\WSDMon.dll - ok
18:52:39.0157 4844 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
18:52:39.0157 4844 C:\Windows\System32\dbghelp.dll - ok
18:52:39.0173 4844 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
18:52:39.0173 4844 C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
18:52:39.0173 4844 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
18:52:39.0173 4844 C:\Windows\System32\msimg32.dll - ok
18:52:39.0188 4844 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll
18:52:39.0188 4844 C:\Windows\System32\mstask.dll - ok
18:52:39.0188 4844 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\System32\olepro32.dll
18:52:39.0188 4844 C:\Windows\System32\olepro32.dll - ok
18:52:39.0204 4844 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
18:52:39.0204 4844 C:\Windows\System32\mscms.dll - ok
18:52:39.0219 4844 [ B0335E0E041106E15ACC6D36D6D75BF5 ] C:\Windows\System32\igd10umd32.dll
18:52:39.0219 4844 C:\Windows\System32\igd10umd32.dll - ok
18:52:39.0219 4844 [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll
18:52:39.0219 4844 C:\Windows\System32\uDWM.dll - ok
18:52:39.0235 4844 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
18:52:39.0235 4844 C:\Windows\System32\drivers\srv2.sys - ok
18:52:39.0235 4844 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
18:52:39.0235 4844 C:\Windows\System32\drivers\srv.sys - ok
18:52:39.0251 4844 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
18:52:39.0251 4844 C:\Windows\System32\wkssvc.dll - ok
18:52:39.0251 4844 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
18:52:39.0251 4844 C:\Windows\System32\browser.dll - ok
18:52:39.0266 4844 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
18:52:39.0266 4844 C:\Windows\System32\netmsg.dll - ok
18:52:39.0266 4844 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
18:52:39.0282 4844 C:\Windows\System32\srvsvc.dll - ok
18:52:39.0282 4844 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
18:52:39.0282 4844 C:\Windows\System32\clusapi.dll - ok
18:52:39.0297 4844 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
18:52:39.0297 4844 C:\Windows\System32\sscore.dll - ok
18:52:39.0297 4844 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
18:52:39.0297 4844 C:\Windows\System32\resutils.dll - ok
18:52:39.0313 4844 [ DD141BC6BBCE631DF2CB98188616FAD5 ] C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe
18:52:39.0313 4844 C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe - ok
18:52:39.0313 4844 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
18:52:39.0313 4844 C:\Windows\System32\drivers\parport.sys - ok
18:52:39.0329 4844 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:52:39.0329 4844 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
18:52:39.0329 4844 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
18:52:39.0329 4844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
18:52:39.0344 4844 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:52:39.0344 4844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
18:52:39.0360 4844 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
18:52:39.0360 4844 C:\Windows\System32\AudioSes.dll - ok
18:52:39.0360 4844 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
18:52:39.0360 4844 C:\Windows\System32\wbemcomn.dll - ok
18:52:39.0375 4844 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
18:52:39.0375 4844 C:\Windows\System32\wbem\wbemprox.dll - ok
18:52:39.0375 4844 [ 8E79090CB0987CA102E845341E052537 ] C:\Windows\System32\vdmdbg.dll
18:52:39.0375 4844 C:\Windows\System32\vdmdbg.dll - ok
18:52:39.0391 4844 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
18:52:39.0391 4844 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
18:52:39.0407 4844 [ 894A69B014C25156B76D0C0F0B7E3B96 ] C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe
18:52:39.0407 4844 C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe - ok
18:52:39.0407 4844 [ E8DC06C0278BB78DEADE7350A700C824 ] C:\Program Files\Samsung\BatteryLifeExtender\MSIMG32.dll
18:52:39.0407 4844 C:\Program Files\Samsung\BatteryLifeExtender\MSIMG32.dll - ok
18:52:39.0422 4844 [ E938360841F959E6AF15D1F0856EC729 ] C:\Program Files\Samsung\BatteryLifeExtender\oledlg.dll
18:52:39.0422 4844 C:\Program Files\Samsung\BatteryLifeExtender\oledlg.dll - ok
18:52:39.0422 4844 [ 845A13B2CEE718E81562FE94EE762D7D ] C:\Program Files\Samsung\BatteryLifeExtender\Sabi3.dll
18:52:39.0422 4844 C:\Program Files\Samsung\BatteryLifeExtender\Sabi3.dll - ok
18:52:39.0438 4844 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
18:52:39.0438 4844 C:\Windows\System32\cmd.exe - ok
18:52:39.0438 4844 [ 3FA214B377B8711D859F950FDFEFF739 ] C:\Windows\System32\conhost.exe
18:52:39.0438 4844 C:\Windows\System32\conhost.exe - ok
18:52:39.0453 4844 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
18:52:39.0453 4844 C:\Windows\System32\pcasvc.dll - ok
18:52:39.0453 4844 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
18:52:39.0453 4844 C:\Windows\System32\snmptrap.exe - ok
18:52:39.0469 4844 [ 98E7E971AB21A6EDD2323C0FB37B9A0F ] C:\Windows\System32\powercfg.exe
18:52:39.0469 4844 C:\Windows\System32\powercfg.exe - ok
18:52:39.0485 4844 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
18:52:39.0485 4844 C:\Windows\System32\WSDApi.dll - ok
18:52:39.0485 4844 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
18:52:39.0485 4844 C:\Windows\System32\provsvc.dll - ok
18:52:39.0500 4844 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
18:52:39.0500 4844 C:\Windows\System32\sstpsvc.dll - ok
18:52:39.0500 4844 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
18:52:39.0500 4844 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
18:52:39.0516 4844 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
18:52:39.0516 4844 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
18:52:39.0516 4844 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
18:52:39.0516 4844 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
18:52:39.0531 4844 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll
18:52:39.0531 4844 C:\Windows\System32\ntshrui.dll - ok
18:52:39.0547 4844 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
18:52:39.0547 4844 C:\Windows\System32\IconCodecService.dll - ok
18:52:39.0547 4844 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
18:52:39.0547 4844 C:\Windows\System32\webservices.dll - ok
18:52:39.0563 4844 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
18:52:39.0563 4844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
18:52:39.0563 4844 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
18:52:39.0563 4844 C:\Windows\System32\fundisc.dll - ok
18:52:39.0578 4844 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
18:52:39.0578 4844 C:\Windows\System32\fdPnp.dll - ok
18:52:39.0578 4844 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
18:52:39.0578 4844 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
18:52:39.0594 4844 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
18:52:39.0594 4844 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
18:52:39.0609 4844 [ 52CCA2E9FFD0653CACED1E808AADE4B6 ] C:\Windows\System32\win32spl.dll
18:52:39.0609 4844 C:\Windows\System32\win32spl.dll - ok
18:52:39.0609 4844 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
18:52:39.0609 4844 C:\Windows\System32\inetpp.dll - ok
18:52:39.0625 4844 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\System32\pdh.dll
18:52:39.0625 4844 C:\Windows\System32\pdh.dll - ok
18:52:39.0625 4844 [ 5937E46ECDCD514C7A74D64E4EF5E21D ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
18:52:39.0625 4844 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
18:52:39.0641 4844 [ 7290A6DD34862278DF9E26D96E5A95D8 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
18:52:39.0641 4844 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
18:52:39.0656 4844 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
18:52:39.0656 4844 C:\Windows\System32\wsock32.dll - ok
18:52:39.0656 4844 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
18:52:39.0656 4844 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
18:52:39.0672 4844 [ 0D75A1CFD1215875C8DD0BB9AFF4695C ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
18:52:39.0672 4844 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
18:52:39.0687 4844 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
18:52:39.0687 4844 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
18:52:39.0703 4844 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
18:52:39.0703 4844 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
18:52:39.0703 4844 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
18:52:39.0703 4844 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
18:52:39.0719 4844 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
18:52:39.0719 4844 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
18:52:39.0719 4844 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
18:52:39.0719 4844 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
18:52:39.0734 4844 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
18:52:39.0734 4844 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
18:52:39.0750 4844 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
18:52:39.0750 4844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
18:52:39.0750 4844 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
18:52:39.0750 4844 C:\Windows\System32\dnssd.dll - ok
18:52:39.0765 4844 [ C4D15594DB5BE042D3346EA58DF87D89 ] C:\Program Files\AVG\AVG9\avgwdsvc.exe
18:52:39.0765 4844 C:\Program Files\AVG\AVG9\avgwdsvc.exe - ok
18:52:39.0765 4844 [ 24192E5F8AF8692837E7B76041666646 ] C:\Program Files\AVG\AVG9\avglogx.dll
18:52:39.0765 4844 C:\Program Files\AVG\AVG9\avglogx.dll - ok
18:52:39.0781 4844 [ 0F38E92D794DF187BA060939C552484F ] C:\Program Files\AVG\AVG9\avgfws9.exe
18:52:39.0781 4844 C:\Program Files\AVG\AVG9\avgfws9.exe - ok
18:52:39.0781 4844 [ 6ABB7C1BB86021268BFD0DAC655BED2E ] C:\Program Files\AVG\AVG9\avgcertx.dll
18:52:39.0781 4844 C:\Program Files\AVG\AVG9\avgcertx.dll - ok
18:52:39.0797 4844 [ A2E79858EB7965826EAD2DA7E1550F15 ] C:\Program Files\AVG\AVG9\avgclitx.dll
18:52:39.0797 4844 C:\Program Files\AVG\AVG9\avgclitx.dll - ok
18:52:39.0797 4844 [ 05573096E8C9574AC733114D74FB2ECD ] C:\Program Files\AVG\AVG9\avgchclx.dll
18:52:39.0797 4844 C:\Program Files\AVG\AVG9\avgchclx.dll - ok
18:52:39.0812 4844 [ 6060390AC5B9F7EC2E62B1EB2D5D50C6 ] C:\Program Files\AVG\AVG9\avgcfgx.dll
18:52:39.0812 4844 C:\Program Files\AVG\AVG9\avgcfgx.dll - ok
18:52:39.0828 4844 [ 6163664C7E9CD110AF70180C126C3FDC ] C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
18:52:39.0828 4844 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe - ok
18:52:39.0828 4844 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
18:52:39.0828 4844 C:\Program Files\Bonjour\mDNSResponder.exe - ok
18:52:39.0843 4844 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\System32\perfos.dll
18:52:39.0843 4844 C:\Windows\System32\perfos.dll - ok
18:52:39.0843 4844 [ 5CE5720EDB2CE15FA056E2C407175B75 ] C:\Program Files\AVG\AVG9\avgwd.dll
18:52:39.0843 4844 C:\Program Files\AVG\AVG9\avgwd.dll - ok
18:52:39.0859 4844 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll
18:52:39.0859 4844 C:\Windows\System32\cryptnet.dll - ok
18:52:39.0859 4844 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll
18:52:39.0859 4844 C:\Windows\System32\cryptsvc.dll - ok
18:52:39.0875 4844 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
18:52:39.0875 4844 C:\Windows\System32\dps.dll - ok
18:52:39.0890 4844 [ A8C362018EFC87BEB013EE28F29C0863 ] C:\Windows\ehome\ehrecvr.exe
18:52:39.0890 4844 C:\Windows\ehome\ehrecvr.exe - ok
18:52:39.0890 4844 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
18:52:39.0890 4844 C:\Windows\System32\taskschd.dll - ok
18:52:39.0906 4844 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
18:52:39.0906 4844 C:\Windows\System32\vssapi.dll - ok
18:52:39.0906 4844 [ 26F2383A97CD632E883F0644F3BFF700 ] C:\Windows\ehome\ehtrace.dll
18:52:39.0906 4844 C:\Windows\ehome\ehtrace.dll - ok
18:52:39.0921 4844 [ D389BFF34F80CAEDE417BF9D1507996A ] C:\Windows\ehome\ehsched.exe
18:52:39.0921 4844 C:\Windows\ehome\ehsched.exe - ok
18:52:39.0921 4844 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL
18:52:39.0921 4844 C:\Windows\System32\IKEEXT.DLL - ok
18:52:39.0937 4844 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
18:52:39.0937 4844 C:\Windows\System32\netman.dll - ok
18:52:39.0937 4844 [ E127420B7FEB65C7F279EAAC183BBC0E ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
18:52:39.0937 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe - ok
18:52:39.0953 4844 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
18:52:39.0953 4844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
18:52:39.0968 4844 [ F6914429533842B964C98062B657FB1B ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccL110U.dll
18:52:39.0968 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccL110U.dll - ok
18:52:39.0968 4844 [ 47A2726C35EA4FF56EF1B5D89981992C ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccVrTrst.dll
18:52:39.0968 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccVrTrst.dll - ok
18:52:39.0984 4844 [ 372FEB5FBE60B5B696EC9B2AC06BD09D ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\EFACli.dll
18:52:39.0984 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\EFACli.dll - ok
18:52:39.0984 4844 [ 0EAD8118270D275149CA1422978BD642 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSvc.dll
18:52:39.0984 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSvc.dll - ok
18:52:39.0999 4844 [ CE31A8785554D2B546113031606A99E7 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\Srtsp32.dll
18:52:39.0999 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\Srtsp32.dll - ok
18:52:40.0015 4844 [ 7E865AD3D556F427F23FEC15C02649BA ] C:\Windows\ehome\ehprivjob.exe
18:52:40.0015 4844 C:\Windows\ehome\ehprivjob.exe - ok
18:52:40.0015 4844 [ 58C8D469EDCA6C4396FC941107065AFA ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccIPC.dll
18:52:40.0015 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccIPC.dll - ok
18:52:40.0031 4844 [ 4D05D7A79E970398D8C687712E65A9B0 ] C:\Windows\System32\sbe.dll
18:52:40.0031 4844 C:\Windows\System32\sbe.dll - ok
18:52:40.0031 4844 [ 06FBEA51086D11F76B72A8A665CD4C9E ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\diMaster.dll
18:52:40.0031 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\diMaster.dll - ok
18:52:40.0046 4844 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll
18:52:40.0046 4844 C:\Windows\System32\vpnikeapi.dll - ok
18:52:40.0062 4844 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
18:52:40.0062 4844 C:\Windows\System32\vsstrace.dll - ok
18:52:40.0062 4844 [ B5D5DA8230D3D3525839D939A9196C3E ] C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
18:52:40.0062 4844 C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe - ok
18:52:40.0077 4844 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll
18:52:40.0077 4844 C:\Windows\System32\mscoree.dll - ok
18:52:40.0077 4844 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\System32\ncsi.dll
18:52:40.0077 4844 C:\Windows\System32\ncsi.dll - ok
18:52:40.0093 4844 [ 374071043F9E4231EE43BE2BB48DD36D ] C:\Windows\System32\nlasvc.dll
18:52:40.0093 4844 C:\Windows\System32\nlasvc.dll - ok
18:52:40.0093 4844 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
18:52:40.0093 4844 C:\Windows\System32\winhttp.dll - ok
18:52:40.0109 4844 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
18:52:40.0109 4844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
18:52:40.0124 4844 [ 8E4B58E12B3FA65ED1462846906E0B59 ] C:\Windows\System32\sppc.dll
18:52:40.0124 4844 C:\Windows\System32\sppc.dll - ok
18:52:40.0124 4844 [ BAC6EEDE73F2D61583982A07E6382015 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSet.dll
18:52:40.0124 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSet.dll - ok
18:52:40.0140 4844 [ F67024C08DCF4B837C002ED0081C58D0 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\coSvcPlg.dll
18:52:40.0140 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\coSvcPlg.dll - ok
18:52:40.0140 4844 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
18:52:40.0140 4844 C:\Windows\System32\webio.dll - ok
18:52:40.0155 4844 [ 0B4F5F5982E277F39CA6E1548F6B0D53 ] C:\Windows\System32\slcext.dll
18:52:40.0155 4844 C:\Windows\System32\slcext.dll - ok
18:52:40.0155 4844 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
18:52:40.0155 4844 C:\Windows\System32\ssdpapi.dll - ok
18:52:40.0171 4844 [ BBFED4A3A7CC264599F35D0C11AF5758 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccGEvt.dll
18:52:40.0171 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccGEvt.dll - ok
18:52:40.0187 4844 [ 469135FBA4528BA090A07D772781D345 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\coFFPlgn.dll
18:52:40.0187 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\coFFPlgn.dll - ok
18:52:40.0187 4844 [ 8A43F5DA0D4DE4FB472ECD9DDB55E949 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccGLog.dll
18:52:40.0187 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccGLog.dll - ok
18:52:40.0202 4844 [ 7A3AFE50417B94910A6DAE1D07DF6E3A ] C:\Windows\System32\sppcext.dll
18:52:40.0202 4844 C:\Windows\System32\sppcext.dll - ok
18:52:40.0202 4844 [ 59E52B5C6A70F28D8B6C0D1E5A7AFCBF ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccJobMgr.dll
18:52:40.0202 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccJobMgr.dll - ok
18:52:40.0218 4844 [ 522C3488C9D906A9E98F1124F202AE34 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSubEng.dll
18:52:40.0218 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSubEng.dll - ok
18:52:40.0218 4844 [ 528D6509B7B2B67B6B1A1C1DEE6FB27F ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccEmlPxy.dll
18:52:40.0218 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccEmlPxy.dll - ok
18:52:40.0233 4844 [ 469135FBA4528BA090A07D772781D345 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\components\coFFPlgn.dll
18:52:40.0233 4844 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\components\coFFPlgn.dll - ok
18:52:40.0249 4844 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
18:52:40.0249 4844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
18:52:40.0249 4844 [ 394117608EB031E622D4812E67746F09 ] C:\Windows\System32\wmdrmsdk.dll
18:52:40.0249 4844 C:\Windows\System32\wmdrmsdk.dll - ok
18:52:40.0265 4844 [ CE4AEE4227E0DDFA2D5ADF8ACCFC97FA ] C:\Program Files\AVG\AVG9\fixcfg.exe
18:52:40.0265 4844 C:\Program Files\AVG\AVG9\fixcfg.exe - ok
18:52:40.0265 4844 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
18:52:40.0265 4844 C:\Windows\System32\mfplat.dll - ok
18:52:40.0280 4844 [ C628CB2DC16DAC094D5A07649B4AAFA5 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\Iron.dll
18:52:40.0280 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\Iron.dll - ok
18:52:40.0296 4844 [ A10EA193A7DBA12FCB1B3FDB283ED0D8 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SNDSvc.dll
18:52:40.0296 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SNDSvc.dll - ok
18:52:40.0296 4844 [ 9619C246E961A9DBD77F0B34C1E6093F ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SymRedir.dll
18:52:40.0296 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SymRedir.dll - ok
18:52:40.0311 4844 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
18:52:40.0311 4844 C:\Windows\System32\actxprxy.dll - ok
18:52:40.0311 4844 [ 712BE2D6C5B5CF51F6EC31880176A499 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SymRdrSv.dll
18:52:40.0311 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SymRdrSv.dll - ok
18:52:40.0327 4844 [ AE630EAF869789948DF3E867185C5D71 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\hncore.dll
18:52:40.0327 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\hncore.dll - ok
18:52:40.0343 4844 [ F5E278DDBC3F7E55677D6B03E7546021 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AppMgr32.dll
18:52:40.0343 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AppMgr32.dll - ok
18:52:40.0343 4844 [ 439F80E8D18E265E0AB3130D6C8EABF6 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AVModule.dll
18:52:40.0343 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AVModule.dll - ok
18:52:40.0358 4844 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
18:52:40.0358 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
18:52:40.0374 4844 [ FB7B291AB9BEFBC3A6E22E98A6BA5270 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SymNeti.dll
18:52:40.0374 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SymNeti.dll - ok
18:52:40.0374 4844 [ 8BAA3C14F6ED61575E7AA35AB1022331 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\isDataPr.dll
18:52:40.0374 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\isDataPr.dll - ok
18:52:40.0389 4844 [ C016495110E998ECFE322A8A7A12DB12 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\DefUtDCD.dll
18:52:40.0389 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\DefUtDCD.dll - ok
18:52:40.0405 4844 [ A65A246A193E05FDA94C2F63F47F4381 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ducclib.dll
18:52:40.0405 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ducclib.dll - ok
18:52:40.0405 4844 [ D5031AE6AFB7783ACBFF54952C231788 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\NCW.dll
18:52:40.0405 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\NCW.dll - ok
18:52:40.0421 4844 [ C9DCA5807289FB57DA99A6456FEC26AA ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120822.034\NAVENG32.DLL
18:52:40.0421 4844 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120822.034\NAVENG32.DLL - ok
18:52:40.0421 4844 [ CC2224C39CFA35A058FA9B5384CE6899 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AVPSVC32.dll
18:52:40.0421 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AVPSVC32.dll - ok
18:52:40.0436 4844 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
18:52:40.0436 4844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
18:52:40.0452 4844 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
18:52:40.0452 4844 C:\Windows\System32\riched20.dll - ok
18:52:40.0452 4844 [ 02C2F6A93DD206632A296D58CBACBBA2 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\cltPE.dll
18:52:40.0452 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\cltPE.dll - ok
18:52:40.0467 4844 [ 22D5E4F12682B7E24A2C066AA87982C4 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\sqsvc.dll
18:52:40.0467 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\sqsvc.dll - ok
18:52:40.0467 4844 [ D0C0C17E2A31C33FA495D3AB8A0D5BB2 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\BHClient.dll
18:52:40.0467 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\BHClient.dll - ok
18:52:40.0483 4844 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
18:52:40.0483 4844 C:\Windows\System32\SensApi.dll - ok
18:52:40.0483 4844 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
18:52:40.0483 4844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
18:52:40.0499 4844 [ 136E1D3C93CF382730EAF4085D879CD4 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\QSPlugin.dll
18:52:40.0499 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\QSPlugin.dll - ok
18:52:40.0514 4844 [ 3422CDCE2C0F15AEBF560D3D7F0C3EA6 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\cltLMS.dll
18:52:40.0514 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\cltLMS.dll - ok
18:52:40.0514 4844 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
18:52:40.0514 4844 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
18:52:40.0530 4844 [ 8195B745A9C3235E4715F0A1B59206CF ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
18:52:40.0530 4844 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
18:52:40.0530 4844 [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
18:52:40.0530 4844 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
18:52:40.0545 4844 [ 1F761DA08B1855DDBDD97204D69B48DD ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\BHSvcPlg.dll
18:52:40.0545 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\BHSvcPlg.dll - ok
18:52:40.0561 4844 [ F19BED67FA18F3D81211EFF893FFD9B9 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AVifc.dll
18:52:40.0561 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AVifc.dll - ok
18:52:40.0561 4844 [ C3F59351AE3DDABEA9EDCC24D08D2990 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SpocClnt.dll
18:52:40.0561 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SpocClnt.dll - ok
18:52:40.0577 4844 [ 5E0C5B5BE5304E133968D6D6F8840B28 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\DSCli.dll
18:52:40.0577 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\DSCli.dll - ok
18:52:40.0592 4844 [ 240D42CBD1691C6B7D54AF4E3365BAAC ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
18:52:40.0592 4844 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
18:52:40.0592 4844 [ 3971C9C14B311E09251EA523FE7AD25C ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\DataStor.dll
18:52:40.0592 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\DataStor.dll - ok
18:52:40.0608 4844 [ C0C48E092C3AF40B2BD36C392AE3CA4F ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\Comm.dll
18:52:40.0608 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\Comm.dll - ok
18:52:40.0608 4844 [ 2D5D0A0609F4A3332195116F5FCAD24A ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\UserLog.dll
18:52:40.0608 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\UserLog.dll - ok
18:52:40.0623 4844 [ 741930EE4DBF692E181B1FCEA8633760 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SQLite.dll
18:52:40.0623 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SQLite.dll - ok
18:52:40.0639 4844 [ 185B1A57D7DED8128E2D7AA866A55670 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\IPSPlug.dll
18:52:40.0639 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\IPSPlug.dll - ok
18:52:40.0639 4844 [ 72BC413682298204F911774A75A1E640 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHEngine.dll
18:52:40.0639 4844 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHEngine.dll - ok
18:52:40.0655 4844 [ 6E8B6B3816041CE282FCFABA8B21AD3A ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ISDataSv.dll
18:52:40.0655 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ISDataSv.dll - ok
18:52:40.0670 4844 [ 92214E2E38E417DDE316C324044D0D27 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\FWCore.dll
18:52:40.0670 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\FWCore.dll - ok
18:52:40.0670 4844 [ F224C781E09F95F7972897D9A113A8DD ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\FWGenPlg.dll
18:52:40.0670 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\FWGenPlg.dll - ok
18:52:40.0686 4844 [ B7786248FE914A486CC33DFD24CE3FDB ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\FWSetup.dll
18:52:40.0686 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\FWSetup.dll - ok
18:52:40.0686 4844 [ B92ED640E6C9F84E237F7997D86858B1 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\FWHelper.dll
18:52:40.0686 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\FWHelper.dll - ok
18:52:40.0701 4844 [ E2BD184136BCFEEFCCD622D4763622EC ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\NPCTray.dll
18:52:40.0701 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\NPCTray.dll - ok
18:52:40.0717 4844 [ F18F196F1C49B7904BC297B375B1B349 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\IPSFFPl.dll
18:52:40.0717 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\IPSFFPl.dll - ok
18:52:40.0717 4844 [ 3696C2C47425F86183082B8035A6CA68 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\components\IPSFFPl.dll
18:52:40.0717 4844 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\components\IPSFFPl.dll - ok
18:52:40.0733 4844 [ EB6FE693246965D529B73074752A62ED ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\NPCStats.dll
18:52:40.0733 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\NPCStats.dll - ok
18:52:40.0748 4844 [ D0C45D0542CDCCBB444CC691DB4D8E31 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\asHelper.dll
18:52:40.0748 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\asHelper.dll - ok
18:52:40.0748 4844 [ A9102B6AB0C12F7DEE69E8398EE4C46E ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120822.001\IDSxpx86.dll
18:52:40.0748 4844 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120822.001\IDSxpx86.dll - ok
18:52:40.0764 4844 [ BCBFA19C60ED9B3538DCC90AEC7B0B4D ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SymHTML.dll
18:52:40.0764 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SymHTML.dll - ok
18:52:40.0764 4844 [ 3EC4B1DD82509EFA41A7657988C02B45 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\IDSAux.dll
18:52:40.0764 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\IDSAux.dll - ok
18:52:40.0779 4844 [ D79CF54729006BB2BE3A02EAE0C57EFE ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\coDataPr.dll
18:52:40.0779 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\coDataPr.dll - ok
18:52:40.0795 4844 [ 3EADECB481864E5372DC39F066CCA0EE ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\coShdObj.dll
18:52:40.0795 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\coShdObj.dll - ok
18:52:40.0795 4844 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
18:52:40.0795 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
18:52:40.0811 4844 [ A5F03C6BD36FEF4A4EBA281B547B13CA ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\isPwd.dll
18:52:40.0811 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\isPwd.dll - ok
18:52:40.0811 4844 [ 3696C2C47425F86183082B8035A6CA68 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120822.001\IPSFFPl.dll
18:52:40.0811 4844 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120822.001\IPSFFPl.dll - ok
18:52:40.0826 4844 [ 1D2C72B70417890BE0B99AECBB132DB8 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\asOEHook.dll
18:52:40.0826 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\asOEHook.dll - ok
18:52:40.0842 4844 [ 422AA88C28C2FCFA6BA0F0E16EFE1840 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AVPAPP32.dll
18:52:40.0842 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AVPAPP32.dll - ok
18:52:40.0842 4844 [ D0B147CC179796C209D6006EBA2EB70B ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\cltAlDis.dll
18:52:40.0842 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\cltAlDis.dll - ok
18:52:40.0857 4844 [ 8C7C395286813B7F696AA1CC7DE04DF0 ] C:\Program Files\Norton Internet Security\MUI\19.1.0.28\09\01\cltRes.loc
18:52:40.0857 4844 C:\Program Files\Norton Internet Security\MUI\19.1.0.28\09\01\cltRes.loc - ok
18:52:40.0873 4844 [ 5AA8FEBD6F3D549A9962A721C25300BE ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\FWSesAl.dll
18:52:40.0873 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\FWSesAl.dll - ok
18:52:40.0873 4844 [ 7A853F715E8281DFE62E3B893D6C7657 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\naHelper.dll
18:52:40.0873 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\naHelper.dll - ok
18:52:40.0889 4844 [ 70A49D1E1F66D5E5A34B1A570D335A5E ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\coActMgr.dll
18:52:40.0889 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\coActMgr.dll - ok
18:52:40.0889 4844 [ 39C395B2D4ED1B236090B85A97C5B75E ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\diStRptr.dll
18:52:40.0889 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\diStRptr.dll - ok
18:52:40.0904 4844 [ 35D4E987BAD565D3186DFE552F113687 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SDKCmn.dll
18:52:40.0904 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SDKCmn.dll - ok
18:52:40.0920 4844 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
18:52:40.0920 4844 C:\Windows\System32\prnfldr.dll - ok
18:52:40.0920 4844 [ 28EC1ABDCEECA1DCD3B62A0322D539EC ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\uiAlert.dll
18:52:40.0920 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\uiAlert.dll - ok
18:52:40.0935 4844 [ C3766FC99AC75F205355135F12AF3FA5 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\UserCtxt.dll
18:52:40.0935 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\UserCtxt.dll - ok
18:52:40.0951 4844 [ 7765680E25E329708CB034B180CF9FCD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
18:52:40.0951 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll - ok
18:52:40.0951 4844 [ 21E110FF1C0E948860458BD7B692DE13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
18:52:40.0951 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
18:52:40.0967 4844 [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
18:52:40.0967 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
18:52:40.0967 4844 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
18:52:40.0967 4844 C:\Windows\System32\drivers\PEAuth.sys - ok
18:52:40.0982 4844 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
18:52:40.0982 4844 C:\Windows\System32\drivers\secdrv.sys - ok
18:52:40.0998 4844 [ A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll
18:52:40.0998 4844 C:\Windows\System32\seclogon.dll - ok
18:52:40.0998 4844 [ 53946B69BA0836BD95B03759530C81EC ] C:\Windows\System32\IPSECSVC.DLL
18:52:40.0998 4844 C:\Windows\System32\IPSECSVC.DLL - ok
18:52:40.0998 4844 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\System32\FwRemoteSvr.dll
18:52:40.0998 4844 C:\Windows\System32\FwRemoteSvr.dll - ok
18:52:41.0013 4844 [ CF87A1DE791347E75B98885214CED2B8 ] C:\Windows\System32\sppsvc.exe
18:52:41.0013 4844 C:\Windows\System32\sppsvc.exe - ok
18:52:41.0029 4844 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:52:41.0029 4844 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe - ok
18:52:41.0029 4844 [ 7B193BA3F0245D5867B71AD1CF631474 ] C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll
18:52:41.0029 4844 C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll - ok
18:52:41.0045 4844 [ D89083C4EB02DACA8F944B0E05E57F9D ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:52:41.0045 4844 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
18:52:41.0045 4844 [ D16D818E9930A6E5B4F6476DD0998D1A ] C:\Windows\System32\drivers\spsys.sys
18:52:41.0045 4844 C:\Windows\System32\drivers\spsys.sys - ok
18:52:41.0060 4844 [ 0D77436DA61BE7338BC600F0D8773331 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
18:52:41.0060 4844 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
18:52:41.0060 4844 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll
18:52:41.0060 4844 C:\Windows\System32\httpapi.dll - ok
18:52:41.0076 4844 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] C:\Windows\System32\drivers\tcpipreg.sys
18:52:41.0076 4844 C:\Windows\System32\drivers\tcpipreg.sys - ok
18:52:41.0091 4844 [ 3A11396EAC2414012155AB14E5C1E332 ] C:\Windows\System32\sppwinob.dll
18:52:41.0091 4844 C:\Windows\System32\sppwinob.dll - ok
18:52:41.0091 4844 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
18:52:41.0091 4844 C:\Windows\System32\sysmain.dll - ok
18:52:41.0107 4844 [ 613BF4820361543956909043A265C6AC ] C:\Windows\System32\tapisrv.dll
18:52:41.0107 4844 C:\Windows\System32\tapisrv.dll - ok
18:52:41.0107 4844 [ 8A9828975A857E477EFEF5A61BA45AC0 ] C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
18:52:41.0107 4844 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe - ok
18:52:41.0123 4844 [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll
18:52:41.0123 4844 C:\Windows\System32\wiaservc.dll - ok
18:52:41.0138 4844 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll
18:52:41.0138 4844 C:\Windows\System32\wiatrace.dll - ok
18:52:41.0138 4844 [ 421D9645B72CD341ECDBB0FCE06C97DE ] C:\Windows\System32\sppobjs.dll
18:52:41.0138 4844 C:\Windows\System32\sppobjs.dll - ok
18:52:41.0154 4844 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll
18:52:41.0154 4844 C:\Windows\System32\shfolder.dll - ok
18:52:41.0154 4844 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
18:52:41.0154 4844 C:\Windows\System32\wbem\WMIsvc.dll - ok
18:52:41.0169 4844 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll
18:52:41.0169 4844 C:\Windows\System32\browcli.dll - ok
18:52:41.0169 4844 [ 87B775A458A73BB7381E5B67B5652496 ] C:\Windows\System32\jsproxy.dll
18:52:41.0169 4844 C:\Windows\System32\jsproxy.dll - ok
18:52:41.0185 4844 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
18:52:41.0185 4844 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
18:52:41.0185 4844 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
18:52:41.0185 4844 C:\Windows\System32\wbem\WinMgmtR.dll - ok
18:52:41.0201 4844 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
18:52:41.0201 4844 C:\Windows\System32\trkwks.dll - ok
18:52:41.0216 4844 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
18:52:41.0216 4844 C:\Windows\System32\SearchIndexer.exe - ok
18:52:41.0216 4844 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
18:52:41.0216 4844 C:\Windows\System32\wbem\fastprox.dll - ok
18:52:41.0232 4844 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
18:52:41.0232 4844 C:\Windows\System32\wbem\wbemcore.dll - ok
18:52:41.0232 4844 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
18:52:41.0232 4844 C:\Windows\System32\tquery.dll - ok
18:52:41.0247 4844 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
18:52:41.0247 4844 C:\Windows\System32\ntdsapi.dll - ok
18:52:41.0247 4844 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
18:52:41.0247 4844 C:\Windows\System32\wbem\esscli.dll - ok
18:52:41.0263 4844 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
18:52:41.0263 4844 C:\Windows\System32\mssrch.dll - ok
18:52:41.0279 4844 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
18:52:41.0279 4844 C:\Windows\System32\wbem\wbemsvc.dll - ok
18:52:41.0279 4844 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
18:52:41.0279 4844 C:\Windows\System32\wbem\wmiutils.dll - ok
18:52:41.0294 4844 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] C:\Windows\System32\iphlpsvc.dll
18:52:41.0294 4844 C:\Windows\System32\iphlpsvc.dll - ok
18:52:41.0294 4844 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
18:52:41.0294 4844 C:\Windows\System32\msidle.dll - ok
18:52:41.0310 4844 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
18:52:41.0310 4844 C:\Windows\System32\sqmapi.dll - ok
18:52:41.0310 4844 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
18:52:41.0310 4844 C:\Windows\System32\en-US\tquery.dll.mui - ok
18:52:41.0325 4844 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
18:52:41.0325 4844 C:\Windows\System32\wdscore.dll - ok
18:52:41.0341 4844 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
18:52:41.0341 4844 C:\Windows\System32\NapiNSP.dll - ok
18:52:41.0341 4844 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
18:52:41.0341 4844 C:\Windows\System32\pnrpnsp.dll - ok
18:52:41.0357 4844 [ CB9E04DC05EACF5B9A36CA276D475006 ] C:\Windows\System32\rasmans.dll
18:52:41.0357 4844 C:\Windows\System32\rasmans.dll - ok
18:52:41.0357 4844 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
18:52:41.0357 4844 C:\Windows\System32\winrnr.dll - ok
18:52:41.0372 4844 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
18:52:41.0372 4844 C:\Windows\System32\wbem\repdrvfs.dll - ok
18:52:41.0388 4844 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\System32\rastapi.dll
18:52:41.0388 4844 C:\Windows\System32\rastapi.dll - ok
18:52:41.0388 4844 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\System32\tapi32.dll
18:52:41.0388 4844 C:\Windows\System32\tapi32.dll - ok
18:52:41.0403 4844 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\System32\unimdm.tsp
18:52:41.0403 4844 C:\Windows\System32\unimdm.tsp - ok
18:52:41.0403 4844 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
18:52:41.0403 4844 C:\Windows\System32\hnetcfg.dll - ok
18:52:41.0419 4844 [ 21E2585138971BBB928AC57EE1772ADD ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AVMail.dll
18:52:41.0419 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\AVMail.dll - ok
18:52:41.0419 4844 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\System32\uniplat.dll
18:52:41.0419 4844 C:\Windows\System32\uniplat.dll - ok
18:52:41.0435 4844 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\System32\kmddsp.tsp
18:52:41.0435 4844 C:\Windows\System32\kmddsp.tsp - ok
18:52:41.0450 4844 [ EC1593B3039A522D4DC9C76E25374935 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\asEngine.dll
18:52:41.0450 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\asEngine.dll - ok
18:52:41.0450 4844 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\System32\ndptsp.tsp
18:52:41.0450 4844 C:\Windows\System32\ndptsp.tsp - ok
18:52:41.0466 4844 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\System32\hidphone.tsp
18:52:41.0466 4844 C:\Windows\System32\hidphone.tsp - ok
18:52:41.0466 4844 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\System32\rasppp.dll
18:52:41.0466 4844 C:\Windows\System32\rasppp.dll - ok
18:52:41.0481 4844 [ 80B562B5B59ED850C328DD75F964F3D8 ] C:\Windows\System32\vpnike.dll
18:52:41.0481 4844 C:\Windows\System32\vpnike.dll - ok
18:52:41.0481 4844 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\System32\raschap.dll
18:52:41.0481 4844 C:\Windows\System32\raschap.dll - ok
18:52:41.0497 4844 [ D1A079A0DE2EA524513B6930C24527A2 ] C:\Windows\System32\ipnathlp.dll
18:52:41.0497 4844 C:\Windows\System32\ipnathlp.dll - ok
18:52:41.0497 4844 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
18:52:41.0497 4844 C:\Windows\System32\mprapi.dll - ok
18:52:41.0513 4844 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
18:52:41.0513 4844 C:\Windows\System32\netshell.dll - ok
18:52:41.0528 4844 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
18:52:41.0528 4844 C:\Windows\System32\mssprxy.dll - ok
18:52:41.0528 4844 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\System32\SearchProtocolHost.exe
18:52:41.0528 4844 C:\Windows\System32\SearchProtocolHost.exe - ok
18:52:41.0544 4844 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll
18:52:41.0544 4844 C:\Windows\System32\msshooks.dll - ok
18:52:41.0544 4844 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\System32\SearchFilterHost.exe
18:52:41.0544 4844 C:\Windows\System32\SearchFilterHost.exe - ok
18:52:41.0559 4844 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\System32\mssph.dll
18:52:41.0559 4844 C:\Windows\System32\mssph.dll - ok
18:52:41.0559 4844 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll
18:52:41.0559 4844 C:\Windows\System32\mapi32.dll - ok
18:52:41.0575 4844 [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\System32\NaturalLanguage6.dll
18:52:41.0575 4844 C:\Windows\System32\NaturalLanguage6.dll - ok
18:52:41.0575 4844 [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\System32\NlsData0009.dll
18:52:41.0575 4844 C:\Windows\System32\NlsData0009.dll - ok
18:52:41.0591 4844 [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\System32\NlsLexicons0009.dll
18:52:41.0591 4844 C:\Windows\System32\NlsLexicons0009.dll - ok
18:52:41.0606 4844 [ 8444A7364D6877922049E99BF4B78C5C ] C:\Windows\System32\ELSCore.dll
18:52:41.0606 4844 C:\Windows\System32\ELSCore.dll - ok
18:52:41.0606 4844 [ 7B3FD36359DE5D2EE49D213CCAD13427 ] C:\Windows\System32\elsTrans.dll
18:52:41.0606 4844 C:\Windows\System32\elsTrans.dll - ok
18:52:41.0622 4844 [ 02A2ED8497F437EA200DF3ACED255AFE ] C:\Windows\System32\elslad.dll
18:52:41.0622 4844 C:\Windows\System32\elslad.dll - ok
18:52:41.0622 4844 [ 282F84E0096499C42102D7234A4D14EF ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
18:52:41.0622 4844 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
18:52:41.0637 4844 [ 59D16C3D5CC0D573256A01783ED5CCB4 ] C:\Windows\System32\MSVidCtl.dll
18:52:41.0637 4844 C:\Windows\System32\MSVidCtl.dll - ok
18:52:41.0637 4844 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\System32\quartz.dll
18:52:41.0637 4844 C:\Windows\System32\quartz.dll - ok
18:52:41.0653 4844 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
18:52:41.0653 4844 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
18:52:41.0669 4844 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
18:52:41.0669 4844 C:\Windows\System32\ncobjapi.dll - ok
18:52:41.0669 4844 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll
18:52:41.0669 4844 C:\Windows\System32\devenum.dll - ok
18:52:41.0684 4844 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll
18:52:41.0684 4844 C:\Windows\System32\msdmo.dll - ok
18:52:41.0684 4844 [ 26EF8C37B8D58E98EE49F0DA81E77283 ] C:\Windows\System32\msdri.dll
18:52:41.0684 4844 C:\Windows\System32\msdri.dll - ok
18:52:41.0700 4844 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
18:52:41.0700 4844 C:\Windows\System32\wbem\wbemess.dll - ok
18:52:41.0700 4844 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll
18:52:41.0700 4844 C:\Windows\System32\upnp.dll - ok
18:52:41.0715 4844 [ F2F3617C63B87AA2DE139DC9E37420B5 ] C:\Windows\System32\igfxext.exe
18:52:41.0715 4844 C:\Windows\System32\igfxext.exe - ok
18:52:41.0715 4844 [ B9AA850CDA55097EB13E03698C8F5828 ] C:\Windows\System32\igfxsrvc.exe
18:52:41.0715 4844 C:\Windows\System32\igfxsrvc.exe - ok
18:52:41.0731 4844 [ 493164122DC72E1BF6D12F575604FBDA ] C:\Windows\System32\igfxsrvc.dll
18:52:41.0731 4844 C:\Windows\System32\igfxsrvc.dll - ok
18:52:41.0747 4844 [ FDC6BD427E353D205C1AFB6065FA8175 ] C:\Windows\System32\igfxdev.dll
18:52:41.0747 4844 C:\Windows\System32\igfxdev.dll - ok
18:52:41.0747 4844 [ E8997B4503C3060EA39E7A3636158775 ] C:\Windows\System32\igfxexps.dll
18:52:41.0747 4844 C:\Windows\System32\igfxexps.dll - ok
18:52:41.0762 4844 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
18:52:41.0762 4844 C:\Windows\System32\npmproxy.dll - ok
18:52:41.0762 4844 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe
18:52:41.0762 4844 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
18:52:41.0778 4844 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll
18:52:41.0778 4844 C:\Windows\System32\ssdpsrv.dll - ok
18:52:41.0778 4844 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll
18:52:41.0778 4844 C:\Windows\System32\appinfo.dll - ok
18:52:41.0793 4844 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
18:52:41.0793 4844 C:\Windows\System32\wpdbusenum.dll - ok
18:52:41.0793 4844 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
18:52:41.0793 4844 C:\Windows\System32\wdi.dll - ok
18:52:41.0809 4844 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
18:52:41.0809 4844 C:\Windows\System32\PortableDeviceApi.dll - ok
18:52:41.0809 4844 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
18:52:41.0809 4844 C:\Windows\System32\diagperf.dll - ok
18:52:41.0825 4844 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
18:52:41.0825 4844 C:\Windows\System32\perftrack.dll - ok
18:52:41.0840 4844 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
18:52:41.0840 4844 C:\Windows\System32\dimsjob.dll - ok
18:52:41.0840 4844 [ 61E6487189D68BD8D6D68A4CD4290846 ] C:\Windows\System32\lpksetupproxyserv.dll
18:52:41.0840 4844 C:\Windows\System32\lpksetupproxyserv.dll - ok
18:52:41.0856 4844 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
18:52:41.0856 4844 C:\Windows\System32\Apphlpdm.dll - ok
18:52:41.0856 4844 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
18:52:41.0856 4844 C:\Windows\System32\wer.dll - ok
18:52:41.0871 4844 [ C6B0509AA89F656247694E2D6ABF7255 ] C:\Windows\System32\wbem\wmiprov.dll
18:52:41.0871 4844 C:\Windows\System32\wbem\wmiprov.dll - ok
18:52:41.0871 4844 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
18:52:41.0871 4844 C:\Windows\System32\runonce.exe - ok
18:52:41.0887 4844 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
18:52:41.0887 4844 C:\Windows\System32\aepic.dll - ok
18:52:41.0903 4844 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
18:52:41.0903 4844 C:\Windows\System32\sfc.dll - ok
18:52:41.0903 4844 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
18:52:41.0903 4844 C:\Windows\System32\sfc_os.dll - ok
18:52:41.0918 4844 [ CB67C2B94302DC94BC15ED6553A5C1C7 ] C:\Windows\System32\wbem\cimwin32.dll
18:52:41.0918 4844 C:\Windows\System32\wbem\cimwin32.dll - ok
18:52:41.0918 4844 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
18:52:41.0918 4844 C:\Windows\System32\pnpts.dll - ok
18:52:41.0934 4844 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
18:52:41.0934 4844 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
18:52:41.0934 4844 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll
18:52:41.0934 4844 C:\Windows\System32\pautoenr.dll - ok
18:52:41.0949 4844 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
18:52:41.0949 4844 C:\Windows\System32\radardt.dll - ok
18:52:41.0949 4844 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
18:52:41.0965 4844 C:\Windows\System32\wdiasqmmodule.dll - ok
18:52:41.0965 4844 [ 2C49B175AEE1D4364B91B531417FE583 ] C:\Windows\servicing\TrustedInstaller.exe
18:52:41.0965 4844 C:\Windows\servicing\TrustedInstaller.exe - ok
18:52:41.0981 4844 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
18:52:41.0981 4844 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
18:52:41.0981 4844 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll
18:52:41.0981 4844 C:\Windows\System32\certcli.dll - ok
18:52:41.0996 4844 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
18:52:41.0996 4844 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
18:52:41.0996 4844 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll
18:52:41.0996 4844 C:\Windows\System32\p2pcollab.dll - ok
18:52:42.0012 4844 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll
18:52:42.0012 4844 C:\Windows\System32\CertEnroll.dll - ok
18:52:42.0027 4844 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL
18:52:42.0027 4844 C:\Windows\System32\QAGENTRT.DLL - ok
18:52:42.0027 4844 [ 5B3D1C528CD6674FF6BD1F6720F5A686 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll
18:52:42.0027 4844 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll - ok
18:52:42.0043 4844 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll
18:52:42.0043 4844 C:\Windows\System32\fveui.dll - ok
18:52:42.0043 4844 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\System32\framedynos.dll
18:52:42.0043 4844 C:\Windows\System32\framedynos.dll - ok
18:52:42.0059 4844 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\System32\wmi.dll
18:52:42.0059 4844 C:\Windows\System32\wmi.dll - ok
18:52:42.0059 4844 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\System32\schedcli.dll
18:52:42.0059 4844 C:\Windows\System32\schedcli.dll - ok
18:52:42.0074 4844 [ 8896EF6DEBA34C5507A488729A1D3AF2 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll
18:52:42.0074 4844 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll - ok
18:52:42.0074 4844 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
18:52:42.0074 4844 C:\Windows\System32\linkinfo.dll - ok
18:52:42.0090 4844 [ 4CCF86AAD1B67168FB51A477307EC288 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll
18:52:42.0090 4844 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll - ok
18:52:42.0105 4844 [ AA376FE53D239EC404AD28AA14F33564 ] C:\Windows\System32\srclient.dll
18:52:42.0105 4844 C:\Windows\System32\srclient.dll - ok
18:52:42.0105 4844 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\System32\spp.dll
18:52:42.0105 4844 C:\Windows\System32\spp.dll - ok
18:52:42.0121 4844 [ BBED6A14692C48279F88B3127206A1BA ] C:\Windows\System32\sxsstore.dll
18:52:42.0121 4844 C:\Windows\System32\sxsstore.dll - ok
18:52:42.0121 4844 [ C9B89E87CB6D87FA4CC3F04EBC9F3D1C ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll
18:52:42.0121 4844 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll - ok
18:52:42.0137 4844 [ 0B6118058942961D504AAEA04FECB116 ] C:\Windows\System32\ieframe.dll
18:52:42.0137 4844 C:\Windows\System32\ieframe.dll - ok
18:52:42.0137 4844 [ 665748B8F1770EFE09AC75D8EC020100 ] C:\Windows\servicing\CbsApi.dll
18:52:42.0137 4844 C:\Windows\servicing\CbsApi.dll - ok
18:52:42.0152 4844 [ 6F6759407B843B99E0367036632EC798 ] C:\Windows\System32\HelpPaneProxy.dll
18:52:42.0152 4844 C:\Windows\System32\HelpPaneProxy.dll - ok
18:52:42.0168 4844 [ 8D47D01378347889A662D54037A988CC ] C:\Windows\System32\tdh.dll
18:52:42.0168 4844 C:\Windows\System32\tdh.dll - ok
18:52:42.0168 4844 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
18:52:42.0168 4844 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
18:52:42.0183 4844 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
18:52:42.0183 4844 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
18:52:42.0183 4844 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll
18:52:42.0183 4844 C:\Windows\System32\shdocvw.dll - ok
18:52:42.0199 4844 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Ants\AppData\Local\temp\58E55C71-59C6-4537-9DED-6E7686DB6BE5.exe
18:52:42.0199 4844 C:\Users\Ants\AppData\Local\temp\58E55C71-59C6-4537-9DED-6E7686DB6BE5.exe - ok
18:52:42.0215 4844 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll
18:52:42.0215 4844 C:\Windows\System32\ndiscapCfg.dll - ok
18:52:42.0215 4844 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll
18:52:42.0215 4844 C:\Windows\System32\rascfg.dll - ok
18:52:42.0230 4844 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll
18:52:42.0230 4844 C:\Windows\System32\mprmsg.dll - ok
18:52:42.0230 4844 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll
18:52:42.0230 4844 C:\Windows\System32\tcpipcfg.dll - ok
18:52:42.0246 4844 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll
18:52:42.0246 4844 C:\Windows\System32\wshnetbs.dll - ok
18:52:42.0246 4844 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
18:52:42.0246 4844 C:\Windows\System32\nci.dll - ok
18:52:42.0261 4844 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\System32\wlaninst.dll
18:52:42.0261 4844 C:\Windows\System32\wlaninst.dll - ok
18:52:42.0277 4844 [ 5B6EF0861BB5AC0EC347548E85C24A1D ] C:\Windows\System32\wwaninst.dll
18:52:42.0277 4844 C:\Windows\System32\wwaninst.dll - ok
18:52:42.0277 4844 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe
18:52:42.0277 4844 C:\Windows\System32\rundll32.exe - ok
18:52:42.0293 4844 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
18:52:42.0293 4844 C:\Windows\AppPatch\AcLayers.dll - ok
18:52:42.0293 4844 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
18:52:42.0293 4844 C:\Windows\System32\pnidui.dll - ok
18:52:42.0308 4844 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll
18:52:42.0308 4844 C:\Windows\System32\wmp.dll - ok
18:52:42.0308 4844 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\System32\spfileq.dll
18:52:42.0308 4844 C:\Windows\System32\spfileq.dll - ok
18:52:42.0324 4844 [ 105DBEE13284CE21DA25E696B2F62829 ] C:\Program Files\Samsung Casual Games\GameConsole\AutoUpdateAPILib.exe
18:52:42.0324 4844 C:\Program Files\Samsung Casual Games\GameConsole\AutoUpdateAPILib.exe - ok
18:52:42.0324 4844 [ 5992A9DF57FD5E6960FDCC2DB69867F7 ] C:\Windows\System32\themeui.dll
18:52:42.0324 4844 C:\Windows\System32\themeui.dll - ok
18:52:42.0339 4844 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl
18:52:42.0339 4844 C:\Windows\System32\timedate.cpl - ok
18:52:42.0339 4844 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll
18:52:42.0339 4844 C:\Windows\System32\aeevts.dll - ok
18:52:42.0355 4844 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\System32\gameux.dll
18:52:42.0355 4844 C:\Windows\System32\gameux.dll - ok
18:52:42.0371 4844 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
18:52:42.0371 4844 C:\Windows\System32\msftedit.dll - ok
18:52:42.0371 4844 [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\System32\msls31.dll
18:52:42.0371 4844 C:\Windows\System32\msls31.dll - ok
18:52:42.0386 4844 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
18:52:42.0386 4844 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
18:52:42.0386 4844 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
18:52:42.0386 4844 C:\Windows\System32\msiltcfg.dll - ok
18:52:42.0402 4844 [ F50CA00F1929D9294FE01894D0168A7F ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
18:52:42.0402 4844 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe - ok
18:52:42.0402 4844 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
18:52:42.0402 4844 C:\Windows\System32\thumbcache.dll - ok
18:52:42.0417 4844 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
18:52:42.0417 4844 C:\Windows\System32\networkexplorer.dll - ok
18:52:42.0433 4844 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
18:52:42.0433 4844 C:\Windows\System32\DeviceCenter.dll - ok
18:52:42.0433 4844 [ 934DE0EDBED59940A2725050DA13A066 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
18:52:42.0433 4844 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
18:52:42.0449 4844 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll
18:52:42.0449 4844 C:\Windows\System32\drprov.dll - ok
18:52:42.0449 4844 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll
18:52:42.0449 4844 C:\Windows\System32\davclnt.dll - ok
18:52:42.0464 4844 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll
18:52:42.0464 4844 C:\Windows\System32\davhlpr.dll - ok
18:52:42.0464 4844 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll
18:52:42.0464 4844 C:\Windows\System32\ntlanman.dll - ok
18:52:42.0480 4844 [ 29FB6EF1EFB1357E2883FE297F1EBC31 ] C:\Program Files\AVG\AVG9\avgtray.exe
18:52:42.0480 4844 C:\Program Files\AVG\AVG9\avgtray.exe - ok
18:52:42.0495 4844 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\03556666.sys
18:52:42.0495 4844 C:\Windows\System32\drivers\03556666.sys - ok
18:52:42.0495 4844 [ CD1E74BC24CB1D1544406741F46F4D61 ] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
18:52:42.0495 4844 C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe - ok
18:52:42.0511 4844 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll
18:52:42.0511 4844 C:\Windows\System32\dsound.dll - ok
18:52:42.0511 4844 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
18:52:42.0511 4844 C:\Windows\System32\ksuser.dll - ok
18:52:42.0527 4844 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
18:52:42.0527 4844 C:\Windows\System32\wdmaud.drv - ok
18:52:42.0527 4844 [ 808D7BDD58D15526105E0CAC4194A307 ] C:\Windows\System32\SynCOM.dll
18:52:42.0527 4844 C:\Windows\System32\SynCOM.dll - ok
18:52:42.0542 4844 [ B7E50E08269DC2C5EC867F9796B83296 ] C:\Windows\System32\SynTPAPI.dll
18:52:42.0542 4844 C:\Windows\System32\SynTPAPI.dll - ok
18:52:42.0558 4844 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\System32\msvfw32.dll
18:52:42.0558 4844 C:\Windows\System32\msvfw32.dll - ok
18:52:42.0558 4844 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
18:52:42.0558 4844 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
18:52:42.0573 4844 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
18:52:42.0573 4844 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
18:52:42.0573 4844 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
18:52:42.0573 4844 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
18:52:42.0589 4844 [ F1E6B06A0393C6206BE0FA4C8E892103 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
18:52:42.0589 4844 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
18:52:42.0589 4844 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
18:52:42.0589 4844 C:\Windows\System32\msacm32.dll - ok
18:52:42.0605 4844 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
18:52:42.0605 4844 C:\Windows\System32\msacm32.drv - ok
18:52:42.0605 4844 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
18:52:42.0605 4844 C:\Windows\System32\midimap.dll - ok
18:52:42.0620 4844 [ 804D1B3F83682288619DF795543BF382 ] C:\Windows\System32\consent.exe
18:52:42.0620 4844 C:\Windows\System32\consent.exe - ok
18:52:42.0636 4844 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
18:52:42.0636 4844 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
18:52:42.0636 4844 [ 6E369ACB5D93EC872CABB3FB066FE96F ] C:\Program Files\AVG\AVG9\avglngx.dll
18:52:42.0636 4844 C:\Program Files\AVG\AVG9\avglngx.dll - ok
18:52:42.0651 4844 [ 1029B84ECBE4B95ACB8491A3FE63D70F ] C:\Windows\System32\igfxtray.exe
18:52:42.0651 4844 C:\Windows\System32\igfxtray.exe - ok
18:52:42.0651 4844 [ 3CD5BBDA19A1AB4EBA359E0A14FDF0F0 ] C:\Windows\System32\hkcmd.exe
18:52:42.0651 4844 C:\Windows\System32\hkcmd.exe - ok
18:52:42.0667 4844 [ 3142195521FEE436088EE8A5748DE1B1 ] C:\Windows\System32\igfxpers.exe
18:52:42.0667 4844 C:\Windows\System32\igfxpers.exe - ok
18:52:42.0667 4844 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
18:52:42.0683 4844 C:\Windows\System32\AudioEng.dll - ok
18:52:42.0683 4844 [ 6B0450136DBCA36C6722C21A746D96CB ] C:\Windows\System32\hccutils.dll
18:52:42.0683 4844 C:\Windows\System32\hccutils.dll - ok
18:52:42.0698 4844 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:52:42.0698 4844 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
18:52:42.0698 4844 [ D2DAD71C96C113ED07F7BB79AD831C28 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:52:42.0698 4844 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
18:52:42.0714 4844 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
18:52:42.0714 4844 C:\Windows\System32\AUDIOKSE.dll - ok
18:52:42.0714 4844 [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files\iTunes\iTunesHelper.exe
18:52:42.0714 4844 C:\Program Files\iTunes\iTunesHelper.exe - ok
18:52:42.0729 4844 [ 33D4D17C2A70CD54B4ED4972EA270E62 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\cltRT.exe
18:52:42.0729 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\cltRT.exe - ok
18:52:42.0745 4844 [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\Windows\System32\UIAnimation.dll
18:52:42.0745 4844 C:\Windows\System32\UIAnimation.dll - ok
18:52:42.0745 4844 [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files\iTunes\iTunesHelper.dll
18:52:42.0745 4844 C:\Program Files\iTunes\iTunesHelper.dll - ok
18:52:42.0761 4844 [ 691771D7570A53130E7E885D8266E6C0 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
18:52:42.0761 4844 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
18:52:42.0761 4844 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files\QuickTime\QTTask.exe
18:52:42.0761 4844 C:\Program Files\QuickTime\QTTask.exe - ok
18:52:42.0776 4844 [ 12DBA51A6D1126E88F78D79AE0F7600F ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
18:52:42.0776 4844 C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
18:52:42.0792 4844 [ 9EB925EDC8CF1C3D06E50E9348B54A0A ] C:\Users\Ants\AppData\Local\Facebook\Update\FacebookUpdate.exe
18:52:42.0792 4844 C:\Users\Ants\AppData\Local\Facebook\Update\FacebookUpdate.exe - ok
18:52:42.0792 4844 [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
18:52:42.0792 4844 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
18:52:42.0807 4844 [ 7B42DD38D10BA61A8B2669A504E0EF6C ] C:\Windows\System32\RTCOM\RtkCfg.dll
18:52:42.0807 4844 C:\Windows\System32\RTCOM\RtkCfg.dll - ok
18:52:42.0807 4844 [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
18:52:42.0807 4844 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
18:52:42.0823 4844 [ 49D3F53BEA86A4EFEFA53550E0DBFDB1 ] C:\Users\Ants\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
18:52:42.0823 4844 C:\Users\Ants\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll - ok
18:52:42.0839 4844 [ BD713579A87D698E1F2158CE10E48130 ] C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
18:52:42.0839 4844 C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe - ok
18:52:42.0839 4844 [ 415EEAD462C489036A9BE0A4098553F9 ] C:\Windows\System32\RtkAPO.dll
18:52:42.0839 4844 C:\Windows\System32\RtkAPO.dll - ok
18:52:42.0854 4844 [ D9A3009A2AB658DDE1D20358176CE546 ] C:\Windows\System32\GfxUI.exe
18:52:42.0854 4844 C:\Windows\System32\GfxUI.exe - ok
18:52:42.0854 4844 [ 1542A92D5C6F7E1E80613F3466C9CE7F ] C:\Windows\System32\icacls.exe
18:52:42.0854 4844 C:\Windows\System32\icacls.exe - ok
18:52:42.0870 4844 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
18:52:42.0870 4844 C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
18:52:42.0870 4844 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll
18:52:42.0870 4844 C:\Windows\System32\WMALFXGFXDSP.dll - ok
18:52:42.0885 4844 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\System32\msvcp100.dll
18:52:42.0885 4844 C:\Windows\System32\msvcp100.dll - ok
18:52:42.0885 4844 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\System32\msvcr100.dll
18:52:42.0885 4844 C:\Windows\System32\msvcr100.dll - ok
18:52:42.0901 4844 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
18:52:42.0901 4844 C:\Windows\System32\stobject.dll - ok
18:52:42.0917 4844 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
18:52:42.0917 4844 C:\Windows\System32\batmeter.dll - ok
18:52:42.0917 4844 [ 345378D27303D2B4D05036FB6F409AA5 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo32.dll
18:52:42.0917 4844 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo32.dll - ok
18:52:42.0932 4844 [ A42D0B4A82A068805144D3FAF6FCA104 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp32.dll
18:52:42.0932 4844 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp32.dll - ok
18:52:42.0932 4844 [ 5BC881B4BEFCD1F005A7C1845AC63AD7 ] C:\Windows\System32\igfxrenu.lrc
18:52:42.0932 4844 C:\Windows\System32\igfxrenu.lrc - ok
18:52:42.0948 4844 [ 67BF4746D2553A54019F2F793807CDDD ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slgeq32.dll
18:52:42.0948 4844 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slgeq32.dll - ok
18:52:42.0963 4844 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
18:52:42.0963 4844 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
18:52:42.0963 4844 [ 13E96EB6E2CA3EB27CC3B77C65ED49F0 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36032.dll
18:52:42.0963 4844 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36032.dll - ok
18:52:42.0979 4844 [ A4F45A21F354DF7DE10F19FAC671E2C2 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slInit32.dll
18:52:42.0979 4844 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slInit32.dll - ok
18:52:42.0979 4844 [ 8C3A3F5013CCB4346D9E1BABF2429353 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd32.dll
18:52:42.0979 4844 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd32.dll - ok
18:52:42.0995 4844 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
18:52:42.0995 4844 C:\Windows\System32\DXP.dll - ok
18:52:42.0995 4844 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
18:52:42.0995 4844 C:\Windows\System32\Syncreg.dll - ok
18:52:43.0010 4844 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
18:52:43.0010 4844 C:\Windows\ehome\ehSSO.dll - ok
18:52:43.0026 4844 [ A7DC47DBBE3C0384BA719DC4188AFA7E ] C:\Windows\ehome\ehtray.exe
18:52:43.0026 4844 C:\Windows\ehome\ehtray.exe - ok
18:52:43.0026 4844 [ FBA4773ECFEFFC6566FB2AD13CEC4940 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
18:52:43.0026 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll - ok
18:52:43.0041 4844 [ BC0EA61246F8D940FBC5F652D337D6BD ] C:\Program Files\iPod\bin\iPodService.exe
18:52:43.0041 4844 C:\Program Files\iPod\bin\iPodService.exe - ok
18:52:43.0041 4844 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
18:52:43.0041 4844 C:\Windows\System32\AltTab.dll - ok
18:52:43.0057 4844 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
18:52:43.0057 4844 C:\Windows\System32\PortableDeviceTypes.dll - ok
18:52:43.0057 4844 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
18:52:43.0057 4844 C:\Windows\System32\WPDShServiceObj.dll - ok
18:52:43.0073 4844 [ 818DBC9026FDB4A519A4B74A30A7F485 ] C:\Windows\ehome\ehmsas.exe
18:52:43.0073 4844 C:\Windows\ehome\ehmsas.exe - ok
18:52:43.0088 4844 [ 240DBC4B5E382CA2F63A2562062E9A08 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
18:52:43.0088 4844 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
18:52:43.0088 4844 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
18:52:43.0088 4844 C:\Windows\System32\QUTIL.DLL - ok
18:52:43.0104 4844 [ 6CC94532F19CDB8CC7D3FA247BA9D92F ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\McStatus.dll
18:52:43.0104 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\McStatus.dll - ok
18:52:43.0104 4844 [ FC509EAAC8CFA34A961BB84147D66076 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
18:52:43.0104 4844 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
18:52:43.0119 4844 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
18:52:43.0119 4844 C:\Windows\System32\rasdlg.dll - ok
18:52:43.0119 4844 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
18:52:43.0119 4844 C:\Windows\System32\srchadmin.dll - ok
18:52:43.0135 4844 [ 9DF7A7C74D8632CB5EBD37E3A374825E ] C:\Windows\System32\webcheck.dll
18:52:43.0135 4844 C:\Windows\System32\webcheck.dll - ok
18:52:43.0151 4844 [ 4825D2A98FAB45D4938DA9196ADDFAD4 ] C:\Windows\ehome\ehProxy.dll
18:52:43.0151 4844 C:\Windows\ehome\ehProxy.dll - ok
18:52:43.0151 4844 [ 6A0CE6378716E61EC766D7D05D80046F ] C:\Windows\ehome\ehrec.exe
18:52:43.0151 4844 C:\Windows\ehome\ehrec.exe - ok
18:52:43.0166 4844 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
18:52:43.0166 4844 C:\Windows\System32\mlang.dll - ok
18:52:43.0166 4844 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
18:52:43.0166 4844 C:\Windows\System32\SyncCenter.dll - ok
18:52:43.0182 4844 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
18:52:43.0182 4844 C:\Windows\System32\dot3api.dll - ok
18:52:43.0182 4844 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
18:52:43.0182 4844 C:\Windows\System32\wlanhlp.dll - ok
18:52:43.0197 4844 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
18:52:43.0197 4844 C:\Windows\System32\wlanapi.dll - ok
18:52:43.0197 4844 [ 7CD6A7B31295E1B475B5376FF7E57FF7 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\ehCIR\e1e78ef0d73f9000d79281cd40868882\ehCIR.ni.dll
18:52:43.0197 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\ehCIR\e1e78ef0d73f9000d79281cd40868882\ehCIR.ni.dll - ok
18:52:43.0213 4844 [ 4BC8285C485DA27770E0921E68BF196E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\454ecc5a1795270b2dbe55bfe3dd87be\ehiProxy.ni.dll
18:52:43.0213 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\454ecc5a1795270b2dbe55bfe3dd87be\ehiProxy.ni.dll - ok
18:52:43.0229 4844 [ 8B829F5E540A5EB43483792C8D6E3875 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\cefccb1ed79e63eddf972c6c20ae240b\ehRecObj.ni.dll
18:52:43.0229 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\cefccb1ed79e63eddf972c6c20ae240b\ehRecObj.ni.dll - ok
18:52:43.0229 4844 [ 1E3CB1435EC745058628AE40FEA9F471 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
18:52:43.0229 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll - ok
18:52:43.0244 4844 [ D3CAC22F98E1E7931F21FE9444A8E5A1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mcepg\ca2746d1786b76719e6ddb54ccb53f54\mcepg.ni.dll
18:52:43.0244 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\mcepg\ca2746d1786b76719e6ddb54ccb53f54\mcepg.ni.dll - ok
18:52:43.0260 4844 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
18:52:43.0260 4844 C:\Windows\System32\imapi2.dll - ok
18:52:43.0260 4844 [ 53683A331F8A1BB20ADD0330F1DE6388 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
18:52:43.0260 4844 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
18:52:43.0275 4844 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
18:52:43.0275 4844 C:\Windows\System32\WWanAPI.dll - ok
18:52:43.0275 4844 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
18:52:43.0275 4844 C:\Windows\System32\wwapi.dll - ok
18:52:43.0291 4844 [ 8F8AB20AA863EA95A421B9D54C74F20C ] C:\Program Files\Windows Media Player\wmpnssci.dll
18:52:43.0291 4844 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
18:52:43.0291 4844 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
18:52:43.0291 4844 C:\Windows\System32\QAGENT.DLL - ok
18:52:43.0307 4844 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
18:52:43.0307 4844 C:\Windows\System32\bthprops.cpl - ok
18:52:43.0322 4844 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
18:52:43.0322 4844 C:\Windows\System32\hgcpl.dll - ok
18:52:43.0322 4844 [ F13D62D250FA03DE41BCB84ED1A37704 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstore\744604b4a3bb3625de9541f0f81a3893\mcstore.ni.dll
18:52:43.0322 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstore\744604b4a3bb3625de9541f0f81a3893\mcstore.ni.dll - ok
18:52:43.0338 4844 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe
18:52:43.0338 4844 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
18:52:43.0338 4844 [ AD4FFFDF60B1F3D414079C24D5AA02DB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\840830c6a4fd76901574202fa9e7c9ef\Microsoft.MediaCenter.UI.ni.dll
18:52:43.0338 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\840830c6a4fd76901574202fa9e7c9ef\Microsoft.MediaCenter.UI.ni.dll - ok
18:52:43.0353 4844 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
18:52:43.0353 4844 C:\Windows\System32\FXSST.dll - ok
18:52:43.0353 4844 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
18:52:43.0353 4844 C:\Windows\System32\FXSAPI.dll - ok
18:52:43.0369 4844 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
18:52:43.0369 4844 C:\Windows\System32\FXSRESM.dll - ok
18:52:43.0385 4844 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
18:52:43.0385 4844 C:\Windows\System32\FXSSVC.exe - ok
18:52:43.0385 4844 [ E4F6125ED5185F8FA37CC4F449B85526 ] C:\Program Files\Internet Explorer\iexplore.exe
18:52:43.0385 4844 C:\Program Files\Internet Explorer\iexplore.exe - ok
18:52:43.0400 4844 [ F3222C893BD2F5821A0179E5C71E88FB ] C:\Windows\System32\fdPHost.dll
18:52:43.0400 4844 C:\Windows\System32\fdPHost.dll - ok
18:52:43.0400 4844 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll
18:52:43.0400 4844 C:\Windows\System32\FDResPub.dll - ok
18:52:43.0416 4844 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\System32\fdWSD.dll
18:52:43.0416 4844 C:\Windows\System32\fdWSD.dll - ok
18:52:43.0416 4844 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\System32\fdSSDP.dll
18:52:43.0416 4844 C:\Windows\System32\fdSSDP.dll - ok
18:52:43.0431 4844 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll
18:52:43.0431 4844 C:\Windows\System32\wmdrmdev.dll - ok
18:52:43.0431 4844 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll
18:52:43.0431 4844 C:\Windows\System32\drmv2clt.dll - ok
18:52:43.0447 4844 [ EE74A0FF7C5752E49911986F22BBAEEF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
18:52:43.0447 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll - ok
18:52:43.0463 4844 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\System32\fdProxy.dll
18:52:43.0463 4844 C:\Windows\System32\fdProxy.dll - ok
18:52:43.0463 4844 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] C:\Windows\System32\ListSvc.dll
18:52:43.0463 4844 C:\Windows\System32\ListSvc.dll - ok
18:52:43.0478 4844 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\System32\P2P.dll
18:52:43.0478 4844 C:\Windows\System32\P2P.dll - ok
18:52:43.0478 4844 [ 9DC23ACF360AEA7DF55AD7A8D3FBF4E6 ] C:\Windows\System32\IdListen.dll
18:52:43.0478 4844 C:\Windows\System32\IdListen.dll - ok
18:52:43.0494 4844 [ F059EB4C9C256F62F196EAA439E28F74 ] C:\Windows\System32\hgprint.dll
18:52:43.0494 4844 C:\Windows\System32\hgprint.dll - ok
18:52:43.0494 4844 [ 82A8521DDC60710C3D3D3E7325209BEC ] C:\Windows\System32\pnrpsvc.dll
18:52:43.0494 4844 C:\Windows\System32\pnrpsvc.dll - ok
18:52:43.0509 4844 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL
18:52:43.0509 4844 C:\Windows\System32\wmploc.DLL - ok
18:52:43.0525 4844 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\System32\P2PGraph.dll
18:52:43.0525 4844 C:\Windows\System32\P2PGraph.dll - ok
18:52:43.0525 4844 [ 59C3DDD501E39E006DAC31BF55150D91 ] C:\Windows\System32\p2psvc.dll
18:52:43.0525 4844 C:\Windows\System32\p2psvc.dll - ok
18:52:43.0541 4844 [ 60A8C2F0ADCF999D7542EC589C026C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\b8e516ed0f2c0bee78580ac0a758d7b3\mcstoredb.ni.dll
18:52:43.0541 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\b8e516ed0f2c0bee78580ac0a758d7b3\mcstoredb.ni.dll - ok
18:52:43.0541 4844 [ FD31DFF0CC05BD581C2DB1BB6F7FFDCE ] C:\Program Files\Internet Explorer\ieproxy.dll
18:52:43.0541 4844 C:\Program Files\Internet Explorer\ieproxy.dll - ok
18:52:43.0556 4844 [ 7D8676EC6A6ABCF57E1F6CA5372E56EE ] C:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll
18:52:43.0556 4844 C:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll - ok
18:52:43.0572 4844 [ B6C756FA661C5EB7B3547E60647F87A7 ] C:\Windows\System32\sqlceoledb30.dll
18:52:43.0572 4844 C:\Windows\System32\sqlceoledb30.dll - ok
18:52:43.0572 4844 [ 13CDD3FF0961A2EC6D9829A1640DD6DC ] C:\Windows\System32\sqlcese30.dll
18:52:43.0572 4844 C:\Windows\System32\sqlcese30.dll - ok
18:52:43.0587 4844 [ 60236C8C3B8C2D8B9A59326890533EB8 ] C:\Windows\System32\sqlceqp30.dll
18:52:43.0587 4844 C:\Windows\System32\sqlceqp30.dll - ok
18:52:43.0587 4844 [ 015FF57E5B1F43F4554CAA7824095D24 ] C:\Windows\ehome\ehepgres.dll
18:52:43.0587 4844 C:\Windows\ehome\ehepgres.dll - ok
18:52:43.0603 4844 [ B32ED424FD72FFA7554F23F125F2132D ] C:\Program Files\Internet Explorer\IEShims.dll
18:52:43.0603 4844 C:\Program Files\Internet Explorer\IEShims.dll - ok
18:52:43.0603 4844 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
18:52:43.0603 4844 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
18:52:43.0619 4844 [ 59F590C5FD2477983A39C2A59A7EF522 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\QBackup.dll
18:52:43.0619 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\QBackup.dll - ok
18:52:43.0634 4844 [ 90F785F7594E3AF23D4392677042BE9A ] C:\Windows\System32\ieui.dll
18:52:43.0634 4844 C:\Windows\System32\ieui.dll - ok
18:52:43.0634 4844 [ B39FBBB2460C3C43317CD65E82FFBBF8 ] C:\Program Files\Internet Explorer\sqmapi.dll
18:52:43.0634 4844 C:\Program Files\Internet Explorer\sqmapi.dll - ok
18:52:43.0650 4844 [ D017BF8D92938EEB9B3A1D1C53FDA152 ] C:\Windows\System32\mshtml.dll
18:52:43.0650 4844 C:\Windows\System32\mshtml.dll - ok
18:52:43.0650 4844 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
18:52:43.0650 4844 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
18:52:43.0665 4844 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
18:52:43.0665 4844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
18:52:43.0665 4844 [ 754BD8D28C6E605A6383D96718083EAE ] C:\Windows\System32\gfxSrvc.dll
18:52:43.0665 4844 C:\Windows\System32\gfxSrvc.dll - ok
18:52:43.0681 4844 [ BF0E656D728C2F13616B4E1AFB7AE7CC ] C:\Windows\System32\IGFXDEVLib.dll
18:52:43.0681 4844 C:\Windows\System32\IGFXDEVLib.dll - ok
18:52:43.0681 4844 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\System32\d3d9.dll
18:52:43.0681 4844 C:\Windows\System32\d3d9.dll - ok
18:52:43.0697 4844 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
18:52:43.0697 4844 C:\Windows\System32\dssenh.dll - ok
18:52:43.0712 4844 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\System32\d3d8thk.dll
18:52:43.0712 4844 C:\Windows\System32\d3d8thk.dll - ok
18:52:43.0712 4844 [ BA38C50F523DC053488AC3F9EF99AA0B ] C:\Windows\System32\igdumdx32.dll
18:52:43.0712 4844 C:\Windows\System32\igdumdx32.dll - ok
18:52:43.0728 4844 [ 10AB9C9ADB89816BEFB077E72659D029 ] C:\Windows\System32\igdumd32.dll
18:52:43.0728 4844 C:\Windows\System32\igdumd32.dll - ok
18:52:43.0728 4844 [ 11BC266C3C9257FB71D400E484F5F5B6 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.key
18:52:43.0728 4844 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.key - ok
18:52:43.0743 4844 [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\System32\d2d1.dll
18:52:43.0743 4844 C:\Windows\System32\d2d1.dll - ok
18:52:43.0743 4844 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\System32\blackbox.dll
18:52:43.0743 4844 C:\Windows\System32\blackbox.dll - ok
18:52:43.0759 4844 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll
18:52:43.0759 4844 C:\Windows\System32\wmpps.dll - ok
18:52:43.0775 4844 [ 4FA88AA44DACB48A1D1C65F8C9A47B31 ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SymMcCmd.dll
18:52:43.0775 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\SymMcCmd.dll - ok
18:52:43.0775 4844 [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\System32\DWrite.dll
18:52:43.0775 4844 C:\Windows\System32\DWrite.dll - ok
18:52:43.0790 4844 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll
18:52:43.0790 4844 C:\Windows\System32\wbem\NCProv.dll - ok
18:52:43.0790 4844 [ 62A6EB5771580CAE445804389F3F7432 ] C:\Windows\System32\WindowsCodecsExt.dll
18:52:43.0790 4844 C:\Windows\System32\WindowsCodecsExt.dll - ok
18:52:43.0806 4844 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\System32\icm32.dll
18:52:43.0806 4844 C:\Windows\System32\icm32.dll - ok
18:52:43.0806 4844 [ CF4B9326EA3AF8D69EB743FB34AC8BF5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll
18:52:43.0806 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll - ok
18:52:43.0821 4844 [ BE39E22059A3082D5289739299C33C01 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
18:52:43.0821 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll - ok
18:52:43.0837 4844 [ E9F427EF46965D33E878A507A2F5CCB6 ] C:\Windows\System32\Macromed\Flash\Flash11e.ocx
18:52:43.0837 4844 C:\Windows\System32\Macromed\Flash\Flash11e.ocx - ok
18:52:43.0837 4844 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
18:52:43.0837 4844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
18:52:43.0853 4844 [ AA3B91B70E79BCE70AD3B190789B9574 ] C:\Windows\System32\drttransport.dll
18:52:43.0853 4844 C:\Windows\System32\drttransport.dll - ok
18:52:43.0853 4844 [ EE29FCC244C8033E2F748D863DCBF378 ] C:\Windows\System32\drt.dll
18:52:43.0853 4844 C:\Windows\System32\drt.dll - ok
18:52:43.0868 4844 [ 9B59687619B27CDA24638CDC3AF079FB ] C:\Windows\System32\jscript9.dll
18:52:43.0868 4844 C:\Windows\System32\jscript9.dll - ok
18:52:43.0884 4844 [ 0F44172A5B34E8F208CD0F209EDD4A73 ] C:\Windows\System32\ieapfltr.dll
18:52:43.0884 4844 C:\Windows\System32\ieapfltr.dll - ok
18:52:43.0884 4844 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll
18:52:43.0884 4844 C:\Windows\System32\msimtf.dll - ok
18:52:43.0884 4844 [ 08E420D873E4FD85241EE2421B02C4A4 ] C:\Windows\System32\wersvc.dll
18:52:43.0884 4844 C:\Windows\System32\wersvc.dll - ok
18:52:43.0899 4844 [ 8C3D32A4A46326031309A43C52539D7F ] C:\Windows\System32\ieapfltr.dat
18:52:43.0899 4844 C:\Windows\System32\ieapfltr.dat - ok
18:52:43.0915 4844 [ 0157A4A4B99C8E9EB49960D69AE08E10 ] C:\Program Files\Samsung\Samsung Recovery Solution 4\SystemSoftware\SoftwareMedia52.exe
18:52:43.0915 4844 C:\Program Files\Samsung\Samsung Recovery Solution 4\SystemSoftware\SoftwareMedia52.exe - ok
18:52:43.0915 4844 [ A5611A6D9CF770D8BBE916C0C84CEC6A ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDPROV.DLL
18:52:43.0915 4844 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDPROV.DLL - ok
18:52:43.0931 4844 [ 45406FFD87F6BA4345B018E303A64FF1 ] C:\Program Files\Common Files\microsoft shared\Windows Live\wlidcli.dll
18:52:43.0931 4844 C:\Program Files\Common Files\microsoft shared\Windows Live\wlidcli.dll - ok
18:52:43.0931 4844 [ 54126CDDEF533083D0FFDB94810AD1AA ] C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
18:52:43.0931 4844 C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe - ok
18:52:43.0946 4844 [ D5F72E03EDF8BDEA4847D693237330C7 ] C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.dll
18:52:43.0946 4844 C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.dll - ok
18:52:43.0946 4844 [ DEFB55D4FF094673DF31FA89A8A8A2F0 ] C:\Windows\System32\dxtrans.dll
18:52:43.0946 4844 C:\Windows\System32\dxtrans.dll - ok
18:52:43.0962 4844 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\System32\ddrawex.dll
18:52:43.0962 4844 C:\Windows\System32\ddrawex.dll - ok
18:52:43.0977 4844 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\System32\dciman32.dll
18:52:43.0977 4844 C:\Windows\System32\dciman32.dll - ok
18:52:43.0977 4844 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\System32\ddraw.dll
18:52:43.0977 4844 C:\Windows\System32\ddraw.dll - ok
18:52:43.0993 4844 [ C68FBBF01E86CB6CF0B797748FBD6C1A ] C:\Windows\System32\dxtmsft.dll
18:52:43.0993 4844 C:\Windows\System32\dxtmsft.dll - ok
18:52:43.0993 4844 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:52:43.0993 4844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
18:52:44.0009 4844 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
18:52:44.0009 4844 C:\Windows\System32\msvcr100_clr0400.dll - ok
18:52:44.0009 4844 [ FC5D9F5CBC46B3662DE958C682611296 ] C:\Program Files\Google\Update\1.3.21.135\goopdateres_en-GB.dll
18:52:44.0009 4844 C:\Program Files\Google\Update\1.3.21.135\goopdateres_en-GB.dll - ok
18:52:44.0024 4844 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] C:\Windows\System32\wscsvc.dll
18:52:44.0024 4844 C:\Windows\System32\wscsvc.dll - ok
18:52:44.0024 4844 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
18:52:44.0024 4844 C:\Windows\System32\wuapi.dll - ok
18:52:44.0040 4844 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll
18:52:44.0040 4844 C:\Windows\System32\cabinet.dll - ok
18:52:44.0040 4844 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
18:52:44.0040 4844 C:\Windows\System32\wups.dll - ok
18:52:44.0055 4844 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
18:52:44.0055 4844 C:\Windows\System32\wuaueng.dll - ok
18:52:44.0071 4844 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\System32\mspatcha.dll
18:52:44.0071 4844 C:\Windows\System32\mspatcha.dll - ok
18:52:44.0071 4844 [ 1CF96810BDB01E982632ECCA9B25916E ] C:\Program Files\Norton Internet Security\Engine\19.1.0.28\WSCStub.exe
18:52:44.0071 4844 C:\Program Files\Norton Internet Security\Engine\19.1.0.28\WSCStub.exe - ok
18:52:44.0087 4844 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll
18:52:44.0087 4844 C:\Windows\System32\wscisvif.dll - ok
18:52:44.0087 4844 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll
18:52:44.0087 4844 C:\Windows\System32\wscapi.dll - ok
18:52:44.0102 4844 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll
18:52:44.0102 4844 C:\Windows\System32\wscproxystub.dll - ok
18:52:44.0102 4844 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll
18:52:44.0102 4844 C:\Windows\System32\wups2.dll - ok
18:52:44.0118 4844 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll
18:52:44.0118 4844 C:\Windows\System32\security.dll - ok
18:52:44.0133 4844 [ 43BE3B9CA431F88E049928DC45C4365C ] C:\Windows\System32\wbem\wmipcima.dll
18:52:44.0133 4844 C:\Windows\System32\wbem\wmipcima.dll - ok
18:52:44.0133 4844 [ 61B33014F2D2A4F9553F6EF64FB82E31 ] C:\Windows\System32\NlsData000c.dll
18:52:44.0133 4844 C:\Windows\System32\NlsData000c.dll - ok
18:52:44.0149 4844 [ AC7D0114246661B1E29A0939039157C5 ] C:\Windows\System32\NlsLexicons000c.dll
18:52:44.0149 4844 C:\Windows\System32\NlsLexicons000c.dll - ok
18:52:44.0149 4844 ============================================================
18:52:44.0149 4844 Scan finished
18:52:44.0149 4844 ============================================================
18:52:44.0165 5140 Detected object count: 1
18:52:44.0165 5140 Actual detected object count: 1
18:56:16.0437 5140 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
18:56:16.0437 5140 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
OK give me the MBAR report when it is done and I will be back later to check on it



gringo
  • 0

#13
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
Hi Gringo, don't think there was a report from mbar as it said no clean up was required?
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Steviep

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0

#15
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.02)
Adobe Shockwave Player 11.6
Alice Greenfingers
AnyPC Client
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Client Installation Program
AVG 9.0
BatteryLifeExtender
Bonjour
Business Contact Manager for Outlook 2007 SP2
CyberLink YouCam
D3DX10
Dairy Dash
Easy Display Manager
Easy Network Manager
Easy SpeedUp Manager
EasyBatteryManager
Facebook Video Calling 1.2.0.287
Farm Frenzy 2
FileHippo.com Update Checker
FrostWire 4.21.2
FrostWire 5.4.0
Game Pack
Go-Go Gourmet
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
Java 7 Update 9
Java Auto Updater
Java™ 6 Update 16
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Messenger Plus! Live
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
Norton Internet Security
Norton Security Scan
Password Recovery for MSN (remove only)
PhotoScape
QuickTime
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Samsung Recovery Solution 4
Samsung Support Center
Samsung Update Plus
SamsungMovie
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
swMSM
Synaptics Pointing Device Driver
TeamViewer 6
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User Guide
VirtualDJ Home FREE
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP