Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Infected with Win32/olmarik.TDL4 trojan [Solved]

Started by Kristin51505 , May 24 2013 02:53 PM

  • This topic is locked This topic is locked

#1
Kristin51505
Posted 24 May 2013 - 02:53 PM

Kristin51505

    Member

  • Member
  • PipPip
  • 70 posts
HI,

It seems my laptop has been infected with the Win32/olmarik.TDL4 trojan and ESET can't clean it for me. Is there anything I can do myself to remove it? Thanks for any help!
  • 0

Advertisements

#2
Jasmyne
Posted 24 May 2013 - 05:02 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Hi! My name is Jasmyne and Welcome to Geeks to Go!

I'm sorry you are having issues with your computer but I will do my best to resolve them as quickly as possible. I know having an infected computer is frustrating because I was once where you are now! It isn't always a quick & easy fix to remove malware but if you'll stick with me, I'll stick with you until your computer is clean. Throughout this process you may want to print instructions in case you loose internet access unless you have another way to access them aside from the infected computer. Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue. Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask! Never be afraid to ask questions! :)

Let's get an OTL scan to get started and go from there.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please check the box next to Scan All Users.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
dir C:\ /S /A:L /C
CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

  • 0

#3
Kristin51505
Posted 24 May 2013 - 07:30 PM

Kristin51505

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts
Thanks so much for your response! I did the scan, here's what I got:

OTL logfile created on: 5/24/2013 4:45:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kristin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 43.94% Memory free
8.10 Gb Paging File | 5.84 Gb Available in Paging File | 72.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.30 Gb Total Space | 89.69 Gb Free Space | 32.11% Space Free | Partition Type: NTFS
Drive E: | 18.75 Gb Total Space | 10.95 Gb Free Space | 58.43% Space Free | Partition Type: NTFS

Computer Name: KRISTIN-PC | User Name: Kristin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013/05/24 16:43:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kristin\Desktop\OTL.exe
PRC - [2013/04/16 07:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/12/21 05:08:56 | 001,333,424 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011/08/10 13:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
PRC - [2008/06/03 15:54:56 | 000,446,635 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe
PRC - [2008/05/23 14:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 17:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/24 16:40:07 | 000,557,056 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\pysqlite2._sqlite.pyd
MOD - [2013/05/24 16:40:07 | 000,128,512 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\_elementtree.pyd
MOD - [2013/05/24 16:40:07 | 000,098,816 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32api.pyd
MOD - [2013/05/24 16:40:07 | 000,044,032 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\_socket.pyd
MOD - [2013/05/24 16:40:07 | 000,022,528 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32ts.pyd
MOD - [2013/05/24 16:40:06 | 000,320,512 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32com.shell.shell.pyd
MOD - [2013/05/24 16:40:06 | 000,026,624 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\_multiprocessing.pyd
MOD - [2013/05/24 16:40:05 | 000,805,888 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\wx._gdi_.pyd
MOD - [2013/05/24 16:40:05 | 000,070,656 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\wx._html2.pyd
MOD - [2013/05/24 16:40:05 | 000,011,264 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32crypt.pyd
MOD - [2013/05/24 16:40:04 | 001,022,416 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\windows._cacheinvalidation.pyd
MOD - [2013/05/24 16:40:04 | 000,087,040 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\_ctypes.pyd
MOD - [2013/05/24 16:40:04 | 000,017,408 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32profile.pyd
MOD - [2013/05/24 16:40:03 | 000,735,232 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\wx._misc_.pyd
MOD - [2013/05/24 16:40:03 | 000,364,544 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\pythoncom27.dll
MOD - [2013/05/24 16:40:02 | 001,175,040 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\wx._core_.pyd
MOD - [2013/05/24 16:40:02 | 000,110,080 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\PyWinTypes27.dll
MOD - [2013/05/24 16:40:02 | 000,108,544 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32security.pyd
MOD - [2013/05/24 16:40:01 | 001,153,024 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\_ssl.pyd
MOD - [2013/05/24 16:39:22 | 000,025,600 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32pdh.pyd
MOD - [2013/05/24 16:39:20 | 000,035,840 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32process.pyd
MOD - [2013/05/24 16:39:09 | 000,711,680 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\_hashlib.pyd
MOD - [2013/05/24 16:39:04 | 000,811,008 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\wx._windows_.pyd
MOD - [2013/05/24 16:39:04 | 000,122,368 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\wx._wizard.pyd
MOD - [2013/05/24 16:39:04 | 000,119,808 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32file.pyd
MOD - [2013/05/24 16:39:04 | 000,038,912 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32inet.pyd
MOD - [2013/05/24 16:39:02 | 001,062,400 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\wx._controls_.pyd
MOD - [2013/05/24 16:39:02 | 000,686,080 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\unicodedata.pyd
MOD - [2013/05/24 16:39:02 | 000,127,488 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\pyexpat.pyd
MOD - [2013/05/24 16:39:02 | 000,018,432 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\win32event.pyd
MOD - [2013/05/24 16:39:02 | 000,010,240 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI24642\select.pyd
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/11/03 15:51:26 | 000,039,712 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/12/21 05:08:56 | 001,333,424 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/12/30 07:39:40 | 004,889,032 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/02/26 02:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_54cb4575\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_54cb4575\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/11/17 08:29:18 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/03/26 16:16:02 | 000,567,280 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlbacoms.exe -- (dlba_device)
SRV:64bit: - [2006/11/02 04:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2013/05/15 01:02:00 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/16 15:18:38 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/28 09:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/08/10 13:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe -- (NSL)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/29 21:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/05/24 15:46:01 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\63506565.sys -- (51270607)
DRV:64bit: - [2012/12/21 05:09:28 | 000,139,768 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012/12/21 05:08:54 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/21 05:08:18 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\eamonm.sys -- (eamonm)
DRV:64bit: - [2012/02/29 06:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/22 14:14:54 | 000,139,592 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2011/11/22 14:14:54 | 000,078,208 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2011/09/28 15:31:30 | 000,321,536 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2011/08/08 16:38:05 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys -- (ccSet_NST)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/02/26 02:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/09/30 17:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/03/19 17:02:00 | 000,311,296 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2009/02/23 16:18:58 | 000,069,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2009/01/16 10:00:32 | 010,275,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/11/17 08:29:18 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/11/17 08:29:14 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/07/24 18:40:26 | 000,199,728 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/07/24 10:03:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/05/07 17:40:38 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbapp0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2233703


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://securityrespo...r/fix_homepage/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://securityrespo...r/fix_homepage/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://securityrespo...r/fix_homepage/
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://securityrespo...r/fix_homepage/
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/

IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://my.yahoo.com/
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://securityrespo...r/fix_homepage/
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/?_bc=1
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No CLSID value found
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\URLSearchHook: {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbapp0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000225f852495
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes\{960467E7-C35E-4D1F-BEE4-4627CD6723D4}: "URL" = http://search.condui...&ctid=CT3227982
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "appbario8 Customized Web Search"
FF - prefs.js..browser.search.order.1: "appbario8 Customized Web Search"
FF - prefs.js..browser.search.selectedEngine: "appbario8 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.condui...earchSource=13"
FF - prefs.js..extensions.enabledAddons: specialsavings%40superfish.com:1.2.0.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.0.8
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kristin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2013/03/11 11:48:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\ [2013/05/24 16:39:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/16 15:18:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/16 15:18:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/03/11 11:48:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected] [2013/05/19 23:25:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Sidekick Manager\2.6.1123.78\{6f06cdeb-5de2-4520-aef2-1aa556ca7a6b}\FirefoxExtension [2013/01/31 18:42:46 | 000,000,000 | ---D | M]

[2013/03/11 11:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Extensions
[2013/03/22 06:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\extensions
[2013/05/19 23:25:39 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\extensions\[email protected]
[2012/04/24 10:50:17 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2012/11/28 08:43:01 | 000,002,515 | ---- | M] () -- C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\searchplugins\Search_Results.xml
[2013/04/16 15:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/16 15:18:17 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/04/16 15:18:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/12 21:43:02 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013/04/16 15:18:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/28 08:43:01 | 000,002,515 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2013/04/16 15:18:32 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (appbario8 Toolbar) - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbapp0.dll (Conduit Ltd.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - Reg Error: Value error. File not found
O2 - BHO: (DataMngr) - {34DEE7AD-47D7-45e9-91FC-3E511083493F} - C:\PROGRA~2\SAVEVI~2\Datamngr\BROWSE~1.DLL File not found
O2 - BHO: (SpecialSavings) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (appbario8 Toolbar) - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbapp0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\Toolbar\WebBrowser: (no name) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No CLSID value found.
O3 - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\Toolbar\WebBrowser: (appbario8 Toolbar) - {0CC09160-108C-4759-BAB1-5C12C216E005} - C:\Program Files (x86)\appbario8\prxtbapp0.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4270958396-3272677963-532609597-1000..\Run: [Facebook Update] C:\Users\Kristin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-4270958396-3272677963-532609597-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-4270958396-3272677963-532609597-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{642F4715-C26C-4272-9F8C-7893530A3D30}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B85AA5E9-7BE2-4593-939E-734CA1D054AA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\sideki~1\261123~1.78\{6f06c~1\sskmngr.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Kristin\Pictures\a06f032f-8d4f-401d-bbb7-ac3a6fbb1fba_5.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kristin\Pictures\a06f032f-8d4f-401d-bbb7-ac3a6fbb1fba_5.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/05/24 16:43:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kristin\Desktop\OTL.exe
[2013/05/24 15:46:01 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\63506565.sys
[2013/05/24 15:38:19 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Kristin\Desktop\tdsskiller.exe
[2013/05/24 13:58:03 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Kristin\Desktop\aswMBR.exe
[2013/05/21 15:16:42 | 000,000,000 | ---D | C] -- C:\Users\Kristin\Desktop\Steph's Pics
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/24 17:06:36 | 000,605,080 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/24 17:06:35 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/24 17:06:35 | 000,104,934 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/24 17:05:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/24 17:01:18 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/24 16:56:47 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/24 16:43:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kristin\Desktop\OTL.exe
[2013/05/24 16:38:57 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 16:38:57 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 16:38:53 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4270958396-3272677963-532609597-1000UA.job
[2013/05/24 16:38:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/24 15:46:01 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\63506565.sys
[2013/05/24 15:38:43 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Kristin\Desktop\tdsskiller.exe
[2013/05/24 14:01:49 | 000,000,512 | ---- | M] () -- C:\Users\Kristin\Desktop\MBR.dat
[2013/05/24 13:59:04 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Kristin\Desktop\aswMBR.exe
[2013/05/23 21:06:46 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4270958396-3272677963-532609597-1000Core.job
[2013/05/15 01:02:00 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/05/15 01:02:00 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/05/01 10:05:48 | 000,002,675 | ---- | M] () -- C:\Users\Kristin\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2013/04/29 02:00:06 | 000,006,756 | ---- | M] () -- C:\Users\Kristin\AppData\Local\d3d9caps.dat
[2013/04/25 11:46:55 | 000,002,279 | ---- | M] () -- C:\Users\Kristin\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2013/04/25 10:03:39 | 000,195,072 | ---- | M] () -- C:\Users\Kristin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/24 14:01:49 | 000,000,512 | ---- | C] () -- C:\Users\Kristin\Desktop\MBR.dat
[2013/02/19 14:25:17 | 000,000,004 | ---- | C] () -- C:\Users\Kristin\AppData\Roaming\skype.ini
[2012/08/03 20:02:07 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/07/05 03:48:58 | 000,036,232 | ---- | C] () -- C:\Windows\SysWow64\rgbacodec.dll
[2012/05/12 13:22:03 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/05/08 05:02:48 | 000,258,415 | ---- | C] () -- C:\Users\Kristin\Kristen Ashley - Unfinished Hero 01 - Knight (v5.0).epub
[2012/01/27 16:48:42 | 000,378,449 | ---- | C] () -- C:\Users\Kristin\Three Wishes - Kristen Ashley.epub
[2011/05/18 15:29:08 | 000,001,940 | ---- | C] () -- C:\Users\Kristin\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/06 11:35:20 | 000,000,000 | ---- | C] () -- C:\Users\Kristin\AppData\Local\{48C18FA4-5AF8-4ABD-9808-A7D0401A196A}
[2011/04/20 21:12:29 | 000,052,736 | -H-- | C] () -- C:\Users\Kristin\AppData\Roaming\RBSpriteSurface400.dll
[2011/02/05 23:56:40 | 000,195,072 | ---- | C] () -- C:\Users\Kristin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/24 22:16:48 | 000,006,756 | ---- | C] () -- C:\Users\Kristin\AppData\Local\d3d9caps.dat
[2010/03/24 21:05:06 | 000,007,460 | ---- | C] () -- C:\Users\Kristin\AppData\Local\d3d9caps64.dat

========== ZeroAccess Check ==========

[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 10:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2006/11/02 04:16:28 | 000,026,624 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2008/01/20 19:48:17 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2008/01/20 19:48:16 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2009/04/11 00:11:22 | 001,081,856 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2009/04/11 00:11:13 | 000,458,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bfe.dll -- (BFE)
SRV:64bit: - [2011/11/16 07:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/04/11 00:11:14 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/04/10 23:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2008/01/20 19:49:11 | 000,103,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/06/01 17:20:42 | 000,174,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012/06/01 17:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2009/04/11 00:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2009/04/11 00:11:14 | 000,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/10 23:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcsvc.dll -- (Dhcp)
SRV:64bit: - [2011/03/02 09:12:21 | 000,117,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2008/01/20 19:50:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/04/11 00:11:15 | 000,024,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/04/10 23:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2008/01/20 19:48:03 | 000,342,016 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2009/04/11 00:11:15 | 000,533,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipsecsvc.dll -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/04/11 00:11:26 | 000,480,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2008/01/20 19:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2008/01/20 19:48:10 | 000,348,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2008/01/20 19:48:40 | 000,304,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2008/01/20 19:49:21 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2008/01/20 19:50:27 | 000,206,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2008/01/20 19:49:42 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2009/04/11 00:11:27 | 000,313,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2010/08/17 07:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/16 07:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2009/04/11 00:11:14 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\emdmgmt.dll -- (EMDMgmt)
SRV:64bit: - [2008/01/20 19:48:24 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2009/04/11 00:11:22 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2009/04/11 00:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2008/01/20 19:49:09 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/16 07:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/04/11 00:11:31 | 000,074,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/09/06 11:28:38 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2009/07/10 04:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/10 04:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2009/04/11 00:10:35 | 002,582,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SLsvc.exe -- (slsvc)
SRV:64bit: - [2010/11/06 04:18:13 | 000,855,040 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2009/04/11 00:11:26 | 000,318,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2009/04/10 23:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/10 04:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (Themes)
SRV - [2009/07/10 04:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (Themes)
SRV:64bit: - [2009/04/11 00:11:22 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2009/04/11 00:11:03 | 001,433,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vssvc.exe -- (VSS)
SRV:64bit: - [2009/04/11 00:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2009/04/11 00:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2008/01/20 19:47:28 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SDRSVC.dll -- (SDRSVC)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/04/11 00:11:28 | 001,491,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (Eventlog)
SRV:64bit: - [2009/04/11 00:11:15 | 000,603,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mpssvc.dll -- (MpsSvc)
SRV:64bit: - [2009/04/11 00:11:28 | 000,572,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2009/04/11 00:10:29 | 000,125,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2009/04/10 23:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/04/11 00:11:29 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 15:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2009/04/11 00:11:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/11 12:11:20 | 000,615,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/06/10 04:53:17 | 000,203,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/10/28 23:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/28 23:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/28 23:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/29 20:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 00:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 00:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/27 19:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/28 23:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/29 22:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/27 19:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 19:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 19:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: SERVICES >
[2006/09/18 14:37:24 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\services

< MD5 for: SERVICES.EXE >
[2008/01/20 19:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 00:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SysNative\services.exe
[2009/04/11 00:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SysWOW64\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008/01/20 19:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 08:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\SysWOW64\en-US\services.exe.mui
[2006/11/02 08:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
[2006/11/02 08:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\Windows\SysNative\en-US\services.exe.mui
[2006/11/02 08:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c3e5209ee1678e23\services.exe.mui

< MD5 for: SERVICES.HEARSTMAGS[1].XML >
[2013/05/23 13:21:42 | 000,000,213 | ---- | M] () MD5=09ADDDE7F6AE44AF94EEADF7B00F8CEA -- C:\Users\Kristin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8IT3Q1QI\services.hearstmags[1].xml

< MD5 for: SERVICES.LNK >
[2008/01/20 20:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 20:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2006/09/18 14:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysWOW64\wbem\services.mof
[2006/09/18 14:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.mof
[2006/09/18 14:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 08:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2006/09/18 14:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2006/11/02 08:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2006/11/02 08:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_fe26f08ab7d12816\services.msc
[2006/09/18 14:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_2b827e27fe185619\services.msc
[2006/11/02 08:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: SVCHOST.EXE >
[2008/01/20 19:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008/01/20 19:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008/01/20 19:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/20 19:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 19:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 19:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/20 19:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/20 19:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 00:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 00:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 19:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 19:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< dir C:\ /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is A8A9-6B26
Directory of C:\
11/02/2006 08:42 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
11/02/2006 08:42 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:42 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:42 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:42 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:42 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:42 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
11/02/2006 08:42 AM <SYMLINKD> All Users [C:\ProgramData]
11/02/2006 08:42 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
11/02/2006 08:42 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:42 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:42 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:42 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:42 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:42 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
11/02/2006 08:42 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
11/02/2006 08:42 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
11/02/2006 08:42 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
11/02/2006 08:42 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
11/02/2006 08:42 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/02/2006 08:42 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/02/2006 08:42 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
11/02/2006 08:42 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
11/02/2006 08:42 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
11/02/2006 08:42 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
11/02/2006 08:42 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
11/02/2006 08:42 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
11/02/2006 08:42 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
11/02/2006 08:42 AM <JUNCTION> My Music [C:\Users\Default\Music]
11/02/2006 08:42 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
11/02/2006 08:42 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Kristin
03/24/2010 09:05 PM <JUNCTION> Application Data [C:\Users\Kristin\AppData\Roaming]
03/24/2010 09:05 PM <JUNCTION> Cookies [C:\Users\Kristin\AppData\Roaming\Microsoft\Windows\Cookies]
03/24/2010 09:05 PM <JUNCTION> Local Settings [C:\Users\Kristin\AppData\Local]
03/24/2010 09:05 PM <JUNCTION> My Documents [C:\Users\Kristin\Documents]
03/24/2010 09:05 PM <JUNCTION> NetHood [C:\Users\Kristin\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/24/2010 09:05 PM <JUNCTION> PrintHood [C:\Users\Kristin\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/24/2010 09:05 PM <JUNCTION> Recent [C:\Users\Kristin\AppData\Roaming\Microsoft\Windows\Recent]
03/24/2010 09:05 PM <JUNCTION> SendTo [C:\Users\Kristin\AppData\Roaming\Microsoft\Windows\SendTo]
03/24/2010 09:05 PM <JUNCTION> Start Menu [C:\Users\Kristin\AppData\Roaming\Microsoft\Windows\Start Menu]
03/24/2010 09:05 PM <JUNCTION> Templates [C:\Users\Kristin\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Kristin\AppData\Local
03/24/2010 09:05 PM <JUNCTION> Application Data [C:\Users\Kristin\AppData\Local]
03/24/2010 09:05 PM <JUNCTION> History [C:\Users\Kristin\AppData\Local\Microsoft\Windows\History]
03/24/2010 09:05 PM <JUNCTION> Temporary Internet Files [C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Kristin\Documents
03/24/2010 09:05 PM <JUNCTION> My Music [C:\Users\Kristin\Music]
03/24/2010 09:05 PM <JUNCTION> My Pictures [C:\Users\Kristin\Pictures]
03/24/2010 09:05 PM <JUNCTION> My Videos [C:\Users\Kristin\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
11/02/2006 08:42 AM <JUNCTION> My Music [C:\Users\Public\Music]
11/02/2006 08:42 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
11/02/2006 08:42 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
50 Dir(s) 92,753,498,112 bytes free

< End of report >

OTL Extras logfile created on: 5/24/2013 4:45:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kristin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 43.94% Memory free
8.10 Gb Paging File | 5.84 Gb Available in Paging File | 72.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.30 Gb Total Space | 89.69 Gb Free Space | 32.11% Space Free | Partition Type: NTFS
Drive E: | 18.75 Gb Total Space | 10.95 Gb Free Space | 58.43% Space Free | Partition Type: NTFS

Computer Name: KRISTIN-PC | User Name: Kristin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 91 03 2D DB 61 CC CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B145BE34-9D48-4EE7-AABF-4323580547C4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B31AE422-1624-4086-956A-F65C7723DA3B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A9763F-BAEE-4222-860D-7B2268C0D6E3}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{04DA437F-04B0-4BCB-AD4C-99324759A976}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{0A42B593-1984-4B7F-8DB9-E172E9CF883A}" = protocol=6 | dir=in | app=c:\program files (x86)\savevid toolbar\datamngr\toolbar\dtuser.exe |
"{12112EDE-72C6-4019-99A4-24DB171376F5}" = dir=in | app=c:\windows\system32\hasplms.exe |
"{22D41500-2DCA-4021-8B00-82EE538CC926}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2E1D56B7-C6A9-405C-AD27-2B1B668785D7}" = dir=in | app=c:\users\kristin\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{34F37B43-D457-43DC-9F34-62B7E3180B57}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{489003EB-4F56-469D-B9F0-C11611A6F79E}" = protocol=17 | dir=in | app=c:\program files (x86)\lightworks\ntcardvt.exe |
"{55011205-7CC2-467D-9B50-6BB056CA2D58}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5B69EC22-A226-491D-B593-C36D48506B26}" = protocol=17 | dir=in | app=c:\program files (x86)\lightworks\lightworks.exe |
"{6CCA09D9-DFE5-4E3F-A156-3C6D365A969F}" = protocol=6 | dir=in | app=c:\program files (x86)\lightworks\ntcardvt.exe |
"{86E553D5-B0A2-45A5-9871-89CB195622BD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{92FB9936-4F98-4047-9A81-277F615BF06C}" = protocol=6 | dir=in | app=c:\windows\system32\dlbacoms.exe |
"{9CD35F2E-C626-4503-A4D4-32371D52AA1A}" = protocol=17 | dir=in | app=c:\program files (x86)\savevid toolbar\datamngr\toolbar\dtuser.exe |
"{A3279F54-C557-4157-B5DE-7B7A5E19FCAE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B4742DBB-2297-473B-962E-346834FE17FE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BBC66CC2-CBDD-4DBB-A37A-F9E79E281B4B}" = protocol=6 | dir=in | app=c:\program files (x86)\lightworks\lightworks.exe |
"{BFF96D5C-8DFC-4DAF-88D9-24CAC7E35A6D}" = protocol=17 | dir=in | app=c:\windows\system32\dlbacoms.exe |
"{D46C2DC7-5D6F-44DD-AF83-B4B3EDC3079D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E3764CE9-73A2-4F2F-8DA9-D7E8BDC61F0A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{E37F06A5-B90E-4480-960E-D4C924BCC988}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FE2955B8-EC7C-452D-9FC4-30BC43B57442}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5254156F-AA77-499A-B7C1-D5581D44E788}" = Marvell Miniport Driver
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{84BC87D4-0480-4E10-B15D-1E7886D55180}" = iTunes
"{87CA8C0A-D865-48B6-B521-B3DB1771D565}" = ESET NOD32 Antivirus
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"Creative OA009" = Integrated Webcam Driver (1.02.01.0320)
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}" = Lightworks
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"appbario8 Toolbar" = appbario8 Toolbar
"CameraUserGuide-PSG12" = Canon PowerShot G12 Camera User Guide
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ConverterLite" = ConverterLite 1.4.0
"Dell Webcam Central" = Dell Webcam Central
"DPP" = Canon Utilities Digital Photo Professional 3.9
"ePub to PDF Converter_is1" = ePub to PDF Converter 2.0.4
"ffdshow_is1" = ffdshow [rev 1443] [2007-08-29]
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.7.0 (Full)
"Movavi Video Converter 11" = Movavi Video Converter 11
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera" = Canon Utilities MyCamera
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"MyCameraDC" = Canon Utilities MyCamera DC
"NST" = Norton Safe Web Lite
"Personal Printing Guide" = Canon Personal Printing Guide
"PhotoStitch" = Canon Utilities PhotoStitch
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Software Guide" = Canon DIGITAL CAMERA Solution Disk Software Guide
"SpecialSavings" = SpecialSavings
"VideoThang™_is1" = VideoThang™ 2.0.1
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Game Organizer" = EasyBits GO

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/12/2011 2:12:15 PM | Computer Name = Kristin-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/13/2011 12:20:12 PM | Computer Name = Kristin-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/14/2011 12:48:07 PM | Computer Name = Kristin-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/14/2011 8:20:00 PM | Computer Name = Kristin-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.19154 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: fe4 Start Time: 01ccba8022cd04bc Termination Time: 31

Error - 12/15/2011 12:54:30 AM | Computer Name = Kristin-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.19154 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 11bc Start Time: 01ccbac1f3701870 Termination Time: 0

Error - 12/15/2011 3:01:29 AM | Computer Name = Kristin-PC | Source = Application Error | ID = 1000
Description = Faulting application SearchIndexer.exe, version 7.0.6002.18005, time
stamp 0x49e03333, faulting module TQUERY.DLL, version 7.0.6002.18005, time stamp
0x49e0422e, exception code 0xc0000005, fault offset 0x0000000000141be1, process
id 0x8b0, application start time 0x01ccba80022287dc.

Error - 12/15/2011 12:28:07 PM | Computer Name = Kristin-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/16/2011 4:13:55 AM | Computer Name = Kristin-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19154, time stamp
0x4e8634f0, faulting module mshtml.dll, version 8.0.6001.19154, time stamp 0x4e864aec,
exception code 0xc0000005, fault offset 0x000da5cc, process id 0x1e20, application
start time 0x01ccbbc9b4069a70.

Error - 12/16/2011 4:52:14 PM | Computer Name = Kristin-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/17/2011 3:31:36 PM | Computer Name = Kristin-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 11/21/2012 6:41:38 PM | Computer Name = Kristin-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

[ System Events ]
Error - 5/24/2013 7:40:08 PM | Computer Name = Kristin-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 5/24/2013 7:40:08 PM | Computer Name = Kristin-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 5/24/2013 7:40:08 PM | Computer Name = Kristin-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 5/24/2013 7:40:08 PM | Computer Name = Kristin-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 5/24/2013 7:41:53 PM | Computer Name = Kristin-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 5/24/2013 7:41:53 PM | Computer Name = Kristin-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 5/24/2013 7:42:18 PM | Computer Name = Kristin-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 5/24/2013 7:42:18 PM | Computer Name = Kristin-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 5/24/2013 7:56:28 PM | Computer Name = Kristin-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 5/24/2013 7:56:28 PM | Computer Name = Kristin-PC | Source = Service Control Manager | ID = 7032
Description =


< End of report >
  • 0

#4
Jasmyne
Posted 24 May 2013 - 08:00 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
I can see from your logs that you have both TDSSKiller and aswMBR on your desktop, if you have ran either of those previously could you please post those logs also?

Thank you

Jasmyne
  • 0

#5
Kristin51505
Posted 24 May 2013 - 09:15 PM

Kristin51505

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts
Sorry for the late response, my computer is running terribly slow and it kept crashing during the TDSSkiller scan . . . but I've prevailed! I was able to finish the TDSSkiller scan and it called for a reboot, which I did, but I didn't think of looking/copying at the report first so the log you see here is from a second scan. I hope that works! The log from the aswMBR scan is at the bottom, as well.

Thanks!

Kristin


19:59:44.0999 0844 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:59:45.0716 0844 ============================================================
19:59:45.0716 0844 Current date / time: 2013/05/24 19:59:45.0716
19:59:45.0716 0844 SystemInfo:
19:59:45.0716 0844
19:59:45.0716 0844 OS Version: 6.0.6002 ServicePack: 2.0
19:59:45.0716 0844 Product type: Workstation
19:59:45.0716 0844 ComputerName: KRISTIN-PC
19:59:45.0716 0844 UserName: Kristin
19:59:45.0716 0844 Windows directory: C:\Windows
19:59:45.0716 0844 System windows directory: C:\Windows
19:59:45.0716 0844 Running under WOW64
19:59:45.0716 0844 Processor architecture: Intel x64
19:59:45.0716 0844 Number of processors: 2
19:59:45.0716 0844 Page size: 0x1000
19:59:45.0716 0844 Boot type: Normal boot
19:59:45.0716 0844 ============================================================
19:59:47.0011 0844 BG loaded
19:59:47.0931 0844 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:59:47.0963 0844 ============================================================
19:59:47.0963 0844 \Device\Harddisk0\DR0:
19:59:47.0994 0844 MBR partitions:
19:59:47.0994 0844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18800, BlocksNum 0x257D800
19:59:47.0994 0844 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2596000, BlocksNum 0x22E98800
19:59:47.0994 0844 ============================================================
19:59:48.0150 0844 C: <-> \Device\Harddisk0\DR0\Partition2
19:59:48.0290 0844 E: <-> \Device\Harddisk0\DR0\Partition1
19:59:48.0290 0844 ============================================================
19:59:48.0290 0844 Initialize success
19:59:48.0290 0844 ============================================================
20:00:03.0843 0472 ============================================================
20:00:03.0843 0472 Scan started
20:00:03.0843 0472 Mode: Manual; SigCheck; TDLFS;
20:00:03.0843 0472 ============================================================
20:00:07.0166 0472 ================ Scan system memory ========================
20:00:07.0166 0472 System memory - ok
20:00:07.0166 0472 ================ Scan services =============================
20:00:08.0211 0472 [ F146E2BA475893DD77B2370DC1211FC6 ] 51270607 C:\Windows\system32\drivers\63506565.sys
20:00:08.0648 0472 51270607 - ok
20:00:08.0679 0472 93752228 - ok
20:00:08.0742 0472 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:00:08.0789 0472 ACPI - ok
20:00:09.0007 0472 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:00:09.0038 0472 AdobeFlashPlayerUpdateSvc - ok
20:00:09.0101 0472 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:00:09.0179 0472 adp94xx - ok
20:00:09.0257 0472 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:00:09.0335 0472 adpahci - ok
20:00:09.0397 0472 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:00:09.0444 0472 adpu160m - ok
20:00:09.0506 0472 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:00:09.0522 0472 adpu320 - ok
20:00:09.0615 0472 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:00:09.0959 0472 AeLookupSvc ( UnsignedFile.Multi.Generic ) - warning
20:00:09.0959 0472 AeLookupSvc - detected UnsignedFile.Multi.Generic (1)
20:00:10.0115 0472 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_54cb4575\AESTSr64.exe
20:00:10.0146 0472 AESTFilters ( UnsignedFile.Multi.Generic ) - warning
20:00:10.0146 0472 AESTFilters - detected UnsignedFile.Multi.Generic (1)
20:00:10.0317 0472 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
20:00:10.0380 0472 AFD ( UnsignedFile.Multi.Generic ) - warning
20:00:10.0380 0472 AFD - detected UnsignedFile.Multi.Generic (1)
20:00:10.0442 0472 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:00:10.0473 0472 agp440 - ok
20:00:10.0567 0472 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:00:10.0583 0472 aic78xx - ok
20:00:10.0645 0472 [ 44F360B65C37A42EB5B71C2E5179FDD5 ] aksdf C:\Windows\system32\drivers\aksdf.sys
20:00:10.0707 0472 aksdf ( UnsignedFile.Multi.Generic ) - warning
20:00:10.0707 0472 aksdf - detected UnsignedFile.Multi.Generic (1)
20:00:10.0770 0472 [ 43415AF4F20E9867974623840A22FE98 ] aksfridge C:\Windows\system32\drivers\aksfridge.sys
20:00:10.0785 0472 aksfridge - ok
20:00:10.0832 0472 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
20:00:10.0895 0472 ALG ( UnsignedFile.Multi.Generic ) - warning
20:00:10.0895 0472 ALG - detected UnsignedFile.Multi.Generic (1)
20:00:10.0973 0472 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
20:00:11.0004 0472 aliide - ok
20:00:11.0035 0472 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
20:00:11.0082 0472 amdide - ok
20:00:11.0129 0472 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:00:11.0191 0472 AmdK8 ( UnsignedFile.Multi.Generic ) - warning
20:00:11.0191 0472 AmdK8 - detected UnsignedFile.Multi.Generic (1)
20:00:11.0300 0472 [ 8C85C812569DF851E7A2159147323DFA ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
20:00:11.0316 0472 ApfiltrService - ok
20:00:11.0409 0472 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
20:00:11.0487 0472 Appinfo ( UnsignedFile.Multi.Generic ) - warning
20:00:11.0487 0472 Appinfo - detected UnsignedFile.Multi.Generic (1)
20:00:11.0924 0472 [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
20:00:11.0940 0472 Apple Mobile Device - ok
20:00:11.0987 0472 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
20:00:12.0033 0472 arc - ok
20:00:12.0096 0472 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:00:12.0127 0472 arcsas - ok
20:00:12.0174 0472 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:00:12.0236 0472 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
20:00:12.0236 0472 AsyncMac - detected UnsignedFile.Multi.Generic (1)
20:00:12.0283 0472 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
20:00:12.0314 0472 atapi - ok
20:00:12.0548 0472 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:00:12.0626 0472 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - warning
20:00:12.0626 0472 AudioEndpointBuilder - detected UnsignedFile.Multi.Generic (1)
20:00:12.0751 0472 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:00:12.0829 0472 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
20:00:12.0829 0472 AudioSrv - detected UnsignedFile.Multi.Generic (1)
20:00:12.0923 0472 [ A7C9995BA861FCE78B2CEAAE61D39FD7 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
20:00:12.0938 0472 BCM42RLY - ok
20:00:13.0328 0472 [ D32F962B71FEE6BDAAEE630BB2C17280 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:00:13.0484 0472 BCM43XX - ok
20:00:13.0796 0472 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
20:00:13.0921 0472 BFE ( UnsignedFile.Multi.Generic ) - warning
20:00:13.0921 0472 BFE - detected UnsignedFile.Multi.Generic (1)
20:00:14.0217 0472 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
20:00:14.0373 0472 BITS ( UnsignedFile.Multi.Generic ) - warning
20:00:14.0373 0472 BITS - detected UnsignedFile.Multi.Generic (1)
20:00:14.0451 0472 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:00:14.0576 0472 blbdrive ( UnsignedFile.Multi.Generic ) - warning
20:00:14.0576 0472 blbdrive - detected UnsignedFile.Multi.Generic (1)
20:00:14.0670 0472 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:00:14.0685 0472 Bonjour Service - ok
20:00:14.0826 0472 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:00:14.0873 0472 bowser ( UnsignedFile.Multi.Generic ) - warning
20:00:14.0873 0472 bowser - detected UnsignedFile.Multi.Generic (1)
20:00:14.0951 0472 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:00:15.0060 0472 BrFiltLo ( UnsignedFile.Multi.Generic ) - warning
20:00:15.0060 0472 BrFiltLo - detected UnsignedFile.Multi.Generic (1)
20:00:15.0153 0472 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:00:15.0231 0472 BrFiltUp ( UnsignedFile.Multi.Generic ) - warning
20:00:15.0231 0472 BrFiltUp - detected UnsignedFile.Multi.Generic (1)
20:00:15.0356 0472 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
20:00:15.0403 0472 Browser ( UnsignedFile.Multi.Generic ) - warning
20:00:15.0403 0472 Browser - detected UnsignedFile.Multi.Generic (1)
20:00:15.0824 0472 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
20:00:16.0011 0472 Brserid ( UnsignedFile.Multi.Generic ) - warning
20:00:16.0011 0472 Brserid - detected UnsignedFile.Multi.Generic (1)
20:00:16.0089 0472 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:00:16.0183 0472 BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
20:00:16.0183 0472 BrSerWdm - detected UnsignedFile.Multi.Generic (1)
20:00:16.0230 0472 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:00:17.0478 0472 BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning
20:00:17.0478 0472 BrUsbMdm - detected UnsignedFile.Multi.Generic (1)
20:00:17.0681 0472 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:00:17.0743 0472 BrUsbSer ( UnsignedFile.Multi.Generic ) - warning
20:00:17.0743 0472 BrUsbSer - detected UnsignedFile.Multi.Generic (1)
20:00:17.0946 0472 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:00:18.0024 0472 BTHMODEM ( UnsignedFile.Multi.Generic ) - warning
20:00:18.0024 0472 BTHMODEM - detected UnsignedFile.Multi.Generic (1)
20:00:18.0726 0472 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NST C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys
20:00:18.0741 0472 ccSet_NST - ok
20:00:18.0804 0472 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:00:18.0882 0472 cdfs ( UnsignedFile.Multi.Generic ) - warning
20:00:18.0882 0472 cdfs - detected UnsignedFile.Multi.Generic (1)
20:00:18.0944 0472 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:00:18.0991 0472 cdrom ( UnsignedFile.Multi.Generic ) - warning
20:00:18.0991 0472 cdrom - detected UnsignedFile.Multi.Generic (1)
20:00:19.0131 0472 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
20:00:19.0209 0472 CertPropSvc ( UnsignedFile.Multi.Generic ) - warning
20:00:19.0209 0472 CertPropSvc - detected UnsignedFile.Multi.Generic (1)
20:00:19.0272 0472 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
20:00:19.0365 0472 circlass ( UnsignedFile.Multi.Generic ) - warning
20:00:19.0365 0472 circlass - detected UnsignedFile.Multi.Generic (1)
20:00:19.0490 0472 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
20:00:19.0802 0472 CLFS - ok
20:00:20.0301 0472 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:00:20.0738 0472 clr_optimization_v2.0.50727_32 - ok
20:00:21.0113 0472 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:00:21.0222 0472 clr_optimization_v2.0.50727_64 - ok
20:00:21.0893 0472 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:00:22.0532 0472 clr_optimization_v4.0.30319_32 - ok
20:00:22.0641 0472 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:00:22.0797 0472 clr_optimization_v4.0.30319_64 - ok
20:00:22.0985 0472 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:00:23.0063 0472 CmBatt ( UnsignedFile.Multi.Generic ) - warning
20:00:23.0063 0472 CmBatt - detected UnsignedFile.Multi.Generic (1)
20:00:23.0141 0472 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:00:23.0219 0472 cmdide - ok
20:00:23.0312 0472 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:00:23.0343 0472 Compbatt - ok
20:00:23.0359 0472 COMSysApp - ok
20:00:23.0437 0472 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:00:23.0468 0472 crcdisk - ok
20:00:23.0609 0472 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:00:23.0687 0472 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
20:00:23.0687 0472 CryptSvc - detected UnsignedFile.Multi.Generic (1)
20:00:23.0921 0472 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:00:23.0999 0472 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
20:00:23.0999 0472 DcomLaunch - detected UnsignedFile.Multi.Generic (1)
20:00:24.0077 0472 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:00:24.0139 0472 DfsC ( UnsignedFile.Multi.Generic ) - warning
20:00:24.0139 0472 DfsC - detected UnsignedFile.Multi.Generic (1)
20:00:24.0747 0472 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
20:00:25.0839 0472 DFSR ( UnsignedFile.Multi.Generic ) - warning
20:00:25.0839 0472 DFSR - detected UnsignedFile.Multi.Generic (1)
20:00:26.0105 0472 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:00:26.0151 0472 Dhcp ( UnsignedFile.Multi.Generic ) - warning
20:00:26.0151 0472 Dhcp - detected UnsignedFile.Multi.Generic (1)
20:00:26.0229 0472 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
20:00:26.0245 0472 disk - ok
20:00:26.0323 0472 dlba_device - ok
20:00:26.0432 0472 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:00:26.0495 0472 Dnscache ( UnsignedFile.Multi.Generic ) - warning
20:00:26.0495 0472 Dnscache - detected UnsignedFile.Multi.Generic (1)
20:00:26.0588 0472 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
20:00:26.0666 0472 dot3svc ( UnsignedFile.Multi.Generic ) - warning
20:00:26.0666 0472 dot3svc - detected UnsignedFile.Multi.Generic (1)
20:00:26.0744 0472 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
20:00:26.0822 0472 DPS ( UnsignedFile.Multi.Generic ) - warning
20:00:26.0822 0472 DPS - detected UnsignedFile.Multi.Generic (1)
20:00:26.0869 0472 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:00:26.0978 0472 drmkaud ( UnsignedFile.Multi.Generic ) - warning
20:00:26.0978 0472 drmkaud - detected UnsignedFile.Multi.Generic (1)
20:00:27.0197 0472 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:00:27.0290 0472 DXGKrnl - ok
20:00:27.0477 0472 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
20:00:27.0555 0472 E1G60 ( UnsignedFile.Multi.Generic ) - warning
20:00:27.0555 0472 E1G60 - detected UnsignedFile.Multi.Generic (1)
20:00:27.0665 0472 [ 78A3903702B7535154F56685CA1517D4 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
20:00:27.0680 0472 eamonm - ok
20:00:27.0743 0472 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
20:00:27.0789 0472 EapHost ( UnsignedFile.Multi.Generic ) - warning
20:00:27.0789 0472 EapHost - detected UnsignedFile.Multi.Generic (1)
20:00:27.0914 0472 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
20:00:27.0961 0472 Ecache - ok
20:00:28.0195 0472 [ 9E39134330C18CBAC0F24C1283701D7E ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
20:00:28.0211 0472 ehdrv - ok
20:00:28.0398 0472 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:00:28.0460 0472 ehRecvr ( UnsignedFile.Multi.Generic ) - warning
20:00:28.0460 0472 ehRecvr - detected UnsignedFile.Multi.Generic (1)
20:00:28.0585 0472 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
20:00:28.0632 0472 ehSched ( UnsignedFile.Multi.Generic ) - warning
20:00:28.0632 0472 ehSched - detected UnsignedFile.Multi.Generic (1)
20:00:28.0803 0472 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
20:00:28.0850 0472 ehstart ( UnsignedFile.Multi.Generic ) - warning
20:00:28.0850 0472 ehstart - detected UnsignedFile.Multi.Generic (1)
20:00:29.0521 0472 [ 501C1787CA4FAC7F6E9F585E96EB2FAC ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
20:00:29.0661 0472 ekrn - ok
20:00:29.0927 0472 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:00:30.0098 0472 elxstor - ok
20:00:30.0207 0472 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:00:30.0301 0472 EMDMgmt ( UnsignedFile.Multi.Generic ) - warning
20:00:30.0301 0472 EMDMgmt - detected UnsignedFile.Multi.Generic (1)
20:00:30.0675 0472 [ B4E8DC817963B256537B1EC09AF0647E ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
20:00:30.0691 0472 epfwwfpr - ok
20:00:30.0785 0472 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:00:30.0878 0472 ErrDev ( UnsignedFile.Multi.Generic ) - warning
20:00:30.0878 0472 ErrDev - detected UnsignedFile.Multi.Generic (1)
20:00:31.0143 0472 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
20:00:31.0221 0472 EventSystem ( UnsignedFile.Multi.Generic ) - warning
20:00:31.0221 0472 EventSystem - detected UnsignedFile.Multi.Generic (1)
20:00:31.0424 0472 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
20:00:31.0533 0472 exfat ( UnsignedFile.Multi.Generic ) - warning
20:00:31.0533 0472 exfat - detected UnsignedFile.Multi.Generic (1)
20:00:31.0752 0472 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:00:31.0799 0472 fastfat ( UnsignedFile.Multi.Generic ) - warning
20:00:31.0799 0472 fastfat - detected UnsignedFile.Multi.Generic (1)
20:00:32.0017 0472 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:00:32.0095 0472 fdc ( UnsignedFile.Multi.Generic ) - warning
20:00:32.0095 0472 fdc - detected UnsignedFile.Multi.Generic (1)
20:00:32.0142 0472 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
20:00:32.0204 0472 fdPHost ( UnsignedFile.Multi.Generic ) - warning
20:00:32.0204 0472 fdPHost - detected UnsignedFile.Multi.Generic (1)
20:00:32.0267 0472 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
20:00:32.0329 0472 FDResPub ( UnsignedFile.Multi.Generic ) - warning
20:00:32.0329 0472 FDResPub - detected UnsignedFile.Multi.Generic (1)
20:00:32.0345 0472 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:00:32.0423 0472 FileInfo - ok
20:00:32.0485 0472 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:00:32.0610 0472 Filetrace ( UnsignedFile.Multi.Generic ) - warning
20:00:32.0610 0472 Filetrace - detected UnsignedFile.Multi.Generic (1)
20:00:32.0672 0472 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:00:32.0781 0472 flpydisk ( UnsignedFile.Multi.Generic ) - warning
20:00:32.0781 0472 flpydisk - detected UnsignedFile.Multi.Generic (1)
20:00:32.0906 0472 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:00:32.0937 0472 FltMgr - ok
20:00:33.0452 0472 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
20:00:33.0639 0472 FontCache ( UnsignedFile.Multi.Generic ) - warning
20:00:33.0639 0472 FontCache - detected UnsignedFile.Multi.Generic (1)
20:00:37.0056 0472 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:00:38.0351 0472 FontCache3.0.0.0 - ok
20:00:38.0678 0472 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:00:38.0709 0472 fssfltr - ok
20:00:40.0376 0472 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:00:42.0158 0472 fsssvc - ok
20:00:42.0470 0472 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:00:43.0889 0472 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
20:00:43.0889 0472 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
20:00:44.0373 0472 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:00:50.0566 0472 gagp30kx - ok
20:00:50.0769 0472 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:00:50.0785 0472 GEARAspiWDM - ok
20:00:51.0393 0472 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
20:00:51.0487 0472 gpsvc ( UnsignedFile.Multi.Generic ) - warning
20:00:51.0487 0472 gpsvc - detected UnsignedFile.Multi.Generic (1)
20:00:51.0923 0472 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:00:51.0939 0472 gupdate - ok
20:00:52.0048 0472 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:00:52.0079 0472 gupdatem - ok
20:00:53.0827 0472 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:00:54.0435 0472 gusvc - ok
20:00:54.0919 0472 [ D619BA1712B83D14149850E758B835AD ] hardlock C:\Windows\system32\drivers\hardlock.sys
20:00:58.0226 0472 hardlock ( UnsignedFile.Multi.Generic ) - warning
20:00:58.0226 0472 hardlock - detected UnsignedFile.Multi.Generic (1)
20:00:58.0241 0472 hasplms - ok
20:00:58.0663 0472 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:00:59.0224 0472 HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
20:00:59.0224 0472 HdAudAddService - detected UnsignedFile.Multi.Generic (1)
20:00:59.0926 0472 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:01:00.0457 0472 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
20:01:00.0457 0472 HDAudBus - detected UnsignedFile.Multi.Generic (1)
20:01:00.0706 0472 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:01:00.0909 0472 HidBth ( UnsignedFile.Multi.Generic ) - warning
20:01:00.0909 0472 HidBth - detected UnsignedFile.Multi.Generic (1)
20:01:01.0673 0472 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:01:02.0219 0472 HidIr ( UnsignedFile.Multi.Generic ) - warning
20:01:02.0219 0472 HidIr - detected UnsignedFile.Multi.Generic (1)
20:01:02.0453 0472 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
20:01:02.0531 0472 hidserv ( UnsignedFile.Multi.Generic ) - warning
20:01:02.0531 0472 hidserv - detected UnsignedFile.Multi.Generic (1)
20:01:02.0656 0472 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:01:02.0859 0472 HidUsb ( UnsignedFile.Multi.Generic ) - warning
20:01:02.0859 0472 HidUsb - detected UnsignedFile.Multi.Generic (1)
20:01:03.0046 0472 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
20:01:08.0927 0472 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
20:01:08.0927 0472 hkmsvc - detected UnsignedFile.Multi.Generic (1)
20:01:08.0990 0472 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:01:09.0037 0472 HpCISSs - ok
20:01:09.0177 0472 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:01:09.0255 0472 HTTP ( UnsignedFile.Multi.Generic ) - warning
20:01:09.0255 0472 HTTP - detected UnsignedFile.Multi.Generic (1)
20:01:09.0910 0472 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:01:10.0456 0472 i2omp - ok
20:01:10.0690 0472 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:01:10.0768 0472 i8042prt ( UnsignedFile.Multi.Generic ) - warning
20:01:10.0768 0472 i8042prt - detected UnsignedFile.Multi.Generic (1)
20:01:11.0673 0472 [ 7B96206E4BDD2FE582F0DBC46F5F410E ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:01:11.0751 0472 IAANTMON - ok
20:01:12.0703 0472 [ 07FB761600EFF44AF02C35B8B57E5863 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:01:12.0749 0472 iaStor - ok
20:01:13.0249 0472 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:01:14.0138 0472 iaStorV - ok
20:01:14.0699 0472 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:01:16.0119 0472 idsvc - ok
20:01:18.0475 0472 [ F7AB8285BBECFAA5ED4050CCB89E073D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:01:21.0189 0472 igfx ( UnsignedFile.Multi.Generic ) - warning
20:01:21.0189 0472 igfx - detected UnsignedFile.Multi.Generic (1)
20:01:22.0156 0472 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:01:22.0936 0472 iirsp - ok
20:01:23.0513 0472 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
20:01:23.0857 0472 IKEEXT ( UnsignedFile.Multi.Generic ) - warning
20:01:23.0857 0472 IKEEXT - detected UnsignedFile.Multi.Generic (1)
20:01:24.0013 0472 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
20:01:24.0044 0472 intelide - ok
20:01:24.0169 0472 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:01:24.0215 0472 intelppm ( UnsignedFile.Multi.Generic ) - warning
20:01:24.0215 0472 intelppm - detected UnsignedFile.Multi.Generic (1)
20:01:25.0401 0472 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:01:25.0448 0472 IPBusEnum ( UnsignedFile.Multi.Generic ) - warning
20:01:25.0448 0472 IPBusEnum - detected UnsignedFile.Multi.Generic (1)
20:01:26.0087 0472 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:01:26.0555 0472 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
20:01:26.0555 0472 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
20:01:26.0774 0472 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:01:26.0821 0472 iphlpsvc ( UnsignedFile.Multi.Generic ) - warning
20:01:26.0821 0472 iphlpsvc - detected UnsignedFile.Multi.Generic (1)
20:01:26.0821 0472 IpInIp - ok
20:01:28.0006 0472 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:01:28.0225 0472 IPMIDRV ( UnsignedFile.Multi.Generic ) - warning
20:01:28.0225 0472 IPMIDRV - detected UnsignedFile.Multi.Generic (1)
20:01:28.0256 0472 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:01:28.0318 0472 IPNAT ( UnsignedFile.Multi.Generic ) - warning
20:01:28.0318 0472 IPNAT - detected UnsignedFile.Multi.Generic (1)
20:01:28.0927 0472 [ 9EFDBFA57A5876618D8CA31F5806CDED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:01:29.0722 0472 iPod Service - ok
20:01:30.0128 0472 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:01:30.0206 0472 IRENUM ( UnsignedFile.Multi.Generic ) - warning
20:01:30.0206 0472 IRENUM - detected UnsignedFile.Multi.Generic (1)
20:01:30.0424 0472 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:01:30.0471 0472 isapnp - ok
20:01:30.0689 0472 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:01:30.0721 0472 iScsiPrt - ok
20:01:30.0877 0472 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:01:30.0892 0472 iteatapi - ok
20:01:31.0220 0472 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:01:31.0267 0472 iteraid - ok
20:01:31.0313 0472 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:01:31.0329 0472 kbdclass - ok
20:01:31.0423 0472 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:01:31.0485 0472 kbdhid ( UnsignedFile.Multi.Generic ) - warning
20:01:31.0485 0472 kbdhid - detected UnsignedFile.Multi.Generic (1)
20:01:31.0547 0472 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
20:01:31.0610 0472 KeyIso ( UnsignedFile.Multi.Generic ) - warning
20:01:31.0610 0472 KeyIso - detected UnsignedFile.Multi.Generic (1)
20:01:31.0859 0472 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:01:32.0125 0472 KSecDD - ok
20:01:32.0546 0472 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:01:32.0624 0472 ksthunk ( UnsignedFile.Multi.Generic ) - warning
20:01:32.0624 0472 ksthunk - detected UnsignedFile.Multi.Generic (1)
20:01:33.0248 0472 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
20:01:41.0797 0472 KtmRm ( UnsignedFile.Multi.Generic ) - warning
20:01:41.0797 0472 KtmRm - detected UnsignedFile.Multi.Generic (1)
20:01:41.0984 0472 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:01:42.0031 0472 LanmanServer ( UnsignedFile.Multi.Generic ) - warning
20:01:42.0031 0472 LanmanServer - detected UnsignedFile.Multi.Generic (1)
20:01:42.0530 0472 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:01:42.0592 0472 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - warning
20:01:42.0592 0472 LanmanWorkstation - detected UnsignedFile.Multi.Generic (1)
20:01:42.0748 0472 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:01:42.0811 0472 lltdio ( UnsignedFile.Multi.Generic ) - warning
20:01:42.0811 0472 lltdio - detected UnsignedFile.Multi.Generic (1)
20:01:43.0107 0472 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:01:43.0185 0472 lltdsvc ( UnsignedFile.Multi.Generic ) - warning
20:01:43.0185 0472 lltdsvc - detected UnsignedFile.Multi.Generic (1)
20:01:43.0216 0472 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:01:43.0279 0472 lmhosts ( UnsignedFile.Multi.Generic ) - warning
20:01:43.0279 0472 lmhosts - detected UnsignedFile.Multi.Generic (1)
20:01:43.0325 0472 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:01:43.0357 0472 LSI_FC - ok
20:01:43.0403 0472 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:01:43.0435 0472 LSI_SAS - ok
20:01:43.0544 0472 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:01:43.0622 0472 LSI_SCSI - ok
20:01:43.0700 0472 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
20:01:43.0871 0472 luafv ( UnsignedFile.Multi.Generic ) - warning
20:01:43.0871 0472 luafv - detected UnsignedFile.Multi.Generic (1)
20:01:43.0918 0472 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:01:43.0996 0472 Mcx2Svc ( UnsignedFile.Multi.Generic ) - warning
20:01:43.0996 0472 Mcx2Svc - detected UnsignedFile.Multi.Generic (1)
20:01:44.0059 0472 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
20:01:44.0137 0472 megasas - ok
20:01:44.0215 0472 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
20:01:44.0261 0472 MegaSR - ok
20:01:44.0308 0472 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
20:01:44.0386 0472 MMCSS ( UnsignedFile.Multi.Generic ) - warning
20:01:44.0386 0472 MMCSS - detected UnsignedFile.Multi.Generic (1)
20:01:44.0480 0472 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
20:01:44.0542 0472 Modem ( UnsignedFile.Multi.Generic ) - warning
20:01:44.0542 0472 Modem - detected UnsignedFile.Multi.Generic (1)
20:01:44.0605 0472 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:01:44.0667 0472 monitor ( UnsignedFile.Multi.Generic ) - warning
20:01:44.0667 0472 monitor - detected UnsignedFile.Multi.Generic (1)
20:01:44.0683 0472 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:01:44.0698 0472 mouclass - ok
20:01:44.0792 0472 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:01:44.0885 0472 mouhid ( UnsignedFile.Multi.Generic ) - warning
20:01:44.0885 0472 mouhid - detected UnsignedFile.Multi.Generic (1)
20:01:44.0932 0472 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:01:44.0948 0472 MountMgr - ok
20:01:45.0088 0472 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:01:45.0119 0472 MozillaMaintenance - ok
20:01:45.0229 0472 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
20:01:45.0260 0472 mpio - ok
20:01:45.0400 0472 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:01:45.0447 0472 mpsdrv ( UnsignedFile.Multi.Generic ) - warning
20:01:45.0447 0472 mpsdrv - detected UnsignedFile.Multi.Generic (1)
20:01:45.0634 0472 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
20:01:45.0728 0472 MpsSvc ( UnsignedFile.Multi.Generic ) - warning
20:01:45.0728 0472 MpsSvc - detected UnsignedFile.Multi.Generic (1)
20:01:45.0759 0472 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:01:45.0790 0472 Mraid35x - ok
20:01:45.0868 0472 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:01:45.0962 0472 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
20:01:45.0962 0472 MRxDAV - detected UnsignedFile.Multi.Generic (1)
20:01:46.0024 0472 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:01:46.0071 0472 mrxsmb ( UnsignedFile.Multi.Generic ) - warning
20:01:46.0071 0472 mrxsmb - detected UnsignedFile.Multi.Generic (1)
20:01:46.0196 0472 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:01:46.0258 0472 mrxsmb10 ( UnsignedFile.Multi.Generic ) - warning
20:01:46.0258 0472 mrxsmb10 - detected UnsignedFile.Multi.Generic (1)
20:01:46.0305 0472 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:01:46.0367 0472 mrxsmb20 ( UnsignedFile.Multi.Generic ) - warning
20:01:46.0367 0472 mrxsmb20 - detected UnsignedFile.Multi.Generic (1)
20:01:46.0430 0472 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
20:01:46.0445 0472 msahci - ok
20:01:46.0492 0472 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:01:46.0523 0472 msdsm - ok
20:01:46.0555 0472 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
20:01:46.0633 0472 MSDTC ( UnsignedFile.Multi.Generic ) - warning
20:01:46.0633 0472 MSDTC - detected UnsignedFile.Multi.Generic (1)
20:01:46.0695 0472 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:01:46.0757 0472 Msfs ( UnsignedFile.Multi.Generic ) - warning
20:01:46.0773 0472 Msfs - detected UnsignedFile.Multi.Generic (1)
20:01:46.0820 0472 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:01:46.0867 0472 msisadrv - ok
20:01:46.0945 0472 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:01:47.0023 0472 MSiSCSI ( UnsignedFile.Multi.Generic ) - warning
20:01:47.0023 0472 MSiSCSI - detected UnsignedFile.Multi.Generic (1)
20:01:47.0038 0472 msiserver - ok
20:01:47.0069 0472 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:01:47.0163 0472 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
20:01:47.0163 0472 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
20:01:47.0241 0472 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:01:47.0303 0472 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
20:01:47.0303 0472 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
20:01:47.0303 0472 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:01:47.0381 0472 MSPQM ( UnsignedFile.Multi.Generic ) - warning
20:01:47.0381 0472 MSPQM - detected UnsignedFile.Multi.Generic (1)
20:01:47.0506 0472 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:01:47.0553 0472 MsRPC - ok
20:01:47.0600 0472 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:01:47.0631 0472 mssmbios - ok
20:01:47.0678 0472 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:01:47.0740 0472 MSTEE ( UnsignedFile.Multi.Generic ) - warning
20:01:47.0740 0472 MSTEE - detected UnsignedFile.Multi.Generic (1)
20:01:47.0803 0472 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
20:01:47.0834 0472 Mup - ok
20:01:47.0959 0472 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
20:01:48.0021 0472 napagent ( UnsignedFile.Multi.Generic ) - warning
20:01:48.0021 0472 napagent - detected UnsignedFile.Multi.Generic (1)
20:01:48.0130 0472 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:01:48.0193 0472 NativeWifiP ( UnsignedFile.Multi.Generic ) - warning
20:01:48.0193 0472 NativeWifiP - detected UnsignedFile.Multi.Generic (1)
20:01:48.0333 0472 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:01:48.0364 0472 NDIS - ok
20:01:48.0427 0472 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:01:48.0489 0472 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
20:01:48.0489 0472 NdisTapi - detected UnsignedFile.Multi.Generic (1)
20:01:48.0520 0472 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:01:48.0598 0472 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
20:01:48.0598 0472 Ndisuio - detected UnsignedFile.Multi.Generic (1)
20:01:48.0692 0472 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:01:48.0770 0472 NdisWan ( UnsignedFile.Multi.Generic ) - warning
20:01:48.0770 0472 NdisWan - detected UnsignedFile.Multi.Generic (1)
20:01:48.0832 0472 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:01:48.0926 0472 NDProxy ( UnsignedFile.Multi.Generic ) - warning
20:01:48.0926 0472 NDProxy - detected UnsignedFile.Multi.Generic (1)
20:01:48.0957 0472 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:01:49.0051 0472 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
20:01:49.0051 0472 NetBIOS - detected UnsignedFile.Multi.Generic (1)
20:01:49.0129 0472 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:01:49.0222 0472 netbt ( UnsignedFile.Multi.Generic ) - warning
20:01:49.0222 0472 netbt - detected UnsignedFile.Multi.Generic (1)
20:01:49.0253 0472 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
20:01:49.0331 0472 Netlogon ( UnsignedFile.Multi.Generic ) - warning
20:01:49.0331 0472 Netlogon - detected UnsignedFile.Multi.Generic (1)
20:01:49.0425 0472 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
20:01:49.0534 0472 Netman ( UnsignedFile.Multi.Generic ) - warning
20:01:49.0534 0472 Netman - detected UnsignedFile.Multi.Generic (1)
20:01:49.0628 0472 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
20:01:49.0690 0472 netprofm ( UnsignedFile.Multi.Generic ) - warning
20:01:49.0690 0472 netprofm - detected UnsignedFile.Multi.Generic (1)
20:01:49.0737 0472 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:01:49.0753 0472 NetTcpPortSharing - ok
20:01:49.0815 0472 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:01:49.0831 0472 nfrd960 - ok
20:01:49.0893 0472 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
20:01:49.0955 0472 NlaSvc ( UnsignedFile.Multi.Generic ) - warning
20:01:49.0955 0472 NlaSvc - detected UnsignedFile.Multi.Generic (1)
20:01:50.0002 0472 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:01:50.0049 0472 Npfs ( UnsignedFile.Multi.Generic ) - warning
20:01:50.0049 0472 Npfs - detected UnsignedFile.Multi.Generic (1)
20:01:50.0111 0472 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
20:01:50.0158 0472 nsi ( UnsignedFile.Multi.Generic ) - warning
20:01:50.0158 0472 nsi - detected UnsignedFile.Multi.Generic (1)
20:01:50.0221 0472 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:01:50.0267 0472 nsiproxy ( UnsignedFile.Multi.Generic ) - warning
20:01:50.0267 0472 nsiproxy - detected UnsignedFile.Multi.Generic (1)
20:01:50.0377 0472 [ E127420B7FEB65C7F279EAAC183BBC0E ] NSL C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
20:01:50.0392 0472 NSL - ok
20:01:50.0735 0472 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:01:51.0047 0472 Ntfs - ok
20:01:51.0110 0472 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
20:01:51.0172 0472 Null ( UnsignedFile.Multi.Generic ) - warning
20:01:51.0172 0472 Null - detected UnsignedFile.Multi.Generic (1)
20:01:51.0203 0472 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:01:51.0250 0472 nvraid - ok
20:01:51.0359 0472 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:01:51.0391 0472 nvstor - ok
20:01:51.0422 0472 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:01:51.0453 0472 nv_agp - ok
20:01:51.0469 0472 NwlnkFlt - ok
20:01:51.0484 0472 NwlnkFwd - ok
20:01:51.0625 0472 [ 404B0121AE1A75D9A63B6934EB07C258 ] OA009Ufd C:\Windows\system32\DRIVERS\OA009Ufd.sys
20:01:51.0687 0472 OA009Ufd ( UnsignedFile.Multi.Generic ) - warning
20:01:51.0687 0472 OA009Ufd - detected UnsignedFile.Multi.Generic (1)
20:01:51.0781 0472 [ D460884EB05B90D06B35A1DBC31928DF ] OA009Vid C:\Windows\system32\DRIVERS\OA009Vid.sys
20:01:51.0843 0472 OA009Vid ( UnsignedFile.Multi.Generic ) - warning
20:01:51.0843 0472 OA009Vid - detected UnsignedFile.Multi.Generic (1)
20:01:51.0999 0472 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:01:52.0061 0472 odserv - ok
20:01:52.0139 0472 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:01:52.0233 0472 ohci1394 ( UnsignedFile.Multi.Generic ) - warning
20:01:52.0233 0472 ohci1394 - detected UnsignedFile.Multi.Generic (1)
20:01:52.0264 0472 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:01:52.0311 0472 ose - ok
20:01:52.0451 0472 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:01:52.0623 0472 p2pimsvc ( UnsignedFile.Multi.Generic ) - warning
20:01:52.0623 0472 p2pimsvc - detected UnsignedFile.Multi.Generic (1)
20:01:52.0639 0472 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
20:01:52.0732 0472 p2psvc ( UnsignedFile.Multi.Generic ) - warning
20:01:52.0732 0472 p2psvc - detected UnsignedFile.Multi.Generic (1)
20:01:52.0795 0472 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
20:01:52.0873 0472 Parport ( UnsignedFile.Multi.Generic ) - warning
20:01:52.0873 0472 Parport - detected UnsignedFile.Multi.Generic (1)
20:01:52.0935 0472 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:01:52.0966 0472 partmgr - ok
20:01:53.0044 0472 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
20:01:53.0091 0472 PcaSvc ( UnsignedFile.Multi.Generic ) - warning
20:01:53.0091 0472 PcaSvc - detected UnsignedFile.Multi.Generic (1)
20:01:53.0169 0472 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
20:01:53.0216 0472 pci - ok
20:01:53.0263 0472 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
20:01:53.0294 0472 pciide - ok
20:01:53.0356 0472 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:01:53.0372 0472 pcmcia - ok
20:01:53.0450 0472 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:01:53.0575 0472 PEAUTH ( UnsignedFile.Multi.Generic ) - warning
20:01:53.0575 0472 PEAUTH - detected UnsignedFile.Multi.Generic (1)
20:01:54.0526 0472 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:01:54.0682 0472 PerfHost ( UnsignedFile.Multi.Generic ) - warning
20:01:54.0682 0472 PerfHost - detected UnsignedFile.Multi.Generic (1)
20:01:54.0994 0472 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
20:01:55.0088 0472 pla ( UnsignedFile.Multi.Generic ) - warning
20:01:55.0088 0472 pla - detected UnsignedFile.Multi.Generic (1)
20:01:55.0665 0472 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:01:56.0461 0472 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
20:01:56.0461 0472 PlugPlay - detected UnsignedFile.Multi.Generic (1)
20:01:56.0788 0472 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:02:00.0267 0472 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - warning
20:02:00.0267 0472 PNRPAutoReg - detected UnsignedFile.Multi.Generic (1)
20:02:02.0498 0472 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:02:03.0153 0472 PNRPsvc ( UnsignedFile.Multi.Generic ) - warning
20:02:03.0153 0472 PNRPsvc - detected UnsignedFile.Multi.Generic (1)
20:02:03.0434 0472 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:02:03.0855 0472 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
20:02:03.0855 0472 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
20:02:04.0432 0472 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:02:04.0807 0472 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
20:02:04.0807 0472 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
20:02:05.0119 0472 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
20:02:05.0259 0472 Processor ( UnsignedFile.Multi.Generic ) - warning
20:02:05.0259 0472 Processor - detected UnsignedFile.Multi.Generic (1)
20:02:05.0477 0472 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
20:02:05.0743 0472 ProfSvc ( UnsignedFile.Multi.Generic ) - warning
20:02:05.0743 0472 ProfSvc - detected UnsignedFile.Multi.Generic (1)
20:02:05.0774 0472 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
20:02:05.0821 0472 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
20:02:05.0821 0472 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
20:02:06.0367 0472 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:02:06.0445 0472 PSched ( UnsignedFile.Multi.Generic ) - warning
20:02:06.0445 0472 PSched - detected UnsignedFile.Multi.Generic (1)
20:02:07.0412 0472 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:02:08.0816 0472 ql2300 - ok
20:02:09.0502 0472 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:02:09.0611 0472 ql40xx - ok
20:02:09.0830 0472 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
20:02:09.0986 0472 QWAVE ( UnsignedFile.Multi.Generic ) - warning
20:02:09.0986 0472 QWAVE - detected UnsignedFile.Multi.Generic (1)
20:02:10.0781 0472 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:02:10.0922 0472 QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
20:02:10.0922 0472 QWAVEdrv - detected UnsignedFile.Multi.Generic (1)
20:02:11.0015 0472 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:02:11.0187 0472 RasAcd ( UnsignedFile.Multi.Generic ) - warning
20:02:11.0187 0472 RasAcd - detected UnsignedFile.Multi.Generic (1)
20:02:11.0343 0472 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
20:02:12.0872 0472 RasAuto ( UnsignedFile.Multi.Generic ) - warning
20:02:12.0872 0472 RasAuto - detected UnsignedFile.Multi.Generic (1)
20:02:13.0231 0472 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:02:14.0213 0472 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
20:02:14.0213 0472 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
20:02:14.0681 0472 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
20:02:14.0822 0472 RasMan ( UnsignedFile.Multi.Generic ) - warning
20:02:14.0822 0472 RasMan - detected UnsignedFile.Multi.Generic (1)
20:02:14.0962 0472 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:02:15.0118 0472 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
20:02:15.0118 0472 RasPppoe - detected UnsignedFile.Multi.Generic (1)
20:02:15.0883 0472 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:02:16.0085 0472 RasSstp ( UnsignedFile.Multi.Generic ) - warning
20:02:16.0085 0472 RasSstp - detected UnsignedFile.Multi.Generic (1)
20:02:16.0304 0472 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:02:16.0429 0472 rdbss ( UnsignedFile.Multi.Generic ) - warning
20:02:16.0429 0472 rdbss - detected UnsignedFile.Multi.Generic (1)
20:02:16.0631 0472 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:02:16.0741 0472 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
20:02:16.0741 0472 RDPCDD - detected UnsignedFile.Multi.Generic (1)
20:02:16.0928 0472 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:02:17.0579 0472 rdpdr ( UnsignedFile.Multi.Generic ) - warning
20:02:17.0579 0472 rdpdr - detected UnsignedFile.Multi.Generic (1)
20:02:17.0594 0472 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:02:17.0704 0472 RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
20:02:17.0704 0472 RDPENCDD - detected UnsignedFile.Multi.Generic (1)
20:02:17.0987 0472 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:02:18.0829 0472 RDPWD ( UnsignedFile.Multi.Generic ) - warning
20:02:18.0829 0472 RDPWD - detected UnsignedFile.Multi.Generic (1)
20:02:19.0048 0472 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:02:19.0157 0472 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
20:02:19.0157 0472 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
20:02:19.0812 0472 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:02:20.0452 0472 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
20:02:20.0452 0472 RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
20:02:20.0686 0472 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
20:02:20.0810 0472 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
20:02:20.0810 0472 RpcLocator - detected UnsignedFile.Multi.Generic (1)
20:02:21.0044 0472 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
20:02:21.0356 0472 RpcSs ( UnsignedFile.Multi.Generic ) - warning
20:02:21.0356 0472 RpcSs - detected UnsignedFile.Multi.Generic (1)
20:02:21.0840 0472 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:02:21.0965 0472 rspndr ( UnsignedFile.Multi.Generic ) - warning
20:02:21.0965 0472 rspndr - detected UnsignedFile.Multi.Generic (1)
20:02:22.0074 0472 [ 39E74E264338934DBF11F8DB79A3E116 ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
20:02:22.0168 0472 RTSTOR ( UnsignedFile.Multi.Generic ) - warning
20:02:22.0168 0472 RTSTOR - detected UnsignedFile.Multi.Generic (1)
20:02:22.0370 0472 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
20:02:22.0433 0472 SamSs ( UnsignedFile.Multi.Generic ) - warning
20:02:22.0433 0472 SamSs - detected UnsignedFile.Multi.Generic (1)
20:02:22.0495 0472 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:02:22.0604 0472 sbp2port - ok
20:02:22.0714 0472 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:02:22.0807 0472 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
20:02:22.0807 0472 SCardSvr - detected UnsignedFile.Multi.Generic (1)
20:02:23.0185 0472 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
20:02:23.0404 0472 Schedule ( UnsignedFile.Multi.Generic ) - warning
20:02:23.0404 0472 Schedule - detected UnsignedFile.Multi.Generic (1)
20:02:23.0544 0472 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:02:23.0700 0472 SCPolicySvc ( UnsignedFile.Multi.Generic ) - warning
20:02:23.0700 0472 SCPolicySvc - detected UnsignedFile.Multi.Generic (1)
20:02:23.0934 0472 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:02:24.0028 0472 SDRSVC ( UnsignedFile.Multi.Generic ) - warning
20:02:24.0028 0472 SDRSVC - detected UnsignedFile.Multi.Generic (1)
20:02:24.0184 0472 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:02:24.0246 0472 secdrv ( UnsignedFile.Multi.Generic ) - warning
20:02:24.0246 0472 secdrv - detected UnsignedFile.Multi.Generic (1)
20:02:24.0667 0472 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
20:02:30.0968 0472 seclogon ( UnsignedFile.Multi.Generic ) - warning
20:02:30.0968 0472 seclogon - detected UnsignedFile.Multi.Generic (1)
20:02:31.0285 0472 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
20:02:31.0316 0472 SENS ( UnsignedFile.Multi.Generic ) - warning
20:02:31.0316 0472 SENS - detected UnsignedFile.Multi.Generic (1)
20:02:31.0379 0472 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:02:31.0441 0472 Serenum ( UnsignedFile.Multi.Generic ) - warning
20:02:31.0441 0472 Serenum - detected UnsignedFile.Multi.Generic (1)
20:02:31.0644 0472 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
20:02:31.0800 0472 Serial ( UnsignedFile.Multi.Generic ) - warning
20:02:31.0800 0472 Serial - detected UnsignedFile.Multi.Generic (1)
20:02:31.0878 0472 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:02:31.0971 0472 sermouse ( UnsignedFile.Multi.Generic ) - warning
20:02:31.0971 0472 sermouse - detected UnsignedFile.Multi.Generic (1)
20:02:32.0034 0472 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
20:02:32.0096 0472 SessionEnv ( UnsignedFile.Multi.Generic ) - warning
20:02:32.0096 0472 SessionEnv - detected UnsignedFile.Multi.Generic (1)
20:02:32.0283 0472 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:02:32.0471 0472 sffdisk ( UnsignedFile.Multi.Generic ) - warning
20:02:32.0471 0472 sffdisk - detected UnsignedFile.Multi.Generic (1)
20:02:32.0533 0472 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:02:32.0658 0472 sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
20:02:32.0658 0472 sffp_mmc - detected UnsignedFile.Multi.Generic (1)
20:02:32.0876 0472 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:02:33.0017 0472 sffp_sd ( UnsignedFile.Multi.Generic ) - warning
20:02:33.0017 0472 sffp_sd - detected UnsignedFile.Multi.Generic (1)
20:02:33.0266 0472 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:02:33.0578 0472 sfloppy ( UnsignedFile.Multi.Generic ) - warning
20:02:33.0578 0472 sfloppy - detected UnsignedFile.Multi.Generic (1)
20:02:33.0765 0472 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:02:33.0968 0472 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
20:02:33.0968 0472 SharedAccess - detected UnsignedFile.Multi.Generic (1)
20:02:34.0187 0472 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:02:34.0296 0472 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
20:02:34.0296 0472 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
20:02:34.0343 0472 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:02:34.0577 0472 SiSRaid2 - ok
20:02:34.0608 0472 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:02:34.0748 0472 SiSRaid4 - ok
20:02:35.0388 0472 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:02:35.0403 0472 SkypeUpdate - ok
20:02:36.0059 0472 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
20:02:36.0845 0472 slsvc ( UnsignedFile.Multi.Generic ) - warning
20:02:36.0846 0472 slsvc - detected UnsignedFile.Multi.Generic (1)
20:02:37.0010 0472 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:02:37.0088 0472 SLUINotify ( UnsignedFile.Multi.Generic ) - warning
20:02:37.0088 0472 SLUINotify - detected UnsignedFile.Multi.Generic (1)
20:02:37.0322 0472 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:02:37.0384 0472 Smb ( UnsignedFile.Multi.Generic ) - warning
20:02:37.0384 0472 Smb - detected UnsignedFile.Multi.Generic (1)
20:02:37.0977 0472 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:02:38.0040 0472 SNMPTRAP ( UnsignedFile.Multi.Generic ) - warning
20:02:38.0040 0472 SNMPTRAP - detected UnsignedFile.Multi.Generic (1)
20:02:38.0414 0472 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
20:02:38.0476 0472 spldr - ok
20:02:38.0991 0472 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
20:02:40.0161 0472 Spooler ( UnsignedFile.Multi.Generic ) - warning
20:02:40.0161 0472 Spooler - detected UnsignedFile.Multi.Generic (1)
20:02:41.0534 0472 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
20:02:41.0643 0472 srv ( UnsignedFile.Multi.Generic ) - warning
20:02:41.0643 0472 srv - detected UnsignedFile.Multi.Generic (1)
20:02:41.0971 0472 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:02:42.0040 0472 srv2 ( UnsignedFile.Multi.Generic ) - warning
20:02:42.0040 0472 srv2 - detected UnsignedFile.Multi.Generic (1)
20:02:42.0304 0472 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:02:42.0610 0472 srvnet ( UnsignedFile.Multi.Generic ) - warning
20:02:42.0610 0472 srvnet - detected UnsignedFile.Multi.Generic (1)
20:02:42.0914 0472 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:02:43.0412 0472 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
20:02:43.0412 0472 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
20:02:44.0003 0472 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:02:44.0070 0472 SstpSvc ( UnsignedFile.Multi.Generic ) - warning
20:02:44.0070 0472 SstpSvc - detected UnsignedFile.Multi.Generic (1)
20:02:47.0704 0472 [ 5697FB5DCF36ADA09C153378E88AE6AD ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_54cb4575\STacSV64.exe
20:02:47.0751 0472 STacSV ( UnsignedFile.Multi.Generic ) - warning
20:02:47.0751 0472 STacSV - detected UnsignedFile.Multi.Generic (1)
20:02:48.0375 0472 [ F3F6C17F70EBA268CDBE4F9704E3EAC5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:02:48.0484 0472 STHDA ( UnsignedFile.Multi.Generic ) - warning
20:02:48.0484 0472 STHDA - detected UnsignedFile.Multi.Generic (1)
20:02:49.0014 0472 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
20:02:49.0170 0472 stisvc ( UnsignedFile.Multi.Generic ) - warning
20:02:49.0170 0472 stisvc - detected UnsignedFile.Multi.Generic (1)
20:02:49.0280 0472 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:02:52.0279 0472 swenum - ok
20:02:52.0420 0472 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
20:02:52.0669 0472 swprv ( UnsignedFile.Multi.Generic ) - warning
20:02:52.0669 0472 swprv - detected UnsignedFile.Multi.Generic (1)
20:02:52.0763 0472 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:02:52.0841 0472 Symc8xx - ok
20:02:52.0888 0472 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:02:52.0919 0472 Sym_hi - ok
20:02:53.0106 0472 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:02:53.0184 0472 Sym_u3 - ok
20:02:53.0496 0472 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
20:02:53.0621 0472 SysMain ( UnsignedFile.Multi.Generic ) - warning
20:02:53.0621 0472 SysMain - detected UnsignedFile.Multi.Generic (1)
20:02:53.0792 0472 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:02:56.0331 0472 TabletInputService ( UnsignedFile.Multi.Generic ) - warning
20:02:56.0331 0472 TabletInputService - detected UnsignedFile.Multi.Generic (1)
20:02:56.0568 0472 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:02:56.0630 0472 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
20:02:56.0630 0472 TapiSrv - detected UnsignedFile.Multi.Generic (1)
20:02:56.0817 0472 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
20:02:56.0895 0472 TBS ( UnsignedFile.Multi.Generic ) - warning
20:02:56.0895 0472 TBS - detected UnsignedFile.Multi.Generic (1)
20:02:57.0239 0472 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:02:58.0487 0472 Tcpip - ok
20:02:58.0955 0472 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:02:59.0313 0472 Tcpip6 - ok
20:02:59.0423 0472 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:02:59.0501 0472 tcpipreg ( UnsignedFile.Multi.Generic ) - warning
20:02:59.0501 0472 tcpipreg - detected UnsignedFile.Multi.Generic (1)
20:03:00.0203 0472 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:03:00.0359 0472 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
20:03:00.0374 0472 TDPIPE - detected UnsignedFile.Multi.Generic (1)
20:03:00.0437 0472 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:03:00.0499 0472 TDTCP ( UnsignedFile.Multi.Generic ) - warning
20:03:00.0499 0472 TDTCP - detected UnsignedFile.Multi.Generic (1)
20:03:00.0608 0472 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:03:00.0655 0472 tdx ( UnsignedFile.Multi.Generic ) - warning
20:03:00.0655 0472 tdx - detected UnsignedFile.Multi.Generic (1)
20:03:00.0967 0472 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:03:00.0983 0472 TermDD - ok
20:03:01.0217 0472 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
20:03:01.0310 0472 TermService ( UnsignedFile.Multi.Generic ) - warning
20:03:01.0310 0472 TermService - detected UnsignedFile.Multi.Generic (1)
20:03:01.0810 0472 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
20:03:01.0856 0472 Themes ( UnsignedFile.Multi.Generic ) - warning
20:03:01.0856 0472 Themes - detected UnsignedFile.Multi.Generic (1)
20:03:01.0981 0472 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
20:03:02.0028 0472 THREADORDER ( UnsignedFile.Multi.Generic ) - warning
20:03:02.0028 0472 THREADORDER - detected UnsignedFile.Multi.Generic (1)
20:03:02.0090 0472 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
20:03:02.0137 0472 TrkWks ( UnsignedFile.Multi.Generic ) - warning
20:03:02.0137 0472 TrkWks - detected UnsignedFile.Multi.Generic (1)
20:03:02.0449 0472 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:03:02.0512 0472 TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning
20:03:02.0512 0472 TrustedInstaller - detected UnsignedFile.Multi.Generic (1)
20:03:02.0761 0472 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:03:02.0870 0472 tssecsrv ( UnsignedFile.Multi.Generic ) - warning
20:03:02.0870 0472 tssecsrv - detected UnsignedFile.Multi.Generic (1)
20:03:02.0964 0472 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:03:03.0042 0472 tunmp ( UnsignedFile.Multi.Generic ) - warning
20:03:03.0042 0472 tunmp - detected UnsignedFile.Multi.Generic (1)
20:03:03.0276 0472 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:03:03.0370 0472 tunnel ( UnsignedFile.Multi.Generic ) - warning
20:03:03.0370 0472 tunnel - detected UnsignedFile.Multi.Generic (1)
20:03:03.0572 0472 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:03:03.0838 0472 uagp35 - ok
20:03:04.0290 0472 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:03:04.0540 0472 udfs ( UnsignedFile.Multi.Generic ) - warning
20:03:04.0540 0472 udfs - detected UnsignedFile.Multi.Generic (1)
20:03:04.0727 0472 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:03:04.0820 0472 UI0Detect ( UnsignedFile.Multi.Generic ) - warning
20:03:04.0820 0472 UI0Detect - detected UnsignedFile.Multi.Generic (1)
20:03:05.0086 0472 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:03:05.0132 0472 uliagpkx - ok
20:03:05.0273 0472 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:03:05.0398 0472 uliahci - ok
20:03:05.0585 0472 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:03:05.0678 0472 UlSata - ok
20:03:05.0850 0472 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:03:05.0881 0472 ulsata2 - ok
20:03:05.0912 0472 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:03:05.0959 0472 umbus ( UnsignedFile.Multi.Generic ) - warning
20:03:05.0959 0472 umbus - detected UnsignedFile.Multi.Generic (1)
20:03:06.0131 0472 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
20:03:06.0224 0472 upnphost ( UnsignedFile.Multi.Generic ) - warning
20:03:06.0224 0472 upnphost - detected UnsignedFile.Multi.Generic (1)
20:03:06.0365 0472 [ 9E58997A211C8C9AC9E6CFFA53614A73 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:03:06.0521 0472 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
20:03:06.0521 0472 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
20:03:06.0669 0472 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:03:06.0716 0472 usbccgp ( UnsignedFile.Multi.Generic ) - warning
20:03:06.0716 0472 usbccgp - detected UnsignedFile.Multi.Generic (1)
20:03:06.0763 0472 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:03:07.0012 0472 usbcir ( UnsignedFile.Multi.Generic ) - warning
20:03:07.0012 0472 usbcir - detected UnsignedFile.Multi.Generic (1)
20:03:07.0199 0472 [ B1C7EDB07F61BDEE587831B440FC7656 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:03:07.0293 0472 usbehci ( UnsignedFile.Multi.Generic ) - warning
20:03:07.0293 0472 usbehci - detected UnsignedFile.Multi.Generic (1)
20:03:07.0433 0472 [ 697C45D6CEA9AD978F90636BE7C93229 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:03:07.0792 0472 usbhub ( UnsignedFile.Multi.Generic ) - warning
20:03:07.0792 0472 usbhub - detected UnsignedFile.Multi.Generic (1)
20:03:07.0917 0472 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:03:08.0011 0472 usbohci ( UnsignedFile.Multi.Generic ) - warning
20:03:08.0011 0472 usbohci - detected UnsignedFile.Multi.Generic (1)
20:03:08.0151 0472 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:03:08.0229 0472 usbprint ( UnsignedFile.Multi.Generic ) - warning
20:03:08.0229 0472 usbprint - detected UnsignedFile.Multi.Generic (1)
20:03:08.0541 0472 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:03:08.0681 0472 usbscan ( UnsignedFile.Multi.Generic ) - warning
20:03:08.0681 0472 usbscan - detected UnsignedFile.Multi.Generic (1)
20:03:08.0806 0472 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:03:08.0993 0472 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
20:03:08.0993 0472 USBSTOR - detected UnsignedFile.Multi.Generic (1)
20:03:09.0149 0472 [ C8D88A2A3587A8424B4B17A6F7EB67FA ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:03:09.0212 0472 usbuhci ( UnsignedFile.Multi.Generic ) - warning
20:03:09.0227 0472 usbuhci - detected UnsignedFile.Multi.Generic (1)
20:03:09.0430 0472 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:03:09.0758 0472 usbvideo ( UnsignedFile.Multi.Generic ) - warning
20:03:09.0758 0472 usbvideo - detected UnsignedFile.Multi.Generic (1)
20:03:10.0023 0472 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
20:03:10.0070 0472 UxSms ( UnsignedFile.Multi.Generic ) - warning
20:03:10.0070 0472 UxSms - detected UnsignedFile.Multi.Generic (1)
20:03:10.0195 0472 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
20:03:10.0257 0472 vds ( UnsignedFile.Multi.Generic ) - warning
20:03:10.0257 0472 vds - detected UnsignedFile.Multi.Generic (1)
20:03:10.0507 0472 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:03:10.0569 0472 vga ( UnsignedFile.Multi.Generic ) - warning
20:03:10.0569 0472 vga - detected UnsignedFile.Multi.Generic (1)
20:03:10.0741 0472 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:03:10.0787 0472 VgaSave ( UnsignedFile.Multi.Generic ) - warning
20:03:10.0787 0472 VgaSave - detected UnsignedFile.Multi.Generic (1)
20:03:10.0912 0472 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
20:03:10.0928 0472 viaide - ok
20:03:10.0959 0472 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:03:11.0006 0472 volmgr - ok
20:03:11.0255 0472 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:03:11.0489 0472 volmgrx - ok
20:03:11.0854 0472 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:03:11.0994 0472 volsnap - ok
20:03:12.0181 0472 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:03:12.0290 0472 vsmraid - ok
20:03:12.0774 0472 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
20:03:13.0148 0472 VSS ( UnsignedFile.Multi.Generic ) - warning
20:03:13.0148 0472 VSS - detected UnsignedFile.Multi.Generic (1)
20:03:13.0351 0472 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
20:03:13.0585 0472 W32Time ( UnsignedFile.Multi.Generic ) - warning
20:03:13.0585 0472 W32Time - detected UnsignedFile.Multi.Generic (1)
20:03:13.0632 0472 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:03:13.0694 0472 WacomPen ( UnsignedFile.Multi.Generic ) - warning
20:03:13.0694 0472 WacomPen - detected UnsignedFile.Multi.Generic (1)
20:03:13.0772 0472 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:03:13.0819 0472 Wanarp ( UnsignedFile.Multi.Generic ) - warning
20:03:13.0819 0472 Wanarp - detected UnsignedFile.Multi.Generic (1)
20:03:13.0835 0472 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:03:13.0882 0472 Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning
20:03:13.0882 0472 Wanarpv6 - detected UnsignedFile.Multi.Generic (1)
20:03:14.0038 0472 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:03:14.0100 0472 wcncsvc ( UnsignedFile.Multi.Generic ) - warning
20:03:14.0100 0472 wcncsvc - detected UnsignedFile.Multi.Generic (1)
20:03:14.0240 0472 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:03:14.0443 0472 WcsPlugInService ( UnsignedFile.Multi.Generic ) - warning
20:03:14.0443 0472 WcsPlugInService - detected UnsignedFile.Multi.Generic (1)
20:03:14.0552 0472 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
20:03:14.0740 0472 Wd - ok
20:03:15.0020 0472 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:03:15.0083 0472 Wdf01000 - ok
20:03:15.0145 0472 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:03:15.0208 0472 WdiServiceHost ( UnsignedFile.Multi.Generic ) - warning
20:03:15.0208 0472 WdiServiceHost - detected UnsignedFile.Multi.Generic (1)
20:03:15.0239 0472 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:03:15.0286 0472 WdiSystemHost ( UnsignedFile.Multi.Generic ) - warning
20:03:15.0286 0472 WdiSystemHost - detected UnsignedFile.Multi.Generic (1)
20:03:15.0473 0472 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
20:03:16.0346 0472 WebClient ( UnsignedFile.Multi.Generic ) - warning
20:03:16.0346 0472 WebClient - detected UnsignedFile.Multi.Generic (1)
20:03:16.0456 0472 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:03:16.0518 0472 Wecsvc ( UnsignedFile.Multi.Generic ) - warning
20:03:16.0518 0472 Wecsvc - detected UnsignedFile.Multi.Generic (1)
20:03:16.0565 0472 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:03:16.0612 0472 wercplsupport ( UnsignedFile.Multi.Generic ) - warning
20:03:16.0612 0472 wercplsupport - detected UnsignedFile.Multi.Generic (1)
20:03:16.0690 0472 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
20:03:16.0753 0472 WerSvc ( UnsignedFile.Multi.Generic ) - warning
20:03:16.0753 0472 WerSvc - detected UnsignedFile.Multi.Generic (1)
20:03:16.0799 0472 WinDefend - ok
20:03:16.0815 0472 WinHttpAutoProxySvc - ok
20:03:16.0955 0472 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:03:17.0018 0472 Winmgmt ( UnsignedFile.Multi.Generic ) - warning
20:03:17.0018 0472 Winmgmt - detected UnsignedFile.Multi.Generic (1)
20:03:17.0548 0472 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
20:03:17.0704 0472 WinRM ( UnsignedFile.Multi.Generic ) - warning
20:03:17.0704 0472 WinRM - detected UnsignedFile.Multi.Generic (1)
20:03:17.0845 0472 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:03:17.0969 0472 Wlansvc ( UnsignedFile.Multi.Generic ) - warning
20:03:17.0969 0472 Wlansvc - detected UnsignedFile.Multi.Generic (1)
20:03:18.0266 0472 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:03:18.0344 0472 wlcrasvc - ok
20:03:18.0703 0472 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:03:18.0859 0472 wlidsvc - ok
20:03:18.0890 0472 wltrysvc - ok
20:03:18.0952 0472 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:03:18.0999 0472 WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
20:03:18.0999 0472 WmiAcpi - detected UnsignedFile.Multi.Generic (1)
20:03:19.0093 0472 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:03:19.0139 0472 wmiApSrv ( UnsignedFile.Multi.Generic ) - warning
20:03:19.0139 0472 wmiApSrv - detected UnsignedFile.Multi.Generic (1)
20:03:19.0202 0472 WMPNetworkSvc - ok
20:03:19.0576 0472 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:03:19.0639 0472 WPCSvc ( UnsignedFile.Multi.Generic ) - warning
20:03:19.0639 0472 WPCSvc - detected UnsignedFile.Multi.Generic (1)
20:03:19.0810 0472 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:03:19.0857 0472 WPDBusEnum ( UnsignedFile.Multi.Generic ) - warning
20:03:19.0873 0472 WPDBusEnum - detected UnsignedFile.Multi.Generic (1)
20:03:20.0044 0472 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:03:20.0169 0472 WpdUsb ( UnsignedFile.Multi.Generic ) - warning
20:03:20.0169 0472 WpdUsb - detected UnsignedFile.Multi.Generic (1)
20:03:20.0855 0472 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:03:21.0089 0472 WPFFontCache_v0400 - ok
20:03:21.0152 0472 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:03:21.0245 0472 ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
20:03:21.0245 0472 ws2ifsl - detected UnsignedFile.Multi.Generic (1)
20:03:21.0292 0472 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
20:03:21.0355 0472 wscsvc ( UnsignedFile.Multi.Generic ) - warning
20:03:21.0355 0472 wscsvc - detected UnsignedFile.Multi.Generic (1)
20:03:21.0355 0472 WSearch - ok
20:03:22.0036 0472 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:03:22.0254 0472 wuauserv - ok
20:03:22.0317 0472 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:03:22.0363 0472 WudfPf ( UnsignedFile.Multi.Generic ) - warning
20:03:22.0363 0472 WudfPf - detected UnsignedFile.Multi.Generic (1)
20:03:22.0410 0472 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:03:22.0473 0472 wudfsvc ( UnsignedFile.Multi.Generic ) - warning
20:03:22.0473 0472 wudfsvc - detected UnsignedFile.Multi.Generic (1)
20:03:22.0488 0472 yksvc - ok
20:03:22.0613 0472 [ B681CADB266B151061E7BAA82B0D77B7 ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
20:03:22.0691 0472 yukonx64 ( UnsignedFile.Multi.Generic ) - warning
20:03:22.0691 0472 yukonx64 - detected UnsignedFile.Multi.Generic (1)
20:03:22.0707 0472 ================ Scan global ===============================
20:03:22.0722 0472 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
20:03:22.0863 0472 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
20:03:22.0878 0472 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
20:03:23.0003 0472 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
20:03:23.0003 0472 [Global] - ok
20:03:23.0003 0472 ================ Scan MBR ==================================
20:03:23.0034 0472 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:03:24.0157 0472 \Device\Harddisk0\DR0 - ok
20:03:24.0157 0472 ================ Scan VBR ==================================
20:03:24.0173 0472 [ 6C804858CBD3E5B92DA708C57E05ED5B ] \Device\Harddisk0\DR0\Partition1
20:03:24.0173 0472 \Device\Harddisk0\DR0\Partition1 - ok
20:03:24.0204 0472 [ 8C138B5207D0D7B2CA051F08936EC617 ] \Device\Harddisk0\DR0\Partition2
20:03:24.0235 0472 \Device\Harddisk0\DR0\Partition2 - ok
20:03:24.0235 0472 ================ Scan active images ========================
20:03:24.0235 0472 [ 4F4E1093ADFBAE48544DA6E7CCF09FE4 ] C:\Windows\System32\drivers\crashdmp.sys
20:03:24.0235 0472 C:\Windows\System32\drivers\crashdmp.sys - ok
20:03:24.0251 0472 [ 07FB761600EFF44AF02C35B8B57E5863 ] C:\Windows\System32\drivers\iaStor.sys
20:03:24.0251 0472 C:\Windows\System32\drivers\iaStor.sys - ok
20:03:24.0251 0472 [ 89EC74A9E602D16A75A4170511029B3C ] C:\Windows\System32\drivers\TUNMP.SYS
20:03:24.0251 0472 C:\Windows\System32\drivers\TUNMP.SYS - ok
20:03:24.0267 0472 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] C:\Windows\System32\drivers\tunnel.sys
20:03:24.0267 0472 C:\Windows\System32\drivers\tunnel.sys - ok
20:03:24.0267 0472 [ F7AB8285BBECFAA5ED4050CCB89E073D ] C:\Windows\System32\drivers\igdkmd64.sys
20:03:24.0267 0472 C:\Windows\System32\drivers\igdkmd64.sys - ok
20:03:24.0282 0472 [ B8E554E502D5123BC111F99D6A2181B4 ] C:\Windows\System32\drivers\dxgkrnl.sys
20:03:24.0282 0472 C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:03:24.0282 0472 [ 2F956EA22FCCE4C9F15C64175C891A1E ] C:\Windows\System32\drivers\watchdog.sys
20:03:24.0282 0472 C:\Windows\System32\drivers\watchdog.sys - ok
20:03:24.0298 0472 [ A141E728353F50795155345291EA7397 ] C:\Windows\System32\drivers\usbport.sys
20:03:24.0298 0472 C:\Windows\System32\drivers\usbport.sys - ok
20:03:24.0298 0472 [ C8D88A2A3587A8424B4B17A6F7EB67FA ] C:\Windows\System32\drivers\usbuhci.sys
20:03:24.0298 0472 C:\Windows\System32\drivers\usbuhci.sys - ok
20:03:24.0313 0472 [ B1C7EDB07F61BDEE587831B440FC7656 ] C:\Windows\System32\drivers\usbehci.sys
20:03:24.0313 0472 C:\Windows\System32\drivers\usbehci.sys - ok
20:03:24.0313 0472 [ F942C5820205F2FB453243EDFEC82A3D ] C:\Windows\System32\drivers\hdaudbus.sys
20:03:24.0313 0472 C:\Windows\System32\drivers\hdaudbus.sys - ok
20:03:24.0329 0472 [ D32F962B71FEE6BDAAEE630BB2C17280 ] C:\Windows\System32\drivers\BCMWL664.SYS
20:03:24.0329 0472 C:\Windows\System32\drivers\BCMWL664.SYS - ok
20:03:24.0329 0472 [ CBB597659A2713CE0C9CC20C88C7591F ] C:\Windows\System32\drivers\i8042prt.sys
20:03:24.0329 0472 C:\Windows\System32\drivers\i8042prt.sys - ok
20:03:24.0345 0472 [ B681CADB266B151061E7BAA82B0D77B7 ] C:\Windows\System32\drivers\yk60x64.sys
20:03:24.0345 0472 C:\Windows\System32\drivers\yk60x64.sys - ok
20:03:24.0345 0472 [ 8C85C812569DF851E7A2159147323DFA ] C:\Windows\System32\drivers\Apfiltr.sys
20:03:24.0345 0472 C:\Windows\System32\drivers\Apfiltr.sys - ok
20:03:24.0360 0472 [ 423696F3BA6472DD17699209B933BC26 ] C:\Windows\System32\drivers\kbdclass.sys
20:03:24.0360 0472 C:\Windows\System32\drivers\kbdclass.sys - ok
20:03:24.0360 0472 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] C:\Windows\System32\drivers\mouclass.sys
20:03:24.0360 0472 C:\Windows\System32\drivers\mouclass.sys - ok
20:03:24.0376 0472 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] C:\Windows\System32\drivers\cdrom.sys
20:03:24.0376 0472 C:\Windows\System32\drivers\cdrom.sys - ok
20:03:24.0376 0472 [ B52D9A14CE4101577900A364BA86F3DF ] C:\Windows\System32\drivers\CmBatt.sys
20:03:24.0376 0472 C:\Windows\System32\drivers\CmBatt.sys - ok
20:03:24.0391 0472 [ AF4DEE5531395DEE72B35B36C9671FD0 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
20:03:24.0391 0472 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
20:03:24.0391 0472 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] C:\Windows\System32\drivers\wmiacpi.sys
20:03:24.0391 0472 C:\Windows\System32\drivers\wmiacpi.sys - ok
20:03:24.0407 0472 [ BFD84AF32FA1BAD6231C4585CB469630 ] C:\Windows\System32\drivers\intelppm.sys
20:03:24.0407 0472 C:\Windows\System32\drivers\intelppm.sys - ok
20:03:24.0407 0472 [ E4FDF99599F27EC25D2CF6D754243520 ] C:\Windows\System32\drivers\msiscsi.sys
20:03:24.0407 0472 C:\Windows\System32\drivers\msiscsi.sys - ok
20:03:24.0423 0472 [ F78A39ED87D918058A14F36159DE5BDA ] C:\Windows\System32\drivers\Storport.sys
20:03:24.0423 0472 C:\Windows\System32\drivers\Storport.sys - ok
20:03:24.0423 0472 [ C39A90534C5B1E28B8BC8B38A3900AFF ] C:\Windows\System32\drivers\tdi.sys
20:03:24.0423 0472 C:\Windows\System32\drivers\tdi.sys - ok
20:03:24.0438 0472 [ 64DF698A425478E321981431AC171334 ] C:\Windows\System32\drivers\ndistapi.sys
20:03:24.0438 0472 C:\Windows\System32\drivers\ndistapi.sys - ok
20:03:24.0438 0472 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] C:\Windows\System32\drivers\rasl2tp.sys
20:03:24.0438 0472 C:\Windows\System32\drivers\rasl2tp.sys - ok
20:03:24.0454 0472 [ F8158771905260982CE724076419EF19 ] C:\Windows\System32\drivers\ndiswan.sys
20:03:24.0454 0472 C:\Windows\System32\drivers\ndiswan.sys - ok
20:03:24.0454 0472 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] C:\Windows\System32\drivers\raspppoe.sys
20:03:24.0454 0472 C:\Windows\System32\drivers\raspppoe.sys - ok
20:03:24.0469 0472 [ 23386E9952025F5F21C368971E2E7301 ] C:\Windows\System32\drivers\raspptp.sys
20:03:24.0469 0472 C:\Windows\System32\drivers\raspptp.sys - ok
20:03:24.0469 0472 [ C6A593B51F34C33E5474539544072527 ] C:\Windows\System32\drivers\rassstp.sys
20:03:24.0469 0472 C:\Windows\System32\drivers\rassstp.sys - ok
20:03:24.0485 0472 [ 8C19678D22649EC002EF2282EAE92F98 ] C:\Windows\System32\drivers\termdd.sys
20:03:24.0485 0472 C:\Windows\System32\drivers\termdd.sys - ok
20:03:24.0485 0472 [ 6DF6A6E5642D97B07214B1FBED4A15B3 ] C:\Windows\System32\drivers\ks.sys
20:03:24.0485 0472 C:\Windows\System32\drivers\ks.sys - ok
20:03:24.0501 0472 [ 855796E59DF77EA93AF46F20155BF55B ] C:\Windows\System32\drivers\mssmbios.sys
20:03:24.0501 0472 C:\Windows\System32\drivers\mssmbios.sys - ok
20:03:24.0501 0472 [ 8A851CA908B8B974F89C50D2E18D4F0C ] C:\Windows\System32\drivers\swenum.sys
20:03:24.0501 0472 C:\Windows\System32\drivers\swenum.sys - ok
20:03:24.0516 0472 [ 46E9A994C4FED537DD951F60B86AD3F4 ] C:\Windows\System32\drivers\umbus.sys
20:03:24.0516 0472 C:\Windows\System32\drivers\umbus.sys - ok
20:03:24.0516 0472 [ 697C45D6CEA9AD978F90636BE7C93229 ] C:\Windows\System32\drivers\usbhub.sys
20:03:24.0516 0472 C:\Windows\System32\drivers\usbhub.sys - ok
20:03:24.0532 0472 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] C:\Windows\System32\drivers\ndproxy.sys
20:03:24.0532 0472 C:\Windows\System32\drivers\ndproxy.sys - ok
20:03:24.0532 0472 [ A54FA007FD0349AB68DE6D3016A95C8C ] C:\Windows\System32\drivers\drmk.sys
20:03:24.0547 0472 C:\Windows\System32\drivers\drmk.sys - ok
20:03:24.0547 0472 [ 1D419CF43DB29396ECD7113D129D94EB ] C:\Windows\System32\drivers\ksthunk.sys
20:03:24.0547 0472 C:\Windows\System32\drivers\ksthunk.sys - ok
20:03:24.0563 0472 [ 7B7820082CACF593D6FF343D082A3AA3 ] C:\Windows\System32\drivers\portcls.sys
20:03:24.0563 0472 C:\Windows\System32\drivers\portcls.sys - ok
20:03:24.0563 0472 [ F3F6C17F70EBA268CDBE4F9704E3EAC5 ] C:\Windows\System32\drivers\stwrt64.sys
20:03:24.0563 0472 C:\Windows\System32\drivers\stwrt64.sys - ok
20:03:24.0579 0472 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] C:\Windows\System32\drivers\NSTx64\0200000.010\ccSetx64.sys
20:03:24.0579 0472 C:\Windows\System32\drivers\NSTx64\0200000.010\ccSetx64.sys - ok
20:03:24.0579 0472 [ 78A3903702B7535154F56685CA1517D4 ] C:\Windows\System32\drivers\eamonm.sys
20:03:24.0579 0472 C:\Windows\System32\drivers\eamonm.sys - ok
20:03:24.0594 0472 [ 5779B86CD8B32519FBECB136394D946A ] C:\Windows\System32\drivers\fs_rec.sys
20:03:24.0594 0472 C:\Windows\System32\drivers\fs_rec.sys - ok
20:03:24.0594 0472 [ DD5D684975352B85B52E3FD5347C20CB ] C:\Windows\System32\drivers\null.sys
20:03:24.0594 0472 C:\Windows\System32\drivers\null.sys - ok
20:03:24.0610 0472 [ 9E39134330C18CBAC0F24C1283701D7E ] C:\Windows\System32\drivers\ehdrv.sys
20:03:24.0610 0472 C:\Windows\System32\drivers\ehdrv.sys - ok
20:03:24.0610 0472 [ 39E74E264338934DBF11F8DB79A3E116 ] C:\Windows\System32\drivers\RTSTOR64.sys
20:03:24.0610 0472 C:\Windows\System32\drivers\RTSTOR64.sys - ok
20:03:24.0625 0472 [ 523E8AEFC33E427D8575BDB57548A8C3 ] C:\Windows\System32\drivers\usbd.sys
20:03:24.0625 0472 C:\Windows\System32\drivers\usbd.sys - ok
20:03:24.0625 0472 [ B13C6930BE914AA433C320E01B0182F3 ] C:\Windows\System32\drivers\hidparse.sys
20:03:24.0625 0472 C:\Windows\System32\drivers\hidparse.sys - ok
20:03:24.0641 0472 [ DBDF75D51464FBC47D0104EC3D572C05 ] C:\Windows\System32\drivers\kbdhid.sys
20:03:24.0641 0472 C:\Windows\System32\drivers\kbdhid.sys - ok
20:03:24.0641 0472 [ B83AB16B51FEDA65DD81B8C59D114D63 ] C:\Windows\System32\drivers\vga.sys
20:03:24.0641 0472 C:\Windows\System32\drivers\vga.sys - ok
20:03:24.0657 0472 [ 84F9479F8BD5EF517E98CBBD8D3300F7 ] C:\Windows\System32\drivers\videoprt.sys
20:03:24.0657 0472 C:\Windows\System32\drivers\videoprt.sys - ok
20:03:24.0657 0472 [ 603900CC05F6BE65CCBF373800AF3716 ] C:\Windows\System32\drivers\RDPCDD.sys
20:03:24.0657 0472 C:\Windows\System32\drivers\RDPCDD.sys - ok
20:03:24.0672 0472 [ CAB9421DAF3D97B33D0D055858E2C3AB ] C:\Windows\System32\drivers\RDPENCDD.sys
20:03:24.0672 0472 C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:03:24.0672 0472 [ 704F59BFC4512D2BB0146AEC31B10A7C ] C:\Windows\System32\drivers\msfs.sys
20:03:24.0672 0472 C:\Windows\System32\drivers\msfs.sys - ok
20:03:24.0688 0472 [ B298874F8E0EA93F06EC40AA8D146478 ] C:\Windows\System32\drivers\npfs.sys
20:03:24.0688 0472 C:\Windows\System32\drivers\npfs.sys - ok
20:03:24.0688 0472 [ 1013B3B663A56D3DDD784F581C1BD005 ] C:\Windows\System32\drivers\rasacd.sys
20:03:24.0688 0472 C:\Windows\System32\drivers\rasacd.sys - ok
20:03:24.0703 0472 [ 458919C8C42E398DC4802178D5FFEE27 ] C:\Windows\System32\drivers\tdx.sys
20:03:24.0703 0472 C:\Windows\System32\drivers\tdx.sys - ok
20:03:24.0703 0472 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] C:\Windows\System32\drivers\smb.sys
20:03:24.0703 0472 C:\Windows\System32\drivers\smb.sys - ok
20:03:24.0719 0472 [ C4F6CE6087760AD70960C9EB130E7943 ] C:\Windows\System32\drivers\afd.sys
20:03:24.0719 0472 C:\Windows\System32\drivers\afd.sys - ok
20:03:24.0719 0472 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] C:\Windows\System32\drivers\netbt.sys
20:03:24.0719 0472 C:\Windows\System32\drivers\netbt.sys - ok
20:03:24.0735 0472 [ A499294F5029A7862ADC115BDA7371CE ] C:\Windows\System32\drivers\netbios.sys
20:03:24.0735 0472 C:\Windows\System32\drivers\netbios.sys - ok
20:03:24.0735 0472 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] C:\Windows\System32\drivers\pacer.sys
20:03:24.0735 0472 C:\Windows\System32\drivers\pacer.sys - ok
20:03:24.0750 0472 [ B8E7049622300D20BA6D8BE0C47C0CFD ] C:\Windows\System32\drivers\wanarp.sys
20:03:24.0750 0472 C:\Windows\System32\drivers\wanarp.sys - ok
20:03:24.0750 0472 [ 1523AF19EE8B030BA682F7A53537EAEB ] C:\Windows\System32\drivers\nsiproxy.sys
20:03:24.0750 0472 C:\Windows\System32\drivers\nsiproxy.sys - ok
20:03:24.0766 0472 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] C:\Windows\System32\drivers\rdbss.sys
20:03:24.0766 0472 C:\Windows\System32\drivers\rdbss.sys - ok
20:03:24.0766 0472 [ 8B722BA35205C71E7951CDC4CDBADE19 ] C:\Windows\System32\drivers\dfsc.sys
20:03:24.0766 0472 C:\Windows\System32\drivers\dfsc.sys - ok
20:03:24.0781 0472 [ 784491AA0A781059AA3EC0BCB7AD760A ] C:\Windows\System32\ntdll.dll
20:03:24.0781 0472 C:\Windows\System32\ntdll.dll - ok
20:03:24.0781 0472 [ C17704EA5B0F83D78F1377075FFE1C89 ] C:\Windows\System32\smss.exe
20:03:24.0781 0472 C:\Windows\System32\smss.exe - ok
20:03:24.0797 0472 [ E24D4475713CB382A720D003BDDA9628 ] C:\Windows\System32\autochk.exe
20:03:24.0797 0472 C:\Windows\System32\autochk.exe - ok
20:03:24.0797 0472 [ 07E3498FC60834219D2356293DA0FECC ] C:\Windows\System32\drivers\usbccgp.sys
20:03:24.0797 0472 C:\Windows\System32\drivers\usbccgp.sys - ok
20:03:24.0813 0472 [ D460884EB05B90D06B35A1DBC31928DF ] C:\Windows\System32\drivers\OA009Vid.sys
20:03:24.0813 0472 C:\Windows\System32\drivers\OA009Vid.sys - ok
20:03:24.0813 0472 [ 404B0121AE1A75D9A63B6934EB07C258 ] C:\Windows\System32\drivers\OA009Ufd.sys
20:03:24.0813 0472 C:\Windows\System32\drivers\OA009Ufd.sys - ok
20:03:24.0828 0472 [ 62C15795629FA290656C6A7E5CD25F52 ] C:\Windows\System32\imm32.dll
20:03:24.0828 0472 C:\Windows\System32\imm32.dll - ok
20:03:24.0828 0472 [ C669ABA2C3298B4B4F252EB6A5AE8964 ] C:\Windows\System32\gdi32.dll
20:03:24.0828 0472 C:\Windows\System32\gdi32.dll - ok
20:03:24.0844 0472 [ AA09B70F619CBF499EFC22E7A63E3CE6 ] C:\Windows\System32\comdlg32.dll
20:03:24.0844 0472 C:\Windows\System32\comdlg32.dll - ok
20:03:24.0844 0472 [ 487C3C0927F67331681294B867A4141B ] C:\Windows\System32\shell32.dll
20:03:24.0844 0472 C:\Windows\System32\shell32.dll - ok
20:03:24.0859 0472 [ 604384D4459F4A68FF88E7C212C43F61 ] C:\Windows\System32\shlwapi.dll
20:03:24.0859 0472 C:\Windows\System32\shlwapi.dll - ok
20:03:24.0859 0472 [ 09ED5DF1622C759B5EB9C40B89FD310A ] C:\Windows\System32\imagehlp.dll
20:03:24.0859 0472 C:\Windows\System32\imagehlp.dll - ok
20:03:24.0875 0472 [ ADC1964755BB12485A15070A4D4F2697 ] C:\Windows\System32\Wldap32.dll
20:03:24.0875 0472 C:\Windows\System32\Wldap32.dll - ok
20:03:24.0875 0472 [ 435E9C764E1EF70058580996452BE6A2 ] C:\Windows\System32\wininet.dll
20:03:24.0875 0472 C:\Windows\System32\wininet.dll - ok
20:03:24.0891 0472 [ DB310BF331A32FD208CADA64ABA2903A ] C:\Windows\System32\clbcatq.dll
20:03:24.0891 0472 C:\Windows\System32\clbcatq.dll - ok
20:03:24.0891 0472 [ 0CB93E3F36C4F4122E7CBBAA731F67D1 ] C:\Windows\System32\ole32.dll
20:03:24.0891 0472 C:\Windows\System32\ole32.dll - ok
20:03:24.0906 0472 [ 87BEA2616EFDEC6A1CB3BFCFB09D816A ] C:\Windows\System32\urlmon.dll
20:03:24.0906 0472 C:\Windows\System32\urlmon.dll - ok
20:03:24.0906 0472 [ F431C3C86FCCC1C53814F043A6CAD825 ] C:\Windows\System32\iertutil.dll
20:03:24.0906 0472 C:\Windows\System32\iertutil.dll - ok
20:03:24.0922 0472 [ A02EB771DAE80667E3C877CF19E3F6EE ] C:\Windows\System32\kernel32.dll
20:03:24.0922 0472 C:\Windows\System32\kernel32.dll - ok
20:03:24.0937 0472 [ 87CB61DF57FEC0948A26F9E671ADD81A ] C:\Windows\System32\msctf.dll
20:03:24.0937 0472 C:\Windows\System32\msctf.dll - ok
20:03:24.0937 0472 [ 7CAF51D586DFE475147DFB158BEBB3F8 ] C:\Windows\System32\nsi.dll
20:03:24.0937 0472 C:\Windows\System32\nsi.dll - ok
20:03:24.0953 0472 [ 8E0189219E941613B1512431604114E0 ] C:\Windows\System32\rpcrt4.dll
20:03:24.0953 0472 C:\Windows\System32\rpcrt4.dll - ok
20:03:24.0953 0472 [ BE2E23B3DD533B33338D9B3D826574DA ] C:\Windows\System32\setupapi.dll
20:03:24.0953 0472 C:\Windows\System32\setupapi.dll - ok
20:03:24.0969 0472 [ 891E1D0DCDE747C8F1EE71E61EA193F5 ] C:\Windows\System32\lpk.dll
20:03:24.0969 0472 C:\Windows\System32\lpk.dll - ok
20:03:24.0969 0472 [ 533B3BA63E5DB49FC59A842A1DE3121F ] C:\Windows\System32\normaliz.dll
20:03:24.0969 0472 C:\Windows\System32\normaliz.dll - ok
20:03:24.0984 0472 [ 3B2671CBC989F1B2084290D787DE8499 ] C:\Windows\System32\oleaut32.dll
20:03:24.0984 0472 C:\Windows\System32\oleaut32.dll - ok
20:03:24.0984 0472 [ BAB10B35E2D5EE0DC3DE05A177C52C50 ] C:\Windows\System32\ws2_32.dll
20:03:24.0984 0472 C:\Windows\System32\ws2_32.dll - ok
20:03:25.0000 0472 [ F3F5549E69AE8509342E67E4F972CA1C ] C:\Windows\System32\user32.dll
20:03:25.0000 0472 C:\Windows\System32\user32.dll - ok
20:03:25.0000 0472 [ 2C74308C8A20F3F3A2226DFE36914CBF ] C:\Windows\System32\msvcrt.dll
20:03:25.0000 0472 C:\Windows\System32\msvcrt.dll - ok
20:03:25.0015 0472 [ BB8C4784AA400BDC3D51B6ACAA077E96 ] C:\Windows\System32\advapi32.dll
20:03:25.0015 0472 C:\Windows\System32\advapi32.dll - ok
20:03:25.0031 0472 [ 11EAF90B44A9E378CB6F4ECBF2471F60 ] C:\Windows\System32\usp10.dll
20:03:25.0031 0472 C:\Windows\System32\usp10.dll - ok
20:03:25.0031 0472 [ 74ABE02BF1937B32C6FC169A782FCF60 ] C:\Windows\System32\comctl32.dll
20:03:25.0031 0472 C:\Windows\System32\comctl32.dll - ok
20:03:25.0047 0472 [ AEF2D8B0B518A5623FC5F9832F622677 ] C:\Windows\System32\psapi.dll
20:03:25.0047 0472 C:\Windows\System32\psapi.dll - ok
20:03:25.0047 0472 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\SysWOW64\normaliz.dll
20:03:25.0047 0472 C:\Windows\SysWOW64\normaliz.dll - ok
20:03:25.0062 0472 [ 4C2DC63036D452FDB636D58D8EA7BC90 ] C:\Windows\System32\drivers\dxapi.sys
20:03:25.0062 0472 C:\Windows\System32\drivers\dxapi.sys - ok
20:03:25.0078 0472 [ D11142F49D42679E662F5B97694FA8E3 ] C:\Windows\System32\win32k.sys
20:03:25.0078 0472 C:\Windows\System32\win32k.sys - ok
20:03:25.0078 0472 [ D01E68E878FC8E3D79A1E84308745E82 ] C:\Windows\System32\csrsrv.dll
20:03:25.0078 0472 C:\Windows\System32\csrsrv.dll - ok
20:03:25.0078 0472 [ B4ABE68596B173FF2AB2076BC7C35EB4 ] C:\Windows\System32\csrss.exe
20:03:25.0078 0472 C:\Windows\System32\csrss.exe - ok
20:03:25.0093 0472 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\System32\basesrv.dll
20:03:25.0093 0472 C:\Windows\System32\basesrv.dll - ok
20:03:25.0109 0472 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\System32\winsrv.dll
20:03:25.0109 0472 C:\Windows\System32\winsrv.dll - ok
20:03:25.0109 0472 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] C:\Windows\System32\drivers\monitor.sys
20:03:25.0109 0472 C:\Windows\System32\drivers\monitor.sys - ok
20:03:25.0125 0472 [ 86173B7125321C93E355DF3837039244 ] C:\Windows\System32\tsddd.dll
20:03:25.0125 0472 C:\Windows\System32\tsddd.dll - ok
20:03:25.0125 0472 [ 117EA87DF785CA1B9D821F6F213DCE07 ] C:\Windows\System32\wininit.exe
20:03:25.0125 0472 C:\Windows\System32\wininit.exe - ok
20:03:25.0140 0472 [ 95E848589698D6CF716ECF1403925DFC ] C:\Windows\System32\userenv.dll
20:03:25.0140 0472 C:\Windows\System32\userenv.dll - ok
20:03:25.0140 0472 [ FEA83138B1C1D6EB55046C4612905888 ] C:\Windows\System32\secur32.dll
20:03:25.0140 0472 C:\Windows\System32\secur32.dll - ok
20:03:25.0156 0472 [ 89A722B06A83706797E283016181BEAB ] C:\Windows\System32\KBDUS.DLL
20:03:25.0156 0472 C:\Windows\System32\KBDUS.DLL - ok
20:03:25.0156 0472 [ F33E804A031F160D128AB78990DE7C91 ] C:\Windows\System32\apphelp.dll
20:03:25.0156 0472 C:\Windows\System32\apphelp.dll - ok
20:03:25.0171 0472 [ D1BDCF6DE24D16E16FC57AEE4A1BE9AE ] C:\Windows\System32\WlS0WndH.dll
20:03:25.0171 0472 C:\Windows\System32\WlS0WndH.dll - ok
20:03:25.0187 0472 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\System32\services.exe
20:03:25.0187 0472 C:\Windows\System32\services.exe - ok
20:03:25.0187 0472 [ 16687F0351E513BF2019073ABF02B585 ] C:\Windows\System32\sxs.dll
20:03:25.0187 0472 C:\Windows\System32\sxs.dll - ok
20:03:25.0187 0472 [ AFBE3FC3CF0996A9ABC8925419250AB3 ] C:\Windows\System32\cdd.dll
20:03:25.0187 0472 C:\Windows\System32\cdd.dll - ok
20:03:25.0203 0472 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] C:\Windows\System32\lsass.exe
20:03:25.0203 0472 C:\Windows\System32\lsass.exe - ok
20:03:25.0203 0472 [ 6D0773A3A65D28B663F334C90441D01A ] C:\Windows\System32\winlogon.exe
20:03:25.0203 0472 C:\Windows\System32\winlogon.exe - ok
20:03:25.0218 0472 [ 902F14A1FDF1B4A543326A35CB21EB1F ] C:\Windows\System32\lsasrv.dll
20:03:25.0218 0472 C:\Windows\System32\lsasrv.dll - ok
20:03:25.0218 0472 [ 54D814DC2FA54AA847D240D4EA0E6586 ] C:\Windows\System32\lsm.exe
20:03:25.0218 0472 C:\Windows\System32\lsm.exe - ok
20:03:25.0234 0472 [ 495EB57ACF30983AA441B70A8DE2B7ED ] C:\Windows\System32\scesrv.dll
20:03:25.0234 0472 C:\Windows\System32\scesrv.dll - ok
20:03:25.0234 0472 [ 1671EF15434501ABBE9E7BE905EF998B ] C:\Windows\System32\winsta.dll
20:03:25.0234 0472 C:\Windows\System32\winsta.dll - ok
20:03:25.0249 0472 [ 009456399B31D69C67654F6C3618D9A8 ] C:\Windows\System32\sysntfy.dll
20:03:25.0249 0472 C:\Windows\System32\sysntfy.dll - ok
20:03:25.0249 0472 [ 0C2E0A8562FE4B33D00E175A97E05793 ] C:\Windows\System32\wmsgapi.dll
20:03:25.0249 0472 C:\Windows\System32\wmsgapi.dll - ok
20:03:25.0265 0472 [ 5EF9205E045643A5A75A82B116395B25 ] C:\Windows\System32\authz.dll
20:03:25.0265 0472 C:\Windows\System32\authz.dll - ok
20:03:25.0265 0472 [ F3E5C76AA1175D29F6459BDB7DF345EC ] C:\Windows\System32\netapi32.dll
20:03:25.0265 0472 C:\Windows\System32\netapi32.dll - ok
20:03:25.0281 0472 [ FA19D9DE54B122316274703D50F34130 ] C:\Windows\System32\ncobjapi.dll
20:03:25.0281 0472 C:\Windows\System32\ncobjapi.dll - ok
20:03:25.0281 0472 [ 0F421175574BFE0BF2F4D8E910A253BB ] C:\Windows\System32\aelupsvc.dll
20:03:25.0281 0472 C:\Windows\System32\aelupsvc.dll - ok
20:03:25.0296 0472 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] C:\Windows\System32\alg.exe
20:03:25.0296 0472 C:\Windows\System32\alg.exe - ok
20:03:25.0296 0472 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] C:\Windows\System32\appinfo.dll
20:03:25.0296 0472 C:\Windows\System32\appinfo.dll - ok
20:03:25.0312 0472 [ 15C815573011719585EB836614ED1DF1 ] C:\Windows\System32\rascfg.dll
20:03:25.0312 0472 C:\Windows\System32\rascfg.dll - ok
20:03:25.0312 0472 [ 79318C744693EC983D20E9337A2F8196 ] C:\Windows\System32\audiosrv.dll
20:03:25.0312 0472 C:\Windows\System32\audiosrv.dll - ok
20:03:25.0327 0472 [ 60EEC5440C2D05E5FDA04900E45FF717 ] C:\Windows\System32\samsrv.dll
20:03:25.0327 0472 C:\Windows\System32\samsrv.dll - ok
20:03:25.0327 0472 [ FFB96C2589FFA60473EAD78B39FBDE29 ] C:\Windows\System32\BFE.DLL
20:03:25.0327 0472 C:\Windows\System32\BFE.DLL - ok
20:03:25.0343 0472 [ 419CE835359938213BD32A7AA327F2B9 ] C:\Windows\System32\cryptdll.dll
20:03:25.0343 0472 C:\Windows\System32\cryptdll.dll - ok
20:03:25.0343 0472 [ E4C283A98F118CEC9E087EAC4E9EFB6A ] C:\Windows\System32\dnsapi.dll
20:03:25.0343 0472 C:\Windows\System32\dnsapi.dll - ok
20:03:25.0359 0472 [ 6D316F4859634071CC25C4FD4589AD2C ] C:\Windows\System32\qmgr.dll
20:03:25.0359 0472 C:\Windows\System32\qmgr.dll - ok
20:03:25.0359 0472 [ 5279672A8BDAF3CFB0A4C6E0591987AC ] C:\Windows\System32\samlib.dll
20:03:25.0359 0472 C:\Windows\System32\samlib.dll - ok
20:03:25.0374 0472 [ 301D19A870E40C12540BE46034BD6B20 ] C:\Windows\System32\msasn1.dll
20:03:25.0374 0472 C:\Windows\System32\msasn1.dll - ok
20:03:25.0374 0472 [ 33741BA808457C9AF07055C0FBEFE973 ] C:\Windows\System32\ntdsapi.dll
20:03:25.0374 0472 C:\Windows\System32\ntdsapi.dll - ok
20:03:25.0390 0472 [ 9BDB79FD2FD662BA9AD573C3EC0342A6 ] C:\Windows\System32\crypt32.dll
20:03:25.0390 0472 C:\Windows\System32\crypt32.dll - ok
20:03:25.0390 0472 [ D7924B0F3AB5574BF59CA2892BE8961A ] C:\Windows\System32\feclient.dll
20:03:25.0390 0472 C:\Windows\System32\feclient.dll - ok
20:03:25.0405 0472 [ B3EBBD687BDFCBBBBCB6115B682D1845 ] C:\Windows\System32\mpr.dll
20:03:25.0405 0472 C:\Windows\System32\mpr.dll - ok
20:03:25.0405 0472 [ A1B39DE453433B115B4EA69EE0343816 ] C:\Windows\System32\browser.dll
20:03:25.0405 0472 C:\Windows\System32\browser.dll - ok
20:03:25.0421 0472 [ 5A268127633C7EE2A7FB87F39D748D56 ] C:\Windows\System32\certprop.dll
20:03:25.0421 0472 C:\Windows\System32\certprop.dll - ok
20:03:25.0421 0472 [ DDEE5FE5C3C3141CE02DE6B7B2BF686B ] C:\Windows\System32\comres.dll
20:03:25.0421 0472 C:\Windows\System32\comres.dll - ok
20:03:25.0437 0472 [ EE11F2630840479C4AA784AF3770F8E2 ] C:\Windows\System32\SLC.dll
20:03:25.0437 0472 C:\Windows\System32\SLC.dll - ok
20:03:25.0437 0472 [ 45B4004F43B48E4A3F12B85891F81221 ] C:\Windows\System32\wevtapi.dll
20:03:25.0437 0472 C:\Windows\System32\wevtapi.dll - ok
20:03:25.0452 0472 [ CA78B312C44E4D52E842C2C8BD48E452 ] C:\Windows\System32\cryptsvc.dll
20:03:25.0452 0472 C:\Windows\System32\cryptsvc.dll - ok
20:03:25.0452 0472 [ A9D70295BA8F31D5EA118B0A6B74183E ] C:\Windows\System32\IPHLPAPI.DLL
20:03:25.0452 0472 C:\Windows\System32\IPHLPAPI.DLL - ok
20:03:25.0468 0472 [ 2E4733239CB09A2212C44FCD1C1B4CC9 ] C:\Windows\System32\dfsrres.dll
20:03:25.0468 0472 C:\Windows\System32\dfsrres.dll - ok
20:03:25.0468 0472 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] C:\Windows\System32\dhcpcsvc.dll
20:03:25.0468 0472 C:\Windows\System32\dhcpcsvc.dll - ok
20:03:25.0483 0472 [ CE7183F26642FAFE46C8374AE70A66DB ] C:\Windows\System32\oleres.dll
20:03:25.0483 0472 C:\Windows\System32\oleres.dll - ok
20:03:25.0483 0472 [ 956148910C7EB6A8C095D9B4E6F94E62 ] C:\Windows\System32\dhcpcsvc6.dll
20:03:25.0483 0472 C:\Windows\System32\dhcpcsvc6.dll - ok
20:03:25.0499 0472 [ 58AAAEA100F45F4F44297D6DE9ACF8ED ] C:\Windows\System32\winnsi.dll
20:03:25.0499 0472 C:\Windows\System32\winnsi.dll - ok
20:03:25.0499 0472 [ 21322B1A2AD337C579F4A65EA0D25193 ] C:\Windows\System32\cngaudit.dll
20:03:25.0499 0472 C:\Windows\System32\cngaudit.dll - ok
20:03:25.0515 0472 [ 1A7156DD1E850E9914E5E991E3225B94 ] C:\Windows\System32\dot3svc.dll
20:03:25.0515 0472 C:\Windows\System32\dot3svc.dll - ok
20:03:25.0515 0472 [ FD51DED28EEC823940432D05BACE2490 ] C:\Windows\System32\ncrypt.dll
20:03:25.0515 0472 C:\Windows\System32\ncrypt.dll - ok
20:03:25.0515 0472 [ 02EE316487BCC8F4F6017CAD538365CC ] C:\Windows\System32\bcrypt.dll
20:03:25.0515 0472 C:\Windows\System32\bcrypt.dll - ok
20:03:25.0546 0472 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] C:\Windows\System32\dps.dll
20:03:25.0546 0472 C:\Windows\System32\dps.dll - ok
20:03:25.0546 0472 [ C2303883FD9BE49DC36A6400643002EA ] C:\Windows\System32\eapsvc.dll
20:03:25.0546 0472 C:\Windows\System32\eapsvc.dll - ok
20:03:25.0561 0472 [ 14CE384D2E27B64C256BDA4DC39C312D ] C:\Windows\ehome\ehrecvr.exe
20:03:25.0561 0472 C:\Windows\ehome\ehrecvr.exe - ok
20:03:25.0561 0472 [ B93159C1313D66FDFBBE876F5189CD52 ] C:\Windows\ehome\ehsched.exe
20:03:25.0561 0472 C:\Windows\ehome\ehsched.exe - ok
20:03:25.0561 0472 [ F5EE2527D74449868E3C3227A59BCD28 ] C:\Windows\ehome\ehstart.dll
20:03:25.0561 0472 C:\Windows\ehome\ehstart.dll - ok
20:03:25.0577 0472 [ B7CCDC4B877DC3CC665DE8F322F2BD9E ] C:\Windows\System32\credssp.dll
20:03:25.0577 0472 C:\Windows\System32\credssp.dll - ok
20:03:25.0577 0472 [ A9B18B63A4FD6BAAB83326706D857FAB ] C:\Windows\System32\emdmgmt.dll
20:03:25.0577 0472 C:\Windows\System32\emdmgmt.dll - ok
20:03:25.0593 0472 [ F7097878AE102618656A04F03951C339 ] C:\Windows\System32\msprivs.dll
20:03:25.0593 0472 C:\Windows\System32\msprivs.dll - ok
20:03:25.0593 0472 [ B3564B747D0B059D99E888F8369E56BC ] C:\Windows\System32\wevtsvc.dll
20:03:25.0593 0472 C:\Windows\System32\wevtsvc.dll - ok
20:03:25.0608 0472 [ CD6D49EA9DBBD3EA9E449FD84C51C731 ] C:\Windows\System32\kerberos.dll
20:03:25.0608 0472 C:\Windows\System32\kerberos.dll - ok
20:03:25.0608 0472 [ 253607D6C54A1604436F08E67CCED044 ] C:\Windows\System32\WSHTCPIP.DLL
20:03:25.0608 0472 C:\Windows\System32\WSHTCPIP.DLL - ok
20:03:25.0624 0472 [ 2C305F6445662EFF9A08B1BA41784CC0 ] C:\Windows\System32\wship6.dll
20:03:25.0624 0472 C:\Windows\System32\wship6.dll - ok
20:03:25.0624 0472 [ 599DA6EB260D9601D2D67AE177F95568 ] C:\Windows\System32\wshqos.dll
20:03:25.0624 0472 C:\Windows\System32\wshqos.dll - ok
20:03:25.0639 0472 [ F145BF4C4668E7E312069F81EF847CFC ] C:\Windows\System32\nlasvc.dll
20:03:25.0639 0472 C:\Windows\System32\nlasvc.dll - ok
20:03:25.0639 0472 [ BB9267ACACD8B7533DD936C34A0CBA5E ] C:\Windows\System32\fdPHost.dll
20:03:25.0639 0472 C:\Windows\System32\fdPHost.dll - ok
20:03:25.0655 0472 [ 300C80931EABBE1DB7591C516EFE8D0F ] C:\Windows\System32\FDResPub.dll
20:03:25.0655 0472 C:\Windows\System32\FDResPub.dll - ok
20:03:25.0655 0472 [ 062972C53BDC6819CE0BAAAA5382F758 ] C:\Windows\System32\NapiNSP.dll
20:03:25.0655 0472 C:\Windows\System32\NapiNSP.dll - ok
20:03:25.0671 0472 [ E1BAEEE7949ED5019259E69393367400 ] C:\Windows\System32\pnrpnsp.dll
20:03:25.0671 0472 C:\Windows\System32\pnrpnsp.dll - ok
20:03:25.0686 0472 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] C:\Windows\System32\FntCache.dll
20:03:25.0686 0472 C:\Windows\System32\FntCache.dll - ok
20:03:25.0702 0472 [ BB08D93011B82883EC33C7707A9627BE ] C:\Windows\System32\mswsock.dll
20:03:25.0702 0472 C:\Windows\System32\mswsock.dll - ok
20:03:25.0702 0472 [ 434B2B82B237FC2F4F8F6844A8FF1909 ] C:\Windows\System32\msv1_0.dll
20:03:25.0702 0472 C:\Windows\System32\msv1_0.dll - ok
20:03:25.0717 0472 [ A3F1B171702CA04744EE514243B45BFB ] C:\Windows\System32\netlogon.dll
20:03:25.0717 0472 C:\Windows\System32\netlogon.dll - ok
20:03:25.0717 0472 [ E60BB0CDC5EA153F6D24C51AAD4A73FD ] C:\Windows\System32\PresentationHost.exe
20:03:25.0717 0472 C:\Windows\System32\PresentationHost.exe - ok
20:03:25.0733 0472 [ CA307C0BD127FA7ADE5E6FEE8750F046 ] C:\Windows\System32\winbrand.dll
20:03:25.0733 0472 C:\Windows\System32\winbrand.dll - ok
20:03:25.0733 0472 [ 899F834C330A96A80EC36DAEDA2FF018 ] C:\Windows\System32\gpapi.dll
20:03:25.0733 0472 C:\Windows\System32\gpapi.dll - ok
20:03:25.0749 0472 [ 59361D38A297755D46A540E450202B2A ] C:\Windows\System32\hidserv.dll
20:03:25.0749 0472 C:\Windows\System32\hidserv.dll - ok
20:03:25.0764 0472 [ B12F367EA39C0795FD57E31242CE1A5A ] C:\Windows\System32\KMSVC.DLL
20:03:25.0764 0472 C:\Windows\System32\KMSVC.DLL - ok
20:03:25.0764 0472 [ 42161FDC47A49CD513D29BACB99D6E0D ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
20:03:25.0764 0472 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
20:03:25.0780 0472 [ 0C9EA6E654E7B0471741E343A6C671AF ] C:\Windows\System32\IKEEXT.DLL
20:03:25.0780 0472 C:\Windows\System32\IKEEXT.DLL - ok
20:03:25.0795 0472 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] C:\Windows\System32\IPBusEnum.dll
20:03:25.0795 0472 C:\Windows\System32\IPBusEnum.dll - ok
20:03:25.0811 0472 [ 4C7F1DA7E2BF41EB19208540DD5574C8 ] C:\Windows\System32\schannel.dll
20:03:25.0811 0472 C:\Windows\System32\schannel.dll - ok
20:03:25.0811 0472 [ BF0DBFA9792C5C14FA00F61C75116C1B ] C:\Windows\System32\iphlpsvc.dll
20:03:25.0811 0472 C:\Windows\System32\iphlpsvc.dll - ok
20:03:25.0827 0472 [ C6336D1625515CC5F70E5630CFF14182 ] C:\Windows\System32\keyiso.dll
20:03:25.0827 0472 C:\Windows\System32\keyiso.dll - ok
20:03:25.0827 0472 [ B4A04D5AA66E8F77DE19E0EB89C52D2B ] C:\Windows\System32\wdigest.dll
20:03:25.0827 0472 C:\Windows\System32\wdigest.dll - ok
20:03:25.0842 0472 [ 4D27759CC69F69E4B3228A970FF55F88 ] C:\Windows\System32\rsaenh.dll
20:03:25.0842 0472 C:\Windows\System32\rsaenh.dll - ok
20:03:25.0842 0472 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] C:\Windows\System32\srvsvc.dll
20:03:25.0842 0472 C:\Windows\System32\srvsvc.dll - ok
20:03:25.0858 0472 [ CAF86FC1388BE1E470F1A7B43E348ADB ] C:\Windows\System32\wkssvc.dll
20:03:25.0858 0472 C:\Windows\System32\wkssvc.dll - ok
20:03:25.0858 0472 [ BC69DA355B62C898DFEA93851335EAF0 ] C:\Windows\System32\TSpkg.dll
20:03:25.0858 0472 C:\Windows\System32\TSpkg.dll - ok
20:03:25.0873 0472 [ 4698036AE905F88E02C3F69BA77981FB ] C:\Windows\ehome\ehres.dll
20:03:25.0873 0472 C:\Windows\ehome\ehres.dll - ok
20:03:25.0873 0472 [ 4B8C95B49C58D7A41BF3FE38AA64DC6C ] C:\Windows\System32\lltdres.dll
20:03:25.0873 0472 C:\Windows\System32\lltdres.dll - ok
20:03:25.0889 0472 [ A47F8080CACC23C91FE823AD19AA5612 ] C:\Windows\System32\lmhsvc.dll
20:03:25.0889 0472 C:\Windows\System32\lmhsvc.dll - ok
20:03:25.0889 0472 [ FFA2B274A5CC6C9A03CBDCF5B8F0239A ] C:\Windows\System32\FirewallAPI.dll
20:03:25.0889 0472 C:\Windows\System32\FirewallAPI.dll - ok
20:03:25.0905 0472 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] C:\Windows\System32\mmcss.dll
20:03:25.0905 0472 C:\Windows\System32\mmcss.dll - ok
20:03:25.0905 0472 [ 1371FA9D8B1E567AE852E0F74D41D040 ] C:\Windows\System32\iscsidsc.dll
20:03:25.0905 0472 C:\Windows\System32\iscsidsc.dll - ok
20:03:25.0905 0472 [ FCD84867883C365A24C61E50AF8A6DB9 ] C:\Windows\System32\msimsg.dll
20:03:25.0905 0472 C:\Windows\System32\msimsg.dll - ok
20:03:25.0920 0472 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] C:\Windows\System32\QAGENTRT.DLL
20:03:25.0920 0472 C:\Windows\System32\QAGENTRT.DLL - ok
20:03:25.0936 0472 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] C:\Windows\System32\netman.dll
20:03:25.0936 0472 C:\Windows\System32\netman.dll - ok
20:03:25.0936 0472 [ 0341CB05512AA87BB64A834DE6264C34 ] C:\Windows\System32\netprof.dll
20:03:25.0936 0472 C:\Windows\System32\netprof.dll - ok
20:03:25.0936 0472 [ ACB62BAA1C319B17752553DF3026EEEB ] C:\Windows\System32\nsisvc.dll
20:03:25.0936 0472 C:\Windows\System32\nsisvc.dll - ok
20:03:25.0951 0472 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] C:\Windows\System32\p2psvc.dll
20:03:25.0951 0472 C:\Windows\System32\p2psvc.dll - ok
20:03:25.0951 0472 [ 9AB157B374192FF276C1628FBDBA2B0E ] C:\Windows\System32\pcasvc.dll
20:03:25.0951 0472 C:\Windows\System32\pcasvc.dll - ok
20:03:25.0967 0472 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] C:\Windows\System32\pla.dll
20:03:25.0967 0472 C:\Windows\System32\pla.dll - ok
20:03:25.0967 0472 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] C:\Windows\System32\umpnpmgr.dll
20:03:25.0967 0472 C:\Windows\System32\umpnpmgr.dll - ok
20:03:25.0983 0472 [ F7BEA2085635CA9B2B991D8EDC426D3A ] C:\Windows\System32\polstore.dll
20:03:25.0983 0472 C:\Windows\System32\polstore.dll - ok
20:03:25.0983 0472 [ E058CE4FC2449D8BFA14739C83B7FF2A ] C:\Windows\System32\profsvc.dll
20:03:25.0983 0472 C:\Windows\System32\profsvc.dll - ok
20:03:25.0998 0472 [ 43A4F5B4EAC81FA11DAC3143ADC77CBA ] C:\Windows\System32\psbase.dll
20:03:25.0998 0472 C:\Windows\System32\psbase.dll - ok
20:03:26.0014 0472 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] C:\Windows\System32\drivers\qwavedrv.sys
20:03:26.0014 0472 C:\Windows\System32\drivers\qwavedrv.sys - ok
20:03:26.0014 0472 [ 90574842C3DA781E279061A3EFF91F07 ] C:\Windows\System32\qwave.dll
20:03:26.0014 0472 C:\Windows\System32\qwave.dll - ok
20:03:26.0029 0472 [ B2AE18F847D07F0044404DDF7CB04497 ] C:\Windows\System32\rasauto.dll
20:03:26.0029 0472 C:\Windows\System32\rasauto.dll - ok
20:03:26.0029 0472 [ 3AD83E4046C43BE510DE681588ACB8AF ] C:\Windows\System32\rasmans.dll
20:03:26.0029 0472 C:\Windows\System32\rasmans.dll - ok
20:03:26.0029 0472 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] C:\Windows\System32\sstpsvc.dll
20:03:26.0029 0472 C:\Windows\System32\sstpsvc.dll - ok
20:03:26.0092 0472 [ C612B9557DA73F70D41F8A6FBC8E5344 ] C:\Windows\System32\mprdim.dll
20:03:26.0092 0472 C:\Windows\System32\mprdim.dll - ok
20:03:26.0092 0472 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] C:\Windows\System32\regsvc.dll
20:03:26.0092 0472 C:\Windows\System32\regsvc.dll - ok
20:03:26.0107 0472 [ F46C457840D4B7A4DAAFEE739CE04102 ] C:\Windows\System32\Locator.exe
20:03:26.0107 0472 C:\Windows\System32\Locator.exe - ok
20:03:26.0123 0472 [ FD1CDCF108D5EF3366F00D18B70FB89B ] C:\Windows\System32\SCardSvr.dll
20:03:26.0123 0472 C:\Windows\System32\SCardSvr.dll - ok
20:03:26.0123 0472 [ 0F838C811AD295D2A4489B9993096C63 ] C:\Windows\System32\schedsvc.dll
20:03:26.0123 0472 C:\Windows\System32\schedsvc.dll - ok
20:03:26.0123 0472 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] C:\Windows\System32\sdrsvc.dll
20:03:26.0123 0472 C:\Windows\System32\sdrsvc.dll - ok
20:03:26.0139 0472 [ 5ACDCBC67FCF894A1815B9F96D704490 ] C:\Windows\System32\seclogon.dll
20:03:26.0139 0472 C:\Windows\System32\seclogon.dll - ok
20:03:26.0154 0472 [ 90973A64B96CD647FF81C79443618EED ] C:\Windows\System32\Sens.dll
20:03:26.0154 0472 C:\Windows\System32\Sens.dll - ok
20:03:26.0154 0472 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] C:\Windows\System32\SessEnv.dll
20:03:26.0154 0472 C:\Windows\System32\SessEnv.dll - ok
20:03:26.0154 0472 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] C:\Windows\System32\ipnathlp.dll
20:03:26.0154 0472 C:\Windows\System32\ipnathlp.dll - ok
20:03:26.0170 0472 [ 56793271ECDEDD350C5ADD305603E963 ] C:\Windows\System32\shsvcs.dll
20:03:26.0170 0472 C:\Windows\System32\shsvcs.dll - ok
20:03:26.0170 0472 [ A9A27A8E257B45A604FDAD4F26FE7241 ] C:\Windows\System32\SLsvc.exe
20:03:26.0170 0472 C:\Windows\System32\SLsvc.exe - ok
20:03:26.0185 0472 [ FD74B4B7C2088E390A30C85A896FC3AF ] C:\Windows\System32\SLUINotify.dll
20:03:26.0185 0472 C:\Windows\System32\SLUINotify.dll - ok
20:03:26.0185 0472 [ F8F08779E7D997913607B0146710CC04 ] C:\Windows\System32\tcpipcfg.dll
20:03:26.0185 0472 C:\Windows\System32\tcpipcfg.dll - ok
20:03:26.0201 0472 [ F8F47F38909823B1AF28D60B96340CFF ] C:\Windows\System32\snmptrap.exe
20:03:26.0201 0472 C:\Windows\System32\snmptrap.exe - ok
20:03:26.0201 0472 [ F66FF751E7EFC816D266977939EF5DC3 ] C:\Windows\System32\spoolsv.exe
20:03:26.0201 0472 C:\Windows\System32\spoolsv.exe - ok
20:03:26.0217 0472 [ 192C74646EC5725AEF3F80D19FF75F6A ] C:\Windows\System32\ssdpsrv.dll
20:03:26.0217 0472 C:\Windows\System32\ssdpsrv.dll - ok
20:03:26.0217 0472 [ 15825C1FBFB8779992CB65087F316AF5 ] C:\Windows\System32\wiaservc.dll
20:03:26.0217 0472 C:\Windows\System32\wiaservc.dll - ok
20:03:26.0232 0472 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] C:\Windows\System32\swprv.dll
20:03:26.0232 0472 C:\Windows\System32\swprv.dll - ok
20:03:26.0232 0472 [ 92D7A8B0F87B036F17D25885937897A6 ] C:\Windows\System32\sysmain.dll
20:03:26.0232 0472 C:\Windows\System32\sysmain.dll - ok
20:03:26.0248 0472 [ 005CE42567F9113A3BCCB3B20073B029 ] C:\Windows\System32\TabSvc.dll
20:03:26.0248 0472 C:\Windows\System32\TabSvc.dll - ok
20:03:26.0248 0472 [ CC2562B4D55E0B6A4758C65407F63B79 ] C:\Windows\System32\tapisrv.dll
20:03:26.0248 0472 C:\Windows\System32\tapisrv.dll - ok
20:03:26.0263 0472 [ CDBE8D7C1E201B911CDC346D06617FB5 ] C:\Windows\System32\tbssvc.dll
20:03:26.0263 0472 C:\Windows\System32\tbssvc.dll - ok
20:03:26.0263 0472 [ 5CDD30BC217082DAC71A9878D9BFD566 ] C:\Windows\System32\termsrv.dll
20:03:26.0263 0472 C:\Windows\System32\termsrv.dll - ok
20:03:26.0279 0472 [ F4689F05AF472A651A7B1B7B02D200E7 ] C:\Windows\System32\trkwks.dll
20:03:26.0279 0472 C:\Windows\System32\trkwks.dll - ok
20:03:26.0295 0472 [ 66328B08EF5A9305D8EDE36B93930369 ] C:\Windows\servicing\TrustedInstaller.exe
20:03:26.0295 0472 C:\Windows\servicing\TrustedInstaller.exe - ok
20:03:26.0295 0472 [ 060507C4113391394478F6953A79EEDC ] C:\Windows\System32\UI0Detect.exe
20:03:26.0295 0472 C:\Windows\System32\UI0Detect.exe - ok
20:03:26.0310 0472 [ 7093799FF80E9DECA0680D2E3535BE60 ] C:\Windows\System32\upnphost.dll
20:03:26.0310 0472 C:\Windows\System32\upnphost.dll - ok
20:03:26.0310 0472 [ 449F5AB17863698F12F0BC8E99079AA6 ] C:\Windows\System32\dwm.exe
20:03:26.0310 0472 C:\Windows\System32\dwm.exe - ok
20:03:26.0326 0472 [ 294945381DFA7CE58CECF0A9896AF327 ] C:\Windows\System32\vds.exe
20:03:26.0326 0472 C:\Windows\System32\vds.exe - ok
20:03:26.0326 0472 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] C:\Windows\System32\VSSVC.exe
20:03:26.0326 0472 C:\Windows\System32\VSSVC.exe - ok
20:03:26.0341 0472 [ F14A7DE2EA41883E250892E1E5230A9A ] C:\Windows\System32\w32time.dll
20:03:26.0341 0472 C:\Windows\System32\w32time.dll - ok
20:03:26.0341 0472 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] C:\Windows\System32\wcncsvc.dll
20:03:26.0341 0472 C:\Windows\System32\wcncsvc.dll - ok
20:03:26.0357 0472 [ EA4B369560E986F19D93F45A881484AC ] C:\Windows\System32\WcsPlugInService.dll
20:03:26.0357 0472 C:\Windows\System32\WcsPlugInService.dll - ok
20:03:26.0357 0472 [ 442783E2CB0DA19873B7A63833FF4CB4 ] C:\Windows\System32\drivers\Wdf01000.sys
20:03:26.0357 0472 C:\Windows\System32\drivers\Wdf01000.sys - ok
20:03:26.0373 0472 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] C:\Windows\System32\wdi.dll
20:03:26.0373 0472 C:\Windows\System32\wdi.dll - ok
20:03:26.0373 0472 [ 3E6D05381CF35F75EBB055544A8ED9AC ] C:\Windows\System32\WebClnt.dll
20:03:26.0373 0472 C:\Windows\System32\WebClnt.dll - ok
20:03:26.0388 0472 [ 8D40BC587993F876658BF9FB0F7D3462 ] C:\Windows\System32\wecsvc.dll
20:03:26.0388 0472 C:\Windows\System32\wecsvc.dll - ok
20:03:26.0388 0472 [ 9C980351D7E96288EA0C23AE232BD065 ] C:\Windows\System32\wercplsupport.dll
20:03:26.0388 0472 C:\Windows\System32\wercplsupport.dll - ok
20:03:26.0404 0472 [ 66B9ECEBC46683F47EDC06333C075FEF ] C:\Windows\System32\wersvc.dll
20:03:26.0404 0472 C:\Windows\System32\wersvc.dll - ok
20:03:26.0404 0472 [ ECFA1AC9D63D42B9B40AF8B5798513E8 ] C:\Program Files\Windows Defender\MsMpRes.dll
20:03:26.0404 0472 C:\Program Files\Windows Defender\MsMpRes.dll - ok
20:03:26.0419 0472 [ A2D043408A2DC9CDE48CFF88FCD74662 ] C:\Windows\System32\winhttp.dll
20:03:26.0419 0472 C:\Windows\System32\winhttp.dll - ok
20:03:26.0419 0472 [ D2E7296ED1BD26D8DB2799770C077A02 ] C:\Windows\System32\wbem\WMIsvc.dll
20:03:26.0419 0472 C:\Windows\System32\wbem\WMIsvc.dll - ok
20:03:26.0435 0472 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] C:\Windows\System32\WsmSvc.dll
20:03:26.0435 0472 C:\Windows\System32\WsmSvc.dll - ok
20:03:26.0435 0472 [ EC339C8115E91BAED835957E9A677F16 ] C:\Windows\System32\wlansvc.dll
20:03:26.0435 0472 C:\Windows\System32\wlansvc.dll - ok
20:03:26.0451 0472 [ 21FA389E65A852698B6A1341F36EE02D ] C:\Windows\System32\wbem\WmiApSrv.exe
20:03:26.0451 0472 C:\Windows\System32\wbem\WmiApSrv.exe - ok
20:03:26.0451 0472 [ 56382A5EB85A25446745E3BD6D50A3A5 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:03:26.0451 0472 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:03:26.0466 0472 [ CBC156C913F099E6680D1DF9307DB7A8 ] C:\Windows\System32\wpcsvc.dll
20:03:26.0466 0472 C:\Windows\System32\wpcsvc.dll - ok
20:03:26.0466 0472 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:03:26.0466 0472 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
20:03:26.0482 0472 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] C:\Windows\System32\wpdbusenum.dll
20:03:26.0482 0472 C:\Windows\System32\wpdbusenum.dll - ok
20:03:26.0482 0472 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] C:\Windows\System32\wscsvc.dll
20:03:26.0497 0472 C:\Windows\System32\wscsvc.dll - ok
20:03:26.0497 0472 [ A2AC37A1EEF83BD9E912B0EFCBEA06BD ] C:\Windows\System32\SearchIndexer.exe
20:03:26.0497 0472 C:\Windows\System32\SearchIndexer.exe - ok
20:03:26.0497 0472 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
20:03:26.0497 0472 C:\Windows\System32\wuaueng.dll - ok
20:03:26.0544 0472 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
20:03:26.0544 0472 C:\Windows\System32\drivers\WUDFPf.sys - ok
20:03:26.0544 0472 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
20:03:26.0544 0472 C:\Windows\System32\WUDFSvc.dll - ok
20:03:26.0544 0472 [ 9922ADB6DCA8F0F5EA038BEFF339C08B ] C:\Windows\System32\scecli.dll
20:03:26.0544 0472 C:\Windows\System32\scecli.dll - ok
20:03:26.0560 0472 [ EE3718BCF5CEF1C457C10A745E410959 ] C:\Windows\System32\ntmarta.dll
20:03:26.0560 0472 C:\Windows\System32\ntmarta.dll - ok
20:03:26.0560 0472 [ CDA9F1373805AF88F6FA4F2064BBA24D ] C:\Windows\System32\svchost.exe
20:03:26.0560 0472 C:\Windows\System32\svchost.exe - ok
20:03:26.0575 0472 [ 7823A58BF0FE3CAAA555C12B5CF91290 ] C:\Windows\System32\powrprof.dll
20:03:26.0575 0472 C:\Windows\System32\powrprof.dll - ok
20:03:26.0575 0472 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] C:\Windows\System32\drivers\luafv.sys
20:03:26.0575 0472 C:\Windows\System32\drivers\luafv.sys - ok
20:03:26.0591 0472 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] C:\Windows\System32\rpcss.dll
20:03:26.0591 0472 C:\Windows\System32\rpcss.dll - ok
20:03:26.0607 0472 [ EA3D2B63BA304EB6EDABBAFA21599B47 ] C:\Windows\System32\version.dll
20:03:26.0607 0472 C:\Windows\System32\version.dll - ok
20:03:26.0622 0472 [ 7D2A43E8FDF725A1133F6C6056A72CDC ] C:\Program Files\Windows Defender\MpSvc.dll
20:03:26.0622 0472 C:\Program Files\Windows Defender\MpSvc.dll - ok
20:03:26.0638 0472 [ 08C16507241D274FF9B583E5C4F9DBC8 ] C:\Windows\System32\wintrust.dll
20:03:26.0638 0472 C:\Windows\System32\wintrust.dll - ok
20:03:26.0638 0472 [ BAD79FECE1387CDD8388A3314645757F ] C:\Windows\System32\LogonUI.exe
20:03:26.0638 0472 C:\Windows\System32\LogonUI.exe - ok
20:03:26.0653 0472 [ D07D4DA02FA8C7092FD402634419797D ] C:\Program Files\Windows Defender\MpClient.dll
20:03:26.0653 0472 C:\Program Files\Windows Defender\MpClient.dll - ok
20:03:26.0653 0472 [ 363D07C0F427C72BDE0B6D6492A205C9 ] C:\Windows\System32\authui.dll
20:03:26.0653 0472 C:\Windows\System32\authui.dll - ok
20:03:26.0669 0472 [ 46662CD685A6341AB4AED86D134D80E9 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll
20:03:26.0669 0472 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll - ok
20:03:26.0669 0472 [ 6B58266234B36ABCDD43C797B0D1932E ] C:\Windows\System32\msimg32.dll
20:03:26.0669 0472 C:\Windows\System32\msimg32.dll - ok
20:03:26.0669 0472 [ 88DBC757681093478BC80211C21695E5 ] C:\Windows\System32\uxtheme.dll
20:03:26.0685 0472 C:\Windows\System32\uxtheme.dll - ok
20:03:26.0685 0472 [ 4EAC411F90DCDE41D05D8184DE335524 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_56abd97bb593eaca\GdiPlus.dll
20:03:26.0685 0472 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_56abd97bb593eaca\GdiPlus.dll - ok
20:03:26.0700 0472 [ 16881B42E07390FAA8C7331E9B8316A7 ] C:\Windows\System32\duser.dll
20:03:26.0700 0472 C:\Windows\System32\duser.dll - ok
20:03:26.0700 0472 [ 656CF740A2FDB99664A91C439D05C0ED ] C:\Windows\System32\xmllite.dll
20:03:26.0700 0472 C:\Windows\System32\xmllite.dll - ok
20:03:26.0716 0472 [ C501852F1CA40FFC55363ACC0D2DF5BA ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:03:26.0716 0472 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:03:26.0716 0472 [ F59CF3BFE865EB795C5DE5850F48B321 ] C:\Windows\System32\rasplap.dll
20:03:26.0716 0472 C:\Windows\System32\rasplap.dll - ok
20:03:26.0731 0472 [ A4F3F34A7146D8633FA8D346535A9CAA ] C:\Windows\System32\rasapi32.dll
20:03:26.0731 0472 C:\Windows\System32\rasapi32.dll - ok
20:03:26.0731 0472 [ C30BD20F185A47DCD4FD05F5AE1BC077 ] C:\Windows\System32\rasman.dll
20:03:26.0731 0472 C:\Windows\System32\rasman.dll - ok
20:03:26.0747 0472 [ F0884FA3E83C79775BF89C74DD28B616 ] C:\Windows\System32\tapi32.dll
20:03:26.0747 0472 C:\Windows\System32\tapi32.dll - ok
20:03:26.0747 0472 [ F1D25FB6A8BF8FBAE49717B684670393 ] C:\Windows\System32\rtutils.dll
20:03:26.0747 0472 C:\Windows\System32\rtutils.dll - ok
20:03:26.0763 0472 [ 7500278FEF4A66B0D76D8438F0295F4E ] C:\Windows\System32\winmm.dll
20:03:26.0763 0472 C:\Windows\System32\winmm.dll - ok
20:03:26.0763 0472 [ D58A65112AE355CADFABEEFC8D329A8F ] C:\Windows\System32\oleacc.dll
20:03:26.0763 0472 C:\Windows\System32\oleacc.dll - ok
20:03:26.0778 0472 [ B1D4BB8DFD7128A90982562268920724 ] C:\Windows\System32\WinSCard.dll
20:03:26.0778 0472 C:\Windows\System32\WinSCard.dll - ok
20:03:26.0778 0472 [ 6C2D2558DECB89C83873F80160D19F2C ] C:\Windows\System32\wtsapi32.dll
20:03:26.0778 0472 C:\Windows\System32\wtsapi32.dll - ok
20:03:26.0794 0472 [ 00C7DAFAD08FAD59E51EB9A1F90925DE ] C:\Windows\System32\shgina.dll
20:03:26.0809 0472 C:\Windows\System32\shgina.dll - ok
20:03:26.0809 0472 [ FE13271EF661F8BE83A1A0D3366164D0 ] C:\Windows\System32\propsys.dll
20:03:26.0809 0472 C:\Windows\System32\propsys.dll - ok
20:03:26.0825 0472 [ 4CEA4255CAE84BF21FCA9A2827E16CBB ] C:\Windows\System32\shacct.dll
20:03:26.0825 0472 C:\Windows\System32\shacct.dll - ok
20:03:26.0825 0472 [ 303C4EB5C2FB40F194E2B24CAD7148EF ] C:\Windows\System32\MMDevAPI.dll
20:03:26.0825 0472 C:\Windows\System32\MMDevAPI.dll - ok
20:03:26.0841 0472 [ 514A07C903607458B6B5A430B09BF794 ] C:\Windows\System32\avrt.dll
20:03:26.0841 0472 C:\Windows\System32\avrt.dll - ok
20:03:26.0841 0472 [ 5697FB5DCF36ADA09C153378E88AE6AD ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_54cb4575\stacsv64.exe
20:03:26.0841 0472 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_54cb4575\stacsv64.exe - ok
20:03:26.0856 0472 [ 73F18E253DF8E0A9CE5FC45E62FB1945 ] C:\Windows\System32\cabinet.dll
20:03:26.0856 0472 C:\Windows\System32\cabinet.dll - ok
20:03:26.0856 0472 [ 99AA51A6AE40DED4A74776E6E1C066C1 ] C:\Windows\System32\adtschema.dll
20:03:26.0856 0472 C:\Windows\System32\adtschema.dll - ok
20:03:26.0872 0472 [ EA47AF4FBF17580D093C0C36C4E49921 ] C:\Windows\System32\dsound.dll
20:03:26.0872 0472 C:\Windows\System32\dsound.dll - ok
20:03:26.0872 0472 [ E3041BC26D6930D61F42AEDB79C91720 ] C:\Windows\System32\drivers\fltMgr.sys
20:03:26.0872 0472 C:\Windows\System32\drivers\fltMgr.sys - ok
20:03:26.0872 0472 [ 47232CB3941B68B0E70FB053C42CBCE0 ] C:\Windows\System32\stapi64.dll
20:03:26.0872 0472 C:\Windows\System32\stapi64.dll - ok
20:03:26.0887 0472 [ 9E693C6146932B5369DFFA584E805EF6 ] C:\Windows\System32\PSHED.DLL
20:03:26.0887 0472 C:\Windows\System32\PSHED.DLL - ok
20:03:26.0887 0472 [ 7F633AC83782EB0E8ADE513B8A1A9BC8 ] C:\Windows\System32\audiodg.exe
20:03:26.0887 0472 C:\Windows\System32\audiodg.exe - ok
20:03:26.0903 0472 [ A1A408E9F8C2DB9C3B3BA21C25CCF9C3 ] C:\Windows\System32\AudioEng.dll
20:03:26.0903 0472 C:\Windows\System32\AudioEng.dll - ok
20:03:26.0903 0472 [ EEFDA2A090E8000740D46B09DCDBEAFF ] C:\Windows\System32\AudioSes.dll
20:03:26.0903 0472 C:\Windows\System32\AudioSes.dll - ok
20:03:26.0904 0472 [ 35FBB6F5993C9EE70CDB72CC8AAB5D38 ] C:\Windows\System32\wdmaud.drv
20:03:26.0904 0472 C:\Windows\System32\wdmaud.drv - ok
20:03:26.0904 0472 [ A0E1B575BA8F504968CD40C0FAEB2384 ] C:\Windows\System32\gpsvc.dll
20:03:26.0904 0472 C:\Windows\System32\gpsvc.dll - ok
20:03:26.0909 0472 [ 17BF3BF5296936B153FDDDA189B60E07 ] C:\Windows\System32\ksuser.dll
20:03:26.0909 0472 C:\Windows\System32\ksuser.dll - ok
20:03:26.0919 0472 [ C5EDECA7546B009484B23FAD0E9724C1 ] C:\Windows\System32\nlaapi.dll
20:03:26.0919 0472 C:\Windows\System32\nlaapi.dll - ok
20:03:26.0926 0472 [ 7FC9AFDD2A2ACFCB52FB05D57FE8C2F4 ] C:\Windows\System32\atl.dll
20:03:26.0927 0472 C:\Windows\System32\atl.dll - ok
20:03:26.0936 0472 [ E12F22B73F153DECE721CD45EC05B4AF ] C:\Windows\System32\es.dll
20:03:26.0937 0472 C:\Windows\System32\es.dll - ok
20:03:26.0944 0472 [ 75C881C65CEF2C7B911EB0A351957368 ] C:\Windows\System32\drivers\spsys.sys
20:03:26.0944 0472 C:\Windows\System32\drivers\spsys.sys - ok
20:03:26.0954 0472 [ 215DFBEF790637C2B9C02BB23C9887EB ] C:\Windows\System32\msacm32.dll
20:03:26.0954 0472 C:\Windows\System32\msacm32.dll - ok
20:03:26.0967 0472 [ 9A328CC4E4490E929E30332AC902CAC1 ] C:\Windows\System32\msacm32.drv
20:03:26.0967 0472 C:\Windows\System32\msacm32.drv - ok
20:03:26.0998 0472 [ 62BDB059ED8AE0C63E33BBF990941E0F ] C:\Windows\System32\midimap.dll
20:03:26.0998 0472 C:\Windows\System32\midimap.dll - ok
20:03:26.0998 0472 [ D76E231E4850BB3F88A3D9A78DF191E3 ] C:\Windows\System32\uxsms.dll
20:03:26.0998 0472 C:\Windows\System32\uxsms.dll - ok
20:03:27.0014 0472 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
20:03:27.0014 0472 C:\Windows\System32\WUDFPlatform.dll - ok
20:03:27.0014 0472 [ 56697D33950E5E83A4049F477BE7C320 ] C:\Windows\System32\hid.dll
20:03:27.0014 0472 C:\Windows\System32\hid.dll - ok
20:03:27.0029 0472 [ E08935E54CEE225BEB3CC220CBCC734A ] C:\Windows\System32\AUDIOKSE.dll
20:03:27.0029 0472 C:\Windows\System32\AUDIOKSE.dll - ok
20:03:27.0029 0472 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] C:\Windows\System32\drivers\E1G6032E.sys
20:03:27.0029 0472 C:\Windows\System32\drivers\E1G6032E.sys - ok
20:03:27.0045 0472 [ 30D5604D63055850D35A318F11A7D9F8 ] C:\Windows\System32\stapo64.dll
20:03:27.0045 0472 C:\Windows\System32\stapo64.dll - ok
20:03:27.0045 0472 [ 6C06701BF1DB05405804D7EB610991CE ] C:\Windows\System32\drivers\fssfltr.sys
20:03:27.0045 0472 C:\Windows\System32\drivers\fssfltr.sys - ok
20:03:27.0045 0472 [ 96ECE2659B6654C10A0C310AE3A6D02C ] C:\Windows\System32\drivers\lltdio.sys
20:03:27.0061 0472 C:\Windows\System32\drivers\lltdio.sys - ok
20:03:27.0061 0472 [ 48FEF0CD6C0D4CA428DE7024F297E1CD ] C:\Windows\System32\WindowsCodecs.dll
20:03:27.0061 0472 C:\Windows\System32\WindowsCodecs.dll - ok
20:03:27.0061 0472 [ 2007B826C4ACD94AE32232B41F0842B9 ] C:\Windows\System32\drivers\nwifi.sys
20:03:27.0061 0472 C:\Windows\System32\drivers\nwifi.sys - ok
20:03:27.0076 0472 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] C:\Windows\System32\drivers\ndisuio.sys
20:03:27.0076 0472 C:\Windows\System32\drivers\ndisuio.sys - ok
20:03:27.0076 0472 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] C:\Windows\System32\drivers\rspndr.sys
20:03:27.0076 0472 C:\Windows\System32\drivers\rspndr.sys - ok
20:03:27.0076 0472 [ 06230F1B721494A6DF8D47FD395BB1B0 ] C:\Windows\System32\dnsrslvr.dll
20:03:27.0076 0472 C:\Windows\System32\dnsrslvr.dll - ok
20:03:27.0092 0472 [ DE2B9C350BB7C9CF355972AB8CB9B865 ] C:\Windows\System32\WMALFXGFXDSP.dll
20:03:27.0092 0472 C:\Windows\System32\WMALFXGFXDSP.dll - ok
20:03:27.0092 0472 [ B7BD00787568A178CDE26A83B5C847BE ] C:\Windows\System32\mfplat.dll
20:03:27.0092 0472 C:\Windows\System32\mfplat.dll - ok
20:03:27.0107 0472 [ E0159CE395B31F746AA26D0A6996DB29 ] C:\Windows\System32\eapphost.dll
20:03:27.0107 0472 C:\Windows\System32\eapphost.dll - ok
20:03:27.0107 0472 [ 0B74C0B96E15947FEB762C2CDA8EC154 ] C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll
20:03:27.0107 0472 C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll - ok
20:03:27.0123 0472 [ B4F1BFD9165FDD72C03B7D9C20A39F71 ] C:\Windows\System32\ctapo64.dll
20:03:27.0123 0472 C:\Windows\System32\ctapo64.dll - ok
20:03:27.0123 0472 [ C469893743E18BA547DB3C7ED98B32F5 ] C:\Windows\System32\AESTAR64.dll
20:03:27.0123 0472 C:\Windows\System32\AESTAR64.dll - ok
20:03:27.0123 0472 [ 79939146B3966528E873550444B26A90 ] C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll
20:03:27.0123 0472 C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll - ok
20:03:27.0139 0472 [ B984B3565A3ADCA6A8544F9095A3232D ] C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll
20:03:27.0139 0472 C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll - ok
20:03:27.0139 0472 [ 0160AD4F8F4F817428CA74358612EC48 ] C:\Windows\System32\rastls.dll
20:03:27.0139 0472 C:\Windows\System32\rastls.dll - ok
20:03:27.0154 0472 [ BFDF69526CB6476992540D4C477CC27A ] C:\Windows\System32\raschap.dll
20:03:27.0154 0472 C:\Windows\System32\raschap.dll - ok
20:03:27.0154 0472 [ 57D1DE90D43E25C9E645D81FFC4FB678 ] C:\Windows\System32\umb.dll
20:03:27.0154 0472 C:\Windows\System32\umb.dll - ok
20:03:27.0154 0472 [ F64C1360D0590DF16AF01C8DA66973CB ] C:\Windows\System32\wlanmsm.dll
20:03:27.0154 0472 C:\Windows\System32\wlanmsm.dll - ok
20:03:27.0170 0472 [ CE11C00CCC066FB06CC0E671CA0D7660 ] C:\Windows\System32\wlansec.dll
20:03:27.0170 0472 C:\Windows\System32\wlansec.dll - ok
20:03:27.0170 0472 [ DED15764B578A26BE9E45E7692820549 ] C:\Windows\System32\onex.dll
20:03:27.0170 0472 C:\Windows\System32\onex.dll - ok
20:03:27.0185 0472 [ B50D0BF177657752B826697259341858 ] C:\Windows\System32\eappprxy.dll
20:03:27.0185 0472 C:\Windows\System32\eappprxy.dll - ok
20:03:27.0185 0472 [ 03FDED7449428CE493432EE35FE5A2FB ] C:\Windows\System32\eappcfg.dll
20:03:27.0185 0472 C:\Windows\System32\eappcfg.dll - ok
20:03:27.0201 0472 [ 9689076012A34CE4631D0CBFE148D092 ] C:\Windows\System32\wlgpclnt.dll
20:03:27.0201 0472 C:\Windows\System32\wlgpclnt.dll - ok
20:03:27.0201 0472 [ A73C52B285405E1FD79388AF2C7B2EB6 ] C:\Windows\System32\l2gpstore.dll
20:03:27.0201 0472 C:\Windows\System32\l2gpstore.dll - ok
20:03:27.0201 0472 [ 4DD86EDDA09715DC235E41C1F698F041 ] C:\Windows\System32\wlanutil.dll
20:03:27.0201 0472 C:\Windows\System32\wlanutil.dll - ok
20:03:27.0217 0472 [ 8B517F63A5B87F8FFAC2145F0673498A ] C:\Windows\System32\msxml6.dll
20:03:27.0217 0472 C:\Windows\System32\msxml6.dll - ok
20:03:27.0217 0472 [ 1471323B5D211FA07FD5A2730AC515C9 ] C:\Windows\System32\WLTRYSVC.EXE
20:03:27.0217 0472 C:\Windows\System32\WLTRYSVC.EXE - ok
20:03:27.0232 0472 [ 39777F8ECD0B10B51CB79AC4F562C088 ] C:\Windows\System32\wlanext.exe
20:03:27.0232 0472 C:\Windows\System32\wlanext.exe - ok
20:03:27.0232 0472 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
20:03:27.0232 0472 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
20:03:27.0248 0472 [ FB1000B787675C84BFF8BB87AB91D459 ] C:\Windows\System32\bcmihvsrv64.dll
20:03:27.0248 0472 C:\Windows\System32\bcmihvsrv64.dll - ok
20:03:27.0248 0472 [ AB88E3A8743893F6B8514C0F876441BD ] C:\Windows\System32\BCMWLTRY.EXE
20:03:27.0248 0472 C:\Windows\System32\BCMWLTRY.EXE - ok
20:03:27.0248 0472 [ 6B6D0747C1D56D5742F5171B57E8CB6F ] C:\Windows\System32\ktmw32.dll
20:03:27.0248 0472 C:\Windows\System32\ktmw32.dll - ok
20:03:27.0263 0472 [ 09451F87CFF73FF22D9479FB0A73861C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll
20:03:27.0263 0472 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll - ok
20:03:27.0263 0472 [ 3ADB1950539C78F82EFD392BE98BE80D ] C:\Windows\System32\taskcomp.dll
20:03:27.0263 0472 C:\Windows\System32\taskcomp.dll - ok
20:03:27.0279 0472 [ 72AB6633E9B39EC7FEBEDF083A9061E5 ] C:\Windows\System32\mscoree.dll
20:03:27.0279 0472 C:\Windows\System32\mscoree.dll - ok
20:03:27.0279 0472 [ 808A26DA7028B02A081A5A1BCBF69A2A ] C:\Windows\System32\wiarpc.dll
20:03:27.0279 0472 C:\Windows\System32\wiarpc.dll - ok
20:03:27.0295 0472 [ 483E6FE556B3146D5A634B8552FDD15C ] C:\Windows\System32\wlanapi.dll
20:03:27.0295 0472 C:\Windows\System32\wlanapi.dll - ok
20:03:27.0295 0472 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
20:03:27.0295 0472 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
20:03:27.0295 0472 [ 098F1E4E5C9CB5B0063A959063631610 ] C:\Windows\System32\drivers\http.sys
20:03:27.0295 0472 C:\Windows\System32\drivers\http.sys - ok
20:03:27.0310 0472 [ D48445B07F61CAFE2FE8972AAB4E31B8 ] C:\Windows\System32\spoolss.dll
20:03:27.0310 0472 C:\Windows\System32\spoolss.dll - ok
20:03:27.0310 0472 [ DB4BC74DC444CC7A5F8F6DF2D38FBD96 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
20:03:27.0310 0472 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll - ok
20:03:27.0326 0472 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
20:03:27.0326 0472 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
20:03:27.0326 0472 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] C:\Windows\System32\drivers\srvnet.sys
20:03:27.0326 0472 C:\Windows\System32\drivers\srvnet.sys - ok
20:03:27.0341 0472 [ BA019C21DAC7CAC193C93E86B9F2F3CB ] C:\Windows\System32\wsock32.dll
20:03:27.0341 0472 C:\Windows\System32\wsock32.dll - ok
20:03:27.0341 0472 [ 1AD703C14E705F69D4ADF79154054173 ] C:\Windows\System32\dwmapi.dll
20:03:27.0341 0472 C:\Windows\System32\dwmapi.dll - ok
20:03:27.0341 0472 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
20:03:27.0341 0472 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
20:03:27.0357 0472 [ C1AE82B8F60ADB630C00DCE48E571CDD ] C:\Windows\System32\netcfgx.dll
20:03:27.0357 0472 C:\Windows\System32\netcfgx.dll - ok
20:03:27.0357 0472 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
20:03:27.0357 0472 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
20:03:27.0388 0472 [ 7972615E382EF39785FD45F136F64D8C ] C:\Windows\System32\FWPUCLNT.DLL
20:03:27.0388 0472 C:\Windows\System32\FWPUCLNT.DLL - ok
20:03:27.0388 0472 [ 2348447A80920B2493A9B582A23E81E1 ] C:\Windows\System32\drivers\bowser.sys
20:03:27.0388 0472 C:\Windows\System32\drivers\bowser.sys - ok
20:03:27.0404 0472 [ C92B9ABDB65A5991E00C28F13491DBA2 ] C:\Windows\System32\drivers\mpsdrv.sys
20:03:27.0404 0472 C:\Windows\System32\drivers\mpsdrv.sys - ok
20:03:27.0404 0472 [ 897E3BAF68BA406A61682AE39C83900C ] C:\Windows\System32\MPSSVC.dll
20:03:27.0404 0472 C:\Windows\System32\MPSSVC.dll - ok
20:03:27.0419 0472 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] C:\Windows\System32\drivers\mrxdav.sys
20:03:27.0419 0472 C:\Windows\System32\drivers\mrxdav.sys - ok
20:03:27.0435 0472 [ 8FC3025462B3AA725EF63230F9F18191 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
20:03:27.0435 0472 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
20:03:27.0435 0472 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] C:\Windows\System32\drivers\mrxsmb.sys
20:03:27.0435 0472 C:\Windows\System32\drivers\mrxsmb.sys - ok
20:03:27.0435 0472 [ 3B929A60C833FC615FD97FBA82BC7632 ] C:\Windows\System32\drivers\mrxsmb10.sys
20:03:27.0435 0472 C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:03:27.0451 0472 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] C:\Windows\System32\drivers\mrxsmb20.sys
20:03:27.0451 0472 C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:03:27.0451 0472 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] C:\Windows\System32\drivers\srv2.sys
20:03:27.0451 0472 C:\Windows\System32\drivers\srv2.sys - ok
20:03:27.0466 0472 [ 880A57FCCB571EBD063D4DD50E93E46D ] C:\Windows\System32\drivers\srv.sys
20:03:27.0466 0472 C:\Windows\System32\drivers\srv.sys - ok
20:03:27.0466 0472 [ DE3C091D7E05093B7ABA93DA5952F0FD ] C:\Windows\System32\netmsg.dll
20:03:27.0466 0472 C:\Windows\System32\netmsg.dll - ok
20:03:27.0482 0472 [ 476616A17AE5F69CE583D8E1E2A7B134 ] C:\Windows\System32\sscore.dll
20:03:27.0482 0472 C:\Windows\System32\sscore.dll - ok
20:03:27.0482 0472 [ 2BFD160AB9531CD20EDC9639EB0CD711 ] C:\Windows\System32\clusapi.dll
20:03:27.0482 0472 C:\Windows\System32\clusapi.dll - ok
20:03:27.0482 0472 [ D1E792408F710173E4E4FB6BFB248DB3 ] C:\Windows\System32\wfapigp.dll
20:03:27.0482 0472 C:\Windows\System32\wfapigp.dll - ok
20:03:27.0497 0472 [ 87B1E9B5DBFADA04D9FFDC52D16CB000 ] C:\Windows\System32\mscms.dll
20:03:27.0497 0472 C:\Windows\System32\mscms.dll - ok
20:03:27.0497 0472 [ 45C5EAB112D3481A25485B0CF7E3597D ] C:\Windows\System32\activeds.dll
20:03:27.0497 0472 C:\Windows\System32\activeds.dll - ok
20:03:27.0513 0472 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
20:03:27.0513 0472 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
20:03:27.0513 0472 [ 80B8B7FF3AADD2156EE969C048644CAF ] C:\Windows\System32\adsldpc.dll
20:03:27.0513 0472 C:\Windows\System32\adsldpc.dll - ok
20:03:27.0529 0472 [ 129F59470F770A2675A39C245BC5AB3F ] C:\Windows\System32\WsmRes.dll
20:03:27.0529 0472 C:\Windows\System32\WsmRes.dll - ok
20:03:27.0529 0472 [ 77C276A0E431203EE56E52600A2575EA ] C:\Windows\System32\credui.dll
20:03:27.0529 0472 C:\Windows\System32\credui.dll - ok
20:03:27.0544 0472 [ 1E68A512FB6010B600CBC3577147AC50 ] C:\Windows\System32\plasrv.exe
20:03:27.0544 0472 C:\Windows\System32\plasrv.exe - ok
20:03:27.0544 0472 [ D55A487295CC38D9E533C5AD87C1EB69 ] C:\Windows\System32\resutils.dll
20:03:27.0544 0472 C:\Windows\System32\resutils.dll - ok
20:03:27.0560 0472 [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_54cb4575\AESTSr64.exe
20:03:27.0560 0472 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_54cb4575\AESTSr64.exe - ok
20:03:27.0575 0472 [ 44F360B65C37A42EB5B71C2E5179FDD5 ] C:\Windows\System32\drivers\aksdf.sys
20:03:27.0575 0472 C:\Windows\System32\drivers\aksdf.sys - ok
20:03:27.0575 0472 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
20:03:27.0575 0472 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
20:03:27.0575 0472 [ 1A4BEE34277784619DDAF0422C0C6E23 ] C:\Windows\System32\drivers\fastfat.sys
20:03:27.0575 0472 C:\Windows\System32\drivers\fastfat.sys - ok
20:03:27.0591 0472 [ 43415AF4F20E9867974623840A22FE98 ] C:\Windows\System32\drivers\aksfridge.sys
20:03:27.0591 0472 C:\Windows\System32\drivers\aksfridge.sys - ok
20:03:27.0591 0472 [ 5A2B3AEDA5E5B35F3F351173277452B2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\5175a0985efd95b306a5637aee7ad811\mscorlib.ni.dll
20:03:27.0591 0472 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\5175a0985efd95b306a5637aee7ad811\mscorlib.ni.dll - ok
20:03:27.0607 0472 [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
20:03:27.0607 0472 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - ok
20:03:27.0607 0472 [ 6AAF63A85181E39F94EC0641C55A4EF0 ] C:\Windows\SysWOW64\ntdll.dll
20:03:27.0607 0472 C:\Windows\SysWOW64\ntdll.dll - ok
20:03:27.0622 0472 [ 813C216E14005CB42BBD1B037FCF030F ] C:\Windows\System32\wow64.dll
20:03:27.0622 0472 C:\Windows\System32\wow64.dll - ok
20:03:27.0622 0472 [ 8FE910915F14C9C6A9561D8032B603D3 ] C:\Windows\System32\wow64win.dll
20:03:27.0622 0472 C:\Windows\System32\wow64win.dll - ok
20:03:27.0638 0472 [ CA9EECC6092B9C2CE86D95C04B51BA20 ] C:\Windows\System32\wow64cpu.dll
20:03:27.0638 0472 C:\Windows\System32\wow64cpu.dll - ok
20:03:27.0638 0472 [ D59DD2AAFF94EAB9BD6C7940C2851735 ] C:\Windows\SysWOW64\kernel32.dll
20:03:27.0638 0472 C:\Windows\SysWOW64\kernel32.dll - ok
20:03:27.0653 0472 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\SysWOW64\wsock32.dll
20:03:27.0653 0472 C:\Windows\SysWOW64\wsock32.dll - ok
20:03:27.0653 0472 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\SysWOW64\ws2_32.dll
20:03:27.0653 0472 C:\Windows\SysWOW64\ws2_32.dll - ok
20:03:27.0669 0472 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\SysWOW64\msvcrt.dll
20:03:27.0669 0472 C:\Windows\SysWOW64\msvcrt.dll - ok
20:03:27.0669 0472 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\SysWOW64\advapi32.dll
20:03:27.0669 0472 C:\Windows\SysWOW64\advapi32.dll - ok
20:03:27.0685 0472 [ 0ABE67004EB4C162F4456E64F90A11FD ] C:\Windows\SysWOW64\rpcrt4.dll
20:03:27.0685 0472 C:\Windows\SysWOW64\rpcrt4.dll - ok
20:03:27.0685 0472 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\SysWOW64\nsi.dll
20:03:27.0685 0472 C:\Windows\SysWOW64\nsi.dll - ok
20:03:27.0700 0472 [ 3D4DD2D3D59ABE3BA902778C57D2E004 ] C:\Windows\SysWOW64\secur32.dll
20:03:27.0700 0472 C:\Windows\SysWOW64\secur32.dll - ok
20:03:27.0700 0472 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\SysWOW64\setupapi.dll
20:03:27.0700 0472 C:\Windows\SysWOW64\setupapi.dll - ok
20:03:27.0716 0472 [ 05C8C8767E29163FC251164FF6839EA5 ] C:\Windows\SysWOW64\gdi32.dll
20:03:27.0716 0472 C:\Windows\SysWOW64\gdi32.dll - ok
20:03:27.0716 0472 [ 71A986FEAAA1ED1DE47E6F7CCBBFB588 ] C:\Windows\System32\mpnotify.exe
20:03:27.0716 0472 C:\Windows\System32\mpnotify.exe - ok
20:03:27.0731 0472 [ D29FDB5DEDBDC1BD882164DC6DC4DD53 ] C:\Windows\SysWOW64\user32.dll
20:03:27.0731 0472 C:\Windows\SysWOW64\user32.dll - ok
20:03:27.0731 0472 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\SysWOW64\oleaut32.dll
20:03:27.0731 0472 C:\Windows\SysWOW64\oleaut32.dll - ok
20:03:27.0731 0472 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\SysWOW64\ole32.dll
20:03:27.0731 0472 C:\Windows\SysWOW64\ole32.dll - ok
20:03:27.0747 0472 [ B8FBE5F40B09F5D20E1E5CCFEF893D62 ] C:\Windows\SysWOW64\imm32.dll
20:03:27.0747 0472 C:\Windows\SysWOW64\imm32.dll - ok
20:03:27.0747 0472 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\SysWOW64\userenv.dll
20:03:27.0747 0472 C:\Windows\SysWOW64\userenv.dll - ok
20:03:27.0763 0472 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\SysWOW64\wtsapi32.dll
20:03:27.0763 0472 C:\Windows\SysWOW64\wtsapi32.dll - ok
20:03:27.0763 0472 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\SysWOW64\msctf.dll
20:03:27.0763 0472 C:\Windows\SysWOW64\msctf.dll - ok
20:03:27.0778 0472 [ DF37346EA13082E3E1B423B54014E641 ] C:\Windows\SysWOW64\lpk.dll
20:03:27.0778 0472 C:\Windows\SysWOW64\lpk.dll - ok
20:03:27.0778 0472 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\SysWOW64\usp10.dll
20:03:27.0778 0472 C:\Windows\SysWOW64\usp10.dll - ok
20:03:27.0778 0472 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\SysWOW64\ntmarta.dll
20:03:27.0778 0472 C:\Windows\SysWOW64\ntmarta.dll - ok
20:03:27.0794 0472 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\SysWOW64\Wldap32.dll
20:03:27.0794 0472 C:\Windows\SysWOW64\Wldap32.dll - ok
20:03:27.0794 0472 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\SysWOW64\psapi.dll
20:03:27.0794 0472 C:\Windows\SysWOW64\psapi.dll - ok
20:03:27.0809 0472 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\SysWOW64\samlib.dll
20:03:27.0809 0472 C:\Windows\SysWOW64\samlib.dll - ok
20:03:27.0809 0472 [ 3F56903E124E820AEECE6D471583C6C1 ] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:03:27.0809 0472 C:\Program Files (x86)\Bonjour\mDNSResponder.exe - ok
20:03:27.0825 0472 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
20:03:27.0825 0472 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
20:03:27.0825 0472 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\SysWOW64\dhcpcsvc.dll
20:03:27.0825 0472 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
20:03:27.0825 0472 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\SysWOW64\IPHLPAPI.DLL
20:03:27.0825 0472 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
20:03:27.0841 0472 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\SysWOW64\wship6.dll
20:03:27.0841 0472 C:\Windows\SysWOW64\wship6.dll - ok
20:03:27.0841 0472 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\SysWOW64\wshqos.dll
20:03:27.0856 0472 C:\Windows\SysWOW64\wshqos.dll - ok
20:03:27.0856 0472 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\SysWOW64\dhcpcsvc6.dll
20:03:27.0856 0472 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
20:03:27.0856 0472 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\SysWOW64\dnsapi.dll
20:03:27.0856 0472 C:\Windows\SysWOW64\dnsapi.dll - ok
20:03:27.0872 0472 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\SysWOW64\winnsi.dll
20:03:27.0872 0472 C:\Windows\SysWOW64\winnsi.dll - ok
20:03:27.0872 0472 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\SysWOW64\NapiNSP.dll
20:03:27.0872 0472 C:\Windows\SysWOW64\NapiNSP.dll - ok
20:03:27.0887 0472 [ DB998334D21928780883FC24B3B50988 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
20:03:27.0887 0472 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
20:03:27.0887 0472 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\SysWOW64\pnrpnsp.dll
20:03:27.0887 0472 C:\Windows\SysWOW64\pnrpnsp.dll - ok
20:03:27.0903 0472 [ C947B306E0AA08CB0C591D13086392E6 ] C:\Windows\System32\dlbacoms.exe
20:03:27.0903 0472 C:\Windows\System32\dlbacoms.exe - ok
20:03:27.0903 0472 [ 2E10EB73ED1E094E9A113D0798058B88 ] C:\Windows\System32\vssapi.dll
20:03:27.0903 0472 C:\Windows\System32\vssapi.dll - ok
20:03:27.0903 0472 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\SysWOW64\mswsock.dll
20:03:27.0903 0472 C:\Windows\SysWOW64\mswsock.dll - ok
20:03:27.0919 0472 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\SysWOW64\crypt32.dll
20:03:27.0919 0472 C:\Windows\SysWOW64\crypt32.dll - ok
20:03:27.0919 0472 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\SysWOW64\rsaenh.dll
20:03:27.0919 0472 C:\Windows\SysWOW64\rsaenh.dll - ok
20:03:27.0934 0472 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\SysWOW64\wintrust.dll
20:03:27.0934 0472 C:\Windows\SysWOW64\wintrust.dll - ok
20:03:27.0934 0472 [ FEB771AF00A645DCA8A7D07CC33F7E8E ] C:\Windows\System32\winspool.drv
20:03:27.0934 0472 C:\Windows\System32\winspool.drv - ok
20:03:27.0950 0472 [ FC26F6B403512A3224B16CA59976D1CB ] C:\Windows\System32\msvcp60.dll
20:03:27.0950 0472 C:\Windows\System32\msvcp60.dll - ok
20:03:27.0950 0472 [ 5EB9A0AD80BF3C26633E4D0B46B2B557 ] C:\Windows\System32\BCMLogon.dll
20:03:27.0950 0472 C:\Windows\System32\BCMLogon.dll - ok
20:03:27.0950 0472 [ EFD3E20712A2A6182E574C296A03653E ] C:\Windows\System32\bcmwlrmt.dll
20:03:27.0950 0472 C:\Windows\System32\bcmwlrmt.dll - ok
20:03:27.0965 0472 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\SysWOW64\imagehlp.dll
20:03:27.0965 0472 C:\Windows\SysWOW64\imagehlp.dll - ok
20:03:27.0965 0472 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\SysWOW64\msasn1.dll
20:03:27.0965 0472 C:\Windows\SysWOW64\msasn1.dll - ok
20:03:27.0981 0472 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\SysWOW64\shell32.dll
20:03:27.0981 0472 C:\Windows\SysWOW64\shell32.dll - ok
20:03:27.0981 0472 [ 6F929F5C46348D8D777C1DE75DB6642A ] C:\Windows\System32\wltrynt.dll
20:03:27.0981 0472 C:\Windows\System32\wltrynt.dll - ok
20:03:27.0997 0472 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
20:03:27.0997 0472 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
20:03:27.0997 0472 [ 290A15C136531024982698A124F299FB ] C:\Windows\System32\taskschd.dll
20:03:27.0997 0472 C:\Windows\System32\taskschd.dll - ok
20:03:27.0997 0472 [ E8AECB69B2057EB308BE15A77AF2489E ] C:\Windows\System32\vsstrace.dll
20:03:27.0997 0472 C:\Windows\System32\vsstrace.dll - ok
20:03:28.0012 0472 [ C2156710CD27EDCEBB24239681F22AAC ] C:\Windows\System32\cryptnet.dll
20:03:28.0012 0472 C:\Windows\System32\cryptnet.dll - ok
20:03:28.0012 0472 [ 0842A765D31D6E4AE50D6DF7DED61748 ] C:\Windows\System32\SensApi.dll
20:03:28.0012 0472 C:\Windows\System32\SensApi.dll - ok
20:03:28.0028 0472 [ 501C1787CA4FAC7F6E9F585E96EB2FAC ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
20:03:28.0028 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe - ok
20:03:28.0028 0472 [ 420B075CD71AB9E58D15DD258958FBA3 ] C:\Windows\SysWOW64\shlwapi.dll
20:03:28.0028 0472 C:\Windows\SysWOW64\shlwapi.dll - ok
20:03:28.0043 0472 [ 8C53CCD787C381CD535D8DCCA12584D8 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
20:03:28.0043 0472 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll - ok
20:03:28.0043 0472 [ 1169436EE42F860C7DB37A4692B38F0E ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
20:03:28.0043 0472 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll - ok
20:03:28.0059 0472 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
20:03:28.0059 0472 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
20:03:28.0059 0472 [ BED93F434CD291DEC110901F7343E000 ] C:\Windows\System32\dllhost.exe
20:03:28.0059 0472 C:\Windows\System32\dllhost.exe - ok
20:03:28.0059 0472 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\SysWOW64\credssp.dll
20:03:28.0075 0472 C:\Windows\SysWOW64\credssp.dll - ok
20:03:28.0075 0472 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\SysWOW64\schannel.dll
20:03:28.0075 0472 C:\Windows\SysWOW64\schannel.dll - ok
20:03:28.0075 0472 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\SysWOW64\netapi32.dll
20:03:28.0075 0472 C:\Windows\SysWOW64\netapi32.dll - ok
20:03:28.0090 0472 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\SysWOW64\winsta.dll
20:03:28.0090 0472 C:\Windows\SysWOW64\winsta.dll - ok
20:03:28.0090 0472 [ ED4EC7C21A3607A4CB7D36E9C5B90AB2 ] C:\Windows\System32\AtBroker.exe
20:03:28.0090 0472 C:\Windows\System32\AtBroker.exe - ok
20:03:28.0106 0472 [ D89585872F9C5130226CB42A0C42C220 ] C:\Windows\System32\dssenh.dll
20:03:28.0106 0472 C:\Windows\System32\dssenh.dll - ok
20:03:28.0106 0472 [ EA85B96A8BFB435749C9004BC7340347 ] C:\Windows\System32\taskeng.exe
20:03:28.0106 0472 C:\Windows\System32\taskeng.exe - ok
20:03:28.0121 0472 [ A0AB2BB9A92293D9CE66E252719AB5FE ] C:\Windows\System32\userinit.exe
20:03:28.0121 0472 C:\Windows\System32\userinit.exe - ok
20:03:28.0121 0472 [ B4E8DC817963B256537B1EC09AF0647E ] C:\Windows\System32\drivers\epfwwfpr.sys
20:03:28.0121 0472 C:\Windows\System32\drivers\epfwwfpr.sys - ok
20:03:28.0121 0472 [ 6542A767BD7A90F5383605E6849FDF48 ] C:\Windows\System32\WSDApi.dll
20:03:28.0121 0472 C:\Windows\System32\WSDApi.dll - ok
20:03:28.0137 0472 [ A6BCDC241B6578C7DB57B5973B99FE7E ] C:\Windows\System32\wdscore.dll
20:03:28.0137 0472 C:\Windows\System32\wdscore.dll - ok
20:03:28.0137 0472 [ D619BA1712B83D14149850E758B835AD ] C:\Windows\System32\drivers\hardlock.sys
20:03:28.0137 0472 C:\Windows\System32\drivers\hardlock.sys - ok
20:03:28.0153 0472 [ 7F80E2C493079E9D42CCECC715790E10 ] C:\Windows\System32\fundisc.dll
20:03:28.0153 0472 C:\Windows\System32\fundisc.dll - ok
20:03:28.0153 0472 [ 65247F45AADA547397134AF688EFE471 ] C:\Windows\System32\httpapi.dll
20:03:28.0153 0472 C:\Windows\System32\httpapi.dll - ok
20:03:28.0168 0472 [ 20D2447795D9910BB4B89E5FB8147F0B ] C:\Program Files\Bonjour\mdnsNSP.dll
20:03:28.0168 0472 C:\Program Files\Bonjour\mdnsNSP.dll - ok
20:03:28.0168 0472 [ 8449D81B9FB1CCADEC3E64F30E1076C7 ] C:\Windows\System32\winrnr.dll
20:03:28.0168 0472 C:\Windows\System32\winrnr.dll - ok
20:03:28.0168 0472 [ A123D98F642E91665630C41555C65E09 ] C:\Windows\System32\hasplms.exe
20:03:28.0168 0472 C:\Windows\System32\hasplms.exe - ok
20:03:28.0184 0472 [ 18ADF933B54C8953FCC3EEAB4EAF4A63 ] C:\Windows\System32\TSChannel.dll
20:03:28.0184 0472 C:\Windows\System32\TSChannel.dll - ok
20:03:28.0184 0472 [ 70071E1657823DA231713D74A9CC8ECA ] C:\Windows\System32\rasadhlp.dll
20:03:28.0184 0472 C:\Windows\System32\rasadhlp.dll - ok
20:03:28.0199 0472 [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\Windows\SysWOW64\ieframe.dll
20:03:28.0199 0472 C:\Windows\SysWOW64\ieframe.dll - ok
20:03:28.0199 0472 [ 5F0501B0C731E7F2DDE196E3A32E3500 ] C:\Windows\System32\PlaySndSrv.dll
20:03:28.0199 0472 C:\Windows\System32\PlaySndSrv.dll - ok
20:03:28.0199 0472 [ 6B08E54A451B3F95E4109DBA7E594270 ] C:\Windows\explorer.exe
20:03:28.0199 0472 C:\Windows\explorer.exe - ok
20:03:28.0215 0472 [ 5875E94230E42C82C465875821DB78EA ] C:\Windows\System32\dlbaserv.dll
20:03:28.0215 0472 C:\Windows\System32\dlbaserv.dll - ok
20:03:28.0215 0472 [ B420EB9D254C2C16CCFBB09BCC6AB113 ] C:\Windows\System32\MsCtfMonitor.dll
20:03:28.0215 0472 C:\Windows\System32\MsCtfMonitor.dll - ok
20:03:28.0231 0472 [ AD27B41DA928C0338E6F364BE928D3F7 ] C:\Windows\System32\msutb.dll
20:03:28.0231 0472 C:\Windows\System32\msutb.dll - ok
20:03:28.0231 0472 [ AD8DDBB13B341B931CC9229BBC9D0625 ] C:\Windows\System32\HotStartUserAgent.dll
20:03:28.0231 0472 C:\Windows\System32\HotStartUserAgent.dll - ok
20:03:28.0246 0472 [ A78E7E16E8696172FF3F4147E6050DC3 ] C:\Windows\System32\dwmredir.dll
20:03:28.0246 0472 C:\Windows\System32\dwmredir.dll - ok
20:03:28.0246 0472 [ B77AD1818DBD476245B1281016E075E4 ] C:\Windows\System32\milcore.dll
20:03:28.0246 0472 C:\Windows\System32\milcore.dll - ok
20:03:28.0246 0472 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:03:28.0246 0472 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
20:03:28.0262 0472 [ A71A3849CB037CD0F136BC20C3C3FFE1 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\1b83ca006b291a4bb7be1754d8c593b9\System.ni.dll
20:03:28.0262 0472 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\1b83ca006b291a4bb7be1754d8c593b9\System.ni.dll - ok
20:03:28.0262 0472 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\SysWOW64\shimeng.dll
20:03:28.0262 0472 C:\Windows\SysWOW64\shimeng.dll - ok
20:03:28.0277 0472 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\SysWOW64\apphelp.dll
20:03:28.0277 0472 C:\Windows\SysWOW64\apphelp.dll - ok
20:03:28.0277 0472 [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll
20:03:28.0277 0472 C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll - ok
20:03:28.0293 0472 [ D4175BE7CA634C7BB9205F7EE4F3F7E4 ] C:\Windows\System32\d3d9.dll
20:03:28.0293 0472 C:\Windows\System32\d3d9.dll - ok
20:03:28.0293 0472 [ 2EDBDB75D2F41386804B2CB53C572E75 ] C:\Windows\System32\TMM.dll
20:03:28.0293 0472 C:\Windows\System32\TMM.dll - ok
20:03:28.0309 0472 [ E6409B960CCAA48F292A4808E00167C8 ] C:\Windows\System32\d3d8thk.dll
20:03:28.0309 0472 C:\Windows\System32\d3d8thk.dll - ok
20:03:28.0309 0472 [ D9D112FA80D5C7ADF9C7D4F29D9BC9A6 ] C:\Windows\System32\igdumd64.dll
20:03:28.0309 0472 C:\Windows\System32\igdumd64.dll - ok
20:03:28.0309 0472 [ 38573C7D9D91B316E6EE76E0C94F749E ] C:\Windows\System32\localspl.dll
20:03:28.0309 0472 C:\Windows\System32\localspl.dll - ok
20:03:28.0324 0472 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\SysWOW64\dbghelp.dll
20:03:28.0324 0472 C:\Windows\SysWOW64\dbghelp.dll - ok
20:03:28.0324 0472 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\SysWOW64\oleacc.dll
20:03:28.0324 0472 C:\Windows\SysWOW64\oleacc.dll - ok
20:03:28.0340 0472 [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\SysWOW64\wininet.dll
20:03:28.0340 0472 C:\Windows\SysWOW64\wininet.dll - ok
20:03:28.0340 0472 [ A77267CDDE66443FB779CEE39CEE2141 ] C:\Windows\System32\QAGENT.DLL
20:03:28.0340 0472 C:\Windows\System32\QAGENT.DLL - ok
20:03:28.0355 0472 [ 7B005E3F9825A98312E089CBA0F83DAA ] C:\Windows\System32\uDWM.dll
20:03:28.0355 0472 C:\Windows\System32\uDWM.dll - ok
20:03:28.0355 0472 [ ED99B5F4B9DFE4BECA711F3B0340F931 ] C:\Windows\System32\QUTIL.DLL
20:03:28.0355 0472 C:\Windows\System32\QUTIL.DLL - ok
20:03:28.0371 0472 [ 696C5D57B4F0791BF447A829031C830B ] C:\Windows\System32\igfxTMM.dll
20:03:28.0371 0472 C:\Windows\System32\igfxTMM.dll - ok
20:03:28.0371 0472 [ 9DCAA0F7D8EC0C07BBBE724041DB7AC5 ] C:\Windows\System32\shdocvw.dll
20:03:28.0371 0472 C:\Windows\System32\shdocvw.dll - ok
20:03:28.0371 0472 [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\SysWOW64\iertutil.dll
20:03:28.0371 0472 C:\Windows\SysWOW64\iertutil.dll - ok
20:03:28.0387 0472 [ 19BDFEDD205E79B89809813A510033FA ] C:\Windows\System32\msxml3.dll
20:03:28.0387 0472 C:\Windows\System32\msxml3.dll - ok
20:03:28.0387 0472 [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\SysWOW64\urlmon.dll
20:03:28.0387 0472 C:\Windows\SysWOW64\urlmon.dll - ok
20:03:28.0402 0472 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\SysWOW64\cryptui.dll
20:03:28.0402 0472 C:\Windows\SysWOW64\cryptui.dll - ok
20:03:28.0402 0472 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\SysWOW64\msimg32.dll
20:03:28.0402 0472 C:\Windows\SysWOW64\msimg32.dll - ok
20:03:28.0402 0472 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\SysWOW64\version.dll
20:03:28.0402 0472 C:\Windows\SysWOW64\version.dll - ok
20:03:28.0418 0472 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\SysWOW64\powrprof.dll
20:03:28.0418 0472 C:\Windows\SysWOW64\powrprof.dll - ok
20:03:28.0418 0472 [ 7B96206E4BDD2FE582F0DBC46F5F410E ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
20:03:28.0418 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
20:03:28.0433 0472 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\SysWOW64\comdlg32.dll
20:03:28.0433 0472 C:\Windows\SysWOW64\comdlg32.dll - ok
20:03:28.0433 0472 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
20:03:28.0433 0472 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
20:03:28.0449 0472 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\SysWOW64\wer.dll
20:03:28.0449 0472 C:\Windows\SysWOW64\wer.dll - ok
20:03:28.0449 0472 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\SysWOW64\winspool.drv
20:03:28.0449 0472 C:\Windows\SysWOW64\winspool.drv - ok
20:03:28.0465 0472 [ 296B1BE8C1B751EC384138C82670F1E0 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
20:03:28.0465 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
20:03:28.0465 0472 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\SysWOW64\SensApi.dll
20:03:28.0465 0472 C:\Windows\SysWOW64\SensApi.dll - ok
20:03:28.0465 0472 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\SysWOW64\rasapi32.dll
20:03:28.0465 0472 C:\Windows\SysWOW64\rasapi32.dll - ok
20:03:28.0480 0472 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\SysWOW64\rasman.dll
20:03:28.0480 0472 C:\Windows\SysWOW64\rasman.dll - ok
20:03:28.0480 0472 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\SysWOW64\tapi32.dll
20:03:28.0480 0472 C:\Windows\SysWOW64\tapi32.dll - ok
20:03:28.0496 0472 [ 8FBC2419416064C7952F1CDED5AAB829 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
20:03:28.0496 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
20:03:28.0496 0472 [ 5E1D96076745F73C56B1307FEE6BEDFE ] C:\Windows\System32\ncsi.dll
20:03:28.0496 0472 C:\Windows\System32\ncsi.dll - ok
20:03:28.0511 0472 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\SysWOW64\rtutils.dll
20:03:28.0511 0472 C:\Windows\SysWOW64\rtutils.dll - ok
20:03:28.0511 0472 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\SysWOW64\winmm.dll
20:03:28.0511 0472 C:\Windows\SysWOW64\winmm.dll - ok
20:03:28.0511 0472 [ 0C063350E73B443666B17F225BB9FEC7 ] C:\Windows\System32\cfgmgr32.dll
20:03:28.0527 0472 C:\Windows\System32\cfgmgr32.dll - ok
20:03:28.0527 0472 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\SysWOW64\mpr.dll
20:03:28.0527 0472 C:\Windows\SysWOW64\mpr.dll - ok
20:03:28.0527 0472 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\SysWOW64\wlanapi.dll
20:03:28.0527 0472 C:\Windows\SysWOW64\wlanapi.dll - ok
20:03:28.0543 0472 [ 467FBA22AD764B6AB85BE58C25EEF15D ] C:\Windows\System32\ssdpapi.dll
20:03:28.0543 0472 C:\Windows\System32\ssdpapi.dll - ok
20:03:28.0543 0472 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\SysWOW64\clbcatq.dll
20:03:28.0543 0472 C:\Windows\SysWOW64\clbcatq.dll - ok
20:03:28.0558 0472 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\SysWOW64\onex.dll
20:03:28.0558 0472 C:\Windows\SysWOW64\onex.dll - ok
20:03:28.0558 0472 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\SysWOW64\wbemcomn.dll
20:03:28.0558 0472 C:\Windows\SysWOW64\wbemcomn.dll - ok
20:03:28.0574 0472 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\SysWOW64\wbem\wbemprox.dll
20:03:28.0574 0472 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
20:03:28.0574 0472 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\SysWOW64\eappcfg.dll
20:03:28.0574 0472 C:\Windows\SysWOW64\eappcfg.dll - ok
20:03:28.0589 0472 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\SysWOW64\eappprxy.dll
20:03:28.0589 0472 C:\Windows\SysWOW64\eappprxy.dll - ok
20:03:28.0589 0472 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
20:03:28.0589 0472 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
20:03:28.0589 0472 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\SysWOW64\duser.dll
20:03:28.0589 0472 C:\Windows\SysWOW64\duser.dll - ok
20:03:28.0605 0472 [ 88B630F6AEB5A11F6AD064930B38C2C0 ] C:\Windows\SysWOW64\uxtheme.dll
20:03:28.0605 0472 C:\Windows\SysWOW64\uxtheme.dll - ok
20:03:28.0605 0472 [ 4ACF748A8E576761E4C610ACAB67B1BC ] C:\Windows\SysWOW64\bcrypt.dll
20:03:28.0605 0472 C:\Windows\SysWOW64\bcrypt.dll - ok
20:03:28.0621 0472 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\SysWOW64\wlanutil.dll
20:03:28.0621 0472 C:\Windows\SysWOW64\wlanutil.dll - ok
20:03:28.0621 0472 [ 38BCF8D798FAA7BEF813BFFB8D8CD557 ] C:\Windows\System32\dlbainpa.dll
20:03:28.0621 0472 C:\Windows\System32\dlbainpa.dll - ok
20:03:28.0636 0472 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\SysWOW64\nlaapi.dll
20:03:28.0636 0472 C:\Windows\SysWOW64\nlaapi.dll - ok
20:03:28.0636 0472 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\SysWOW64\winrnr.dll
20:03:28.0636 0472 C:\Windows\SysWOW64\winrnr.dll - ok
20:03:28.0636 0472 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\SysWOW64\rasadhlp.dll
20:03:28.0636 0472 C:\Windows\SysWOW64\rasadhlp.dll - ok
20:03:28.0652 0472 [ AE2FF90E90CD1272A1D54B8D6C3A0031 ] C:\Windows\System32\dlbaiesc.dll
20:03:28.0652 0472 C:\Windows\System32\dlbaiesc.dll - ok
20:03:28.0652 0472 [ 2EBABC3BACFEAFF5443A0BFA7F94C184 ] C:\Windows\System32\dlbausb1.dll
20:03:28.0652 0472 C:\Windows\System32\dlbausb1.dll - ok
20:03:28.0667 0472 [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\Windows\SysWOW64\fltLib.dll
20:03:28.0667 0472 C:\Windows\SysWOW64\fltLib.dll - ok
20:03:28.0667 0472 [ B144AEE8346D29AFB500FFED94AB6150 ] C:\Windows\System32\dlbahbn3.dll
20:03:28.0667 0472 C:\Windows\System32\dlbahbn3.dll - ok
20:03:28.0683 0472 [ 2CCA759379C220D29F0066CA49E9259F ] C:\Windows\System32\sfc.dll
20:03:28.0683 0472 C:\Windows\System32\sfc.dll - ok
20:03:28.0683 0472 [ 1EA87AA209C24CDD9C65DE8724B2CD26 ] C:\Windows\System32\dlbalmpm.dll
20:03:28.0683 0472 C:\Windows\System32\dlbalmpm.dll - ok
20:03:28.0683 0472 [ 8F411DF665E8F672E645EF069F6A7A3B ] C:\Windows\System32\dlbacomc.dll
20:03:28.0683 0472 C:\Windows\System32\dlbacomc.dll - ok
20:03:28.0699 0472 [ EE9040473EB1339E75E79A75FA47A825 ] C:\Windows\System32\browseui.dll
20:03:28.0699 0472 C:\Windows\System32\browseui.dll - ok
20:03:28.0699 0472 [ B2E32F41E1D6500F62CAEF5EF2B17196 ] C:\Windows\System32\EhStorShell.dll
20:03:28.0699 0472 C:\Windows\System32\EhStorShell.dll - ok
20:03:28.0714 0472 [ DBA8142819F06A4A401259011EF59530 ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
20:03:28.0714 0472 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
20:03:28.0714 0472 [ 74D59F72104C9FF8D154D1AB372A5A57 ] C:\Windows\System32\tcpmon.dll
20:03:28.0714 0472 C:\Windows\System32\tcpmon.dll - ok
20:03:28.0730 0472 [ 943F05B78BC03F3463FCE26D4B5B81A9 ] C:\Windows\System32\snmpapi.dll
20:03:28.0730 0472 C:\Windows\System32\snmpapi.dll - ok
20:03:28.0730 0472 [ 57120423BC6342F0EAE16E3720184D5A ] C:\Windows\System32\wsnmp32.dll
20:03:28.0730 0472 C:\Windows\System32\wsnmp32.dll - ok
20:03:28.0730 0472 [ EDC41901878A99EA11765F5536CCAE67 ] C:\Windows\System32\imageres.dll
20:03:28.0730 0472 C:\Windows\System32\imageres.dll - ok
20:03:28.0745 0472 [ 4B7BB89AFC32632F775D8A3E62FCA979 ] C:\Windows\System32\mgmtapi.dll
20:03:28.0745 0472 C:\Windows\System32\mgmtapi.dll - ok
20:03:28.0745 0472 [ 7BCB22C93FF0E90683F3513531E2990B ] C:\Windows\System32\tcpmib.dll
20:03:28.0745 0472 C:\Windows\System32\tcpmib.dll - ok
20:03:28.0745 0472 [ 5948F2B4FECE4F3301D290771F5183CF ] C:\Windows\System32\usbmon.dll
20:03:28.0761 0472 C:\Windows\System32\usbmon.dll - ok
20:03:28.0761 0472 [ DE0EED5106BD03CE11CDBF690285FE6C ] C:\Windows\System32\WSDMon.dll
20:03:28.0761 0472 C:\Windows\System32\WSDMon.dll - ok
20:03:28.0761 0472 [ A5A600EC2DE0BCDEEC0E7AD89221A55E ] C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\haspvlib_98615.dll
20:03:28.0761 0472 C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\haspvlib_98615.dll - ok
20:03:28.0777 0472 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\SysWOW64\msi.dll
20:03:28.0777 0472 C:\Windows\SysWOW64\msi.dll - ok
20:03:28.0777 0472 [ A45D8543AE13502984366767D7A4B4CD ] C:\Windows\System32\IconCodecService.dll
20:03:28.0777 0472 C:\Windows\System32\IconCodecService.dll - ok
20:03:28.0792 0472 [ D7137E2FC71B8C56022EC1E680D3C911 ] C:\Windows\System32\spool\prtprocs\x64\dlbapp6c.dll
20:03:28.0792 0472 C:\Windows\System32\spool\prtprocs\x64\dlbapp6c.dll - ok
20:03:28.0792 0472 [ 5398BD3BA9735ECF658487A2826C0885 ] C:\Windows\System32\runonce.exe
20:03:28.0792 0472 C:\Windows\System32\runonce.exe - ok
20:03:28.0808 0472 [ 1D2CC592516BD0544A107104461688F4 ] C:\Windows\System32\win32spl.dll
20:03:28.0808 0472 C:\Windows\System32\win32spl.dll - ok
20:03:28.0808 0472 [ 961F7B0A130E1FA3976ED1E9573D4D36 ] C:\Windows\System32\netrap.dll
20:03:28.0808 0472 C:\Windows\System32\netrap.dll - ok
20:03:28.0808 0472 [ 19CB8D7776D3656006496C4D890F5312 ] C:\Windows\System32\printcom.dll
20:03:28.0808 0472 C:\Windows\System32\printcom.dll - ok
20:03:28.0823 0472 [ A5A54257E6FD4AF082CCB0470AD4FC98 ] C:\Windows\System32\inetpp.dll
20:03:28.0823 0472 C:\Windows\System32\inetpp.dll - ok
20:03:28.0823 0472 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\SysWOW64\runonce.exe
20:03:28.0823 0472 C:\Windows\SysWOW64\runonce.exe - ok
20:03:28.0839 0472 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\SysWOW64\cmd.exe
20:03:28.0839 0472 C:\Windows\SysWOW64\cmd.exe - ok
20:03:28.0839 0472 [ 72A73B43C20902760022FBC91B3EC948 ] C:\Windows\System32\cmd.exe
20:03:28.0839 0472 C:\Windows\System32\cmd.exe - ok
20:03:28.0855 0472 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\SysWOW64\propsys.dll
20:03:28.0855 0472 C:\Windows\SysWOW64\propsys.dll - ok
20:03:28.0855 0472 [ 023646CBAEA12D786DB1A104CC392FC0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\cfb40813b38398a5cb682d3d6c9515ef\System.Runtime.Remoting.ni.dll
20:03:28.0855 0472 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\cfb40813b38398a5cb682d3d6c9515ef\System.Runtime.Remoting.ni.dll - ok
20:03:28.0855 0472 [ E127420B7FEB65C7F279EAAC183BBC0E ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
20:03:28.0870 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe - ok
20:03:28.0870 0472 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
20:03:28.0870 0472 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll - ok
20:03:28.0886 0472 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
20:03:28.0886 0472 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll - ok
20:03:28.0886 0472 [ F6914429533842B964C98062B657FB1B ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccL110U.dll
20:03:28.0886 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccL110U.dll - ok
20:03:28.0886 0472 [ 58865916F53592A61549B04941BFD80D ] C:\Windows\System32\drivers\PEAuth.sys
20:03:28.0886 0472 C:\Windows\System32\drivers\PEAuth.sys - ok
20:03:28.0901 0472 [ 47A2726C35EA4FF56EF1B5D89981992C ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccVrTrst.dll
20:03:28.0901 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccVrTrst.dll - ok
20:03:28.0901 0472 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\SysWOW64\cscapi.dll
20:03:28.0901 0472 C:\Windows\SysWOW64\cscapi.dll - ok
20:03:28.0917 0472 [ 501E2FBCB27E1F79DBCC5FD86AA242AE ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\b50d2334ab9be4ac9b8dab8b01529201\System.Management.ni.dll
20:03:28.0917 0472 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\b50d2334ab9be4ac9b8dab8b01529201\System.Management.ni.dll - ok
20:03:28.0917 0472 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
20:03:28.0917 0472 C:\Windows\System32\drivers\secdrv.sys - ok
20:03:28.0933 0472 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] C:\Windows\System32\IPSECSVC.DLL
20:03:28.0933 0472 C:\Windows\System32\IPSECSVC.DLL - ok
20:03:28.0933 0472 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\SysWOW64\p2pcollab.dll
20:03:28.0933 0472 C:\Windows\SysWOW64\p2pcollab.dll - ok
20:03:28.0933 0472 [ D59D29B542F546144A3154E33C7072FE ] C:\Windows\System32\sc.exe
20:03:28.0933 0472 C:\Windows\System32\sc.exe - ok
20:03:28.0948 0472 [ 13CC59C1B04E9F20A87987C68CD4BE3F ] C:\Windows\SysWOW64\ncrypt.dll
20:03:28.0948 0472 C:\Windows\SysWOW64\ncrypt.dll - ok
20:03:28.0948 0472 [ 14DC30962660BA05F1F54EB11AA5A2B4 ] C:\Windows\System32\FwRemoteSvr.dll
20:03:28.0948 0472 C:\Windows\System32\FwRemoteSvr.dll - ok
20:03:28.0964 0472 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\SysWOW64\gpapi.dll
20:03:28.0964 0472 C:\Windows\SysWOW64\gpapi.dll - ok
20:03:28.0964 0472 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\SysWOW64\SLC.dll
20:03:28.0964 0472 C:\Windows\SysWOW64\SLC.dll - ok
20:03:28.0979 0472 [ 0EAD8118270D275149CA1422978BD642 ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvc.dll
20:03:28.0979 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvc.dll - ok
20:03:28.0979 0472 [ 58C8D469EDCA6C4396FC941107065AFA ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccIPC.dll
20:03:28.0979 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccIPC.dll - ok
20:03:28.0995 0472 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\SysWOW64\cryptnet.dll
20:03:28.0995 0472 C:\Windows\SysWOW64\cryptnet.dll - ok
20:03:28.0995 0472 [ E862E8D392590D03A67C7FBBFAC149A3 ] C:\Windows\System32\wermgr.exe
20:03:28.0995 0472 C:\Windows\System32\wermgr.exe - ok
20:03:28.0995 0472 [ 589CDC23CCDC419C36DDD200BEB00944 ] C:\Windows\System32\wer.dll
20:03:28.0995 0472 C:\Windows\System32\wer.dll - ok
20:03:29.0011 0472 [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
20:03:29.0011 0472 C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
20:03:29.0011 0472 [ 406121C827A2901E72DAB2197DAE180E ] C:\Windows\System32\wercon.exe
20:03:29.0011 0472 C:\Windows\System32\wercon.exe - ok
20:03:29.0026 0472 [ E5118CE6749A61D22EF62D1238D427B9 ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll
20:03:29.0026 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll - ok
20:03:29.0026 0472 [ BAC6EEDE73F2D61583982A07E6382015 ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSet.dll
20:03:29.0026 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSet.dll - ok
20:03:29.0026 0472 [ 6202E4AED3044BA97F191B3D884134D3 ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coSvcNST.dll
20:03:29.0026 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coSvcNST.dll - ok
20:03:29.0042 0472 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\SysWOW64\winhttp.dll
20:03:29.0042 0472 C:\Windows\SysWOW64\winhttp.dll - ok
20:03:29.0042 0472 [ 523600FDD5F41462CB0F0AFB7A00C94B ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coFFNST.dll
20:03:29.0042 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coFFNST.dll - ok
20:03:29.0057 0472 [ 523600FDD5F41462CB0F0AFB7A00C94B ] C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\components\coFFNST.dll
20:03:29.0057 0472 C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\components\coFFNST.dll - ok
20:03:29.0057 0472 [ BBFED4A3A7CC264599F35D0C11AF5758 ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccGEvt.dll
20:03:29.0057 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccGEvt.dll - ok
20:03:29.0073 0472 [ 8A43F5DA0D4DE4FB472ECD9DDB55E949 ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccGLog.dll
20:03:29.0073 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccGLog.dll - ok
20:03:29.0073 0472 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\SysWOW64\actxprxy.dll
20:03:29.0073 0472 C:\Windows\SysWOW64\actxprxy.dll - ok
20:03:29.0073 0472 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\SysWOW64\shdocvw.dll
20:03:29.0073 0472 C:\Windows\SysWOW64\shdocvw.dll - ok
20:03:29.0089 0472 [ 59E52B5C6A70F28D8B6C0D1E5A7AFCBF ] C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccJobMgr.dll
20:03:29.0089 0472 C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccJobMgr.dll - ok
20:03:29.0089 0472 [ 77784A2BD5912A4EC6284255865526BC ] C:\Windows\SysWOW64\Faultrep.dll
20:03:29.0089 0472 C:\Windows\SysWOW64\Faultrep.dll - ok
20:03:29.0104 0472 [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files (x86)\Skype\Updater\Updater.exe
20:03:29.0104 0472 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
20:03:29.0104 0472 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\SysWOW64\ntshrui.dll
20:03:29.0104 0472 C:\Windows\SysWOW64\ntshrui.dll - ok
20:03:29.0120 0472 [ 8F58544719E1C435BC36A8B207096581 ] C:\Windows\SysWOW64\verclsid.exe
20:03:29.0120 0472 C:\Windows\SysWOW64\verclsid.exe - ok
20:03:29.0120 0472 [ 9A658C71F26A2FF3F49CAEDA3AD2CCD3 ] C:\Windows\System32\verclsid.exe
20:03:29.0120 0472 C:\Windows\System32\verclsid.exe - ok
20:03:29.0135 0472 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Kristin\AppData\Local\Temp\FE986708-290B-4160-B26E-0C088E0D2FA7.exe
20:03:29.0135 0472 C:\Users\Kristin\AppData\Local\Temp\FE986708-290B-4160-B26E-0C088E0D2FA7.exe - ok
20:03:29.0135 0472 [ C7E72A4071EE0200E3C075DACFB2B334 ] C:\Windows\System32\drivers\tcpipreg.sys
20:03:29.0135 0472 C:\Windows\System32\drivers\tcpipreg.sys - ok
20:03:29.0135 0472 [ 3E5EF481EAA9695181B6C02A2B88983E ] C:\Windows\System32\wiatrace.dll
20:03:29.0135 0472 C:\Windows\System32\wiatrace.dll - ok
20:03:29.0151 0472 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:03:29.0151 0472 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
20:03:29.0151 0472 [ 4E1CC9DB8B680795F17F20FC6C51974B ] C:\Windows\System32\icaapi.dll
20:03:29.0151 0472 C:\Windows\System32\icaapi.dll - ok
20:03:29.0167 0472 [ E9DBC876EC1C78A74A55D8D121016344 ] C:\Windows\System32\wbemcomn.dll
20:03:29.0167 0472 C:\Windows\System32\wbemcomn.dll - ok
20:03:29.0167 0472 [ 8E10B36901325C1ABE28E71FB8E437D9 ] C:\Windows\System32\wsdchngr.dll
20:03:29.0167 0472 C:\Windows\System32\wsdchngr.dll - ok
20:03:29.0182 0472 [ B25321F9C037BA9AE1DD68B36913ACAC ] C:\Windows\System32\wbem\WinMgmtR.dll
20:03:29.0182 0472 C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:03:29.0182 0472 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
20:03:29.0182 0472 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
20:03:29.0198 0472 [ 898804F8043BA721AC2E9F45AA55558B ] C:\Windows\System32\PortableDeviceApi.dll
20:03:29.0198 0472 C:\Windows\System32\PortableDeviceApi.dll - ok
20:03:29.0198 0472 [ 7523E7D2AB0C49585C0C199264B2BD73 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
20:03:29.0198 0472 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
20:03:29.0198 0472 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
20:03:29.0198 0472 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
20:03:29.0213 0472 [ 21F36392598072A73C7576CD8AFD6E70 ] C:\Windows\System32\wbem\wbemprox.dll
20:03:29.0213 0472 C:\Windows\System32\wbem\wbemprox.dll - ok
20:03:29.0213 0472 [ 41F84775AE00035887A98EE774914939 ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:03:29.0213 0472 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:03:29.0229 0472 [ D642A49B5E19B3F5B0B4647FAE27817E ] C:\Windows\System32\wbem\wbemcore.dll
20:03:29.0229 0472 C:\Windows\System32\wbem\wbemcore.dll - ok
20:03:29.0229 0472 [ 6FF25F418D373097C199E3ACCFA06E78 ] C:\Windows\System32\tquery.dll
20:03:29.0229 0472 C:\Windows\System32\tquery.dll - ok
20:03:29.0245 0472 [ A0B762992A52FA8A657A97C34BEEA807 ] C:\Windows\System32\mssrch.dll
20:03:29.0245 0472 C:\Windows\System32\mssrch.dll - ok
20:03:29.0245 0472 [ 37B697901FE364144D634128369098FF ] C:\Windows\System32\wbem\esscli.dll
20:03:29.0245 0472 C:\Windows\System32\wbem\esscli.dll - ok
20:03:29.0245 0472 [ 11F705A35F4CB2B4D6FA51606A9B8C54 ] C:\Windows\System32\wbem\fastprox.dll
20:03:29.0245 0472 C:\Windows\System32\wbem\fastprox.dll - ok
20:03:29.0260 0472 [ 900B9B25C345AAA4F90913BA9AECABF4 ] C:\Windows\System32\dbghelp.dll
20:03:29.0260 0472 C:\Windows\System32\dbghelp.dll - ok
20:03:29.0260 0472 [ 8F8380E73A04BCB85340B1A3653FB8A5 ] C:\Windows\System32\wbem\wbemsvc.dll
20:03:29.0260 0472 C:\Windows\System32\wbem\wbemsvc.dll - ok
20:03:29.0276 0472 [ 4E252E85E5DC31BD645E809222AFAF27 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
20:03:29.0276 0472 C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe - ok
20:03:29.0276 0472 [ 1AE49D81622BE6364194F70045F07194 ] C:\Windows\System32\wbem\wmiutils.dll
20:03:29.0276 0472 C:\Windows\System32\wbem\wmiutils.dll - ok
20:03:29.0276 0472 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\SysWOW64\mstask.dll
20:03:29.0276 0472 C:\Windows\SysWOW64\mstask.dll - ok
20:03:29.0291 0472 [ 5103B1E343F2D5FBDFA8D0318ABC59C4 ] C:\Windows\System32\wbem\repdrvfs.dll
20:03:29.0291 0472 C:\Windows\System32\wbem\repdrvfs.dll - ok
20:03:29.0291 0472 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\SysWOW64\ntdsapi.dll
20:03:29.0291 0472 C:\Windows\SysWOW64\ntdsapi.dll - ok
20:03:29.0307 0472 [ 54BEFBE0B681A7254FD74E1E5288F7F6 ] C:\Windows\System32\msidle.dll
20:03:29.0307 0472 C:\Windows\System32\msidle.dll - ok
20:03:29.0307 0472 [ 10446646D128E580C46615338E74E672 ] C:\Windows\System32\rundll32.exe
20:03:29.0307 0472 C:\Windows\System32\rundll32.exe - ok
20:03:29.0307 0472 [ 4499BBCAB0B808B86C9DD96965B27167 ] C:\Windows\System32\ykx64coinst.dll
20:03:29.0307 0472 C:\Windows\System32\ykx64coinst.dll - ok
20:03:29.0323 0472 [ 27F479DFA5E1BD942E056888DCF5C270 ] C:\Windows\System32\Query.dll
20:03:29.0323 0472 C:\Windows\System32\Query.dll - ok
20:03:29.0323 0472 [ 22EB4EA6A6525E01947CFC9522412D3B ] C:\Windows\System32\oledlg.dll
20:03:29.0323 0472 C:\Windows\System32\oledlg.dll - ok
20:03:29.0338 0472 [ 7846D0136CC2B264926A73047BA7688A ] C:\Windows\System32\netprofm.dll
20:03:29.0338 0472 C:\Windows\System32\netprofm.dll - ok
20:03:29.0338 0472 [ 1894F161AF417784AAECFAFE77DE940E ] C:\Windows\System32\sqmapi.dll
20:03:29.0338 0472 C:\Windows\System32\sqmapi.dll - ok
20:03:29.0354 0472 [ D883BD7C5BA86AE7D442C3A24F13A46D ] C:\Windows\System32\p2pcollab.dll
20:03:29.0354 0472 C:\Windows\System32\p2pcollab.dll - ok
20:03:29.0354 0472 [ A5D8AD128FBB763F147F29F3D6A1C084 ] C:\Windows\System32\npmproxy.dll
20:03:29.0354 0472 C:\Windows\System32\npmproxy.dll - ok
20:03:29.0354 0472 [ D23E5184266747DDCE9D0C6581D916B3 ] C:\Windows\System32\hnetcfg.dll
20:03:29.0354 0472 C:\Windows\System32\hnetcfg.dll - ok
20:03:29.0369 0472 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\SysWOW64\WindowsCodecs.dll
20:03:29.0369 0472 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
20:03:29.0369 0472 [ 3164FE6EB1691FE88E42B2780A235C14 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnHips.dll
20:03:29.0369 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnHips.dll - ok
20:03:29.0385 0472 [ FB050B780C9FB12B04857D964525AB0E ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnScan.dll
20:03:29.0385 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnScan.dll - ok
20:03:29.0385 0472 [ C255A2FB70315F8F5FD562E7ECD4C8F2 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnAmon.dll
20:03:29.0385 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnAmon.dll - ok
20:03:29.0401 0472 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\SysWOW64\cfgmgr32.dll
20:03:29.0401 0472 C:\Windows\SysWOW64\cfgmgr32.dll - ok
20:03:29.0401 0472 [ 278F28149ADD19747B34758ACD9CA00F ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEmon.dll
20:03:29.0401 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEmon.dll - ok
20:03:29.0416 0472 [ 491214161A793C3FC5596772322F17F0 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnDmon.dll
20:03:29.0416 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnDmon.dll - ok
20:03:29.0416 0472 [ 0095100D303887804C1B10A62F2ADB2C ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEpfw.dll
20:03:29.0416 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEpfw.dll - ok
20:03:29.0416 0472 [ E149A7EACDDE42EA6C67B2CB8162D806 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnUpdate.dll
20:03:29.0416 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnUpdate.dll - ok
20:03:29.0432 0472 [ E6BA7BBA83E525DAE5CB3F58D40AFC74 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\updater.dll
20:03:29.0432 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\updater.dll - ok
20:03:29.0432 0472 [ 97064EC136885F43AB5B898FFB11C141 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnMailPlugins.dll
20:03:29.0432 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnMailPlugins.dll - ok
20:03:29.0447 0472 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\SysWOW64\EhStorShell.dll
20:03:29.0447 0472 C:\Windows\SysWOW64\EhStorShell.dll - ok
20:03:29.0447 0472 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\SysWOW64\imageres.dll
20:03:29.0447 0472 C:\Windows\SysWOW64\imageres.dll - ok
20:03:29.0463 0472 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\SysWOW64\sfc.dll
20:03:29.0463 0472 C:\Windows\SysWOW64\sfc.dll - ok
20:03:29.0463 0472 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\SysWOW64\sfc_os.dll
20:03:29.0463 0472 C:\Windows\SysWOW64\sfc_os.dll - ok
20:03:29.0463 0472 [ 75C34D22D3E7D1D0238B62C55F604BFC ] C:\Windows\System32\cscapi.dll
20:03:29.0463 0472 C:\Windows\System32\cscapi.dll - ok
20:03:29.0479 0472 [ BDA6B9CEBABC32F64D1A276DDD28BF75 ] C:\Windows\System32\igfxdev.dll
20:03:29.0479 0472 C:\Windows\System32\igfxdev.dll - ok
20:03:29.0479 0472 [ 63BD471712132D597431407527A57628 ] C:\Windows\System32\dxgi.dll
20:03:29.0479 0472 C:\Windows\System32\dxgi.dll - ok
20:03:29.0494 0472 [ 5537EBC1209B3AA1332A03896B1184C3 ] C:\Windows\System32\PresentationSettings.exe
20:03:29.0494 0472 C:\Windows\System32\PresentationSettings.exe - ok
20:03:29.0494 0472 [ 8D0CA9F14EFCE81BBBD4CCF1638AD6EA ] C:\Windows\System32\igfxsrvc.exe
20:03:29.0494 0472 C:\Windows\System32\igfxsrvc.exe - ok
20:03:29.0510 0472 [ 70238A320AA58850CE5FD234BFE31C26 ] C:\Windows\System32\igfxsrvc.dll
20:03:29.0510 0472 C:\Windows\System32\igfxsrvc.dll - ok
20:03:29.0510 0472 [ E946553F786521C073AABC7CD0714807 ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:03:29.0510 0472 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:03:29.0510 0472 [ 8D94313E7A7786997B4C362B7CCB5D29 ] C:\Windows\System32\wbem\wbemess.dll
20:03:29.0510 0472 C:\Windows\System32\wbem\wbemess.dll - ok
20:03:29.0525 0472 [ 5B856A0AE8C2CDB152A6C2A726293EEC ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgOE.dll
20:03:29.0525 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgOE.dll - ok
20:03:29.0525 0472 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\SysWOW64\cabinet.dll
20:03:29.0525 0472 C:\Windows\SysWOW64\cabinet.dll - ok
20:03:29.0541 0472 [ E21FFFE678FF09BAA6BF5F76BD8805C6 ] C:\Windows\System32\esent.dll
20:03:29.0541 0472 C:\Windows\System32\esent.dll - ok
20:03:29.0541 0472 [ A44E61A183FD6D65C655E31A330ECA7E ] C:\Windows\System32\msscb.dll
20:03:29.0541 0472 C:\Windows\System32\msscb.dll - ok
20:03:29.0557 0472 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\SysWOW64\rundll32.exe
20:03:29.0557 0472 C:\Windows\SysWOW64\rundll32.exe - ok
20:03:29.0557 0472 [ CE1B8C59DA1E6EB97516DE5AA5D37D49 ] C:\Windows\AppPatch\acwow64.dll
20:03:29.0557 0472 C:\Windows\AppPatch\acwow64.dll - ok
20:03:29.0572 0472 [ D6804F089CBB6749E95124E7C4D80900 ] C:\Windows\AppPatch\AcLayers.dll
20:03:29.0572 0472 C:\Windows\AppPatch\AcLayers.dll - ok
20:03:29.0572 0472 [ 322ECAEDDDE33DA848DF49903E3358E5 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOE.dll
20:03:29.0572 0472 C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOE.dll - ok
20:03:29.0588 0472 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
20:03:29.0588 0472 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
20:03:29.0588 0472 [ D0A95E567224B4C347CBDD6541E5D928 ] C:\Windows\SysWOW64\wscisvif.dll
20:03:29.0588 0472 C:\Windows\SysWOW64\wscisvif.dll - ok
20:03:29.0603 0472 [ 1B7A24F2BFA1BB09CC67D4688B411039 ] C:\Windows\System32\pcadm.dll
20:03:29.0603 0472 C:\Windows\System32\pcadm.dll - ok
20:03:29.0603 0472 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\SysWOW64\wbem\fastprox.dll
20:03:29.0603 0472 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
20:03:29.0619 0472 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\SysWOW64\wscapi.dll
20:03:29.0619 0472 C:\Windows\SysWOW64\wscapi.dll - ok
20:03:29.0619 0472 [ 7371D6B52B85190971CB3F35FA0CED05 ] C:\Windows\System32\diagperf.dll
20:03:29.0619 0472 C:\Windows\System32\diagperf.dll - ok
20:03:29.0635 0472 [ 0FD5754319A388FBD2E13C21E806AC42 ] C:\Windows\System32\pnpts.dll
20:03:29.0635 0472 C:\Windows\System32\pnpts.dll - ok
20:03:29.0635 0472 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\SysWOW64\es.dll
20:03:29.0635 0472 C:\Windows\SysWOW64\es.dll - ok
20:03:29.0650 0472 [ AB44C2461E6356BEF4A06C37F28FCEF8 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
20:03:29.0650 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
20:03:29.0650 0472 [ AC532EE4E4BBF23B29D239ECD290F448 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
20:03:29.0650 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
20:03:29.0650 0472 [ 42BE1F5EAF3AE01BC78495C2DA1FEDDC ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
20:03:29.0650 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
20:03:29.0666 0472 [ 37EBC1C3906AF8D5EB1D229A3F6A846B ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
20:03:29.0666 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
20:03:29.0666 0472 [ 7924B8091BA9CB196CFD8833284D1AD0 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
20:03:29.0666 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
20:03:29.0681 0472 [ C757FB9BA0E0540E2ABA91576DB34889 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
20:03:29.0681 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
20:03:29.0681 0472 [ 65B9926B6B46177495E97D14EE75E9DE ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
20:03:29.0681 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
20:03:29.0697 0472 [ 2521D0C1B65ACB7752CA365F538949E4 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
20:03:29.0697 0472 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
20:03:29.0697 0472 [ A7C9995BA861FCE78B2CEAAE61D39FD7 ] C:\Windows\System32\drivers\bcm42rly.sys
20:03:29.0697 0472 C:\Windows\System32\drivers\bcm42rly.sys - ok
20:03:29.0713 0472 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\SysWOW64\sxs.dll
20:03:29.0713 0472 C:\Windows\SysWOW64\sxs.dll - ok
20:03:29.0713 0472 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\13303984.sys
20:03:29.0713 0472 C:\Windows\System32\drivers\13303984.sys - ok
20:03:29.0728 0472 [ 05411EF3E66659C63803563BB06C2E17 ] C:\Windows\System32\dimsjob.dll
20:03:29.0728 0472 C:\Windows\System32\dimsjob.dll - ok
20:03:29.0728 0472 [ 48DC4268BAA33F8770F498F96100E301 ] C:\Windows\System32\pautoenr.dll
20:03:29.0728 0472 C:\Windows\System32\pautoenr.dll - ok
20:03:29.0728 0472 [ C88208718545410FA0F11E06F6E7F01B ] C:\Windows\System32\certcli.dll
20:03:29.0728 0472 C:\Windows\System32\certcli.dll - ok
20:03:29.0744 0472 [ 5AF34B08C676F16A070A7D7EF2AB4C3E ] C:\Windows\System32\CertEnroll.dll
20:03:29.0744 0472 C:\Windows\System32\CertEnroll.dll - ok
20:03:29.0744 0472 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\SysWOW64\riched20.dll
20:03:29.0744 0472 C:\Windows\SysWOW64\riched20.dll - ok
20:03:29.0744 0472 ============================================================
20:03:29.0744 0472 Scan finished
20:03:29.0744 0472 ============================================================
20:03:29.0759 2656 Detected object count: 248
20:03:29.0759 2656 Actual detected object count: 248
20:03:45.0620 2656 AeLookupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0620 2656 AeLookupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0620 2656 AESTFilters ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0620 2656 AESTFilters ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0620 2656 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0620 2656 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0620 2656 aksdf ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0620 2656 aksdf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0620 2656 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0620 2656 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0635 2656 AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0635 2656 AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0635 2656 Appinfo ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0635 2656 Appinfo ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0635 2656 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0635 2656 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0635 2656 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0635 2656 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0635 2656 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0635 2656 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0635 2656 BFE ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0635 2656 BFE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0651 2656 BITS ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0651 2656 BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0651 2656 blbdrive ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0651 2656 blbdrive ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0651 2656 bowser ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0651 2656 bowser ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0651 2656 BrFiltLo ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0651 2656 BrFiltLo ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0651 2656 BrFiltUp ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0651 2656 BrFiltUp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0651 2656 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0651 2656 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0651 2656 Brserid ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0651 2656 Brserid ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0667 2656 BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0667 2656 BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0667 2656 BrUsbMdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0667 2656 BrUsbMdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0667 2656 BrUsbSer ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0667 2656 BrUsbSer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0667 2656 BTHMODEM ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0667 2656 BTHMODEM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0667 2656 cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0667 2656 cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0667 2656 cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0667 2656 cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0682 2656 CertPropSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0682 2656 CertPropSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0682 2656 circlass ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0682 2656 circlass ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0682 2656 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0682 2656 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0682 2656 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0682 2656 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0682 2656 DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0682 2656 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0682 2656 DfsC ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0682 2656 DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0698 2656 DFSR ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0698 2656 DFSR ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0698 2656 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0698 2656 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0698 2656 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0698 2656 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0698 2656 dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0698 2656 dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0698 2656 DPS ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0698 2656 DPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0698 2656 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0698 2656 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0713 2656 E1G60 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0713 2656 E1G60 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0713 2656 EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0713 2656 EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0713 2656 ehRecvr ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0713 2656 ehRecvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0713 2656 ehSched ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0713 2656 ehSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0713 2656 ehstart ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0713 2656 ehstart ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0713 2656 EMDMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0713 2656 EMDMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0729 2656 ErrDev ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0729 2656 ErrDev ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0729 2656 EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0729 2656 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0729 2656 exfat ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0729 2656 exfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0729 2656 fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0729 2656 fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0729 2656 fdc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0729 2656 fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0729 2656 fdPHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0729 2656 fdPHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0745 2656 FDResPub ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0745 2656 FDResPub ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0745 2656 Filetrace ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0745 2656 Filetrace ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0745 2656 flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0745 2656 flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0745 2656 FontCache ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0745 2656 FontCache ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0745 2656 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0745 2656 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0745 2656 gpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0745 2656 gpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0760 2656 hardlock ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0760 2656 hardlock ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0760 2656 HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0760 2656 HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0760 2656 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0760 2656 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0760 2656 HidBth ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0760 2656 HidBth ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0760 2656 HidIr ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0760 2656 HidIr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0760 2656 hidserv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0760 2656 hidserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0776 2656 HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0776 2656 HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0776 2656 hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0776 2656 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0776 2656 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0776 2656 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0776 2656 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0776 2656 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0776 2656 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0776 2656 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0791 2656 IKEEXT ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0791 2656 IKEEXT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0791 2656 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0791 2656 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0791 2656 IPBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0791 2656 IPBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0791 2656 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0791 2656 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0791 2656 iphlpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0791 2656 iphlpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0791 2656 IPMIDRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0791 2656 IPMIDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0807 2656 IPNAT ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0807 2656 IPNAT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0807 2656 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0807 2656 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0807 2656 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0807 2656 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0807 2656 KeyIso ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0807 2656 KeyIso ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0807 2656 ksthunk ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0807 2656 ksthunk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0807 2656 KtmRm ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0807 2656 KtmRm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0823 2656 LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0823 2656 LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0823 2656 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0823 2656 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0823 2656 lltdio ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0823 2656 lltdio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0823 2656 lltdsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0823 2656 lltdsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0823 2656 lmhosts ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0823 2656 lmhosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0823 2656 luafv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0823 2656 luafv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0838 2656 Mcx2Svc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0838 2656 Mcx2Svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0838 2656 MMCSS ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0838 2656 MMCSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0838 2656 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0838 2656 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0838 2656 monitor ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0838 2656 monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0838 2656 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0838 2656 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0838 2656 mpsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0838 2656 mpsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0854 2656 MpsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0854 2656 MpsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0854 2656 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0854 2656 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0854 2656 mrxsmb ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0854 2656 mrxsmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0854 2656 mrxsmb10 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0854 2656 mrxsmb10 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0854 2656 mrxsmb20 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0854 2656 mrxsmb20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0854 2656 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0854 2656 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0869 2656 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0869 2656 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0869 2656 MSiSCSI ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0869 2656 MSiSCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0869 2656 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0869 2656 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0869 2656 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0869 2656 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0869 2656 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0869 2656 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0869 2656 MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0869 2656 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0885 2656 napagent ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0885 2656 napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0885 2656 NativeWifiP ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0885 2656 NativeWifiP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0885 2656 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0885 2656 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0885 2656 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0885 2656 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0885 2656 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0885 2656 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0885 2656 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0885 2656 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0901 2656 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0901 2656 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0901 2656 netbt ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0901 2656 netbt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0901 2656 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0901 2656 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0901 2656 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0901 2656 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0901 2656 netprofm ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0901 2656 netprofm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0901 2656 NlaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0901 2656 NlaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0916 2656 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0916 2656 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0916 2656 nsi ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0916 2656 nsi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0916 2656 nsiproxy ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0916 2656 nsiproxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0916 2656 Null ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0916 2656 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0916 2656 OA009Ufd ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0916 2656 OA009Ufd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0916 2656 OA009Vid ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0916 2656 OA009Vid ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0932 2656 ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0932 2656 ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0932 2656 p2pimsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0932 2656 p2pimsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0932 2656 p2psvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0932 2656 p2psvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0932 2656 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0932 2656 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0932 2656 PcaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0932 2656 PcaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0932 2656 PEAUTH ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0932 2656 PEAUTH ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0947 2656 PerfHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0947 2656 PerfHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0947 2656 pla ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0947 2656 pla ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0947 2656 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0947 2656 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0947 2656 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0947 2656 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0947 2656 PNRPsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0947 2656 PNRPsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0947 2656 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0947 2656 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0963 2656 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0963 2656 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0963 2656 Processor ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0963 2656 Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0963 2656 ProfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0963 2656 ProfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0963 2656 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0963 2656 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0963 2656 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0963 2656 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0963 2656 QWAVE ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0963 2656 QWAVE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0979 2656 QWAVEdrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0979 2656 QWAVEdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0979 2656 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0979 2656 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0979 2656 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0979 2656 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0979 2656 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0979 2656 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0979 2656 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0979 2656 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0979 2656 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0979 2656 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0994 2656 RasSstp ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0994 2656 RasSstp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0994 2656 rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0994 2656 rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0994 2656 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0994 2656 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0994 2656 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0994 2656 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0994 2656 RDPENCDD ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0994 2656 RDPENCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:45.0994 2656 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:45.0994 2656 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0010 2656 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0010 2656 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0010 2656 RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0010 2656 RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0010 2656 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0010 2656 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0010 2656 RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0010 2656 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0010 2656 rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0010 2656 rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0010 2656 RTSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0010 2656 RTSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0025 2656 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0025 2656 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0025 2656 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0025 2656 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0025 2656 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0025 2656 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0025 2656 SCPolicySvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0025 2656 SCPolicySvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0025 2656 SDRSVC ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0025 2656 SDRSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0025 2656 secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0025 2656 secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0041 2656 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0041 2656 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0041 2656 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0041 2656 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0041 2656 Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0041 2656 Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0041 2656 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0041 2656 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0041 2656 sermouse ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0041 2656 sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0041 2656 SessionEnv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0041 2656 SessionEnv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0057 2656 sffdisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0057 2656 sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0057 2656 sffp_mmc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0057 2656 sffp_mmc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0057 2656 sffp_sd ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0057 2656 sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0057 2656 sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0057 2656 sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0057 2656 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0057 2656 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0057 2656 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0057 2656 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0072 2656 slsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0072 2656 slsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0072 2656 SLUINotify ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0072 2656 SLUINotify ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0072 2656 Smb ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0072 2656 Smb ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0072 2656 SNMPTRAP ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0072 2656 SNMPTRAP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0072 2656 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0072 2656 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0072 2656 srv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0072 2656 srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0088 2656 srv2 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0088 2656 srv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0088 2656 srvnet ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0088 2656 srvnet ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0088 2656 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0088 2656 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0088 2656 SstpSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0088 2656 SstpSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0088 2656 STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0088 2656 STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0088 2656 STHDA ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0088 2656 STHDA ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0088 2656 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0088 2656 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0103 2656 swprv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0103 2656 swprv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0103 2656 SysMain ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0103 2656 SysMain ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0103 2656 TabletInputService ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0103 2656 TabletInputService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0103 2656 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0103 2656 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0103 2656 TBS ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0103 2656 TBS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0119 2656 tcpipreg ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0119 2656 tcpipreg ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0119 2656 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0119 2656 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0119 2656 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0119 2656 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0119 2656 tdx ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0119 2656 tdx ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0119 2656 TermService ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0119 2656 TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0119 2656 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0119 2656 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0135 2656 THREADORDER ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0135 2656 THREADORDER ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0135 2656 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0135 2656 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0135 2656 TrustedInstaller ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0135 2656 TrustedInstaller ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0135 2656 tssecsrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0135 2656 tssecsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0135 2656 tunmp ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0135 2656 tunmp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0135 2656 tunnel ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0135 2656 tunnel ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0150 2656 udfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0150 2656 udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0150 2656 UI0Detect ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0150 2656 UI0Detect ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0150 2656 umbus ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0150 2656 umbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0150 2656 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0150 2656 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0150 2656 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0150 2656 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0150 2656 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0150 2656 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0150 2656 usbcir ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0150 2656 usbcir ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0166 2656 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0166 2656 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0166 2656 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0166 2656 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0166 2656 usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0166 2656 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0166 2656 usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0166 2656 usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0166 2656 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0166 2656 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0181 2656 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0181 2656 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0181 2656 usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0181 2656 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0181 2656 usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0181 2656 usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0181 2656 UxSms ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0181 2656 UxSms ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0181 2656 vds ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0181 2656 vds ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0181 2656 vga ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0181 2656 vga ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0197 2656 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0197 2656 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0197 2656 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0197 2656 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0197 2656 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0197 2656 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0197 2656 WacomPen ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0197 2656 WacomPen ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0197 2656 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0197 2656 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0197 2656 Wanarpv6 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0197 2656 Wanarpv6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0213 2656 wcncsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0213 2656 wcncsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0213 2656 WcsPlugInService ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0213 2656 WcsPlugInService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0213 2656 WdiServiceHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0213 2656 WdiServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0213 2656 WdiSystemHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0213 2656 WdiSystemHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0213 2656 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0213 2656 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0213 2656 Wecsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0213 2656 Wecsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0228 2656 wercplsupport ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0228 2656 wercplsupport ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0228 2656 WerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0228 2656 WerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0228 2656 Winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0228 2656 Winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0228 2656 WinRM ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0228 2656 WinRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0228 2656 Wlansvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0228 2656 Wlansvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0228 2656 WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0228 2656 WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0244 2656 wmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0244 2656 wmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0244 2656 WPCSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0244 2656 WPCSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0244 2656 WPDBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0244 2656 WPDBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0244 2656 WpdUsb ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0244 2656 WpdUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0244 2656 ws2ifsl ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0244 2656 ws2ifsl ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0244 2656 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0244 2656 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0259 2656 WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0259 2656 WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0259 2656 wudfsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0259 2656 wudfsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:46.0259 2656 yukonx64 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:46.0259 2656 yukonx64 ( UnsignedFile.Multi.Generic ) - User select action: Skip


aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-05-24 19:24:01
-----------------------------
19:24:01.992 OS Version: Windows x64 6.0.6002 Service Pack 2
19:24:01.992 Number of processors: 2 586 0xF0D
19:24:01.992 ComputerName: KRISTIN-PC UserName: Kristin
19:24:02.912 Initialize success
19:24:05.814 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:24:05.814 Disk 0 Vendor: ST320LM0 2AR1 Size: 305245MB BusType: 3
19:24:05.814 Device \Driver\iaStor -> MajorFunction fffffa8006aea0a8
19:24:05.830 Disk 0 MBR read successfully
19:24:05.830 Disk 0 MBR scan
19:24:05.830 Disk 0 Windows VISTA default MBR code
19:24:05.861 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 48 MB offset 2048
19:24:05.877 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 19195 MB offset 100352
19:24:05.892 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 286001 MB offset 39411712
19:24:05.908 Disk 0 scanning C:\Windows\system32\drivers
19:24:12.915 Service scanning
19:24:27.525 Modules scanning
19:24:27.525 Disk 0 trace - called modules:
19:24:27.541 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8006aea0a8]<<hal.dll
19:24:27.556 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b3d2f0]
19:24:27.556 3 CLASSPNP.SYS[fffffa6000fd1c33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80045d9050]
19:24:27.572 \Driver\iaStor[0xfffffa8004b22da0] -> IRP_MJ_CREATE -> 0xfffffa8006aea0a8
19:24:27.572 Scan finished successfully
19:25:29.417 Disk 0 MBR has been saved successfully to "C:\Users\Kristin\Desktop\MBR.dat"
19:25:29.433 The log file has been saved successfully to "C:\Users\Kristin\Desktop\aswMBR1.txt"
  • 0

#6
Jasmyne
Posted 24 May 2013 - 09:36 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts

Sorry for the late response

It's okay, I keep strange hours :)

my computer is running terribly slow and it kept crashing during the TDSSkiller scan

I will have more instructions tomorrow to hopefully get things running better.

The original log should be located at C: named TDSSKiller.[Version]_[Date]_[Time]_log.txt. It would be more helpful to see if the original scan removed anything.

Thanks,

Jasmyne
  • 0

#7
Kristin51505
Posted 24 May 2013 - 09:49 PM

Kristin51505

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts
Sounds good, Jasmyne :) And I found it! Thanks for letting me know where to look, I didn't know it had been saved somewhere . . . here it is:

19:55:50.0955 1888 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:55:52.0406 1888 ============================================================
19:55:52.0406 1888 Current date / time: 2013/05/24 19:55:52.0406
19:55:52.0406 1888 SystemInfo:
19:55:52.0406 1888
19:55:52.0406 1888 OS Version: 6.0.6002 ServicePack: 2.0
19:55:52.0406 1888 Product type: Workstation
19:55:52.0406 1888 ComputerName: KRISTIN-PC
19:55:52.0406 1888 UserName: Kristin
19:55:52.0406 1888 Windows directory: C:\Windows
19:55:52.0406 1888 System windows directory: C:\Windows
19:55:52.0406 1888 Running under WOW64
19:55:52.0406 1888 Processor architecture: Intel x64
19:55:52.0406 1888 Number of processors: 2
19:55:52.0406 1888 Page size: 0x1000
19:55:52.0406 1888 Boot type: Safe boot with network
19:55:52.0406 1888 ============================================================
19:55:52.0952 1888 BG loaded
19:55:55.0136 1888 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:55:55.0151 1888 ============================================================
19:55:55.0151 1888 \Device\Harddisk0\DR0:
19:55:55.0151 1888 MBR partitions:
19:55:55.0151 1888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18800, BlocksNum 0x257D800
19:55:55.0151 1888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2596000, BlocksNum 0x22E98800
19:55:55.0151 1888 ============================================================
19:55:55.0260 1888 C: <-> \Device\Harddisk0\DR0\Partition2
19:55:55.0338 1888 E: <-> \Device\Harddisk0\DR0\Partition1
19:55:55.0338 1888 ============================================================
19:55:55.0338 1888 Initialize success
19:55:55.0338 1888 ============================================================
19:56:09.0597 1032 ============================================================
19:56:09.0597 1032 Scan started
19:56:09.0597 1032 Mode: Manual; SigCheck; TDLFS;
19:56:09.0597 1032 ============================================================
19:56:09.0815 1032 ================ Scan system memory ========================
19:56:09.0815 1032 System memory - ok
19:56:09.0815 1032 ================ Scan services =============================
19:56:10.0018 1032 [ F146E2BA475893DD77B2370DC1211FC6 ] 51270607 C:\Windows\system32\drivers\63506565.sys
19:56:10.0486 1032 51270607 - ok
19:56:10.0502 1032 93752228 - ok
19:56:10.0548 1032 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:56:10.0580 1032 ACPI - ok
19:56:10.0689 1032 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:10.0704 1032 AdobeFlashPlayerUpdateSvc - ok
19:56:10.0767 1032 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:56:10.0798 1032 adp94xx - ok
19:56:10.0814 1032 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:56:10.0845 1032 adpahci - ok
19:56:10.0860 1032 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:56:10.0876 1032 adpu160m - ok
19:56:10.0907 1032 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:56:10.0923 1032 adpu320 - ok
19:56:10.0970 1032 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:56:10.0985 1032 AeLookupSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:10.0985 1032 AeLookupSvc - detected UnsignedFile.Multi.Generic (1)
19:56:11.0094 1032 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_54cb4575\AESTSr64.exe
19:56:11.0110 1032 AESTFilters ( UnsignedFile.Multi.Generic ) - warning
19:56:11.0110 1032 AESTFilters - detected UnsignedFile.Multi.Generic (1)
19:56:11.0172 1032 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
19:56:11.0188 1032 AFD ( UnsignedFile.Multi.Generic ) - warning
19:56:11.0188 1032 AFD - detected UnsignedFile.Multi.Generic (1)
19:56:11.0235 1032 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:56:11.0235 1032 agp440 - ok
19:56:11.0297 1032 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:56:11.0297 1032 aic78xx - ok
19:56:11.0344 1032 [ 44F360B65C37A42EB5B71C2E5179FDD5 ] aksdf C:\Windows\system32\drivers\aksdf.sys
19:56:11.0360 1032 aksdf ( UnsignedFile.Multi.Generic ) - warning
19:56:11.0360 1032 aksdf - detected UnsignedFile.Multi.Generic (1)
19:56:11.0391 1032 [ 43415AF4F20E9867974623840A22FE98 ] aksfridge C:\Windows\system32\drivers\aksfridge.sys
19:56:11.0406 1032 aksfridge - ok
19:56:11.0438 1032 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
19:56:11.0453 1032 ALG ( UnsignedFile.Multi.Generic ) - warning
19:56:11.0453 1032 ALG - detected UnsignedFile.Multi.Generic (1)
19:56:11.0484 1032 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
19:56:11.0500 1032 aliide - ok
19:56:11.0531 1032 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
19:56:11.0531 1032 amdide - ok
19:56:11.0562 1032 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:56:11.0594 1032 AmdK8 ( UnsignedFile.Multi.Generic ) - warning
19:56:11.0594 1032 AmdK8 - detected UnsignedFile.Multi.Generic (1)
19:56:11.0640 1032 [ 8C85C812569DF851E7A2159147323DFA ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
19:56:11.0656 1032 ApfiltrService - ok
19:56:11.0718 1032 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
19:56:11.0734 1032 Appinfo ( UnsignedFile.Multi.Generic ) - warning
19:56:11.0734 1032 Appinfo - detected UnsignedFile.Multi.Generic (1)
19:56:11.0859 1032 [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
19:56:11.0874 1032 Apple Mobile Device - ok
19:56:11.0921 1032 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
19:56:11.0937 1032 arc - ok
19:56:11.0968 1032 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:56:11.0984 1032 arcsas - ok
19:56:12.0015 1032 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:12.0030 1032 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
19:56:12.0030 1032 AsyncMac - detected UnsignedFile.Multi.Generic (1)
19:56:12.0062 1032 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
19:56:12.0077 1032 atapi - ok
19:56:12.0124 1032 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:12.0155 1032 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - warning
19:56:12.0155 1032 AudioEndpointBuilder - detected UnsignedFile.Multi.Generic (1)
19:56:12.0171 1032 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:56:12.0186 1032 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
19:56:12.0186 1032 AudioSrv - detected UnsignedFile.Multi.Generic (1)
19:56:12.0233 1032 [ A7C9995BA861FCE78B2CEAAE61D39FD7 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
19:56:12.0249 1032 BCM42RLY - ok
19:56:12.0327 1032 [ D32F962B71FEE6BDAAEE630BB2C17280 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:56:12.0374 1032 BCM43XX - ok
19:56:12.0452 1032 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
19:56:12.0467 1032 BFE ( UnsignedFile.Multi.Generic ) - warning
19:56:12.0467 1032 BFE - detected UnsignedFile.Multi.Generic (1)
19:56:12.0545 1032 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
19:56:12.0670 1032 BITS ( UnsignedFile.Multi.Generic ) - warning
19:56:12.0670 1032 BITS - detected UnsignedFile.Multi.Generic (1)
19:56:12.0717 1032 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:56:12.0732 1032 blbdrive ( UnsignedFile.Multi.Generic ) - warning
19:56:12.0732 1032 blbdrive - detected UnsignedFile.Multi.Generic (1)
19:56:12.0764 1032 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
19:56:12.0779 1032 Bonjour Service - ok
19:56:12.0810 1032 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:56:12.0826 1032 bowser ( UnsignedFile.Multi.Generic ) - warning
19:56:12.0826 1032 bowser - detected UnsignedFile.Multi.Generic (1)
19:56:12.0873 1032 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:56:12.0888 1032 BrFiltLo ( UnsignedFile.Multi.Generic ) - warning
19:56:12.0888 1032 BrFiltLo - detected UnsignedFile.Multi.Generic (1)
19:56:12.0904 1032 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:56:12.0920 1032 BrFiltUp ( UnsignedFile.Multi.Generic ) - warning
19:56:12.0920 1032 BrFiltUp - detected UnsignedFile.Multi.Generic (1)
19:56:12.0982 1032 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
19:56:12.0998 1032 Browser ( UnsignedFile.Multi.Generic ) - warning
19:56:12.0998 1032 Browser - detected UnsignedFile.Multi.Generic (1)
19:56:13.0044 1032 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
19:56:13.0060 1032 Brserid ( UnsignedFile.Multi.Generic ) - warning
19:56:13.0060 1032 Brserid - detected UnsignedFile.Multi.Generic (1)
19:56:13.0076 1032 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:56:13.0091 1032 BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
19:56:13.0091 1032 BrSerWdm - detected UnsignedFile.Multi.Generic (1)
19:56:13.0107 1032 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:56:13.0122 1032 BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning
19:56:13.0122 1032 BrUsbMdm - detected UnsignedFile.Multi.Generic (1)
19:56:13.0122 1032 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:56:13.0154 1032 BrUsbSer ( UnsignedFile.Multi.Generic ) - warning
19:56:13.0154 1032 BrUsbSer - detected UnsignedFile.Multi.Generic (1)
19:56:13.0185 1032 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:56:13.0200 1032 BTHMODEM ( UnsignedFile.Multi.Generic ) - warning
19:56:13.0200 1032 BTHMODEM - detected UnsignedFile.Multi.Generic (1)
19:56:13.0232 1032 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NST C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys
19:56:13.0247 1032 ccSet_NST - ok
19:56:13.0263 1032 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:56:13.0278 1032 cdfs ( UnsignedFile.Multi.Generic ) - warning
19:56:13.0278 1032 cdfs - detected UnsignedFile.Multi.Generic (1)
19:56:13.0325 1032 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:56:13.0341 1032 cdrom ( UnsignedFile.Multi.Generic ) - warning
19:56:13.0341 1032 cdrom - detected UnsignedFile.Multi.Generic (1)
19:56:13.0388 1032 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
19:56:13.0403 1032 CertPropSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:13.0403 1032 CertPropSvc - detected UnsignedFile.Multi.Generic (1)
19:56:13.0419 1032 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
19:56:13.0434 1032 circlass ( UnsignedFile.Multi.Generic ) - warning
19:56:13.0434 1032 circlass - detected UnsignedFile.Multi.Generic (1)
19:56:13.0528 1032 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
19:56:13.0622 1032 CLFS - ok
19:56:13.0856 1032 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:13.0934 1032 clr_optimization_v2.0.50727_32 - ok
19:56:14.0043 1032 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:56:14.0121 1032 clr_optimization_v2.0.50727_64 - ok
19:56:14.0433 1032 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:14.0729 1032 clr_optimization_v4.0.30319_32 - ok
19:56:15.0135 1032 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:56:15.0353 1032 clr_optimization_v4.0.30319_64 - ok
19:56:15.0462 1032 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:56:15.0509 1032 CmBatt ( UnsignedFile.Multi.Generic ) - warning
19:56:15.0509 1032 CmBatt - detected UnsignedFile.Multi.Generic (1)
19:56:15.0540 1032 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:56:15.0556 1032 cmdide - ok
19:56:15.0587 1032 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:56:15.0618 1032 Compbatt - ok
19:56:15.0618 1032 COMSysApp - ok
19:56:15.0681 1032 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:56:15.0712 1032 crcdisk - ok
19:56:15.0806 1032 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:56:15.0821 1032 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:15.0821 1032 CryptSvc - detected UnsignedFile.Multi.Generic (1)
19:56:16.0008 1032 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
19:56:16.0086 1032 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
19:56:16.0086 1032 DcomLaunch - detected UnsignedFile.Multi.Generic (1)
19:56:16.0164 1032 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:56:16.0180 1032 DfsC ( UnsignedFile.Multi.Generic ) - warning
19:56:16.0180 1032 DfsC - detected UnsignedFile.Multi.Generic (1)
19:56:16.0960 1032 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
19:56:19.0144 1032 DFSR ( UnsignedFile.Multi.Generic ) - warning
19:56:19.0144 1032 DFSR - detected UnsignedFile.Multi.Generic (1)
19:56:19.0206 1032 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:56:19.0238 1032 Dhcp ( UnsignedFile.Multi.Generic ) - warning
19:56:19.0238 1032 Dhcp - detected UnsignedFile.Multi.Generic (1)
19:56:19.0284 1032 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
19:56:19.0284 1032 disk - ok
19:56:19.0300 1032 dlba_device - ok
19:56:19.0347 1032 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:56:19.0362 1032 Dnscache ( UnsignedFile.Multi.Generic ) - warning
19:56:19.0362 1032 Dnscache - detected UnsignedFile.Multi.Generic (1)
19:56:19.0425 1032 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
19:56:19.0456 1032 dot3svc ( UnsignedFile.Multi.Generic ) - warning
19:56:19.0456 1032 dot3svc - detected UnsignedFile.Multi.Generic (1)
19:56:19.0487 1032 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
19:56:19.0503 1032 DPS ( UnsignedFile.Multi.Generic ) - warning
19:56:19.0503 1032 DPS - detected UnsignedFile.Multi.Generic (1)
19:56:19.0534 1032 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:56:19.0550 1032 drmkaud ( UnsignedFile.Multi.Generic ) - warning
19:56:19.0550 1032 drmkaud - detected UnsignedFile.Multi.Generic (1)
19:56:19.0596 1032 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:56:19.0628 1032 DXGKrnl - ok
19:56:19.0674 1032 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
19:56:19.0706 1032 E1G60 ( UnsignedFile.Multi.Generic ) - warning
19:56:19.0706 1032 E1G60 - detected UnsignedFile.Multi.Generic (1)
19:56:19.0752 1032 [ 78A3903702B7535154F56685CA1517D4 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
19:56:19.0768 1032 eamonm - ok
19:56:19.0815 1032 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
19:56:19.0830 1032 EapHost ( UnsignedFile.Multi.Generic ) - warning
19:56:19.0830 1032 EapHost - detected UnsignedFile.Multi.Generic (1)
19:56:19.0877 1032 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
19:56:19.0877 1032 Ecache - ok
19:56:19.0924 1032 [ 9E39134330C18CBAC0F24C1283701D7E ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
19:56:19.0940 1032 ehdrv - ok
19:56:20.0018 1032 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:56:20.0033 1032 ehRecvr ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0033 1032 ehRecvr - detected UnsignedFile.Multi.Generic (1)
19:56:20.0049 1032 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
19:56:20.0064 1032 ehSched ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0064 1032 ehSched - detected UnsignedFile.Multi.Generic (1)
19:56:20.0080 1032 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
19:56:20.0096 1032 ehstart ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0096 1032 ehstart - detected UnsignedFile.Multi.Generic (1)
19:56:20.0220 1032 [ 501C1787CA4FAC7F6E9F585E96EB2FAC ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
19:56:20.0252 1032 ekrn - ok
19:56:20.0298 1032 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:56:20.0314 1032 elxstor - ok
19:56:20.0361 1032 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:56:20.0392 1032 EMDMgmt ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0392 1032 EMDMgmt - detected UnsignedFile.Multi.Generic (1)
19:56:20.0423 1032 [ B4E8DC817963B256537B1EC09AF0647E ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
19:56:20.0439 1032 epfwwfpr - ok
19:56:20.0470 1032 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:56:20.0486 1032 ErrDev ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0486 1032 ErrDev - detected UnsignedFile.Multi.Generic (1)
19:56:20.0548 1032 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
19:56:20.0564 1032 EventSystem ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0564 1032 EventSystem - detected UnsignedFile.Multi.Generic (1)
19:56:20.0610 1032 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
19:56:20.0626 1032 exfat ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0626 1032 exfat - detected UnsignedFile.Multi.Generic (1)
19:56:20.0657 1032 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:56:20.0688 1032 fastfat ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0688 1032 fastfat - detected UnsignedFile.Multi.Generic (1)
19:56:20.0704 1032 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:56:20.0720 1032 fdc ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0720 1032 fdc - detected UnsignedFile.Multi.Generic (1)
19:56:20.0751 1032 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
19:56:20.0766 1032 fdPHost ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0766 1032 fdPHost - detected UnsignedFile.Multi.Generic (1)
19:56:20.0782 1032 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
19:56:20.0798 1032 FDResPub ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0798 1032 FDResPub - detected UnsignedFile.Multi.Generic (1)
19:56:20.0813 1032 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:56:20.0813 1032 FileInfo - ok
19:56:20.0829 1032 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:56:20.0844 1032 Filetrace ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0844 1032 Filetrace - detected UnsignedFile.Multi.Generic (1)
19:56:20.0860 1032 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:56:20.0876 1032 flpydisk ( UnsignedFile.Multi.Generic ) - warning
19:56:20.0876 1032 flpydisk - detected UnsignedFile.Multi.Generic (1)
19:56:20.0922 1032 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:56:20.0938 1032 FltMgr - ok
19:56:21.0000 1032 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
19:56:21.0032 1032 FontCache ( UnsignedFile.Multi.Generic ) - warning
19:56:21.0032 1032 FontCache - detected UnsignedFile.Multi.Generic (1)
19:56:21.0094 1032 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:21.0094 1032 FontCache3.0.0.0 - ok
19:56:21.0156 1032 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:56:21.0172 1032 fssfltr - ok
19:56:21.0250 1032 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:56:21.0297 1032 fsssvc - ok
19:56:21.0344 1032 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:56:21.0359 1032 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
19:56:21.0359 1032 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
19:56:21.0406 1032 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:56:21.0422 1032 gagp30kx - ok
19:56:21.0453 1032 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:56:21.0453 1032 GEARAspiWDM - ok
19:56:21.0500 1032 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
19:56:21.0531 1032 gpsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:21.0531 1032 gpsvc - detected UnsignedFile.Multi.Generic (1)
19:56:21.0640 1032 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:21.0656 1032 gupdate - ok
19:56:21.0687 1032 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:21.0687 1032 gupdatem - ok
19:56:21.0734 1032 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:56:21.0749 1032 gusvc - ok
19:56:21.0796 1032 [ D619BA1712B83D14149850E758B835AD ] hardlock C:\Windows\system32\drivers\hardlock.sys
19:56:21.0812 1032 hardlock ( UnsignedFile.Multi.Generic ) - warning
19:56:21.0812 1032 hardlock - detected UnsignedFile.Multi.Generic (1)
19:56:21.0812 1032 hasplms - ok
19:56:21.0874 1032 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:21.0890 1032 HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
19:56:21.0890 1032 HdAudAddService - detected UnsignedFile.Multi.Generic (1)
19:56:21.0936 1032 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:21.0968 1032 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
19:56:21.0968 1032 HDAudBus - detected UnsignedFile.Multi.Generic (1)
19:56:22.0014 1032 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:56:22.0030 1032 HidBth ( UnsignedFile.Multi.Generic ) - warning
19:56:22.0030 1032 HidBth - detected UnsignedFile.Multi.Generic (1)
19:56:22.0046 1032 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:56:22.0061 1032 HidIr ( UnsignedFile.Multi.Generic ) - warning
19:56:22.0061 1032 HidIr - detected UnsignedFile.Multi.Generic (1)
19:56:22.0108 1032 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
19:56:22.0124 1032 hidserv ( UnsignedFile.Multi.Generic ) - warning
19:56:22.0124 1032 hidserv - detected UnsignedFile.Multi.Generic (1)
19:56:22.0155 1032 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:56:22.0170 1032 HidUsb ( UnsignedFile.Multi.Generic ) - warning
19:56:22.0170 1032 HidUsb - detected UnsignedFile.Multi.Generic (1)
19:56:22.0217 1032 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
19:56:22.0233 1032 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:22.0233 1032 hkmsvc - detected UnsignedFile.Multi.Generic (1)
19:56:22.0264 1032 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:56:22.0280 1032 HpCISSs - ok
19:56:22.0326 1032 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:56:22.0358 1032 HTTP ( UnsignedFile.Multi.Generic ) - warning
19:56:22.0358 1032 HTTP - detected UnsignedFile.Multi.Generic (1)
19:56:22.0373 1032 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:56:22.0373 1032 i2omp - ok
19:56:22.0420 1032 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:56:22.0451 1032 i8042prt ( UnsignedFile.Multi.Generic ) - warning
19:56:22.0451 1032 i8042prt - detected UnsignedFile.Multi.Generic (1)
19:56:22.0529 1032 [ 7B96206E4BDD2FE582F0DBC46F5F410E ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:56:22.0545 1032 IAANTMON - ok
19:56:22.0607 1032 [ 07FB761600EFF44AF02C35B8B57E5863 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:56:22.0623 1032 iaStor - ok
19:56:22.0654 1032 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:56:22.0670 1032 iaStorV - ok
19:56:22.0716 1032 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:22.0748 1032 idsvc - ok
19:56:22.0950 1032 [ F7AB8285BBECFAA5ED4050CCB89E073D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:56:23.0262 1032 igfx ( UnsignedFile.Multi.Generic ) - warning
19:56:23.0262 1032 igfx - detected UnsignedFile.Multi.Generic (1)
19:56:23.0309 1032 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:56:23.0325 1032 iirsp - ok
19:56:23.0356 1032 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
19:56:23.0387 1032 IKEEXT ( UnsignedFile.Multi.Generic ) - warning
19:56:23.0387 1032 IKEEXT - detected UnsignedFile.Multi.Generic (1)
19:56:23.0418 1032 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
19:56:23.0434 1032 intelide - ok
19:56:23.0450 1032 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:56:23.0465 1032 intelppm ( UnsignedFile.Multi.Generic ) - warning
19:56:23.0465 1032 intelppm - detected UnsignedFile.Multi.Generic (1)
19:56:23.0512 1032 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:56:23.0528 1032 IPBusEnum ( UnsignedFile.Multi.Generic ) - warning
19:56:23.0528 1032 IPBusEnum - detected UnsignedFile.Multi.Generic (1)
19:56:23.0559 1032 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:23.0574 1032 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
19:56:23.0574 1032 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
19:56:23.0621 1032 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:56:23.0637 1032 iphlpsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:23.0637 1032 iphlpsvc - detected UnsignedFile.Multi.Generic (1)
19:56:23.0637 1032 IpInIp - ok
19:56:23.0652 1032 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:56:23.0668 1032 IPMIDRV ( UnsignedFile.Multi.Generic ) - warning
19:56:23.0668 1032 IPMIDRV - detected UnsignedFile.Multi.Generic (1)
19:56:23.0684 1032 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:56:23.0699 1032 IPNAT ( UnsignedFile.Multi.Generic ) - warning
19:56:23.0699 1032 IPNAT - detected UnsignedFile.Multi.Generic (1)
19:56:23.0762 1032 [ 9EFDBFA57A5876618D8CA31F5806CDED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:56:23.0777 1032 iPod Service - ok
19:56:23.0793 1032 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:56:23.0808 1032 IRENUM ( UnsignedFile.Multi.Generic ) - warning
19:56:23.0808 1032 IRENUM - detected UnsignedFile.Multi.Generic (1)
19:56:23.0855 1032 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:56:23.0871 1032 isapnp - ok
19:56:23.0918 1032 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:56:23.0933 1032 iScsiPrt - ok
19:56:23.0949 1032 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:56:23.0949 1032 iteatapi - ok
19:56:23.0980 1032 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:56:23.0980 1032 iteraid - ok
19:56:24.0027 1032 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:24.0042 1032 kbdclass - ok
19:56:24.0089 1032 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:56:24.0105 1032 kbdhid ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0105 1032 kbdhid - detected UnsignedFile.Multi.Generic (1)
19:56:24.0136 1032 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
19:56:24.0152 1032 KeyIso ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0152 1032 KeyIso - detected UnsignedFile.Multi.Generic (1)
19:56:24.0183 1032 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:56:24.0214 1032 KSecDD - ok
19:56:24.0214 1032 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:56:24.0230 1032 ksthunk ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0230 1032 ksthunk - detected UnsignedFile.Multi.Generic (1)
19:56:24.0308 1032 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
19:56:24.0323 1032 KtmRm ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0323 1032 KtmRm - detected UnsignedFile.Multi.Generic (1)
19:56:24.0370 1032 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:56:24.0417 1032 LanmanServer ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0417 1032 LanmanServer - detected UnsignedFile.Multi.Generic (1)
19:56:24.0479 1032 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:24.0510 1032 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0510 1032 LanmanWorkstation - detected UnsignedFile.Multi.Generic (1)
19:56:24.0542 1032 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:56:24.0557 1032 lltdio ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0557 1032 lltdio - detected UnsignedFile.Multi.Generic (1)
19:56:24.0588 1032 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:56:24.0604 1032 lltdsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0604 1032 lltdsvc - detected UnsignedFile.Multi.Generic (1)
19:56:24.0635 1032 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:56:24.0651 1032 lmhosts ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0651 1032 lmhosts - detected UnsignedFile.Multi.Generic (1)
19:56:24.0682 1032 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:56:24.0698 1032 LSI_FC - ok
19:56:24.0713 1032 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:56:24.0729 1032 LSI_SAS - ok
19:56:24.0791 1032 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:56:24.0791 1032 LSI_SCSI - ok
19:56:24.0838 1032 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
19:56:24.0869 1032 luafv ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0869 1032 luafv - detected UnsignedFile.Multi.Generic (1)
19:56:24.0916 1032 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:56:24.0932 1032 Mcx2Svc ( UnsignedFile.Multi.Generic ) - warning
19:56:24.0932 1032 Mcx2Svc - detected UnsignedFile.Multi.Generic (1)
19:56:24.0963 1032 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
19:56:24.0963 1032 megasas - ok
19:56:25.0010 1032 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:56:25.0025 1032 MegaSR - ok
19:56:25.0088 1032 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
19:56:25.0103 1032 MMCSS ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0103 1032 MMCSS - detected UnsignedFile.Multi.Generic (1)
19:56:25.0119 1032 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
19:56:25.0134 1032 Modem ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0134 1032 Modem - detected UnsignedFile.Multi.Generic (1)
19:56:25.0181 1032 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:56:25.0197 1032 monitor ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0197 1032 monitor - detected UnsignedFile.Multi.Generic (1)
19:56:25.0212 1032 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:56:25.0228 1032 mouclass - ok
19:56:25.0244 1032 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:56:25.0259 1032 mouhid ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0259 1032 mouhid - detected UnsignedFile.Multi.Generic (1)
19:56:25.0275 1032 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:56:25.0290 1032 MountMgr - ok
19:56:25.0337 1032 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:56:25.0353 1032 MozillaMaintenance - ok
19:56:25.0384 1032 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
19:56:25.0400 1032 mpio - ok
19:56:25.0415 1032 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:56:25.0431 1032 mpsdrv ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0431 1032 mpsdrv - detected UnsignedFile.Multi.Generic (1)
19:56:25.0478 1032 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
19:56:25.0509 1032 MpsSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0509 1032 MpsSvc - detected UnsignedFile.Multi.Generic (1)
19:56:25.0524 1032 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:56:25.0524 1032 Mraid35x - ok
19:56:25.0571 1032 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:56:25.0587 1032 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0587 1032 MRxDAV - detected UnsignedFile.Multi.Generic (1)
19:56:25.0618 1032 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:25.0634 1032 mrxsmb ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0634 1032 mrxsmb - detected UnsignedFile.Multi.Generic (1)
19:56:25.0680 1032 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:25.0696 1032 mrxsmb10 ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0696 1032 mrxsmb10 - detected UnsignedFile.Multi.Generic (1)
19:56:25.0696 1032 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:25.0712 1032 mrxsmb20 ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0712 1032 mrxsmb20 - detected UnsignedFile.Multi.Generic (1)
19:56:25.0758 1032 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
19:56:25.0774 1032 msahci - ok
19:56:25.0805 1032 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:56:25.0821 1032 msdsm - ok
19:56:25.0852 1032 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
19:56:25.0868 1032 MSDTC ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0868 1032 MSDTC - detected UnsignedFile.Multi.Generic (1)
19:56:25.0899 1032 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:56:25.0914 1032 Msfs ( UnsignedFile.Multi.Generic ) - warning
19:56:25.0914 1032 Msfs - detected UnsignedFile.Multi.Generic (1)
19:56:25.0946 1032 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:56:25.0961 1032 msisadrv - ok
19:56:25.0992 1032 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:56:26.0008 1032 MSiSCSI ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0008 1032 MSiSCSI - detected UnsignedFile.Multi.Generic (1)
19:56:26.0008 1032 msiserver - ok
19:56:26.0024 1032 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:56:26.0039 1032 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0039 1032 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
19:56:26.0070 1032 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:26.0086 1032 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0086 1032 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
19:56:26.0086 1032 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:56:26.0102 1032 MSPQM ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0102 1032 MSPQM - detected UnsignedFile.Multi.Generic (1)
19:56:26.0148 1032 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:56:26.0164 1032 MsRPC - ok
19:56:26.0195 1032 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:56:26.0195 1032 mssmbios - ok
19:56:26.0226 1032 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:56:26.0242 1032 MSTEE ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0242 1032 MSTEE - detected UnsignedFile.Multi.Generic (1)
19:56:26.0258 1032 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
19:56:26.0273 1032 Mup - ok
19:56:26.0304 1032 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
19:56:26.0336 1032 napagent ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0336 1032 napagent - detected UnsignedFile.Multi.Generic (1)
19:56:26.0382 1032 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:56:26.0398 1032 NativeWifiP ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0398 1032 NativeWifiP - detected UnsignedFile.Multi.Generic (1)
19:56:26.0445 1032 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:56:26.0476 1032 NDIS - ok
19:56:26.0507 1032 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:26.0523 1032 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0523 1032 NdisTapi - detected UnsignedFile.Multi.Generic (1)
19:56:26.0538 1032 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:26.0554 1032 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0554 1032 Ndisuio - detected UnsignedFile.Multi.Generic (1)
19:56:26.0601 1032 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:26.0632 1032 NdisWan ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0632 1032 NdisWan - detected UnsignedFile.Multi.Generic (1)
19:56:26.0632 1032 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:56:26.0648 1032 NDProxy ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0648 1032 NDProxy - detected UnsignedFile.Multi.Generic (1)
19:56:26.0663 1032 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:56:26.0679 1032 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0679 1032 NetBIOS - detected UnsignedFile.Multi.Generic (1)
19:56:26.0726 1032 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:56:26.0741 1032 netbt ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0741 1032 netbt - detected UnsignedFile.Multi.Generic (1)
19:56:26.0757 1032 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
19:56:26.0772 1032 Netlogon ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0772 1032 Netlogon - detected UnsignedFile.Multi.Generic (1)
19:56:26.0804 1032 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
19:56:26.0819 1032 Netman ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0819 1032 Netman - detected UnsignedFile.Multi.Generic (1)
19:56:26.0866 1032 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
19:56:26.0882 1032 netprofm ( UnsignedFile.Multi.Generic ) - warning
19:56:26.0882 1032 netprofm - detected UnsignedFile.Multi.Generic (1)
19:56:26.0913 1032 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:56:26.0928 1032 NetTcpPortSharing - ok
19:56:26.0975 1032 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:56:26.0975 1032 nfrd960 - ok
19:56:26.0991 1032 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
19:56:27.0006 1032 NlaSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0006 1032 NlaSvc - detected UnsignedFile.Multi.Generic (1)
19:56:27.0053 1032 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:56:27.0069 1032 Npfs ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0069 1032 Npfs - detected UnsignedFile.Multi.Generic (1)
19:56:27.0100 1032 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
19:56:27.0116 1032 nsi ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0116 1032 nsi - detected UnsignedFile.Multi.Generic (1)
19:56:27.0131 1032 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:56:27.0147 1032 nsiproxy ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0147 1032 nsiproxy - detected UnsignedFile.Multi.Generic (1)
19:56:27.0209 1032 [ E127420B7FEB65C7F279EAAC183BBC0E ] NSL C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
19:56:27.0240 1032 NSL - ok
19:56:27.0303 1032 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:56:27.0350 1032 Ntfs - ok
19:56:27.0396 1032 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
19:56:27.0412 1032 Null ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0412 1032 Null - detected UnsignedFile.Multi.Generic (1)
19:56:27.0443 1032 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:56:27.0459 1032 nvraid - ok
19:56:27.0459 1032 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:56:27.0474 1032 nvstor - ok
19:56:27.0490 1032 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:56:27.0506 1032 nv_agp - ok
19:56:27.0506 1032 NwlnkFlt - ok
19:56:27.0521 1032 NwlnkFwd - ok
19:56:27.0568 1032 [ 404B0121AE1A75D9A63B6934EB07C258 ] OA009Ufd C:\Windows\system32\DRIVERS\OA009Ufd.sys
19:56:27.0584 1032 OA009Ufd ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0584 1032 OA009Ufd - detected UnsignedFile.Multi.Generic (1)
19:56:27.0599 1032 [ D460884EB05B90D06B35A1DBC31928DF ] OA009Vid C:\Windows\system32\DRIVERS\OA009Vid.sys
19:56:27.0615 1032 OA009Vid ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0615 1032 OA009Vid - detected UnsignedFile.Multi.Generic (1)
19:56:27.0708 1032 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:56:27.0724 1032 odserv - ok
19:56:27.0755 1032 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:56:27.0771 1032 ohci1394 ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0771 1032 ohci1394 - detected UnsignedFile.Multi.Generic (1)
19:56:27.0802 1032 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:56:27.0818 1032 ose - ok
19:56:27.0880 1032 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:56:27.0896 1032 p2pimsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0896 1032 p2pimsvc - detected UnsignedFile.Multi.Generic (1)
19:56:27.0911 1032 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
19:56:27.0942 1032 p2psvc ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0942 1032 p2psvc - detected UnsignedFile.Multi.Generic (1)
19:56:27.0974 1032 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
19:56:27.0989 1032 Parport ( UnsignedFile.Multi.Generic ) - warning
19:56:27.0989 1032 Parport - detected UnsignedFile.Multi.Generic (1)
19:56:28.0036 1032 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:56:28.0036 1032 partmgr - ok
19:56:28.0083 1032 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
19:56:28.0098 1032 PcaSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0098 1032 PcaSvc - detected UnsignedFile.Multi.Generic (1)
19:56:28.0130 1032 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
19:56:28.0145 1032 pci - ok
19:56:28.0176 1032 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
19:56:28.0192 1032 pciide - ok
19:56:28.0223 1032 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:56:28.0223 1032 pcmcia - ok
19:56:28.0270 1032 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:56:28.0301 1032 PEAUTH ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0301 1032 PEAUTH - detected UnsignedFile.Multi.Generic (1)
19:56:28.0364 1032 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:56:28.0410 1032 PerfHost ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0410 1032 PerfHost - detected UnsignedFile.Multi.Generic (1)
19:56:28.0488 1032 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
19:56:28.0520 1032 pla ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0520 1032 pla - detected UnsignedFile.Multi.Generic (1)
19:56:28.0566 1032 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:56:28.0582 1032 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0582 1032 PlugPlay - detected UnsignedFile.Multi.Generic (1)
19:56:28.0613 1032 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:56:28.0644 1032 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0644 1032 PNRPAutoReg - detected UnsignedFile.Multi.Generic (1)
19:56:28.0660 1032 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:56:28.0691 1032 PNRPsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0691 1032 PNRPsvc - detected UnsignedFile.Multi.Generic (1)
19:56:28.0722 1032 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:56:28.0754 1032 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0754 1032 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
19:56:28.0816 1032 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:56:28.0832 1032 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0832 1032 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
19:56:28.0863 1032 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
19:56:28.0878 1032 Processor ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0878 1032 Processor - detected UnsignedFile.Multi.Generic (1)
19:56:28.0925 1032 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
19:56:28.0941 1032 ProfSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0941 1032 ProfSvc - detected UnsignedFile.Multi.Generic (1)
19:56:28.0956 1032 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:28.0972 1032 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
19:56:28.0972 1032 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
19:56:29.0019 1032 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:56:29.0034 1032 PSched ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0034 1032 PSched - detected UnsignedFile.Multi.Generic (1)
19:56:29.0066 1032 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:56:29.0112 1032 ql2300 - ok
19:56:29.0144 1032 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:56:29.0159 1032 ql40xx - ok
19:56:29.0206 1032 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
19:56:29.0222 1032 QWAVE ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0222 1032 QWAVE - detected UnsignedFile.Multi.Generic (1)
19:56:29.0237 1032 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:56:29.0253 1032 QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0253 1032 QWAVEdrv - detected UnsignedFile.Multi.Generic (1)
19:56:29.0268 1032 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:56:29.0284 1032 RasAcd ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0284 1032 RasAcd - detected UnsignedFile.Multi.Generic (1)
19:56:29.0300 1032 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
19:56:29.0315 1032 RasAuto ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0315 1032 RasAuto - detected UnsignedFile.Multi.Generic (1)
19:56:29.0362 1032 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:29.0378 1032 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0378 1032 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
19:56:29.0393 1032 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
19:56:29.0409 1032 RasMan ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0409 1032 RasMan - detected UnsignedFile.Multi.Generic (1)
19:56:29.0440 1032 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:29.0456 1032 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0456 1032 RasPppoe - detected UnsignedFile.Multi.Generic (1)
19:56:29.0502 1032 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:56:29.0518 1032 RasSstp ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0518 1032 RasSstp - detected UnsignedFile.Multi.Generic (1)
19:56:29.0565 1032 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:56:29.0580 1032 rdbss ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0580 1032 rdbss - detected UnsignedFile.Multi.Generic (1)
19:56:29.0627 1032 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:29.0643 1032 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0643 1032 RDPCDD - detected UnsignedFile.Multi.Generic (1)
19:56:29.0658 1032 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:56:29.0690 1032 rdpdr ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0690 1032 rdpdr - detected UnsignedFile.Multi.Generic (1)
19:56:29.0690 1032 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:56:29.0705 1032 RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0705 1032 RDPENCDD - detected UnsignedFile.Multi.Generic (1)
19:56:29.0736 1032 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:56:29.0783 1032 RDPWD ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0783 1032 RDPWD - detected UnsignedFile.Multi.Generic (1)
19:56:29.0861 1032 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:56:29.0877 1032 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0877 1032 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
19:56:29.0908 1032 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:56:29.0924 1032 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0924 1032 RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
19:56:29.0970 1032 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
19:56:29.0986 1032 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
19:56:29.0986 1032 RpcLocator - detected UnsignedFile.Multi.Generic (1)
19:56:30.0002 1032 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
19:56:30.0033 1032 RpcSs ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0033 1032 RpcSs - detected UnsignedFile.Multi.Generic (1)
19:56:30.0080 1032 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:56:30.0095 1032 rspndr ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0095 1032 rspndr - detected UnsignedFile.Multi.Generic (1)
19:56:30.0126 1032 [ 39E74E264338934DBF11F8DB79A3E116 ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
19:56:30.0142 1032 RTSTOR ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0142 1032 RTSTOR - detected UnsignedFile.Multi.Generic (1)
19:56:30.0158 1032 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
19:56:30.0173 1032 SamSs ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0173 1032 SamSs - detected UnsignedFile.Multi.Generic (1)
19:56:30.0204 1032 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:56:30.0204 1032 sbp2port - ok
19:56:30.0251 1032 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:56:30.0267 1032 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0267 1032 SCardSvr - detected UnsignedFile.Multi.Generic (1)
19:56:30.0314 1032 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
19:56:30.0345 1032 Schedule ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0345 1032 Schedule - detected UnsignedFile.Multi.Generic (1)
19:56:30.0376 1032 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:56:30.0392 1032 SCPolicySvc ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0392 1032 SCPolicySvc - detected UnsignedFile.Multi.Generic (1)
19:56:30.0423 1032 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:56:30.0438 1032 SDRSVC ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0438 1032 SDRSVC - detected UnsignedFile.Multi.Generic (1)
19:56:30.0470 1032 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:56:30.0485 1032 secdrv ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0485 1032 secdrv - detected UnsignedFile.Multi.Generic (1)
19:56:30.0501 1032 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
19:56:30.0516 1032 seclogon ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0516 1032 seclogon - detected UnsignedFile.Multi.Generic (1)
19:56:30.0532 1032 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
19:56:30.0548 1032 SENS ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0548 1032 SENS - detected UnsignedFile.Multi.Generic (1)
19:56:30.0563 1032 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:56:30.0579 1032 Serenum ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0579 1032 Serenum - detected UnsignedFile.Multi.Generic (1)
19:56:30.0610 1032 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
19:56:30.0626 1032 Serial ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0626 1032 Serial - detected UnsignedFile.Multi.Generic (1)
19:56:30.0626 1032 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:56:30.0657 1032 sermouse ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0657 1032 sermouse - detected UnsignedFile.Multi.Generic (1)
19:56:30.0672 1032 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
19:56:30.0688 1032 SessionEnv ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0688 1032 SessionEnv - detected UnsignedFile.Multi.Generic (1)
19:56:30.0704 1032 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:56:30.0719 1032 sffdisk ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0719 1032 sffdisk - detected UnsignedFile.Multi.Generic (1)
19:56:30.0735 1032 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:56:30.0750 1032 sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0750 1032 sffp_mmc - detected UnsignedFile.Multi.Generic (1)
19:56:30.0766 1032 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:56:30.0782 1032 sffp_sd ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0782 1032 sffp_sd - detected UnsignedFile.Multi.Generic (1)
19:56:30.0782 1032 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:56:30.0813 1032 sfloppy ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0813 1032 sfloppy - detected UnsignedFile.Multi.Generic (1)
19:56:30.0860 1032 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:56:30.0875 1032 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0875 1032 SharedAccess - detected UnsignedFile.Multi.Generic (1)
19:56:30.0922 1032 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:30.0938 1032 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
19:56:30.0938 1032 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
19:56:30.0953 1032 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:56:30.0969 1032 SiSRaid2 - ok
19:56:30.0984 1032 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:56:31.0000 1032 SiSRaid4 - ok
19:56:31.0078 1032 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:56:31.0078 1032 SkypeUpdate - ok
19:56:31.0156 1032 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
19:56:31.0218 1032 slsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0218 1032 slsvc - detected UnsignedFile.Multi.Generic (1)
19:56:31.0265 1032 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:56:31.0296 1032 SLUINotify ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0296 1032 SLUINotify - detected UnsignedFile.Multi.Generic (1)
19:56:31.0328 1032 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:56:31.0343 1032 Smb ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0343 1032 Smb - detected UnsignedFile.Multi.Generic (1)
19:56:31.0390 1032 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:56:31.0406 1032 SNMPTRAP ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0406 1032 SNMPTRAP - detected UnsignedFile.Multi.Generic (1)
19:56:31.0468 1032 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
19:56:31.0468 1032 spldr - ok
19:56:31.0515 1032 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
19:56:31.0530 1032 Spooler ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0530 1032 Spooler - detected UnsignedFile.Multi.Generic (1)
19:56:31.0593 1032 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
19:56:31.0624 1032 srv ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0624 1032 srv - detected UnsignedFile.Multi.Generic (1)
19:56:31.0655 1032 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:56:31.0686 1032 srv2 ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0686 1032 srv2 - detected UnsignedFile.Multi.Generic (1)
19:56:31.0733 1032 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:56:31.0749 1032 srvnet ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0749 1032 srvnet - detected UnsignedFile.Multi.Generic (1)
19:56:31.0796 1032 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:56:31.0811 1032 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0811 1032 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
19:56:31.0827 1032 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:56:31.0842 1032 SstpSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0842 1032 SstpSvc - detected UnsignedFile.Multi.Generic (1)
19:56:31.0936 1032 [ 5697FB5DCF36ADA09C153378E88AE6AD ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_54cb4575\STacSV64.exe
19:56:31.0952 1032 STacSV ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0952 1032 STacSV - detected UnsignedFile.Multi.Generic (1)
19:56:31.0983 1032 [ F3F6C17F70EBA268CDBE4F9704E3EAC5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
19:56:31.0998 1032 STHDA ( UnsignedFile.Multi.Generic ) - warning
19:56:31.0998 1032 STHDA - detected UnsignedFile.Multi.Generic (1)
19:56:32.0045 1032 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
19:56:32.0076 1032 stisvc ( UnsignedFile.Multi.Generic ) - warning
19:56:32.0076 1032 stisvc - detected UnsignedFile.Multi.Generic (1)
19:56:32.0108 1032 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:56:32.0108 1032 swenum - ok
19:56:32.0154 1032 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
19:56:32.0186 1032 swprv ( UnsignedFile.Multi.Generic ) - warning
19:56:32.0186 1032 swprv - detected UnsignedFile.Multi.Generic (1)
19:56:32.0201 1032 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:56:32.0217 1032 Symc8xx - ok
19:56:32.0232 1032 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:56:32.0232 1032 Sym_hi - ok
19:56:32.0264 1032 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:56:32.0264 1032 Sym_u3 - ok
19:56:32.0326 1032 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
19:56:32.0357 1032 SysMain ( UnsignedFile.Multi.Generic ) - warning
19:56:32.0357 1032 SysMain - detected UnsignedFile.Multi.Generic (1)
19:56:32.0388 1032 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:32.0404 1032 TabletInputService ( UnsignedFile.Multi.Generic ) - warning
19:56:32.0404 1032 TabletInputService - detected UnsignedFile.Multi.Generic (1)
19:56:32.0466 1032 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:56:32.0482 1032 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
19:56:32.0482 1032 TapiSrv - detected UnsignedFile.Multi.Generic (1)
19:56:32.0529 1032 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
19:56:32.0544 1032 TBS ( UnsignedFile.Multi.Generic ) - warning
19:56:32.0544 1032 TBS - detected UnsignedFile.Multi.Generic (1)
19:56:32.0591 1032 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:56:32.0638 1032 Tcpip - ok
19:56:32.0654 1032 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:56:32.0685 1032 Tcpip6 - ok
19:56:32.0732 1032 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:56:32.0747 1032 tcpipreg ( UnsignedFile.Multi.Generic ) - warning
19:56:32.0747 1032 tcpipreg - detected UnsignedFile.Multi.Generic (1)
19:56:32.0810 1032 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:56:32.0825 1032 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
19:56:32.0825 1032 TDPIPE - detected UnsignedFile.Multi.Generic (1)
19:56:32.0825 1032 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:56:32.0841 1032 TDTCP ( UnsignedFile.Multi.Generic ) - warning
19:56:32.0841 1032 TDTCP - detected UnsignedFile.Multi.Generic (1)
19:56:32.0888 1032 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:56:32.0903 1032 tdx ( UnsignedFile.Multi.Generic ) - warning
19:56:32.0903 1032 tdx - detected UnsignedFile.Multi.Generic (1)
19:56:32.0934 1032 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:56:32.0950 1032 TermDD - ok
19:56:32.0981 1032 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
19:56:32.0997 1032 TermService ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0012 1032 TermService - detected UnsignedFile.Multi.Generic (1)
19:56:33.0028 1032 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
19:56:33.0044 1032 Themes ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0044 1032 Themes - detected UnsignedFile.Multi.Generic (1)
19:56:33.0075 1032 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
19:56:33.0090 1032 THREADORDER ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0090 1032 THREADORDER - detected UnsignedFile.Multi.Generic (1)
19:56:33.0137 1032 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
19:56:33.0153 1032 TrkWks ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0153 1032 TrkWks - detected UnsignedFile.Multi.Generic (1)
19:56:33.0215 1032 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:33.0231 1032 TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0231 1032 TrustedInstaller - detected UnsignedFile.Multi.Generic (1)
19:56:33.0293 1032 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:33.0309 1032 tssecsrv ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0309 1032 tssecsrv - detected UnsignedFile.Multi.Generic (1)
19:56:33.0324 1032 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:56:33.0340 1032 tunmp ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0340 1032 tunmp - detected UnsignedFile.Multi.Generic (1)
19:56:33.0387 1032 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:56:33.0402 1032 tunnel ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0402 1032 tunnel - detected UnsignedFile.Multi.Generic (1)
19:56:33.0418 1032 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:56:33.0418 1032 uagp35 - ok
19:56:33.0465 1032 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:56:33.0496 1032 udfs ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0496 1032 udfs - detected UnsignedFile.Multi.Generic (1)
19:56:33.0527 1032 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:56:33.0543 1032 UI0Detect ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0543 1032 UI0Detect - detected UnsignedFile.Multi.Generic (1)
19:56:33.0574 1032 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:56:33.0574 1032 uliagpkx - ok
19:56:33.0605 1032 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:56:33.0621 1032 uliahci - ok
19:56:33.0636 1032 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:56:33.0636 1032 UlSata - ok
19:56:33.0668 1032 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:56:33.0683 1032 ulsata2 - ok
19:56:33.0699 1032 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:56:33.0714 1032 umbus ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0714 1032 umbus - detected UnsignedFile.Multi.Generic (1)
19:56:33.0746 1032 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
19:56:33.0777 1032 upnphost ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0777 1032 upnphost - detected UnsignedFile.Multi.Generic (1)
19:56:33.0808 1032 [ 9E58997A211C8C9AC9E6CFFA53614A73 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:56:33.0824 1032 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0824 1032 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
19:56:33.0870 1032 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:33.0886 1032 usbccgp ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0886 1032 usbccgp - detected UnsignedFile.Multi.Generic (1)
19:56:33.0902 1032 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:56:33.0917 1032 usbcir ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0917 1032 usbcir - detected UnsignedFile.Multi.Generic (1)
19:56:33.0964 1032 [ B1C7EDB07F61BDEE587831B440FC7656 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:56:33.0980 1032 usbehci ( UnsignedFile.Multi.Generic ) - warning
19:56:33.0980 1032 usbehci - detected UnsignedFile.Multi.Generic (1)
19:56:33.0995 1032 [ 697C45D6CEA9AD978F90636BE7C93229 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:56:34.0011 1032 usbhub ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0011 1032 usbhub - detected UnsignedFile.Multi.Generic (1)
19:56:34.0042 1032 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:56:34.0058 1032 usbohci ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0058 1032 usbohci - detected UnsignedFile.Multi.Generic (1)
19:56:34.0073 1032 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:56:34.0089 1032 usbprint ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0089 1032 usbprint - detected UnsignedFile.Multi.Generic (1)
19:56:34.0136 1032 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:56:34.0167 1032 usbscan ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0167 1032 usbscan - detected UnsignedFile.Multi.Generic (1)
19:56:34.0198 1032 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:34.0214 1032 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0214 1032 USBSTOR - detected UnsignedFile.Multi.Generic (1)
19:56:34.0229 1032 [ C8D88A2A3587A8424B4B17A6F7EB67FA ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:56:34.0245 1032 usbuhci ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0245 1032 usbuhci - detected UnsignedFile.Multi.Generic (1)
19:56:34.0276 1032 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:56:34.0292 1032 usbvideo ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0292 1032 usbvideo - detected UnsignedFile.Multi.Generic (1)
19:56:34.0338 1032 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
19:56:34.0354 1032 UxSms ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0354 1032 UxSms - detected UnsignedFile.Multi.Generic (1)
19:56:34.0385 1032 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
19:56:34.0416 1032 vds ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0416 1032 vds - detected UnsignedFile.Multi.Generic (1)
19:56:34.0463 1032 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:34.0479 1032 vga ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0479 1032 vga - detected UnsignedFile.Multi.Generic (1)
19:56:34.0494 1032 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:56:34.0510 1032 VgaSave ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0510 1032 VgaSave - detected UnsignedFile.Multi.Generic (1)
19:56:34.0541 1032 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
19:56:34.0541 1032 viaide - ok
19:56:34.0572 1032 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:56:34.0572 1032 volmgr - ok
19:56:34.0619 1032 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:56:34.0635 1032 volmgrx - ok
19:56:34.0682 1032 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:56:34.0697 1032 volsnap - ok
19:56:34.0728 1032 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:56:34.0744 1032 vsmraid - ok
19:56:34.0822 1032 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
19:56:34.0900 1032 VSS ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0900 1032 VSS - detected UnsignedFile.Multi.Generic (1)
19:56:34.0962 1032 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
19:56:34.0978 1032 W32Time ( UnsignedFile.Multi.Generic ) - warning
19:56:34.0978 1032 W32Time - detected UnsignedFile.Multi.Generic (1)
19:56:35.0009 1032 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:56:35.0025 1032 WacomPen ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0025 1032 WacomPen - detected UnsignedFile.Multi.Generic (1)
19:56:35.0103 1032 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:56:35.0118 1032 Wanarp ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0118 1032 Wanarp - detected UnsignedFile.Multi.Generic (1)
19:56:35.0134 1032 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:56:35.0150 1032 Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0150 1032 Wanarpv6 - detected UnsignedFile.Multi.Generic (1)
19:56:35.0181 1032 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:56:35.0212 1032 wcncsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0212 1032 wcncsvc - detected UnsignedFile.Multi.Generic (1)
19:56:35.0243 1032 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:35.0259 1032 WcsPlugInService ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0259 1032 WcsPlugInService - detected UnsignedFile.Multi.Generic (1)
19:56:35.0290 1032 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
19:56:35.0290 1032 Wd - ok
19:56:35.0321 1032 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:56:35.0352 1032 Wdf01000 - ok
19:56:35.0368 1032 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:56:35.0384 1032 WdiServiceHost ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0384 1032 WdiServiceHost - detected UnsignedFile.Multi.Generic (1)
19:56:35.0384 1032 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:56:35.0399 1032 WdiSystemHost ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0399 1032 WdiSystemHost - detected UnsignedFile.Multi.Generic (1)
19:56:35.0462 1032 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
19:56:35.0477 1032 WebClient ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0477 1032 WebClient - detected UnsignedFile.Multi.Generic (1)
19:56:35.0508 1032 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:56:35.0540 1032 Wecsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0540 1032 Wecsvc - detected UnsignedFile.Multi.Generic (1)
19:56:35.0555 1032 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:56:35.0571 1032 wercplsupport ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0571 1032 wercplsupport - detected UnsignedFile.Multi.Generic (1)
19:56:35.0586 1032 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
19:56:35.0618 1032 WerSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0618 1032 WerSvc - detected UnsignedFile.Multi.Generic (1)
19:56:35.0633 1032 WinDefend - ok
19:56:35.0633 1032 WinHttpAutoProxySvc - ok
19:56:35.0711 1032 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:56:35.0727 1032 Winmgmt ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0727 1032 Winmgmt - detected UnsignedFile.Multi.Generic (1)
19:56:35.0789 1032 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
19:56:35.0852 1032 WinRM ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0852 1032 WinRM - detected UnsignedFile.Multi.Generic (1)
19:56:35.0898 1032 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:56:35.0914 1032 Wlansvc ( UnsignedFile.Multi.Generic ) - warning
19:56:35.0914 1032 Wlansvc - detected UnsignedFile.Multi.Generic (1)
19:56:36.0008 1032 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:56:36.0023 1032 wlcrasvc - ok
19:56:36.0086 1032 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:56:36.0148 1032 wlidsvc - ok
19:56:36.0164 1032 wltrysvc - ok
19:56:36.0195 1032 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:56:36.0210 1032 WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
19:56:36.0210 1032 WmiAcpi - detected UnsignedFile.Multi.Generic (1)
19:56:36.0257 1032 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:56:36.0273 1032 wmiApSrv ( UnsignedFile.Multi.Generic ) - warning
19:56:36.0273 1032 wmiApSrv - detected UnsignedFile.Multi.Generic (1)
19:56:36.0304 1032 WMPNetworkSvc - ok
19:56:36.0335 1032 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:56:36.0366 1032 WPCSvc ( UnsignedFile.Multi.Generic ) - warning
19:56:36.0366 1032 WPCSvc - detected UnsignedFile.Multi.Generic (1)
19:56:36.0398 1032 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:56:36.0413 1032 WPDBusEnum ( UnsignedFile.Multi.Generic ) - warning
19:56:36.0413 1032 WPDBusEnum - detected UnsignedFile.Multi.Generic (1)
19:56:36.0444 1032 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:56:36.0460 1032 WpdUsb ( UnsignedFile.Multi.Generic ) - warning
19:56:36.0460 1032 WpdUsb - detected UnsignedFile.Multi.Generic (1)
19:56:36.0585 1032 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:56:36.0616 1032 WPFFontCache_v0400 - ok
19:56:36.0663 1032 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:56:36.0678 1032 ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
19:56:36.0678 1032 ws2ifsl - detected UnsignedFile.Multi.Generic (1)
19:56:36.0710 1032 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
19:56:36.0725 1032 wscsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:36.0725 1032 wscsvc - detected UnsignedFile.Multi.Generic (1)
19:56:36.0725 1032 WSearch - ok
19:56:36.0819 1032 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:56:36.0866 1032 wuauserv - ok
19:56:36.0897 1032 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:56:36.0928 1032 WudfPf ( UnsignedFile.Multi.Generic ) - warning
19:56:36.0928 1032 WudfPf - detected UnsignedFile.Multi.Generic (1)
19:56:36.0959 1032 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:56:36.0975 1032 wudfsvc ( UnsignedFile.Multi.Generic ) - warning
19:56:36.0975 1032 wudfsvc - detected UnsignedFile.Multi.Generic (1)
19:56:36.0975 1032 yksvc - ok
19:56:37.0037 1032 [ B681CADB266B151061E7BAA82B0D77B7 ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
19:56:37.0068 1032 yukonx64 ( UnsignedFile.Multi.Generic ) - warning
19:56:37.0068 1032 yukonx64 - detected UnsignedFile.Multi.Generic (1)
19:56:37.0068 1032 ================ Scan global ===============================
19:56:37.0100 1032 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
19:56:37.0146 1032 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
19:56:37.0162 1032 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
19:56:37.0209 1032 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
19:56:37.0209 1032 [Global] - ok
19:56:37.0209 1032 ================ Scan MBR ==================================
19:56:37.0256 1032 [ 9711BF5A8929C6DBE3455A72C790BEF0 ] \Device\Harddisk0\DR0
19:56:37.0256 1032 Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:56:37.0287 1032 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
19:56:37.0287 1032 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
19:56:37.0365 1032 ================ Scan VBR ==================================
19:56:37.0396 1032 [ 6C804858CBD3E5B92DA708C57E05ED5B ] \Device\Harddisk0\DR0\Partition1
19:56:37.0396 1032 \Device\Harddisk0\DR0\Partition1 - ok
19:56:37.0412 1032 [ 8C138B5207D0D7B2CA051F08936EC617 ] \Device\Harddisk0\DR0\Partition2
19:56:37.0412 1032 \Device\Harddisk0\DR0\Partition2 - ok
19:56:37.0412 1032 ================ Scan active images ========================
19:56:37.0412 1032 [ 4F4E1093ADFBAE48544DA6E7CCF09FE4 ] C:\Windows\System32\drivers\crashdmp.sys
19:56:37.0412 1032 C:\Windows\System32\drivers\crashdmp.sys - ok
19:56:37.0427 1032 [ 07FB761600EFF44AF02C35B8B57E5863 ] C:\Windows\System32\drivers\iaStor.sys
19:56:37.0427 1032 C:\Windows\System32\drivers\iaStor.sys - ok
19:56:37.0427 1032 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] C:\Windows\System32\drivers\tunnel.sys
19:56:37.0427 1032 C:\Windows\System32\drivers\tunnel.sys - ok
19:56:37.0427 1032 [ 89EC74A9E602D16A75A4170511029B3C ] C:\Windows\System32\drivers\TUNMP.SYS
19:56:37.0427 1032 C:\Windows\System32\drivers\TUNMP.SYS - ok
19:56:37.0443 1032 [ A141E728353F50795155345291EA7397 ] C:\Windows\System32\drivers\usbport.sys
19:56:37.0443 1032 C:\Windows\System32\drivers\usbport.sys - ok
19:56:37.0443 1032 [ C8D88A2A3587A8424B4B17A6F7EB67FA ] C:\Windows\System32\drivers\usbuhci.sys
19:56:37.0443 1032 C:\Windows\System32\drivers\usbuhci.sys - ok
19:56:37.0443 1032 [ B1C7EDB07F61BDEE587831B440FC7656 ] C:\Windows\System32\drivers\usbehci.sys
19:56:37.0443 1032 C:\Windows\System32\drivers\usbehci.sys - ok
19:56:37.0458 1032 [ F942C5820205F2FB453243EDFEC82A3D ] C:\Windows\System32\drivers\hdaudbus.sys
19:56:37.0458 1032 C:\Windows\System32\drivers\hdaudbus.sys - ok
19:56:37.0458 1032 [ D32F962B71FEE6BDAAEE630BB2C17280 ] C:\Windows\System32\drivers\BCMWL664.SYS
19:56:37.0458 1032 C:\Windows\System32\drivers\BCMWL664.SYS - ok
19:56:37.0474 1032 [ B681CADB266B151061E7BAA82B0D77B7 ] C:\Windows\System32\drivers\yk60x64.sys
19:56:37.0474 1032 C:\Windows\System32\drivers\yk60x64.sys - ok
19:56:37.0474 1032 [ CBB597659A2713CE0C9CC20C88C7591F ] C:\Windows\System32\drivers\i8042prt.sys
19:56:37.0474 1032 C:\Windows\System32\drivers\i8042prt.sys - ok
19:56:37.0490 1032 [ 8C85C812569DF851E7A2159147323DFA ] C:\Windows\System32\drivers\Apfiltr.sys
19:56:37.0490 1032 C:\Windows\System32\drivers\Apfiltr.sys - ok
19:56:37.0490 1032 [ 423696F3BA6472DD17699209B933BC26 ] C:\Windows\System32\drivers\kbdclass.sys
19:56:37.0490 1032 C:\Windows\System32\drivers\kbdclass.sys - ok
19:56:37.0490 1032 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] C:\Windows\System32\drivers\mouclass.sys
19:56:37.0505 1032 C:\Windows\System32\drivers\mouclass.sys - ok
19:56:37.0505 1032 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] C:\Windows\System32\drivers\cdrom.sys
19:56:37.0505 1032 C:\Windows\System32\drivers\cdrom.sys - ok
19:56:37.0505 1032 [ AF4DEE5531395DEE72B35B36C9671FD0 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
19:56:37.0505 1032 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
19:56:37.0521 1032 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] C:\Windows\System32\drivers\wmiacpi.sys
19:56:37.0521 1032 C:\Windows\System32\drivers\wmiacpi.sys - ok
19:56:37.0521 1032 [ F78A39ED87D918058A14F36159DE5BDA ] C:\Windows\System32\drivers\Storport.sys
19:56:37.0521 1032 C:\Windows\System32\drivers\Storport.sys - ok
19:56:37.0536 1032 [ E4FDF99599F27EC25D2CF6D754243520 ] C:\Windows\System32\drivers\msiscsi.sys
19:56:37.0536 1032 C:\Windows\System32\drivers\msiscsi.sys - ok
19:56:37.0536 1032 [ C39A90534C5B1E28B8BC8B38A3900AFF ] C:\Windows\System32\drivers\tdi.sys
19:56:37.0536 1032 C:\Windows\System32\drivers\tdi.sys - ok
19:56:37.0552 1032 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] C:\Windows\System32\drivers\rasl2tp.sys
19:56:37.0552 1032 C:\Windows\System32\drivers\rasl2tp.sys - ok
19:56:37.0552 1032 [ 64DF698A425478E321981431AC171334 ] C:\Windows\System32\drivers\ndistapi.sys
19:56:37.0552 1032 C:\Windows\System32\drivers\ndistapi.sys - ok
19:56:37.0552 1032 [ F8158771905260982CE724076419EF19 ] C:\Windows\System32\drivers\ndiswan.sys
19:56:37.0552 1032 C:\Windows\System32\drivers\ndiswan.sys - ok
19:56:37.0568 1032 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] C:\Windows\System32\drivers\raspppoe.sys
19:56:37.0568 1032 C:\Windows\System32\drivers\raspppoe.sys - ok
19:56:37.0568 1032 [ 23386E9952025F5F21C368971E2E7301 ] C:\Windows\System32\drivers\raspptp.sys
19:56:37.0568 1032 C:\Windows\System32\drivers\raspptp.sys - ok
19:56:37.0583 1032 [ C6A593B51F34C33E5474539544072527 ] C:\Windows\System32\drivers\rassstp.sys
19:56:37.0583 1032 C:\Windows\System32\drivers\rassstp.sys - ok
19:56:37.0583 1032 [ 8C19678D22649EC002EF2282EAE92F98 ] C:\Windows\System32\drivers\termdd.sys
19:56:37.0583 1032 C:\Windows\System32\drivers\termdd.sys - ok
19:56:37.0583 1032 [ 6DF6A6E5642D97B07214B1FBED4A15B3 ] C:\Windows\System32\drivers\ks.sys
19:56:37.0583 1032 C:\Windows\System32\drivers\ks.sys - ok
19:56:37.0599 1032 [ 8A851CA908B8B974F89C50D2E18D4F0C ] C:\Windows\System32\drivers\swenum.sys
19:56:37.0599 1032 C:\Windows\System32\drivers\swenum.sys - ok
19:56:37.0614 1032 [ 855796E59DF77EA93AF46F20155BF55B ] C:\Windows\System32\drivers\mssmbios.sys
19:56:37.0614 1032 C:\Windows\System32\drivers\mssmbios.sys - ok
19:56:37.0614 1032 [ 46E9A994C4FED537DD951F60B86AD3F4 ] C:\Windows\System32\drivers\umbus.sys
19:56:37.0614 1032 C:\Windows\System32\drivers\umbus.sys - ok
19:56:37.0614 1032 [ 697C45D6CEA9AD978F90636BE7C93229 ] C:\Windows\System32\drivers\usbhub.sys
19:56:37.0614 1032 C:\Windows\System32\drivers\usbhub.sys - ok
19:56:37.0630 1032 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] C:\Windows\System32\drivers\ndproxy.sys
19:56:37.0630 1032 C:\Windows\System32\drivers\ndproxy.sys - ok
19:56:37.0630 1032 [ 5779B86CD8B32519FBECB136394D946A ] C:\Windows\System32\drivers\fs_rec.sys
19:56:37.0630 1032 C:\Windows\System32\drivers\fs_rec.sys - ok
19:56:37.0646 1032 [ DD5D684975352B85B52E3FD5347C20CB ] C:\Windows\System32\drivers\null.sys
19:56:37.0646 1032 C:\Windows\System32\drivers\null.sys - ok
19:56:37.0646 1032 [ 9E39134330C18CBAC0F24C1283701D7E ] C:\Windows\System32\drivers\ehdrv.sys
19:56:37.0646 1032 C:\Windows\System32\drivers\ehdrv.sys - ok
19:56:37.0661 1032 [ B83AB16B51FEDA65DD81B8C59D114D63 ] C:\Windows\System32\drivers\vga.sys
19:56:37.0661 1032 C:\Windows\System32\drivers\vga.sys - ok
19:56:37.0661 1032 [ 84F9479F8BD5EF517E98CBBD8D3300F7 ] C:\Windows\System32\drivers\videoprt.sys
19:56:37.0661 1032 C:\Windows\System32\drivers\videoprt.sys - ok
19:56:37.0677 1032 [ 2F956EA22FCCE4C9F15C64175C891A1E ] C:\Windows\System32\drivers\watchdog.sys
19:56:37.0677 1032 C:\Windows\System32\drivers\watchdog.sys - ok
19:56:37.0677 1032 [ CAB9421DAF3D97B33D0D055858E2C3AB ] C:\Windows\System32\drivers\RDPENCDD.sys
19:56:37.0677 1032 C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:56:37.0692 1032 [ 704F59BFC4512D2BB0146AEC31B10A7C ] C:\Windows\System32\drivers\msfs.sys
19:56:37.0692 1032 C:\Windows\System32\drivers\msfs.sys - ok
19:56:37.0692 1032 [ B298874F8E0EA93F06EC40AA8D146478 ] C:\Windows\System32\drivers\npfs.sys
19:56:37.0692 1032 C:\Windows\System32\drivers\npfs.sys - ok
19:56:37.0692 1032 [ 1013B3B663A56D3DDD784F581C1BD005 ] C:\Windows\System32\drivers\rasacd.sys
19:56:37.0692 1032 C:\Windows\System32\drivers\rasacd.sys - ok
19:56:37.0708 1032 [ 458919C8C42E398DC4802178D5FFEE27 ] C:\Windows\System32\drivers\tdx.sys
19:56:37.0708 1032 C:\Windows\System32\drivers\tdx.sys - ok
19:56:37.0708 1032 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] C:\Windows\System32\drivers\smb.sys
19:56:37.0708 1032 C:\Windows\System32\drivers\smb.sys - ok
19:56:37.0708 1032 [ C4F6CE6087760AD70960C9EB130E7943 ] C:\Windows\System32\drivers\afd.sys
19:56:37.0708 1032 C:\Windows\System32\drivers\afd.sys - ok
19:56:37.0724 1032 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] C:\Windows\System32\drivers\netbt.sys
19:56:37.0724 1032 C:\Windows\System32\drivers\netbt.sys - ok
19:56:37.0724 1032 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] C:\Windows\System32\drivers\pacer.sys
19:56:37.0724 1032 C:\Windows\System32\drivers\pacer.sys - ok
19:56:37.0739 1032 [ A499294F5029A7862ADC115BDA7371CE ] C:\Windows\System32\drivers\netbios.sys
19:56:37.0739 1032 C:\Windows\System32\drivers\netbios.sys - ok
19:56:37.0739 1032 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] C:\Windows\System32\drivers\rdbss.sys
19:56:37.0739 1032 C:\Windows\System32\drivers\rdbss.sys - ok
19:56:37.0755 1032 [ 1523AF19EE8B030BA682F7A53537EAEB ] C:\Windows\System32\drivers\nsiproxy.sys
19:56:37.0755 1032 C:\Windows\System32\drivers\nsiproxy.sys - ok
19:56:37.0755 1032 [ 8B722BA35205C71E7951CDC4CDBADE19 ] C:\Windows\System32\drivers\dfsc.sys
19:56:37.0755 1032 C:\Windows\System32\drivers\dfsc.sys - ok
19:56:37.0755 1032 [ 39E74E264338934DBF11F8DB79A3E116 ] C:\Windows\System32\drivers\RTSTOR64.sys
19:56:37.0755 1032 C:\Windows\System32\drivers\RTSTOR64.sys - ok
19:56:37.0770 1032 [ 523E8AEFC33E427D8575BDB57548A8C3 ] C:\Windows\System32\drivers\usbd.sys
19:56:37.0770 1032 C:\Windows\System32\drivers\usbd.sys - ok
19:56:37.0770 1032 [ 784491AA0A781059AA3EC0BCB7AD760A ] C:\Windows\System32\ntdll.dll
19:56:37.0770 1032 C:\Windows\System32\ntdll.dll - ok
19:56:37.0786 1032 [ C17704EA5B0F83D78F1377075FFE1C89 ] C:\Windows\System32\smss.exe
19:56:37.0786 1032 C:\Windows\System32\smss.exe - ok
19:56:37.0786 1032 [ E24D4475713CB382A720D003BDDA9628 ] C:\Windows\System32\autochk.exe
19:56:37.0786 1032 C:\Windows\System32\autochk.exe - ok
19:56:37.0802 1032 [ 07E3498FC60834219D2356293DA0FECC ] C:\Windows\System32\drivers\usbccgp.sys
19:56:37.0802 1032 C:\Windows\System32\drivers\usbccgp.sys - ok
19:56:37.0802 1032 [ 11EAF90B44A9E378CB6F4ECBF2471F60 ] C:\Windows\System32\usp10.dll
19:56:37.0802 1032 C:\Windows\System32\usp10.dll - ok
19:56:37.0802 1032 [ AA09B70F619CBF499EFC22E7A63E3CE6 ] C:\Windows\System32\comdlg32.dll
19:56:37.0802 1032 C:\Windows\System32\comdlg32.dll - ok
19:56:37.0817 1032 [ 2C74308C8A20F3F3A2226DFE36914CBF ] C:\Windows\System32\msvcrt.dll
19:56:37.0817 1032 C:\Windows\System32\msvcrt.dll - ok
19:56:37.0817 1032 [ 533B3BA63E5DB49FC59A842A1DE3121F ] C:\Windows\System32\normaliz.dll
19:56:37.0817 1032 C:\Windows\System32\normaliz.dll - ok
19:56:37.0833 1032 [ 891E1D0DCDE747C8F1EE71E61EA193F5 ] C:\Windows\System32\lpk.dll
19:56:37.0833 1032 C:\Windows\System32\lpk.dll - ok
19:56:37.0833 1032 [ DB310BF331A32FD208CADA64ABA2903A ] C:\Windows\System32\clbcatq.dll
19:56:37.0833 1032 C:\Windows\System32\clbcatq.dll - ok
19:56:37.0833 1032 [ 7CAF51D586DFE475147DFB158BEBB3F8 ] C:\Windows\System32\nsi.dll
19:56:37.0833 1032 C:\Windows\System32\nsi.dll - ok
19:56:37.0848 1032 [ 62C15795629FA290656C6A7E5CD25F52 ] C:\Windows\System32\imm32.dll
19:56:37.0848 1032 C:\Windows\System32\imm32.dll - ok
19:56:37.0848 1032 [ 3B2671CBC989F1B2084290D787DE8499 ] C:\Windows\System32\oleaut32.dll
19:56:37.0848 1032 C:\Windows\System32\oleaut32.dll - ok
19:56:37.0864 1032 [ 0CB93E3F36C4F4122E7CBBAA731F67D1 ] C:\Windows\System32\ole32.dll
19:56:37.0864 1032 C:\Windows\System32\ole32.dll - ok
19:56:37.0864 1032 [ A02EB771DAE80667E3C877CF19E3F6EE ] C:\Windows\System32\kernel32.dll
19:56:37.0864 1032 C:\Windows\System32\kernel32.dll - ok
19:56:37.0880 1032 [ BAB10B35E2D5EE0DC3DE05A177C52C50 ] C:\Windows\System32\ws2_32.dll
19:56:37.0880 1032 C:\Windows\System32\ws2_32.dll - ok
19:56:37.0880 1032 [ 604384D4459F4A68FF88E7C212C43F61 ] C:\Windows\System32\shlwapi.dll
19:56:37.0880 1032 C:\Windows\System32\shlwapi.dll - ok
19:56:37.0880 1032 [ C669ABA2C3298B4B4F252EB6A5AE8964 ] C:\Windows\System32\gdi32.dll
19:56:37.0880 1032 C:\Windows\System32\gdi32.dll - ok
19:56:37.0895 1032 [ 87BEA2616EFDEC6A1CB3BFCFB09D816A ] C:\Windows\System32\urlmon.dll
19:56:37.0895 1032 C:\Windows\System32\urlmon.dll - ok
19:56:37.0895 1032 [ 87CB61DF57FEC0948A26F9E671ADD81A ] C:\Windows\System32\msctf.dll
19:56:37.0895 1032 C:\Windows\System32\msctf.dll - ok
19:56:37.0911 1032 [ 435E9C764E1EF70058580996452BE6A2 ] C:\Windows\System32\wininet.dll
19:56:37.0911 1032 C:\Windows\System32\wininet.dll - ok
19:56:37.0911 1032 [ 8E0189219E941613B1512431604114E0 ] C:\Windows\System32\rpcrt4.dll
19:56:37.0911 1032 C:\Windows\System32\rpcrt4.dll - ok
19:56:37.0926 1032 [ F3F5549E69AE8509342E67E4F972CA1C ] C:\Windows\System32\user32.dll
19:56:37.0926 1032 C:\Windows\System32\user32.dll - ok
19:56:37.0926 1032 [ 09ED5DF1622C759B5EB9C40B89FD310A ] C:\Windows\System32\imagehlp.dll
19:56:37.0926 1032 C:\Windows\System32\imagehlp.dll - ok
19:56:37.0926 1032 [ ADC1964755BB12485A15070A4D4F2697 ] C:\Windows\System32\Wldap32.dll
19:56:37.0926 1032 C:\Windows\System32\Wldap32.dll - ok
19:56:37.0942 1032 [ BE2E23B3DD533B33338D9B3D826574DA ] C:\Windows\System32\setupapi.dll
19:56:37.0942 1032 C:\Windows\System32\setupapi.dll - ok
19:56:37.0942 1032 [ F431C3C86FCCC1C53814F043A6CAD825 ] C:\Windows\System32\iertutil.dll
19:56:37.0942 1032 C:\Windows\System32\iertutil.dll - ok
19:56:37.0958 1032 [ BB8C4784AA400BDC3D51B6ACAA077E96 ] C:\Windows\System32\advapi32.dll
19:56:37.0958 1032 C:\Windows\System32\advapi32.dll - ok
19:56:37.0958 1032 [ 487C3C0927F67331681294B867A4141B ] C:\Windows\System32\shell32.dll
19:56:37.0958 1032 C:\Windows\System32\shell32.dll - ok
19:56:37.0958 1032 [ AEF2D8B0B518A5623FC5F9832F622677 ] C:\Windows\System32\psapi.dll
19:56:37.0958 1032 C:\Windows\System32\psapi.dll - ok
19:56:37.0973 1032 [ 74ABE02BF1937B32C6FC169A782FCF60 ] C:\Windows\System32\comctl32.dll
19:56:37.0973 1032 C:\Windows\System32\comctl32.dll - ok
19:56:37.0973 1032 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\SysWOW64\normaliz.dll
19:56:37.0973 1032 C:\Windows\SysWOW64\normaliz.dll - ok
19:56:37.0989 1032 [ 4C2DC63036D452FDB636D58D8EA7BC90 ] C:\Windows\System32\drivers\dxapi.sys
19:56:37.0989 1032 C:\Windows\System32\drivers\dxapi.sys - ok
19:56:37.0989 1032 [ D11142F49D42679E662F5B97694FA8E3 ] C:\Windows\System32\win32k.sys
19:56:37.0989 1032 C:\Windows\System32\win32k.sys - ok
19:56:38.0004 1032 [ B4ABE68596B173FF2AB2076BC7C35EB4 ] C:\Windows\System32\csrss.exe
19:56:38.0004 1032 C:\Windows\System32\csrss.exe - ok
19:56:38.0004 1032 [ D01E68E878FC8E3D79A1E84308745E82 ] C:\Windows\System32\csrsrv.dll
19:56:38.0004 1032 C:\Windows\System32\csrsrv.dll - ok
19:56:38.0004 1032 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\System32\basesrv.dll
19:56:38.0004 1032 C:\Windows\System32\basesrv.dll - ok
19:56:38.0020 1032 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\System32\winsrv.dll
19:56:38.0020 1032 C:\Windows\System32\winsrv.dll - ok
19:56:38.0020 1032 [ 59E9264A96CA82C5CCFBE14523934104 ] C:\Windows\System32\drivers\dxg.sys
19:56:38.0020 1032 C:\Windows\System32\drivers\dxg.sys - ok
19:56:38.0036 1032 [ 86173B7125321C93E355DF3837039244 ] C:\Windows\System32\tsddd.dll
19:56:38.0036 1032 C:\Windows\System32\tsddd.dll - ok
19:56:38.0036 1032 [ 117EA87DF785CA1B9D821F6F213DCE07 ] C:\Windows\System32\wininit.exe
19:56:38.0036 1032 C:\Windows\System32\wininit.exe - ok
19:56:38.0051 1032 [ 95E848589698D6CF716ECF1403925DFC ] C:\Windows\System32\userenv.dll
19:56:38.0051 1032 C:\Windows\System32\userenv.dll - ok
19:56:38.0051 1032 [ FEA83138B1C1D6EB55046C4612905888 ] C:\Windows\System32\secur32.dll
19:56:38.0051 1032 C:\Windows\System32\secur32.dll - ok
19:56:38.0051 1032 [ 16687F0351E513BF2019073ABF02B585 ] C:\Windows\System32\sxs.dll
19:56:38.0051 1032 C:\Windows\System32\sxs.dll - ok
19:56:38.0067 1032 [ 07FA442C161607E4FE6CE936846EF807 ] C:\Windows\System32\vga.dll
19:56:38.0067 1032 C:\Windows\System32\vga.dll - ok
19:56:38.0067 1032 [ 1AE29DD0E96D10F52383A8C6396E3A1D ] C:\Windows\System32\framebuf.dll
19:56:38.0067 1032 C:\Windows\System32\framebuf.dll - ok
19:56:38.0082 1032 [ 46662CD685A6341AB4AED86D134D80E9 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll
19:56:38.0082 1032 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll - ok
19:56:38.0082 1032 [ 6D0773A3A65D28B663F334C90441D01A ] C:\Windows\System32\winlogon.exe
19:56:38.0082 1032 C:\Windows\System32\winlogon.exe - ok
19:56:38.0082 1032 [ 1671EF15434501ABBE9E7BE905EF998B ] C:\Windows\System32\winsta.dll
19:56:38.0082 1032 C:\Windows\System32\winsta.dll - ok
19:56:38.0098 1032 [ 89A722B06A83706797E283016181BEAB ] C:\Windows\System32\KBDUS.DLL
19:56:38.0098 1032 C:\Windows\System32\KBDUS.DLL - ok
19:56:38.0098 1032 [ D1BDCF6DE24D16E16FC57AEE4A1BE9AE ] C:\Windows\System32\WlS0WndH.dll
19:56:38.0098 1032 C:\Windows\System32\WlS0WndH.dll - ok
19:56:38.0114 1032 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\System32\services.exe
19:56:38.0114 1032 C:\Windows\System32\services.exe - ok
19:56:38.0114 1032 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] C:\Windows\System32\lsass.exe
19:56:38.0114 1032 C:\Windows\System32\lsass.exe - ok
19:56:38.0129 1032 [ 54D814DC2FA54AA847D240D4EA0E6586 ] C:\Windows\System32\lsm.exe
19:56:38.0129 1032 C:\Windows\System32\lsm.exe - ok
19:56:38.0129 1032 [ 902F14A1FDF1B4A543326A35CB21EB1F ] C:\Windows\System32\lsasrv.dll
19:56:38.0129 1032 C:\Windows\System32\lsasrv.dll - ok
19:56:38.0129 1032 [ 60EEC5440C2D05E5FDA04900E45FF717 ] C:\Windows\System32\samsrv.dll
19:56:38.0129 1032 C:\Windows\System32\samsrv.dll - ok
19:56:38.0145 1032 [ 009456399B31D69C67654F6C3618D9A8 ] C:\Windows\System32\sysntfy.dll
19:56:38.0145 1032 C:\Windows\System32\sysntfy.dll - ok
19:56:38.0145 1032 [ 0C2E0A8562FE4B33D00E175A97E05793 ] C:\Windows\System32\wmsgapi.dll
19:56:38.0145 1032 C:\Windows\System32\wmsgapi.dll - ok
19:56:38.0160 1032 [ 419CE835359938213BD32A7AA327F2B9 ] C:\Windows\System32\cryptdll.dll
19:56:38.0160 1032 C:\Windows\System32\cryptdll.dll - ok
19:56:38.0160 1032 [ E4C283A98F118CEC9E087EAC4E9EFB6A ] C:\Windows\System32\dnsapi.dll
19:56:38.0160 1032 C:\Windows\System32\dnsapi.dll - ok
19:56:38.0176 1032 [ F3E5C76AA1175D29F6459BDB7DF345EC ] C:\Windows\System32\netapi32.dll
19:56:38.0176 1032 C:\Windows\System32\netapi32.dll - ok
19:56:38.0176 1032 [ 495EB57ACF30983AA441B70A8DE2B7ED ] C:\Windows\System32\scesrv.dll
19:56:38.0176 1032 C:\Windows\System32\scesrv.dll - ok
19:56:38.0176 1032 [ 5279672A8BDAF3CFB0A4C6E0591987AC ] C:\Windows\System32\samlib.dll
19:56:38.0176 1032 C:\Windows\System32\samlib.dll - ok
19:56:38.0192 1032 [ 301D19A870E40C12540BE46034BD6B20 ] C:\Windows\System32\msasn1.dll
19:56:38.0192 1032 C:\Windows\System32\msasn1.dll - ok
19:56:38.0192 1032 [ 33741BA808457C9AF07055C0FBEFE973 ] C:\Windows\System32\ntdsapi.dll
19:56:38.0192 1032 C:\Windows\System32\ntdsapi.dll - ok
19:56:38.0207 1032 [ 5EF9205E045643A5A75A82B116395B25 ] C:\Windows\System32\authz.dll
19:56:38.0207 1032 C:\Windows\System32\authz.dll - ok
19:56:38.0207 1032 [ D7924B0F3AB5574BF59CA2892BE8961A ] C:\Windows\System32\feclient.dll
19:56:38.0207 1032 C:\Windows\System32\feclient.dll - ok
19:56:38.0207 1032 [ FA19D9DE54B122316274703D50F34130 ] C:\Windows\System32\ncobjapi.dll
19:56:38.0207 1032 C:\Windows\System32\ncobjapi.dll - ok
19:56:38.0223 1032 [ B3EBBD687BDFCBBBBCB6115B682D1845 ] C:\Windows\System32\mpr.dll
19:56:38.0223 1032 C:\Windows\System32\mpr.dll - ok
19:56:38.0223 1032 [ 9BDB79FD2FD662BA9AD573C3EC0342A6 ] C:\Windows\System32\crypt32.dll
19:56:38.0223 1032 C:\Windows\System32\crypt32.dll - ok
19:56:38.0238 1032 [ 0F421175574BFE0BF2F4D8E910A253BB ] C:\Windows\System32\aelupsvc.dll
19:56:38.0238 1032 C:\Windows\System32\aelupsvc.dll - ok
19:56:38.0238 1032 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] C:\Windows\System32\alg.exe
19:56:38.0238 1032 C:\Windows\System32\alg.exe - ok
19:56:38.0254 1032 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] C:\Windows\System32\appinfo.dll
19:56:38.0254 1032 C:\Windows\System32\appinfo.dll - ok
19:56:38.0254 1032 [ 15C815573011719585EB836614ED1DF1 ] C:\Windows\System32\rascfg.dll
19:56:38.0254 1032 C:\Windows\System32\rascfg.dll - ok
19:56:38.0254 1032 [ 79318C744693EC983D20E9337A2F8196 ] C:\Windows\System32\audiosrv.dll
19:56:38.0254 1032 C:\Windows\System32\audiosrv.dll - ok
19:56:38.0270 1032 [ EE11F2630840479C4AA784AF3770F8E2 ] C:\Windows\System32\SLC.dll
19:56:38.0270 1032 C:\Windows\System32\SLC.dll - ok
19:56:38.0270 1032 [ 45B4004F43B48E4A3F12B85891F81221 ] C:\Windows\System32\wevtapi.dll
19:56:38.0270 1032 C:\Windows\System32\wevtapi.dll - ok
19:56:38.0285 1032 [ FFB96C2589FFA60473EAD78B39FBDE29 ] C:\Windows\System32\BFE.DLL
19:56:38.0285 1032 C:\Windows\System32\BFE.DLL - ok
19:56:38.0285 1032 [ A9D70295BA8F31D5EA118B0A6B74183E ] C:\Windows\System32\IPHLPAPI.DLL
19:56:38.0285 1032 C:\Windows\System32\IPHLPAPI.DLL - ok
19:56:38.0301 1032 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] C:\Windows\System32\dhcpcsvc.dll
19:56:38.0301 1032 C:\Windows\System32\dhcpcsvc.dll - ok
19:56:38.0301 1032 [ 6D316F4859634071CC25C4FD4589AD2C ] C:\Windows\System32\qmgr.dll
19:56:38.0301 1032 C:\Windows\System32\qmgr.dll - ok
19:56:38.0301 1032 [ 58AAAEA100F45F4F44297D6DE9ACF8ED ] C:\Windows\System32\winnsi.dll
19:56:38.0301 1032 C:\Windows\System32\winnsi.dll - ok
19:56:38.0316 1032 [ 956148910C7EB6A8C095D9B4E6F94E62 ] C:\Windows\System32\dhcpcsvc6.dll
19:56:38.0316 1032 C:\Windows\System32\dhcpcsvc6.dll - ok
19:56:38.0316 1032 [ 21322B1A2AD337C579F4A65EA0D25193 ] C:\Windows\System32\cngaudit.dll
19:56:38.0316 1032 C:\Windows\System32\cngaudit.dll - ok
19:56:38.0332 1032 [ A1B39DE453433B115B4EA69EE0343816 ] C:\Windows\System32\browser.dll
19:56:38.0332 1032 C:\Windows\System32\browser.dll - ok
19:56:38.0332 1032 [ FD51DED28EEC823940432D05BACE2490 ] C:\Windows\System32\ncrypt.dll
19:56:38.0332 1032 C:\Windows\System32\ncrypt.dll - ok
19:56:38.0332 1032 [ 02EE316487BCC8F4F6017CAD538365CC ] C:\Windows\System32\bcrypt.dll
19:56:38.0332 1032 C:\Windows\System32\bcrypt.dll - ok
19:56:38.0348 1032 [ 5A268127633C7EE2A7FB87F39D748D56 ] C:\Windows\System32\certprop.dll
19:56:38.0348 1032 C:\Windows\System32\certprop.dll - ok
19:56:38.0348 1032 [ DDEE5FE5C3C3141CE02DE6B7B2BF686B ] C:\Windows\System32\comres.dll
19:56:38.0348 1032 C:\Windows\System32\comres.dll - ok
19:56:38.0363 1032 [ B7CCDC4B877DC3CC665DE8F322F2BD9E ] C:\Windows\System32\credssp.dll
19:56:38.0363 1032 C:\Windows\System32\credssp.dll - ok
19:56:38.0363 1032 [ CA78B312C44E4D52E842C2C8BD48E452 ] C:\Windows\System32\cryptsvc.dll
19:56:38.0363 1032 C:\Windows\System32\cryptsvc.dll - ok
19:56:38.0379 1032 [ F7097878AE102618656A04F03951C339 ] C:\Windows\System32\msprivs.dll
19:56:38.0379 1032 C:\Windows\System32\msprivs.dll - ok
19:56:38.0379 1032 [ CD6D49EA9DBBD3EA9E449FD84C51C731 ] C:\Windows\System32\kerberos.dll
19:56:38.0379 1032 C:\Windows\System32\kerberos.dll - ok
19:56:38.0379 1032 [ CE7183F26642FAFE46C8374AE70A66DB ] C:\Windows\System32\oleres.dll
19:56:38.0379 1032 C:\Windows\System32\oleres.dll - ok
19:56:38.0394 1032 [ 2E4733239CB09A2212C44FCD1C1B4CC9 ] C:\Windows\System32\dfsrres.dll
19:56:38.0394 1032 C:\Windows\System32\dfsrres.dll - ok
19:56:38.0394 1032 [ 1A7156DD1E850E9914E5E991E3225B94 ] C:\Windows\System32\dot3svc.dll
19:56:38.0394 1032 C:\Windows\System32\dot3svc.dll - ok
19:56:38.0410 1032 [ 253607D6C54A1604436F08E67CCED044 ] C:\Windows\System32\WSHTCPIP.DLL
19:56:38.0410 1032 C:\Windows\System32\WSHTCPIP.DLL - ok
19:56:38.0410 1032 [ 2C305F6445662EFF9A08B1BA41784CC0 ] C:\Windows\System32\wship6.dll
19:56:38.0410 1032 C:\Windows\System32\wship6.dll - ok
19:56:38.0426 1032 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] C:\Windows\System32\dps.dll
19:56:38.0426 1032 C:\Windows\System32\dps.dll - ok
19:56:38.0426 1032 [ 599DA6EB260D9601D2D67AE177F95568 ] C:\Windows\System32\wshqos.dll
19:56:38.0426 1032 C:\Windows\System32\wshqos.dll - ok
19:56:38.0426 1032 [ F145BF4C4668E7E312069F81EF847CFC ] C:\Windows\System32\nlasvc.dll
19:56:38.0426 1032 C:\Windows\System32\nlasvc.dll - ok
19:56:38.0441 1032 [ C2303883FD9BE49DC36A6400643002EA ] C:\Windows\System32\eapsvc.dll
19:56:38.0441 1032 C:\Windows\System32\eapsvc.dll - ok
19:56:38.0441 1032 [ 062972C53BDC6819CE0BAAAA5382F758 ] C:\Windows\System32\NapiNSP.dll
19:56:38.0441 1032 C:\Windows\System32\NapiNSP.dll - ok
19:56:38.0457 1032 [ 14CE384D2E27B64C256BDA4DC39C312D ] C:\Windows\ehome\ehrecvr.exe
19:56:38.0457 1032 C:\Windows\ehome\ehrecvr.exe - ok
19:56:38.0457 1032 [ E1BAEEE7949ED5019259E69393367400 ] C:\Windows\System32\pnrpnsp.dll
19:56:38.0457 1032 C:\Windows\System32\pnrpnsp.dll - ok
19:56:38.0457 1032 [ BB08D93011B82883EC33C7707A9627BE ] C:\Windows\System32\mswsock.dll
19:56:38.0457 1032 C:\Windows\System32\mswsock.dll - ok
19:56:38.0472 1032 [ B93159C1313D66FDFBBE876F5189CD52 ] C:\Windows\ehome\ehsched.exe
19:56:38.0472 1032 C:\Windows\ehome\ehsched.exe - ok
19:56:38.0472 1032 [ 434B2B82B237FC2F4F8F6844A8FF1909 ] C:\Windows\System32\msv1_0.dll
19:56:38.0472 1032 C:\Windows\System32\msv1_0.dll - ok
19:56:38.0488 1032 [ F5EE2527D74449868E3C3227A59BCD28 ] C:\Windows\ehome\ehstart.dll
19:56:38.0488 1032 C:\Windows\ehome\ehstart.dll - ok
19:56:38.0488 1032 [ A9B18B63A4FD6BAAB83326706D857FAB ] C:\Windows\System32\emdmgmt.dll
19:56:38.0488 1032 C:\Windows\System32\emdmgmt.dll - ok
19:56:38.0504 1032 [ A3F1B171702CA04744EE514243B45BFB ] C:\Windows\System32\netlogon.dll
19:56:38.0504 1032 C:\Windows\System32\netlogon.dll - ok
19:56:38.0504 1032 [ B3564B747D0B059D99E888F8369E56BC ] C:\Windows\System32\wevtsvc.dll
19:56:38.0504 1032 C:\Windows\System32\wevtsvc.dll - ok
19:56:38.0504 1032 [ CA307C0BD127FA7ADE5E6FEE8750F046 ] C:\Windows\System32\winbrand.dll
19:56:38.0504 1032 C:\Windows\System32\winbrand.dll - ok
19:56:38.0519 1032 [ 4C7F1DA7E2BF41EB19208540DD5574C8 ] C:\Windows\System32\schannel.dll
19:56:38.0519 1032 C:\Windows\System32\schannel.dll - ok
19:56:38.0519 1032 [ BB9267ACACD8B7533DD936C34A0CBA5E ] C:\Windows\System32\fdPHost.dll
19:56:38.0519 1032 C:\Windows\System32\fdPHost.dll - ok
19:56:38.0535 1032 [ B4A04D5AA66E8F77DE19E0EB89C52D2B ] C:\Windows\System32\wdigest.dll
19:56:38.0535 1032 C:\Windows\System32\wdigest.dll - ok
19:56:38.0535 1032 [ 300C80931EABBE1DB7591C516EFE8D0F ] C:\Windows\System32\FDResPub.dll
19:56:38.0535 1032 C:\Windows\System32\FDResPub.dll - ok
19:56:38.0550 1032 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] C:\Windows\System32\FntCache.dll
19:56:38.0550 1032 C:\Windows\System32\FntCache.dll - ok
19:56:38.0550 1032 [ 4D27759CC69F69E4B3228A970FF55F88 ] C:\Windows\System32\rsaenh.dll
19:56:38.0550 1032 C:\Windows\System32\rsaenh.dll - ok
19:56:38.0550 1032 [ BC69DA355B62C898DFEA93851335EAF0 ] C:\Windows\System32\TSpkg.dll
19:56:38.0550 1032 C:\Windows\System32\TSpkg.dll - ok
19:56:38.0566 1032 [ 899F834C330A96A80EC36DAEDA2FF018 ] C:\Windows\System32\gpapi.dll
19:56:38.0566 1032 C:\Windows\System32\gpapi.dll - ok
19:56:38.0566 1032 [ E60BB0CDC5EA153F6D24C51AAD4A73FD ] C:\Windows\System32\PresentationHost.exe
19:56:38.0566 1032 C:\Windows\System32\PresentationHost.exe - ok
19:56:38.0582 1032 [ 59361D38A297755D46A540E450202B2A ] C:\Windows\System32\hidserv.dll
19:56:38.0582 1032 C:\Windows\System32\hidserv.dll - ok
19:56:38.0582 1032 [ B12F367EA39C0795FD57E31242CE1A5A ] C:\Windows\System32\KMSVC.DLL
19:56:38.0582 1032 C:\Windows\System32\KMSVC.DLL - ok
19:56:38.0582 1032 [ 42161FDC47A49CD513D29BACB99D6E0D ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
19:56:38.0582 1032 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
19:56:38.0597 1032 [ 0C9EA6E654E7B0471741E343A6C671AF ] C:\Windows\System32\IKEEXT.DLL
19:56:38.0597 1032 C:\Windows\System32\IKEEXT.DLL - ok
19:56:38.0597 1032 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] C:\Windows\System32\IPBusEnum.dll
19:56:38.0597 1032 C:\Windows\System32\IPBusEnum.dll - ok
19:56:38.0613 1032 [ BF0DBFA9792C5C14FA00F61C75116C1B ] C:\Windows\System32\iphlpsvc.dll
19:56:38.0613 1032 C:\Windows\System32\iphlpsvc.dll - ok
19:56:38.0613 1032 [ C6336D1625515CC5F70E5630CFF14182 ] C:\Windows\System32\keyiso.dll
19:56:38.0613 1032 C:\Windows\System32\keyiso.dll - ok
19:56:38.0628 1032 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] C:\Windows\System32\srvsvc.dll
19:56:38.0628 1032 C:\Windows\System32\srvsvc.dll - ok
19:56:38.0628 1032 [ CAF86FC1388BE1E470F1A7B43E348ADB ] C:\Windows\System32\wkssvc.dll
19:56:38.0628 1032 C:\Windows\System32\wkssvc.dll - ok
19:56:38.0628 1032 [ 4B8C95B49C58D7A41BF3FE38AA64DC6C ] C:\Windows\System32\lltdres.dll
19:56:38.0628 1032 C:\Windows\System32\lltdres.dll - ok
19:56:38.0644 1032 [ A47F8080CACC23C91FE823AD19AA5612 ] C:\Windows\System32\lmhsvc.dll
19:56:38.0644 1032 C:\Windows\System32\lmhsvc.dll - ok
19:56:38.0644 1032 [ 4698036AE905F88E02C3F69BA77981FB ] C:\Windows\ehome\ehres.dll
19:56:38.0644 1032 C:\Windows\ehome\ehres.dll - ok
19:56:38.0660 1032 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] C:\Windows\System32\mmcss.dll
19:56:38.0660 1032 C:\Windows\System32\mmcss.dll - ok
19:56:38.0660 1032 [ FFA2B274A5CC6C9A03CBDCF5B8F0239A ] C:\Windows\System32\FirewallAPI.dll
19:56:38.0660 1032 C:\Windows\System32\FirewallAPI.dll - ok
19:56:38.0675 1032 [ 1371FA9D8B1E567AE852E0F74D41D040 ] C:\Windows\System32\iscsidsc.dll
19:56:38.0675 1032 C:\Windows\System32\iscsidsc.dll - ok
19:56:38.0675 1032 [ FCD84867883C365A24C61E50AF8A6DB9 ] C:\Windows\System32\msimsg.dll
19:56:38.0675 1032 C:\Windows\System32\msimsg.dll - ok
19:56:38.0675 1032 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] C:\Windows\System32\QAGENTRT.DLL
19:56:38.0675 1032 C:\Windows\System32\QAGENTRT.DLL - ok
19:56:38.0691 1032 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] C:\Windows\System32\netman.dll
19:56:38.0691 1032 C:\Windows\System32\netman.dll - ok
19:56:38.0691 1032 [ 0341CB05512AA87BB64A834DE6264C34 ] C:\Windows\System32\netprof.dll
19:56:38.0691 1032 C:\Windows\System32\netprof.dll - ok
19:56:38.0706 1032 [ ACB62BAA1C319B17752553DF3026EEEB ] C:\Windows\System32\nsisvc.dll
19:56:38.0706 1032 C:\Windows\System32\nsisvc.dll - ok
19:56:38.0706 1032 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] C:\Windows\System32\p2psvc.dll
19:56:38.0706 1032 C:\Windows\System32\p2psvc.dll - ok
19:56:38.0706 1032 [ 9AB157B374192FF276C1628FBDBA2B0E ] C:\Windows\System32\pcasvc.dll
19:56:38.0706 1032 C:\Windows\System32\pcasvc.dll - ok
19:56:38.0722 1032 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] C:\Windows\System32\pla.dll
19:56:38.0722 1032 C:\Windows\System32\pla.dll - ok
19:56:38.0722 1032 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] C:\Windows\System32\umpnpmgr.dll
19:56:38.0722 1032 C:\Windows\System32\umpnpmgr.dll - ok
19:56:38.0738 1032 [ F7BEA2085635CA9B2B991D8EDC426D3A ] C:\Windows\System32\polstore.dll
19:56:38.0738 1032 C:\Windows\System32\polstore.dll - ok
19:56:38.0738 1032 [ E058CE4FC2449D8BFA14739C83B7FF2A ] C:\Windows\System32\profsvc.dll
19:56:38.0738 1032 C:\Windows\System32\profsvc.dll - ok
19:56:38.0753 1032 [ 43A4F5B4EAC81FA11DAC3143ADC77CBA ] C:\Windows\System32\psbase.dll
19:56:38.0753 1032 C:\Windows\System32\psbase.dll - ok
19:56:38.0753 1032 [ 90574842C3DA781E279061A3EFF91F07 ] C:\Windows\System32\qwave.dll
19:56:38.0753 1032 C:\Windows\System32\qwave.dll - ok
19:56:38.0753 1032 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] C:\Windows\System32\drivers\qwavedrv.sys
19:56:38.0753 1032 C:\Windows\System32\drivers\qwavedrv.sys - ok
19:56:38.0769 1032 [ B2AE18F847D07F0044404DDF7CB04497 ] C:\Windows\System32\rasauto.dll
19:56:38.0769 1032 C:\Windows\System32\rasauto.dll - ok
19:56:38.0769 1032 [ 3AD83E4046C43BE510DE681588ACB8AF ] C:\Windows\System32\rasmans.dll
19:56:38.0769 1032 C:\Windows\System32\rasmans.dll - ok
19:56:38.0769 1032 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] C:\Windows\System32\sstpsvc.dll
19:56:38.0769 1032 C:\Windows\System32\sstpsvc.dll - ok
19:56:38.0784 1032 [ C612B9557DA73F70D41F8A6FBC8E5344 ] C:\Windows\System32\mprdim.dll
19:56:38.0784 1032 C:\Windows\System32\mprdim.dll - ok
19:56:38.0800 1032 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] C:\Windows\System32\regsvc.dll
19:56:38.0800 1032 C:\Windows\System32\regsvc.dll - ok
19:56:38.0800 1032 [ F46C457840D4B7A4DAAFEE739CE04102 ] C:\Windows\System32\Locator.exe
19:56:38.0800 1032 C:\Windows\System32\Locator.exe - ok
19:56:38.0800 1032 [ FD1CDCF108D5EF3366F00D18B70FB89B ] C:\Windows\System32\SCardSvr.dll
19:56:38.0800 1032 C:\Windows\System32\SCardSvr.dll - ok
19:56:38.0816 1032 [ 0F838C811AD295D2A4489B9993096C63 ] C:\Windows\System32\schedsvc.dll
19:56:38.0816 1032 C:\Windows\System32\schedsvc.dll - ok
19:56:38.0816 1032 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] C:\Windows\System32\sdrsvc.dll
19:56:38.0816 1032 C:\Windows\System32\sdrsvc.dll - ok
19:56:38.0831 1032 [ 5ACDCBC67FCF894A1815B9F96D704490 ] C:\Windows\System32\seclogon.dll
19:56:38.0831 1032 C:\Windows\System32\seclogon.dll - ok
19:56:38.0831 1032 [ 90973A64B96CD647FF81C79443618EED ] C:\Windows\System32\Sens.dll
19:56:38.0831 1032 C:\Windows\System32\Sens.dll - ok
19:56:38.0831 1032 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] C:\Windows\System32\SessEnv.dll
19:56:38.0831 1032 C:\Windows\System32\SessEnv.dll - ok
19:56:38.0847 1032 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] C:\Windows\System32\ipnathlp.dll
19:56:38.0847 1032 C:\Windows\System32\ipnathlp.dll - ok
19:56:38.0847 1032 [ 56793271ECDEDD350C5ADD305603E963 ] C:\Windows\System32\shsvcs.dll
19:56:38.0847 1032 C:\Windows\System32\shsvcs.dll - ok
19:56:38.0862 1032 [ A9A27A8E257B45A604FDAD4F26FE7241 ] C:\Windows\System32\SLsvc.exe
19:56:38.0862 1032 C:\Windows\System32\SLsvc.exe - ok
19:56:38.0862 1032 [ FD74B4B7C2088E390A30C85A896FC3AF ] C:\Windows\System32\SLUINotify.dll
19:56:38.0862 1032 C:\Windows\System32\SLUINotify.dll - ok
19:56:38.0862 1032 [ F8F08779E7D997913607B0146710CC04 ] C:\Windows\System32\tcpipcfg.dll
19:56:38.0862 1032 C:\Windows\System32\tcpipcfg.dll - ok
19:56:38.0878 1032 [ F8F47F38909823B1AF28D60B96340CFF ] C:\Windows\System32\snmptrap.exe
19:56:38.0878 1032 C:\Windows\System32\snmptrap.exe - ok
19:56:38.0878 1032 [ F66FF751E7EFC816D266977939EF5DC3 ] C:\Windows\System32\spoolsv.exe
19:56:38.0878 1032 C:\Windows\System32\spoolsv.exe - ok
19:56:38.0894 1032 [ 192C74646EC5725AEF3F80D19FF75F6A ] C:\Windows\System32\ssdpsrv.dll
19:56:38.0894 1032 C:\Windows\System32\ssdpsrv.dll - ok
19:56:38.0894 1032 [ 15825C1FBFB8779992CB65087F316AF5 ] C:\Windows\System32\wiaservc.dll
19:56:38.0894 1032 C:\Windows\System32\wiaservc.dll - ok
19:56:38.0894 1032 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] C:\Windows\System32\swprv.dll
19:56:38.0894 1032 C:\Windows\System32\swprv.dll - ok
19:56:38.0909 1032 [ 92D7A8B0F87B036F17D25885937897A6 ] C:\Windows\System32\sysmain.dll
19:56:38.0909 1032 C:\Windows\System32\sysmain.dll - ok
19:56:38.0925 1032 [ 005CE42567F9113A3BCCB3B20073B029 ] C:\Windows\System32\TabSvc.dll
19:56:38.0925 1032 C:\Windows\System32\TabSvc.dll - ok
19:56:38.0925 1032 [ CC2562B4D55E0B6A4758C65407F63B79 ] C:\Windows\System32\tapisrv.dll
19:56:38.0925 1032 C:\Windows\System32\tapisrv.dll - ok
19:56:38.0925 1032 [ CDBE8D7C1E201B911CDC346D06617FB5 ] C:\Windows\System32\tbssvc.dll
19:56:38.0925 1032 C:\Windows\System32\tbssvc.dll - ok
19:56:38.0940 1032 [ 5CDD30BC217082DAC71A9878D9BFD566 ] C:\Windows\System32\termsrv.dll
19:56:38.0940 1032 C:\Windows\System32\termsrv.dll - ok
19:56:38.0940 1032 [ F4689F05AF472A651A7B1B7B02D200E7 ] C:\Windows\System32\trkwks.dll
19:56:38.0940 1032 C:\Windows\System32\trkwks.dll - ok
19:56:38.0940 1032 [ 66328B08EF5A9305D8EDE36B93930369 ] C:\Windows\servicing\TrustedInstaller.exe
19:56:38.0940 1032 C:\Windows\servicing\TrustedInstaller.exe - ok
19:56:38.0956 1032 [ 060507C4113391394478F6953A79EEDC ] C:\Windows\System32\UI0Detect.exe
19:56:38.0956 1032 C:\Windows\System32\UI0Detect.exe - ok
19:56:38.0956 1032 [ 7093799FF80E9DECA0680D2E3535BE60 ] C:\Windows\System32\upnphost.dll
19:56:38.0956 1032 C:\Windows\System32\upnphost.dll - ok
19:56:38.0972 1032 [ 449F5AB17863698F12F0BC8E99079AA6 ] C:\Windows\System32\dwm.exe
19:56:38.0972 1032 C:\Windows\System32\dwm.exe - ok
19:56:38.0972 1032 [ 294945381DFA7CE58CECF0A9896AF327 ] C:\Windows\System32\vds.exe
19:56:38.0972 1032 C:\Windows\System32\vds.exe - ok
19:56:38.0987 1032 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] C:\Windows\System32\VSSVC.exe
19:56:38.0987 1032 C:\Windows\System32\VSSVC.exe - ok
19:56:38.0987 1032 [ F14A7DE2EA41883E250892E1E5230A9A ] C:\Windows\System32\w32time.dll
19:56:38.0987 1032 C:\Windows\System32\w32time.dll - ok
19:56:38.0987 1032 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] C:\Windows\System32\wcncsvc.dll
19:56:38.0987 1032 C:\Windows\System32\wcncsvc.dll - ok
19:56:39.0003 1032 [ EA4B369560E986F19D93F45A881484AC ] C:\Windows\System32\WcsPlugInService.dll
19:56:39.0003 1032 C:\Windows\System32\WcsPlugInService.dll - ok
19:56:39.0003 1032 [ 442783E2CB0DA19873B7A63833FF4CB4 ] C:\Windows\System32\drivers\Wdf01000.sys
19:56:39.0003 1032 C:\Windows\System32\drivers\Wdf01000.sys - ok
19:56:39.0018 1032 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] C:\Windows\System32\wdi.dll
19:56:39.0018 1032 C:\Windows\System32\wdi.dll - ok
19:56:39.0018 1032 [ 3E6D05381CF35F75EBB055544A8ED9AC ] C:\Windows\System32\WebClnt.dll
19:56:39.0018 1032 C:\Windows\System32\WebClnt.dll - ok
19:56:39.0018 1032 [ 8D40BC587993F876658BF9FB0F7D3462 ] C:\Windows\System32\wecsvc.dll
19:56:39.0018 1032 C:\Windows\System32\wecsvc.dll - ok
19:56:39.0034 1032 [ 9C980351D7E96288EA0C23AE232BD065 ] C:\Windows\System32\wercplsupport.dll
19:56:39.0034 1032 C:\Windows\System32\wercplsupport.dll - ok
19:56:39.0034 1032 [ 66B9ECEBC46683F47EDC06333C075FEF ] C:\Windows\System32\wersvc.dll
19:56:39.0034 1032 C:\Windows\System32\wersvc.dll - ok
19:56:39.0050 1032 [ ECFA1AC9D63D42B9B40AF8B5798513E8 ] C:\Program Files\Windows Defender\MsMpRes.dll
19:56:39.0050 1032 C:\Program Files\Windows Defender\MsMpRes.dll - ok
19:56:39.0050 1032 [ A2D043408A2DC9CDE48CFF88FCD74662 ] C:\Windows\System32\winhttp.dll
19:56:39.0050 1032 C:\Windows\System32\winhttp.dll - ok
19:56:39.0065 1032 [ D2E7296ED1BD26D8DB2799770C077A02 ] C:\Windows\System32\wbem\WMIsvc.dll
19:56:39.0065 1032 C:\Windows\System32\wbem\WMIsvc.dll - ok
19:56:39.0065 1032 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] C:\Windows\System32\WsmSvc.dll
19:56:39.0065 1032 C:\Windows\System32\WsmSvc.dll - ok
19:56:39.0065 1032 [ EC339C8115E91BAED835957E9A677F16 ] C:\Windows\System32\wlansvc.dll
19:56:39.0065 1032 C:\Windows\System32\wlansvc.dll - ok
19:56:39.0081 1032 [ 21FA389E65A852698B6A1341F36EE02D ] C:\Windows\System32\wbem\WmiApSrv.exe
19:56:39.0081 1032 C:\Windows\System32\wbem\WmiApSrv.exe - ok
19:56:39.0081 1032 [ 56382A5EB85A25446745E3BD6D50A3A5 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
19:56:39.0081 1032 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
19:56:39.0096 1032 [ CBC156C913F099E6680D1DF9307DB7A8 ] C:\Windows\System32\wpcsvc.dll
19:56:39.0096 1032 C:\Windows\System32\wpcsvc.dll - ok
19:56:39.0096 1032 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] C:\Windows\System32\wpdbusenum.dll
19:56:39.0096 1032 C:\Windows\System32\wpdbusenum.dll - ok
19:56:39.0112 1032 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:56:39.0112 1032 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
19:56:39.0112 1032 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] C:\Windows\System32\wscsvc.dll
19:56:39.0112 1032 C:\Windows\System32\wscsvc.dll - ok
19:56:39.0112 1032 [ A2AC37A1EEF83BD9E912B0EFCBEA06BD ] C:\Windows\System32\SearchIndexer.exe
19:56:39.0112 1032 C:\Windows\System32\SearchIndexer.exe - ok
19:56:39.0128 1032 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
19:56:39.0128 1032 C:\Windows\System32\wuaueng.dll - ok
19:56:39.0128 1032 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
19:56:39.0128 1032 C:\Windows\System32\drivers\WUDFPf.sys - ok
19:56:39.0143 1032 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
19:56:39.0143 1032 C:\Windows\System32\WUDFSvc.dll - ok
19:56:39.0143 1032 [ 9922ADB6DCA8F0F5EA038BEFF339C08B ] C:\Windows\System32\scecli.dll
19:56:39.0143 1032 C:\Windows\System32\scecli.dll - ok
19:56:39.0143 1032 [ EE3718BCF5CEF1C457C10A745E410959 ] C:\Windows\System32\ntmarta.dll
19:56:39.0143 1032 C:\Windows\System32\ntmarta.dll - ok
19:56:39.0159 1032 [ CDA9F1373805AF88F6FA4F2064BBA24D ] C:\Windows\System32\svchost.exe
19:56:39.0159 1032 C:\Windows\System32\svchost.exe - ok
19:56:39.0159 1032 [ 7823A58BF0FE3CAAA555C12B5CF91290 ] C:\Windows\System32\powrprof.dll
19:56:39.0174 1032 C:\Windows\System32\powrprof.dll - ok
19:56:39.0174 1032 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] C:\Windows\System32\rpcss.dll
19:56:39.0174 1032 C:\Windows\System32\rpcss.dll - ok
19:56:39.0174 1032 [ EA3D2B63BA304EB6EDABBAFA21599B47 ] C:\Windows\System32\version.dll
19:56:39.0174 1032 C:\Windows\System32\version.dll - ok
19:56:39.0190 1032 [ BAD79FECE1387CDD8388A3314645757F ] C:\Windows\System32\LogonUI.exe
19:56:39.0190 1032 C:\Windows\System32\LogonUI.exe - ok
19:56:39.0190 1032 [ 7D2A43E8FDF725A1133F6C6056A72CDC ] C:\Program Files\Windows Defender\MpSvc.dll
19:56:39.0190 1032 C:\Program Files\Windows Defender\MpSvc.dll - ok
19:56:39.0190 1032 [ 08C16507241D274FF9B583E5C4F9DBC8 ] C:\Windows\System32\wintrust.dll
19:56:39.0190 1032 C:\Windows\System32\wintrust.dll - ok
19:56:39.0206 1032 [ D07D4DA02FA8C7092FD402634419797D ] C:\Program Files\Windows Defender\MpClient.dll
19:56:39.0206 1032 C:\Program Files\Windows Defender\MpClient.dll - ok
19:56:39.0206 1032 [ 363D07C0F427C72BDE0B6D6492A205C9 ] C:\Windows\System32\authui.dll
19:56:39.0206 1032 C:\Windows\System32\authui.dll - ok
19:56:39.0221 1032 [ 6B58266234B36ABCDD43C797B0D1932E ] C:\Windows\System32\msimg32.dll
19:56:39.0221 1032 C:\Windows\System32\msimg32.dll - ok
19:56:39.0221 1032 [ 88DBC757681093478BC80211C21695E5 ] C:\Windows\System32\uxtheme.dll
19:56:39.0221 1032 C:\Windows\System32\uxtheme.dll - ok
19:56:39.0237 1032 [ 4EAC411F90DCDE41D05D8184DE335524 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_56abd97bb593eaca\GdiPlus.dll
19:56:39.0237 1032 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_56abd97bb593eaca\GdiPlus.dll - ok
19:56:39.0237 1032 [ 99AA51A6AE40DED4A74776E6E1C066C1 ] C:\Windows\System32\adtschema.dll
19:56:39.0237 1032 C:\Windows\System32\adtschema.dll - ok
19:56:39.0252 1032 [ E3041BC26D6930D61F42AEDB79C91720 ] C:\Windows\System32\drivers\fltMgr.sys
19:56:39.0252 1032 C:\Windows\System32\drivers\fltMgr.sys - ok
19:56:39.0252 1032 [ 9E693C6146932B5369DFFA584E805EF6 ] C:\Windows\System32\PSHED.DLL
19:56:39.0252 1032 C:\Windows\System32\PSHED.DLL - ok
19:56:39.0252 1032 [ 16881B42E07390FAA8C7331E9B8316A7 ] C:\Windows\System32\duser.dll
19:56:39.0252 1032 C:\Windows\System32\duser.dll - ok
19:56:39.0268 1032 [ C5EDECA7546B009484B23FAD0E9724C1 ] C:\Windows\System32\nlaapi.dll
19:56:39.0268 1032 C:\Windows\System32\nlaapi.dll - ok
19:56:39.0268 1032 [ 7FC9AFDD2A2ACFCB52FB05D57FE8C2F4 ] C:\Windows\System32\atl.dll
19:56:39.0268 1032 C:\Windows\System32\atl.dll - ok
19:56:39.0284 1032 [ 656CF740A2FDB99664A91C439D05C0ED ] C:\Windows\System32\xmllite.dll
19:56:39.0284 1032 C:\Windows\System32\xmllite.dll - ok
19:56:39.0284 1032 [ 7500278FEF4A66B0D76D8438F0295F4E ] C:\Windows\System32\winmm.dll
19:56:39.0284 1032 C:\Windows\System32\winmm.dll - ok
19:56:39.0299 1032 [ 56697D33950E5E83A4049F477BE7C320 ] C:\Windows\System32\hid.dll
19:56:39.0299 1032 C:\Windows\System32\hid.dll - ok
19:56:39.0299 1032 [ 6C2D2558DECB89C83873F80160D19F2C ] C:\Windows\System32\wtsapi32.dll
19:56:39.0299 1032 C:\Windows\System32\wtsapi32.dll - ok
19:56:39.0299 1032 [ D58A65112AE355CADFABEEFC8D329A8F ] C:\Windows\System32\oleacc.dll
19:56:39.0299 1032 C:\Windows\System32\oleacc.dll - ok
19:56:39.0315 1032 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
19:56:39.0315 1032 C:\Windows\System32\WUDFPlatform.dll - ok
19:56:39.0315 1032 [ EA47AF4FBF17580D093C0C36C4E49921 ] C:\Windows\System32\dsound.dll
19:56:39.0315 1032 C:\Windows\System32\dsound.dll - ok
19:56:39.0315 1032 [ 2007B826C4ACD94AE32232B41F0842B9 ] C:\Windows\System32\drivers\nwifi.sys
19:56:39.0315 1032 C:\Windows\System32\drivers\nwifi.sys - ok
19:56:39.0330 1032 [ C501852F1CA40FFC55363ACC0D2DF5BA ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:56:39.0330 1032 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:56:39.0330 1032 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] C:\Windows\System32\drivers\ndisuio.sys
19:56:39.0330 1032 C:\Windows\System32\drivers\ndisuio.sys - ok
19:56:39.0346 1032 [ 00C7DAFAD08FAD59E51EB9A1F90925DE ] C:\Windows\System32\shgina.dll
19:56:39.0346 1032 C:\Windows\System32\shgina.dll - ok
19:56:39.0346 1032 [ 4CEA4255CAE84BF21FCA9A2827E16CBB ] C:\Windows\System32\shacct.dll
19:56:39.0346 1032 C:\Windows\System32\shacct.dll - ok
19:56:39.0362 1032 [ FE13271EF661F8BE83A1A0D3366164D0 ] C:\Windows\System32\propsys.dll
19:56:39.0362 1032 C:\Windows\System32\propsys.dll - ok
19:56:39.0362 1032 [ A4F3F34A7146D8633FA8D346535A9CAA ] C:\Windows\System32\rasapi32.dll
19:56:39.0362 1032 C:\Windows\System32\rasapi32.dll - ok
19:56:39.0362 1032 [ 06230F1B721494A6DF8D47FD395BB1B0 ] C:\Windows\System32\dnsrslvr.dll
19:56:39.0362 1032 C:\Windows\System32\dnsrslvr.dll - ok
19:56:39.0377 1032 [ C30BD20F185A47DCD4FD05F5AE1BC077 ] C:\Windows\System32\rasman.dll
19:56:39.0377 1032 C:\Windows\System32\rasman.dll - ok
19:56:39.0377 1032 [ F0884FA3E83C79775BF89C74DD28B616 ] C:\Windows\System32\tapi32.dll
19:56:39.0377 1032 C:\Windows\System32\tapi32.dll - ok
19:56:39.0393 1032 [ F1D25FB6A8BF8FBAE49717B684670393 ] C:\Windows\System32\rtutils.dll
19:56:39.0393 1032 C:\Windows\System32\rtutils.dll - ok
19:56:39.0393 1032 [ 7972615E382EF39785FD45F136F64D8C ] C:\Windows\System32\FWPUCLNT.DLL
19:56:39.0393 1032 C:\Windows\System32\FWPUCLNT.DLL - ok
19:56:39.0393 1032 [ E0159CE395B31F746AA26D0A6996DB29 ] C:\Windows\System32\eapphost.dll
19:56:39.0393 1032 C:\Windows\System32\eapphost.dll - ok
19:56:39.0408 1032 [ 8449D81B9FB1CCADEC3E64F30E1076C7 ] C:\Windows\System32\winrnr.dll
19:56:39.0408 1032 C:\Windows\System32\winrnr.dll - ok
19:56:39.0424 1032 [ 0B74C0B96E15947FEB762C2CDA8EC154 ] C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll
19:56:39.0424 1032 C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll - ok
19:56:39.0424 1032 [ 20D2447795D9910BB4B89E5FB8147F0B ] C:\Program Files\Bonjour\mdnsNSP.dll
19:56:39.0424 1032 C:\Program Files\Bonjour\mdnsNSP.dll - ok
19:56:39.0424 1032 [ 70071E1657823DA231713D74A9CC8ECA ] C:\Windows\System32\rasadhlp.dll
19:56:39.0424 1032 C:\Windows\System32\rasadhlp.dll - ok
19:56:39.0440 1032 [ 79939146B3966528E873550444B26A90 ] C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll
19:56:39.0440 1032 C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll - ok
19:56:39.0440 1032 [ B984B3565A3ADCA6A8544F9095A3232D ] C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll
19:56:39.0440 1032 C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll - ok
19:56:39.0455 1032 [ 0160AD4F8F4F817428CA74358612EC48 ] C:\Windows\System32\rastls.dll
19:56:39.0455 1032 C:\Windows\System32\rastls.dll - ok
19:56:39.0455 1032 [ BFDF69526CB6476992540D4C477CC27A ] C:\Windows\System32\raschap.dll
19:56:39.0455 1032 C:\Windows\System32\raschap.dll - ok
19:56:39.0455 1032 [ 57D1DE90D43E25C9E645D81FFC4FB678 ] C:\Windows\System32\umb.dll
19:56:39.0455 1032 C:\Windows\System32\umb.dll - ok
19:56:39.0471 1032 [ F64C1360D0590DF16AF01C8DA66973CB ] C:\Windows\System32\wlanmsm.dll
19:56:39.0471 1032 C:\Windows\System32\wlanmsm.dll - ok
19:56:39.0471 1032 [ CE11C00CCC066FB06CC0E671CA0D7660 ] C:\Windows\System32\wlansec.dll
19:56:39.0471 1032 C:\Windows\System32\wlansec.dll - ok
19:56:39.0486 1032 [ DED15764B578A26BE9E45E7692820549 ] C:\Windows\System32\onex.dll
19:56:39.0486 1032 C:\Windows\System32\onex.dll - ok
19:56:39.0486 1032 [ B50D0BF177657752B826697259341858 ] C:\Windows\System32\eappprxy.dll
19:56:39.0486 1032 C:\Windows\System32\eappprxy.dll - ok
19:56:39.0502 1032 [ 03FDED7449428CE493432EE35FE5A2FB ] C:\Windows\System32\eappcfg.dll
19:56:39.0502 1032 C:\Windows\System32\eappcfg.dll - ok
19:56:39.0502 1032 [ 9689076012A34CE4631D0CBFE148D092 ] C:\Windows\System32\wlgpclnt.dll
19:56:39.0502 1032 C:\Windows\System32\wlgpclnt.dll - ok
19:56:39.0502 1032 [ A73C52B285405E1FD79388AF2C7B2EB6 ] C:\Windows\System32\l2gpstore.dll
19:56:39.0502 1032 C:\Windows\System32\l2gpstore.dll - ok
19:56:39.0518 1032 [ 4DD86EDDA09715DC235E41C1F698F041 ] C:\Windows\System32\wlanutil.dll
19:56:39.0518 1032 C:\Windows\System32\wlanutil.dll - ok
19:56:39.0518 1032 [ B1D4BB8DFD7128A90982562268920724 ] C:\Windows\System32\WinSCard.dll
19:56:39.0518 1032 C:\Windows\System32\WinSCard.dll - ok
19:56:39.0533 1032 [ 8B517F63A5B87F8FFAC2145F0673498A ] C:\Windows\System32\msxml6.dll
19:56:39.0533 1032 C:\Windows\System32\msxml6.dll - ok
19:56:39.0533 1032 [ 39777F8ECD0B10B51CB79AC4F562C088 ] C:\Windows\System32\wlanext.exe
19:56:39.0533 1032 C:\Windows\System32\wlanext.exe - ok
19:56:39.0549 1032 [ 2348447A80920B2493A9B582A23E81E1 ] C:\Windows\System32\drivers\bowser.sys
19:56:39.0549 1032 C:\Windows\System32\drivers\bowser.sys - ok
19:56:39.0549 1032 [ C92B9ABDB65A5991E00C28F13491DBA2 ] C:\Windows\System32\drivers\mpsdrv.sys
19:56:39.0549 1032 C:\Windows\System32\drivers\mpsdrv.sys - ok
19:56:39.0549 1032 [ 897E3BAF68BA406A61682AE39C83900C ] C:\Windows\System32\MPSSVC.dll
19:56:39.0549 1032 C:\Windows\System32\MPSSVC.dll - ok
19:56:39.0564 1032 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] C:\Windows\System32\drivers\mrxsmb.sys
19:56:39.0564 1032 C:\Windows\System32\drivers\mrxsmb.sys - ok
19:56:39.0564 1032 [ 3B929A60C833FC615FD97FBA82BC7632 ] C:\Windows\System32\drivers\mrxsmb10.sys
19:56:39.0564 1032 C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:56:39.0580 1032 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] C:\Windows\System32\drivers\mrxsmb20.sys
19:56:39.0580 1032 C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:56:39.0580 1032 [ D1E792408F710173E4E4FB6BFB248DB3 ] C:\Windows\System32\wfapigp.dll
19:56:39.0580 1032 C:\Windows\System32\wfapigp.dll - ok
19:56:39.0580 1032 [ 2E10EB73ED1E094E9A113D0798058B88 ] C:\Windows\System32\vssapi.dll
19:56:39.0580 1032 C:\Windows\System32\vssapi.dll - ok
19:56:39.0596 1032 [ 87B1E9B5DBFADA04D9FFDC52D16CB000 ] C:\Windows\System32\mscms.dll
19:56:39.0596 1032 C:\Windows\System32\mscms.dll - ok
19:56:39.0596 1032 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
19:56:39.0596 1032 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
19:56:39.0611 1032 [ E8AECB69B2057EB308BE15A77AF2489E ] C:\Windows\System32\vsstrace.dll
19:56:39.0611 1032 C:\Windows\System32\vsstrace.dll - ok
19:56:39.0611 1032 [ 129F59470F770A2675A39C245BC5AB3F ] C:\Windows\System32\WsmRes.dll
19:56:39.0611 1032 C:\Windows\System32\WsmRes.dll - ok
19:56:39.0627 1032 [ C2156710CD27EDCEBB24239681F22AAC ] C:\Windows\System32\cryptnet.dll
19:56:39.0627 1032 C:\Windows\System32\cryptnet.dll - ok
19:56:39.0627 1032 [ 1E68A512FB6010B600CBC3577147AC50 ] C:\Windows\System32\plasrv.exe
19:56:39.0627 1032 C:\Windows\System32\plasrv.exe - ok
19:56:39.0627 1032 [ 0842A765D31D6E4AE50D6DF7DED61748 ] C:\Windows\System32\SensApi.dll
19:56:39.0627 1032 C:\Windows\System32\SensApi.dll - ok
19:56:39.0642 1032 [ 5E1D96076745F73C56B1307FEE6BEDFE ] C:\Windows\System32\ncsi.dll
19:56:39.0642 1032 C:\Windows\System32\ncsi.dll - ok
19:56:39.0642 1032 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] C:\Windows\System32\IPSECSVC.DLL
19:56:39.0642 1032 C:\Windows\System32\IPSECSVC.DLL - ok
19:56:39.0658 1032 [ E9DBC876EC1C78A74A55D8D121016344 ] C:\Windows\System32\wbemcomn.dll
19:56:39.0658 1032 C:\Windows\System32\wbemcomn.dll - ok
19:56:39.0658 1032 [ 0C063350E73B443666B17F225BB9FEC7 ] C:\Windows\System32\cfgmgr32.dll
19:56:39.0658 1032 C:\Windows\System32\cfgmgr32.dll - ok
19:56:39.0674 1032 [ 467FBA22AD764B6AB85BE58C25EEF15D ] C:\Windows\System32\ssdpapi.dll
19:56:39.0674 1032 C:\Windows\System32\ssdpapi.dll - ok
19:56:39.0674 1032 [ 14DC30962660BA05F1F54EB11AA5A2B4 ] C:\Windows\System32\FwRemoteSvr.dll
19:56:39.0674 1032 C:\Windows\System32\FwRemoteSvr.dll - ok
19:56:39.0674 1032 [ B25321F9C037BA9AE1DD68B36913ACAC ] C:\Windows\System32\wbem\WinMgmtR.dll
19:56:39.0674 1032 C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:56:39.0689 1032 [ 7846D0136CC2B264926A73047BA7688A ] C:\Windows\System32\netprofm.dll
19:56:39.0689 1032 C:\Windows\System32\netprofm.dll - ok
19:56:39.0689 1032 [ A5D8AD128FBB763F147F29F3D6A1C084 ] C:\Windows\System32\npmproxy.dll
19:56:39.0689 1032 C:\Windows\System32\npmproxy.dll - ok
19:56:39.0705 1032 [ 514A07C903607458B6B5A430B09BF794 ] C:\Windows\System32\avrt.dll
19:56:39.0705 1032 C:\Windows\System32\avrt.dll - ok
19:56:39.0705 1032 [ 71A986FEAAA1ED1DE47E6F7CCBBFB588 ] C:\Windows\System32\mpnotify.exe
19:56:39.0705 1032 C:\Windows\System32\mpnotify.exe - ok
19:56:39.0705 1032 [ 5EB9A0AD80BF3C26633E4D0B46B2B557 ] C:\Windows\System32\BCMLogon.dll
19:56:39.0705 1032 C:\Windows\System32\BCMLogon.dll - ok
19:56:39.0720 1032 [ 72AB6633E9B39EC7FEBEDF083A9061E5 ] C:\Windows\System32\mscoree.dll
19:56:39.0720 1032 C:\Windows\System32\mscoree.dll - ok
19:56:39.0736 1032 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
19:56:39.0736 1032 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
19:56:39.0736 1032 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
19:56:39.0736 1032 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
19:56:39.0736 1032 [ 09451F87CFF73FF22D9479FB0A73861C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll
19:56:39.0736 1032 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll - ok
19:56:39.0752 1032 [ DB4BC74DC444CC7A5F8F6DF2D38FBD96 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
19:56:39.0752 1032 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll - ok
19:56:39.0752 1032 [ 1AD703C14E705F69D4ADF79154054173 ] C:\Windows\System32\dwmapi.dll
19:56:39.0752 1032 C:\Windows\System32\dwmapi.dll - ok
19:56:39.0767 1032 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
19:56:39.0767 1032 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
19:56:39.0767 1032 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
19:56:39.0767 1032 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
19:56:39.0783 1032 [ 8FC3025462B3AA725EF63230F9F18191 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
19:56:39.0783 1032 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
19:56:39.0783 1032 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
19:56:39.0783 1032 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
19:56:39.0798 1032 [ 5A2B3AEDA5E5B35F3F351173277452B2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\5175a0985efd95b306a5637aee7ad811\mscorlib.ni.dll
19:56:39.0798 1032 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\5175a0985efd95b306a5637aee7ad811\mscorlib.ni.dll - ok
19:56:39.0798 1032 [ DB998334D21928780883FC24B3B50988 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
19:56:39.0798 1032 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
19:56:39.0798 1032 [ BED93F434CD291DEC110901F7343E000 ] C:\Windows\System32\dllhost.exe
19:56:39.0798 1032 C:\Windows\System32\dllhost.exe - ok
19:56:39.0814 1032 [ ED4EC7C21A3607A4CB7D36E9C5B90AB2 ] C:\Windows\System32\AtBroker.exe
19:56:39.0814 1032 C:\Windows\System32\AtBroker.exe - ok
19:56:39.0814 1032 [ A0AB2BB9A92293D9CE66E252719AB5FE ] C:\Windows\System32\userinit.exe
19:56:39.0814 1032 C:\Windows\System32\userinit.exe - ok
19:56:39.0830 1032 [ 6B08E54A451B3F95E4109DBA7E594270 ] C:\Windows\explorer.exe
19:56:39.0830 1032 C:\Windows\explorer.exe - ok
19:56:39.0830 1032 [ 9DCAA0F7D8EC0C07BBBE724041DB7AC5 ] C:\Windows\System32\shdocvw.dll
19:56:39.0830 1032 C:\Windows\System32\shdocvw.dll - ok
19:56:39.0830 1032 [ EE9040473EB1339E75E79A75FA47A825 ] C:\Windows\System32\browseui.dll
19:56:39.0830 1032 C:\Windows\System32\browseui.dll - ok
19:56:39.0845 1032 [ 48FEF0CD6C0D4CA428DE7024F297E1CD ] C:\Windows\System32\WindowsCodecs.dll
19:56:39.0845 1032 C:\Windows\System32\WindowsCodecs.dll - ok
19:56:39.0845 1032 [ F33E804A031F160D128AB78990DE7C91 ] C:\Windows\System32\apphelp.dll
19:56:39.0845 1032 C:\Windows\System32\apphelp.dll - ok
19:56:39.0861 1032 [ B2E32F41E1D6500F62CAEF5EF2B17196 ] C:\Windows\System32\EhStorShell.dll
19:56:39.0861 1032 C:\Windows\System32\EhStorShell.dll - ok
19:56:39.0861 1032 [ DBA8142819F06A4A401259011EF59530 ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
19:56:39.0861 1032 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
19:56:39.0876 1032 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
19:56:39.0876 1032 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
19:56:39.0876 1032 [ EDC41901878A99EA11765F5536CCAE67 ] C:\Windows\System32\imageres.dll
19:56:39.0876 1032 C:\Windows\System32\imageres.dll - ok
19:56:39.0892 1032 [ A45D8543AE13502984366767D7A4B4CD ] C:\Windows\System32\IconCodecService.dll
19:56:39.0892 1032 C:\Windows\System32\IconCodecService.dll - ok
19:56:39.0892 1032 [ 5398BD3BA9735ECF658487A2826C0885 ] C:\Windows\System32\runonce.exe
19:56:39.0892 1032 C:\Windows\System32\runonce.exe - ok
19:56:39.0892 1032 [ 6AAF63A85181E39F94EC0641C55A4EF0 ] C:\Windows\SysWOW64\ntdll.dll
19:56:39.0892 1032 C:\Windows\SysWOW64\ntdll.dll - ok
19:56:39.0908 1032 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\SysWOW64\runonce.exe
19:56:39.0908 1032 C:\Windows\SysWOW64\runonce.exe - ok
19:56:39.0908 1032 [ 813C216E14005CB42BBD1B037FCF030F ] C:\Windows\System32\wow64.dll
19:56:39.0908 1032 C:\Windows\System32\wow64.dll - ok
19:56:39.0923 1032 [ 8FE910915F14C9C6A9561D8032B603D3 ] C:\Windows\System32\wow64win.dll
19:56:39.0923 1032 C:\Windows\System32\wow64win.dll - ok
19:56:39.0923 1032 [ CA9EECC6092B9C2CE86D95C04B51BA20 ] C:\Windows\System32\wow64cpu.dll
19:56:39.0923 1032 C:\Windows\System32\wow64cpu.dll - ok
19:56:39.0939 1032 [ D59DD2AAFF94EAB9BD6C7940C2851735 ] C:\Windows\SysWOW64\kernel32.dll
19:56:39.0939 1032 C:\Windows\SysWOW64\kernel32.dll - ok
19:56:39.0939 1032 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\SysWOW64\advapi32.dll
19:56:39.0939 1032 C:\Windows\SysWOW64\advapi32.dll - ok
19:56:39.0939 1032 [ 0ABE67004EB4C162F4456E64F90A11FD ] C:\Windows\SysWOW64\rpcrt4.dll
19:56:39.0939 1032 C:\Windows\SysWOW64\rpcrt4.dll - ok
19:56:39.0954 1032 [ 3D4DD2D3D59ABE3BA902778C57D2E004 ] C:\Windows\SysWOW64\secur32.dll
19:56:39.0954 1032 C:\Windows\SysWOW64\secur32.dll - ok
19:56:39.0954 1032 [ 05C8C8767E29163FC251164FF6839EA5 ] C:\Windows\SysWOW64\gdi32.dll
19:56:39.0954 1032 C:\Windows\SysWOW64\gdi32.dll - ok
19:56:39.0970 1032 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\SysWOW64\msvcrt.dll
19:56:39.0970 1032 C:\Windows\SysWOW64\msvcrt.dll - ok
19:56:39.0970 1032 [ D29FDB5DEDBDC1BD882164DC6DC4DD53 ] C:\Windows\SysWOW64\user32.dll
19:56:39.0970 1032 C:\Windows\SysWOW64\user32.dll - ok
19:56:39.0986 1032 [ 420B075CD71AB9E58D15DD258958FBA3 ] C:\Windows\SysWOW64\shlwapi.dll
19:56:39.0986 1032 C:\Windows\SysWOW64\shlwapi.dll - ok
19:56:39.0986 1032 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
19:56:39.0986 1032 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
19:56:39.0986 1032 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\SysWOW64\shell32.dll
19:56:39.0986 1032 C:\Windows\SysWOW64\shell32.dll - ok
19:56:40.0001 1032 [ C1AE82B8F60ADB630C00DCE48E571CDD ] C:\Windows\System32\netcfgx.dll
19:56:40.0001 1032 C:\Windows\System32\netcfgx.dll - ok
19:56:40.0001 1032 [ 73F18E253DF8E0A9CE5FC45E62FB1945 ] C:\Windows\System32\cabinet.dll
19:56:40.0001 1032 C:\Windows\System32\cabinet.dll - ok
19:56:40.0017 1032 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\SysWOW64\ole32.dll
19:56:40.0017 1032 C:\Windows\SysWOW64\ole32.dll - ok
19:56:40.0017 1032 [ B8FBE5F40B09F5D20E1E5CCFEF893D62 ] C:\Windows\SysWOW64\imm32.dll
19:56:40.0017 1032 C:\Windows\SysWOW64\imm32.dll - ok
19:56:40.0017 1032 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\SysWOW64\msctf.dll
19:56:40.0017 1032 C:\Windows\SysWOW64\msctf.dll - ok
19:56:40.0032 1032 [ DF37346EA13082E3E1B423B54014E641 ] C:\Windows\SysWOW64\lpk.dll
19:56:40.0032 1032 C:\Windows\SysWOW64\lpk.dll - ok
19:56:40.0032 1032 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\SysWOW64\usp10.dll
19:56:40.0032 1032 C:\Windows\SysWOW64\usp10.dll - ok
19:56:40.0048 1032 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\SysWOW64\oleaut32.dll
19:56:40.0048 1032 C:\Windows\SysWOW64\oleaut32.dll - ok
19:56:40.0048 1032 [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\SysWOW64\urlmon.dll
19:56:40.0048 1032 C:\Windows\SysWOW64\urlmon.dll - ok
19:56:40.0064 1032 [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\SysWOW64\iertutil.dll
19:56:40.0064 1032 C:\Windows\SysWOW64\iertutil.dll - ok
19:56:40.0064 1032 [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\SysWOW64\wininet.dll
19:56:40.0064 1032 C:\Windows\SysWOW64\wininet.dll - ok
19:56:40.0064 1032 [ DBBB05E1AD745B842BA790A3835637C8 ] C:\Windows\System32\timedate.cpl
19:56:40.0064 1032 C:\Windows\System32\timedate.cpl - ok
19:56:40.0079 1032 [ 5C45623C1A5EC70BCCB3090DB21BF075 ] C:\Windows\System32\msshsq.dll
19:56:40.0079 1032 C:\Windows\System32\msshsq.dll - ok
19:56:40.0079 1032 [ 1E642FBD902FB74778F57A76F8D620F5 ] C:\Windows\System32\NaturalLanguage6.dll
19:56:40.0079 1032 C:\Windows\System32\NaturalLanguage6.dll - ok
19:56:40.0095 1032 [ 90FABA79E004399E5FC69BBBD016CAF9 ] C:\Windows\System32\NlsData0009.dll
19:56:40.0095 1032 C:\Windows\System32\NlsData0009.dll - ok
19:56:40.0095 1032 [ C8E7E069468BC0DEAFE69375421FE839 ] C:\Windows\System32\NlsLexicons0009.dll
19:56:40.0095 1032 C:\Windows\System32\NlsLexicons0009.dll - ok
19:56:40.0110 1032 [ 8BDE3074EE7BB92030448419E33635C7 ] C:\Windows\System32\linkinfo.dll
19:56:40.0110 1032 C:\Windows\System32\linkinfo.dll - ok
19:56:40.0110 1032 [ 35126DDDE8241C4C4A5F15F6CDDF4434 ] C:\Windows\System32\ieframe.dll
19:56:40.0110 1032 C:\Windows\System32\ieframe.dll - ok
19:56:40.0110 1032 [ E572915DB4DAD7F062D99334D9F10BFF ] C:\Windows\System32\networkexplorer.dll
19:56:40.0110 1032 C:\Windows\System32\networkexplorer.dll - ok
19:56:40.0126 1032 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WI1F86~1\MESSEN~1\msgslang.dll
19:56:40.0126 1032 C:\PROGRA~2\WI1F86~1\MESSEN~1\msgslang.dll - ok
19:56:40.0126 1032 [ 82955BAF6EE545110F7CE768AECA4144 ] C:\Windows\System32\thumbcache.dll
19:56:40.0126 1032 C:\Windows\System32\thumbcache.dll - ok
19:56:40.0142 1032 [ 61C090AFC693640742904A4FA2409BBC ] C:\Windows\System32\ExplorerFrame.dll
19:56:40.0142 1032 C:\Windows\System32\ExplorerFrame.dll - ok
19:56:40.0142 1032 [ 35FBB6F5993C9EE70CDB72CC8AAB5D38 ] C:\Windows\System32\wdmaud.drv
19:56:40.0142 1032 C:\Windows\System32\wdmaud.drv - ok
19:56:40.0142 1032 [ 17BF3BF5296936B153FDDDA189B60E07 ] C:\Windows\System32\ksuser.dll
19:56:40.0142 1032 C:\Windows\System32\ksuser.dll - ok
19:56:40.0157 1032 [ 303C4EB5C2FB40F194E2B24CAD7148EF ] C:\Windows\System32\MMDevAPI.dll
19:56:40.0157 1032 C:\Windows\System32\MMDevAPI.dll - ok
19:56:40.0157 1032 [ B51A921F2CA7A068F5025D6EF3C5C8DD ] C:\Program Files\Windows Mail\WinMail.exe
19:56:40.0157 1032 C:\Program Files\Windows Mail\WinMail.exe - ok
19:56:40.0173 1032 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
19:56:40.0173 1032 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe - ok
19:56:40.0173 1032 [ 3F8D31B67B3CE9ACDDEEC2FDE3EBE6B4 ] C:\Windows\Installer\{84BC87D4-0480-4E10-B15D-1E7886D55180}\iTunesIco.exe
19:56:40.0173 1032 C:\Windows\Installer\{84BC87D4-0480-4E10-B15D-1E7886D55180}\iTunesIco.exe - ok
19:56:40.0188 1032 [ 079C4723655133D5F74A93E232A2E8A8 ] C:\Windows\System32\ntshrui.dll
19:56:40.0188 1032 C:\Windows\System32\ntshrui.dll - ok
19:56:40.0188 1032 [ 75C34D22D3E7D1D0238B62C55F604BFC ] C:\Windows\System32\cscapi.dll
19:56:40.0188 1032 C:\Windows\System32\cscapi.dll - ok
19:56:40.0188 1032 [ 32BFF048169F9A57B9BBAF2DC90EAC1B ] C:\Windows\System32\stobject.dll
19:56:40.0188 1032 C:\Windows\System32\stobject.dll - ok
19:56:40.0204 1032 [ EF4C006CC67119A5E3EA534EC85BEA23 ] C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
19:56:40.0204 1032 C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe - ok
19:56:40.0204 1032 [ 93E888DA525F3DA1D8A94C174DDCC7C0 ] C:\Windows\System32\batmeter.dll
19:56:40.0204 1032 C:\Windows\System32\batmeter.dll - ok
19:56:40.0220 1032 [ 7FB82497FBBF96ACC9E143E7F183BFA7 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
19:56:40.0220 1032 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
19:56:40.0220 1032 [ E12F22B73F153DECE721CD45EC05B4AF ] C:\Windows\System32\es.dll
19:56:40.0220 1032 C:\Windows\System32\es.dll - ok
19:56:40.0235 1032 [ 5C8C51B679B947F3DF948533C0926240 ] C:\Windows\System32\SndVolSSO.dll
19:56:40.0235 1032 C:\Windows\System32\SndVolSSO.dll - ok
19:56:40.0235 1032 [ 5DD36EC36334E0ED4275AA3A55F5D22C ] C:\Program Files\Movie Maker\MOVIEMK.exe
19:56:40.0235 1032 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
19:56:40.0235 1032 [ FF253B202C460492B9A35C457066CCC0 ] C:\Windows\ehome\ehSSO.dll
19:56:40.0235 1032 C:\Windows\ehome\ehSSO.dll - ok
19:56:40.0251 1032 [ F3AF3A7F82CE01D5FFAAA5B60154AFCD ] C:\Windows\System32\HelpPaneProxy.dll
19:56:40.0251 1032 C:\Windows\System32\HelpPaneProxy.dll - ok
19:56:40.0251 1032 [ 829ACD708A96E5BECBA27B8448198E5E ] C:\Windows\HelpPane.exe
19:56:40.0251 1032 C:\Windows\HelpPane.exe - ok
19:56:40.0266 1032 [ AA6FAA30D3D0D4424DBA3D74D1CA1E14 ] C:\Windows\System32\netshell.dll
19:56:40.0266 1032 C:\Windows\System32\netshell.dll - ok
19:56:40.0266 1032 [ 0058E2924F2B6483591FAA7C2A6595A7 ] C:\Windows\System32\msiltcfg.dll
19:56:40.0266 1032 C:\Windows\System32\msiltcfg.dll - ok
19:56:40.0266 1032 [ DE95622B09554A70DB4F035D197330BF ] C:\Windows\System32\pnidui.dll
19:56:40.0266 1032 C:\Windows\System32\pnidui.dll - ok
19:56:40.0282 1032 [ F90ED5EE26169B69A3F915CFD014BA60 ] C:\Windows\System32\apds.dll
19:56:40.0282 1032 C:\Windows\System32\apds.dll - ok
19:56:40.0282 1032 [ ED99B5F4B9DFE4BECA711F3B0340F931 ] C:\Windows\System32\QUTIL.DLL
19:56:40.0298 1032 C:\Windows\System32\QUTIL.DLL - ok
19:56:40.0298 1032 [ 62CACC4A9C7C2BF244AAA2A7AD9ECE6D ] C:\Windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
19:56:40.0298 1032 C:\Windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe - ok
19:56:40.0298 1032 [ D092AA9740076D7B55BA7E3ECD22DFA7 ] C:\Windows\System32\msi.dll
19:56:40.0298 1032 C:\Windows\System32\msi.dll - ok
19:56:40.0313 1032 [ 19BDFEDD205E79B89809813A510033FA ] C:\Windows\System32\msxml3.dll
19:56:40.0313 1032 C:\Windows\System32\msxml3.dll - ok
19:56:40.0313 1032 [ 7F80E2C493079E9D42CCECC715790E10 ] C:\Windows\System32\fundisc.dll
19:56:40.0313 1032 C:\Windows\System32\fundisc.dll - ok
19:56:40.0329 1032 [ 14DEB733ACB08A71CC0783ED02FF1F8D ] C:\Windows\System32\mshtml.dll
19:56:40.0329 1032 C:\Windows\System32\mshtml.dll - ok
19:56:40.0329 1032 [ 9DD626CC4FB7CAAC19B2F4C33CD6A2A3 ] C:\Windows\System32\fdProxy.dll
19:56:40.0329 1032 C:\Windows\System32\fdProxy.dll - ok
19:56:40.0329 1032 [ 814B65E22070E087479A275AAE1931AC ] C:\Windows\System32\control.exe
19:56:40.0329 1032 C:\Windows\System32\control.exe - ok
19:56:40.0344 1032 [ 39872A309B2DB96738AF44402F7BD43C ] C:\Windows\System32\rasdlg.dll
19:56:40.0344 1032 C:\Windows\System32\rasdlg.dll - ok
19:56:40.0344 1032 [ 0100BCF23941C83462E4A70F94C3392E ] C:\Program Files\Internet Explorer\iexplore.exe
19:56:40.0344 1032 C:\Program Files\Internet Explorer\iexplore.exe - ok
19:56:40.0360 1032 [ F77B49A32331FA80F11C86877A6700DB ] C:\Windows\System32\mprapi.dll
19:56:40.0360 1032 C:\Windows\System32\mprapi.dll - ok
19:56:40.0360 1032 [ 45C5EAB112D3481A25485B0CF7E3597D ] C:\Windows\System32\activeds.dll
19:56:40.0360 1032 C:\Windows\System32\activeds.dll - ok
19:56:40.0360 1032 [ 80B8B7FF3AADD2156EE969C048644CAF ] C:\Windows\System32\adsldpc.dll
19:56:40.0360 1032 C:\Windows\System32\adsldpc.dll - ok
19:56:40.0376 1032 [ 77C276A0E431203EE56E52600A2575EA ] C:\Windows\System32\credui.dll
19:56:40.0376 1032 C:\Windows\System32\credui.dll - ok
19:56:40.0376 1032 [ 9E3244FE8BA484E98461B8619C86F0D5 ] C:\Program Files\Windows Calendar\WinCal.exe
19:56:40.0376 1032 C:\Program Files\Windows Calendar\WinCal.exe - ok
19:56:40.0391 1032 [ 483E6FE556B3146D5A634B8552FDD15C ] C:\Windows\System32\wlanapi.dll
19:56:40.0391 1032 C:\Windows\System32\wlanapi.dll - ok
19:56:40.0391 1032 [ FDAC777249FC4A5ED75FF3F563817FA1 ] C:\Windows\System32\AltTab.dll
19:56:40.0391 1032 C:\Windows\System32\AltTab.dll - ok
19:56:40.0391 1032 [ 6B28D35E4C2C9D9ABA083EE4F9FD51CC ] C:\Windows\System32\WPDShServiceObj.dll
19:56:40.0391 1032 C:\Windows\System32\WPDShServiceObj.dll - ok
19:56:40.0407 1032 [ 48DD40677817CE1053C2315F5A87E0D3 ] C:\Program Files\Windows Defender\MSASCui.exe
19:56:40.0407 1032 C:\Program Files\Windows Defender\MSASCui.exe - ok
19:56:40.0407 1032 [ A0A92B5F2926C52A3FF415E928BC9301 ] C:\Windows\System32\PortableDeviceTypes.dll
19:56:40.0407 1032 C:\Windows\System32\PortableDeviceTypes.dll - ok
19:56:40.0422 1032 [ 898804F8043BA721AC2E9F45AA55558B ] C:\Windows\System32\PortableDeviceApi.dll
19:56:40.0422 1032 C:\Windows\System32\PortableDeviceApi.dll - ok
19:56:40.0422 1032 [ 72A73B43C20902760022FBC91B3EC948 ] C:\Windows\System32\cmd.exe
19:56:40.0422 1032 C:\Windows\System32\cmd.exe - ok
19:56:40.0438 1032 [ 13E47C975E14031E7DC611191B70FD35 ] C:\Program Files\Movie Maker\DVDMaker.exe
19:56:40.0438 1032 C:\Program Files\Movie Maker\DVDMaker.exe - ok
19:56:40.0438 1032 [ 27336F3CC6B3B53043D0666AC0CA4A7F ] C:\Windows\System32\notepad.exe
19:56:40.0438 1032 C:\Windows\System32\notepad.exe - ok
19:56:40.0438 1032 [ 290A15C136531024982698A124F299FB ] C:\Windows\System32\taskschd.dll
19:56:40.0438 1032 C:\Windows\System32\taskschd.dll - ok
19:56:40.0454 1032 [ F54D10EA2FE5EC846603A4CABDD6F235 ] C:\Windows\System32\mstask.dll
19:56:40.0454 1032 C:\Windows\System32\mstask.dll - ok
19:56:40.0454 1032 [ B6D5917CF9FDA3B434AD908559EBD2B3 ] C:\Windows\System32\srchadmin.dll
19:56:40.0454 1032 C:\Windows\System32\srchadmin.dll - ok
19:56:40.0469 1032 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
19:56:40.0469 1032 C:\Windows\System32\webcheck.dll - ok
19:56:40.0469 1032 [ F50B03EB7C150E44DF2843F2138D4F70 ] C:\Windows\System32\mlang.dll
19:56:40.0469 1032 C:\Windows\System32\mlang.dll - ok
19:56:40.0485 1032 [ 9E341BB55760A87268862E40DBA1CEF0 ] C:\Windows\System32\accessibilitycpl.dll
19:56:40.0485 1032 C:\Windows\System32\accessibilitycpl.dll - ok
19:56:40.0485 1032 [ E55DE59CD89138BD973602F9F202E84D ] C:\Windows\System32\SyncCenter.dll
19:56:40.0485 1032 C:\Windows\System32\SyncCenter.dll - ok
19:56:40.0485 1032 [ 84F9BAD395DADAFA8E46BE7946B18ECD ] C:\Windows\System32\msimtf.dll
19:56:40.0485 1032 C:\Windows\System32\msimtf.dll - ok
19:56:40.0500 1032 [ 89AEB5FBBE4A5411484C0A211CD44B53 ] C:\Windows\System32\apss.dll
19:56:40.0500 1032 C:\Windows\System32\apss.dll - ok
19:56:40.0500 1032 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
19:56:40.0500 1032 C:\Windows\System32\msls31.dll - ok
19:56:40.0516 1032 [ 3410CE42581D2353A07ED9A36BD22263 ] C:\Windows\System32\d2d1.dll
19:56:40.0516 1032 C:\Windows\System32\d2d1.dll - ok
19:56:40.0516 1032 [ 390A3F2E21527EB0159603C03CC47A8F ] C:\Windows\System32\DWrite.dll
19:56:40.0516 1032 C:\Windows\System32\DWrite.dll - ok
19:56:40.0516 1032 [ 70DD82E202BD8022452DC8D2B73231AA ] C:\Windows\System32\wscntfy.dll
19:56:40.0516 1032 C:\Windows\System32\wscntfy.dll - ok
19:56:40.0532 1032 [ B4D787DB8D30793A4D4DF9FEED18F136 ] C:\Windows\System32\drivers\cdfs.sys
19:56:40.0532 1032 C:\Windows\System32\drivers\cdfs.sys - ok
19:56:40.0532 1032 [ DFFB91500638FACA4CDEA50E4E1F02F9 ] C:\Windows\System32\Magnify.exe
19:56:40.0547 1032 C:\Windows\System32\Magnify.exe - ok
19:56:40.0547 1032 [ 2CAB7B034B867AAB48D298F93D04BD3E ] C:\Windows\System32\wscapi.dll
19:56:40.0547 1032 C:\Windows\System32\wscapi.dll - ok
19:56:40.0547 1032 [ BF2DD8B1253FB01CADB9C7C152984C89 ] C:\Windows\ehome\ehshell.exe
19:56:40.0547 1032 C:\Windows\ehome\ehshell.exe - ok
19:56:40.0563 1032 [ 63BD471712132D597431407527A57628 ] C:\Windows\System32\dxgi.dll
19:56:40.0563 1032 C:\Windows\System32\dxgi.dll - ok
19:56:40.0563 1032 [ ED10D55B28FCD8A6DEA09AE3FE20EC3A ] C:\Windows\System32\imapi2.dll
19:56:40.0563 1032 C:\Windows\System32\imapi2.dll - ok
19:56:40.0563 1032 [ 55C049CE80CAE59EFE40111AC3BF0758 ] C:\Windows\System32\d3d10_1.dll
19:56:40.0563 1032 C:\Windows\System32\d3d10_1.dll - ok
19:56:40.0578 1032 [ 27CEEAA8E6149FC6F2F9EE5E0BDAC5A5 ] C:\Windows\System32\actxprxy.dll
19:56:40.0578 1032 C:\Windows\System32\actxprxy.dll - ok
19:56:40.0578 1032 [ 0AFD84E045F78E03A3FF67D3A307B881 ] C:\Windows\System32\d3d10_1core.dll
19:56:40.0578 1032 C:\Windows\System32\d3d10_1core.dll - ok
19:56:40.0594 1032 [ D7BF5F0EDFE4419DDD6CCC78CB46789D ] C:\Windows\System32\d3d10warp.dll
19:56:40.0594 1032 C:\Windows\System32\d3d10warp.dll - ok
19:56:40.0594 1032 [ DBC0B012A13C7738871D569005DEB5D1 ] C:\Windows\System32\bthprops.cpl
19:56:40.0594 1032 C:\Windows\System32\bthprops.cpl - ok
19:56:40.0610 1032 [ 8A777C49978A4E03C4F1442E8FDC5CC2 ] C:\Windows\System32\osk.exe
19:56:40.0610 1032 C:\Windows\System32\osk.exe - ok
19:56:40.0610 1032 [ 8F50FB284B7C97C241F6F53E4C88453B ] C:\Program Files\Windows Collaboration\WinCollab.exe
19:56:40.0610 1032 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
19:56:40.0610 1032 [ A77267CDDE66443FB779CEE39CEE2141 ] C:\Windows\System32\QAGENT.DLL
19:56:40.0610 1032 C:\Windows\System32\QAGENT.DLL - ok
19:56:40.0625 1032 [ FF0729002E081668620A681182D63FE6 ] C:\Windows\System32\wuapp.exe
19:56:40.0625 1032 C:\Windows\System32\wuapp.exe - ok
19:56:40.0625 1032 [ 767EE8126468D91C5119F25714D78DAF ] C:\Windows\System32\dfshim.dll
19:56:40.0625 1032 C:\Windows\System32\dfshim.dll - ok
19:56:40.0641 1032 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
19:56:40.0641 1032 C:\Windows\System32\wucltux.dll - ok
19:56:40.0641 1032 [ 20437681A7678D440BBEE38C0453B852 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll
19:56:40.0641 1032 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll - ok
19:56:40.0641 1032 [ 3DBEAEE8645FAF1232CE464C2CAC12EF ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
19:56:40.0641 1032 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
19:56:40.0656 1032 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
19:56:40.0656 1032 C:\Windows\System32\msvcr100_clr0400.dll - ok
19:56:40.0656 1032 [ 1C6F2BF5E6CD537CD5C25A30D6C49AC1 ] C:\Program Files\7-Zip\7zFM.exe
19:56:40.0656 1032 C:\Program Files\7-Zip\7zFM.exe - ok
19:56:40.0672 1032 [ C72A515E6835CB775A01BA4F42B1A730 ] C:\Windows\System32\calc.exe
19:56:40.0672 1032 C:\Windows\System32\calc.exe - ok
19:56:40.0672 1032 [ DB4A027E320B226D33F68C71D85103F6 ] C:\Windows\System32\mblctr.exe
19:56:40.0672 1032 C:\Windows\System32\mblctr.exe - ok
19:56:40.0688 1032 [ 48B306A0F08606FEB6C6DD9BDF6E4E0F ] C:\Windows\System32\NetProj.exe
19:56:40.0688 1032 C:\Windows\System32\NetProj.exe - ok
19:56:40.0688 1032 [ 61D4DBC6D1C1C98DC935888295A89D01 ] C:\Windows\System32\NetProjW.dll
19:56:40.0688 1032 C:\Windows\System32\NetProjW.dll - ok
19:56:40.0688 1032 [ EC0A7FB35A11EEF77C76781E122BAF0C ] C:\Windows\System32\mspaint.exe
19:56:40.0688 1032 C:\Windows\System32\mspaint.exe - ok
19:56:40.0703 1032 [ 30485EC6C84241DDB0BD7B8A2EB6BB3C ] C:\Windows\System32\mstsc.exe
19:56:40.0703 1032 C:\Windows\System32\mstsc.exe - ok
19:56:40.0703 1032 [ 9C5A0F070196B601D629F5BA9AA921F8 ] C:\Program Files\Windows Sidebar\sidebar.exe
19:56:40.0703 1032 C:\Program Files\Windows Sidebar\sidebar.exe - ok
19:56:40.0719 1032 [ 0B40AAC953EE451373FB8E26A73ADC94 ] C:\Windows\System32\SnippingTool.exe
19:56:40.0719 1032 C:\Windows\System32\SnippingTool.exe - ok
19:56:40.0719 1032 [ ECBAA8694660229262B781BEB7DDD625 ] C:\Windows\System32\SoundRecorder.exe
19:56:40.0719 1032 C:\Windows\System32\SoundRecorder.exe - ok
19:56:40.0734 1032 [ A41D6AFF8AFD743507887FD7747B35D3 ] C:\Windows\System32\mobsync.exe
19:56:40.0734 1032 C:\Windows\System32\mobsync.exe - ok
19:56:40.0734 1032 [ 8E29B921BC400F51276F781C4CFB87F6 ] C:\Windows\System32\oobefldr.dll
19:56:40.0734 1032 C:\Windows\System32\oobefldr.dll - ok
19:56:40.0734 1032 [ 00D63F95C21D1FE5CFD23E9F815A7A25 ] C:\Windows\System32\d3d10.dll
19:56:40.0734 1032 C:\Windows\System32\d3d10.dll - ok
19:56:40.0750 1032 [ AD47DE9AC3309EAF362DA8870272F1D3 ] C:\Windows\System32\d3d10core.dll
19:56:40.0750 1032 C:\Windows\System32\d3d10core.dll - ok
19:56:40.0750 1032 [ FAFD25FE1BE024AE20605DCD01F1C435 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
19:56:40.0750 1032 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
19:56:40.0766 1032 [ CE881FB400AAFE32D3DC0A7561B547C2 ] C:\Windows\Speech\Common\sapisvr.exe
19:56:40.0766 1032 C:\Windows\Speech\Common\sapisvr.exe - ok
19:56:40.0766 1032 [ 4FDF6B8B9449D4AF1D98A0705CB6747D ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
19:56:40.0766 1032 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
19:56:40.0766 1032 [ C1303E3D550F2934BA825A80D335D18A ] C:\Windows\System32\sdclt.exe
19:56:40.0766 1032 C:\Windows\System32\sdclt.exe - ok
19:56:40.0781 1032 [ 38D057FA41217FB904B3A0BC34B8D367 ] C:\Windows\System32\charmap.exe
19:56:40.0781 1032 C:\Windows\System32\charmap.exe - ok
19:56:40.0797 1032 [ D642A49B5E19B3F5B0B4647FAE27817E ] C:\Windows\System32\wbem\wbemcore.dll
19:56:40.0797 1032 C:\Windows\System32\wbem\wbemcore.dll - ok
19:56:40.0797 1032 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Kristin\Desktop\tdsskiller.exe
19:56:40.0797 1032 C:\Users\Kristin\Desktop\tdsskiller.exe - ok
19:56:40.0797 1032 [ E1748B86DC11BACA3400B92BB21913CE ] C:\Windows\System32\dfrgui.exe
19:56:40.0797 1032 C:\Windows\System32\dfrgui.exe - ok
19:56:40.0812 1032 [ 37B697901FE364144D634128369098FF ] C:\Windows\System32\wbem\esscli.dll
19:56:40.0812 1032 C:\Windows\System32\wbem\esscli.dll - ok
19:56:40.0812 1032 [ 11F705A35F4CB2B4D6FA51606A9B8C54 ] C:\Windows\System32\wbem\fastprox.dll
19:56:40.0812 1032 C:\Windows\System32\wbem\fastprox.dll - ok
19:56:40.0828 1032 [ 10DEAF6B32EB834F5C534EB942111FA8 ] C:\Windows\System32\migwiz\migwiz.exe
19:56:40.0828 1032 C:\Windows\System32\migwiz\migwiz.exe - ok
19:56:40.0828 1032 [ 1AE49D81622BE6364194F70045F07194 ] C:\Windows\System32\wbem\wmiutils.dll
19:56:40.0828 1032 C:\Windows\System32\wbem\wmiutils.dll - ok
19:56:40.0828 1032 [ 5103B1E343F2D5FBDFA8D0318ABC59C4 ] C:\Windows\System32\wbem\repdrvfs.dll
19:56:40.0828 1032 C:\Windows\System32\wbem\repdrvfs.dll - ok
19:56:40.0844 1032 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\SysWOW64\crypt32.dll
19:56:40.0844 1032 C:\Windows\SysWOW64\crypt32.dll - ok
19:56:40.0844 1032 [ A4AF702E6BB80D014C56EDE22C6BC423 ] C:\Windows\System32\msinfo32.exe
19:56:40.0844 1032 C:\Windows\System32\msinfo32.exe - ok
19:56:40.0859 1032 [ 8DBF26D220D8EE44D7A6286BE2F2C767 ] C:\Windows\System32\rstrui.exe
19:56:40.0859 1032 C:\Windows\System32\rstrui.exe - ok
19:56:40.0859 1032 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\SysWOW64\msasn1.dll
19:56:40.0859 1032 C:\Windows\SysWOW64\msasn1.dll - ok
19:56:40.0875 1032 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\SysWOW64\userenv.dll
19:56:40.0875 1032 C:\Windows\SysWOW64\userenv.dll - ok
19:56:40.0875 1032 [ DB83DA870C2C9A612A07A635444BA846 ] C:\Windows\System32\miguiresource.dll
19:56:40.0875 1032 C:\Windows\System32\miguiresource.dll - ok
19:56:40.0875 1032 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\SysWOW64\setupapi.dll
19:56:40.0875 1032 C:\Windows\SysWOW64\setupapi.dll - ok
19:56:40.0890 1032 [ 549D573FE2B83C3ECF7553E8996DFA17 ] C:\Windows\System32\StikyNot.exe
19:56:40.0890 1032 C:\Windows\System32\StikyNot.exe - ok
19:56:40.0890 1032 [ E946553F786521C073AABC7CD0714807 ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:56:40.0890 1032 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:56:40.0890 1032 [ A4E789205FB6C1FC0FB2FD3898455F57 ] C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
19:56:40.0890 1032 C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe - ok
19:56:40.0906 1032 [ 8D94313E7A7786997B4C362B7CCB5D29 ] C:\Windows\System32\wbem\wbemess.dll
19:56:40.0906 1032 C:\Windows\System32\wbem\wbemess.dll - ok
19:56:40.0922 1032 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\SysWOW64\version.dll
19:56:40.0922 1032 C:\Windows\SysWOW64\version.dll - ok
19:56:40.0922 1032 [ 4F69B3864A6FA36744E275BABD731B74 ] C:\Program Files\Windows Journal\Journal.exe
19:56:40.0922 1032 C:\Program Files\Windows Journal\Journal.exe - ok
19:56:40.0922 1032 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\SysWOW64\winhttp.dll
19:56:40.0922 1032 C:\Windows\SysWOW64\winhttp.dll - ok
19:56:40.0937 1032 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\SysWOW64\wintrust.dll
19:56:40.0937 1032 C:\Windows\SysWOW64\wintrust.dll - ok
19:56:40.0937 1032 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\SysWOW64\imagehlp.dll
19:56:40.0937 1032 C:\Windows\SysWOW64\imagehlp.dll - ok
19:56:40.0953 1032 [ BADF546E20F3B6A8630EA80EB9E657C3 ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
19:56:40.0953 1032 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
19:56:40.0953 1032 [ 590D8BF1D514FC519CEFE9C1815FE41D ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe
19:56:40.0953 1032 C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe - ok
19:56:40.0953 1032 [ 8AA015739AA5D31E19E853FD1554C769 ] C:\Windows\System32\mycomput.dll
19:56:40.0953 1032 C:\Windows\System32\mycomput.dll - ok
19:56:40.0968 1032 [ 88B630F6AEB5A11F6AD064930B38C2C0 ] C:\Windows\SysWOW64\uxtheme.dll
19:56:40.0968 1032 C:\Windows\SysWOW64\uxtheme.dll - ok
19:56:40.0968 1032 [ F91D87E625D94F74477525861F7B38D7 ] C:\Windows\System32\odbcad32.exe
19:56:40.0968 1032 C:\Windows\System32\odbcad32.exe - ok
19:56:40.0984 1032 [ 53E401AE1E8CEF522E00576650CC11EB ] C:\Windows\System32\odbcint.dll
19:56:40.0984 1032 C:\Windows\System32\odbcint.dll - ok
19:56:40.0984 1032 [ 688844EFB733D426D90A56499B5DC6CD ] C:\Windows\System32\iscsicpl.exe
19:56:40.0984 1032 C:\Windows\System32\iscsicpl.exe - ok
19:56:41.0000 1032 [ 8BAFE3351162FB7CD8E392BA93B25EB4 ] C:\Windows\System32\iscsicpl.dll
19:56:41.0000 1032 C:\Windows\System32\iscsicpl.dll - ok
19:56:41.0000 1032 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\SysWOW64\clbcatq.dll
19:56:41.0000 1032 C:\Windows\SysWOW64\clbcatq.dll - ok
19:56:41.0000 1032 [ BEEBCBC84D58FC34B3C9DD3A24BB8F24 ] C:\Windows\System32\MdSched.exe
19:56:41.0000 1032 C:\Windows\System32\MdSched.exe - ok
19:56:41.0015 1032 [ 832726DEFA39BBA2D34C9E20CEA471C0 ] C:\Windows\System32\wdc.dll
19:56:41.0015 1032 C:\Windows\System32\wdc.dll - ok
19:56:41.0015 1032 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\SysWOW64\ws2_32.dll
19:56:41.0015 1032 C:\Windows\SysWOW64\ws2_32.dll - ok
19:56:41.0031 1032 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\SysWOW64\nsi.dll
19:56:41.0031 1032 C:\Windows\SysWOW64\nsi.dll - ok
19:56:41.0031 1032 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\SysWOW64\mswsock.dll
19:56:41.0031 1032 C:\Windows\SysWOW64\mswsock.dll - ok
19:56:41.0046 1032 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
19:56:41.0046 1032 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
19:56:41.0046 1032 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\SysWOW64\wship6.dll
19:56:41.0046 1032 C:\Windows\SysWOW64\wship6.dll - ok
19:56:41.0046 1032 [ 256AD83B5C6B3F36247AFCF3A95EFCF9 ] C:\Windows\System32\filemgmt.dll
19:56:41.0046 1032 C:\Windows\System32\filemgmt.dll - ok
19:56:41.0062 1032 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\SysWOW64\nlaapi.dll
19:56:41.0062 1032 C:\Windows\SysWOW64\nlaapi.dll - ok
19:56:41.0062 1032 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\SysWOW64\IPHLPAPI.DLL
19:56:41.0062 1032 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
19:56:41.0078 1032 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\SysWOW64\dhcpcsvc.dll
19:56:41.0078 1032 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
19:56:41.0078 1032 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\SysWOW64\dnsapi.dll
19:56:41.0078 1032 C:\Windows\SysWOW64\dnsapi.dll - ok
19:56:41.0078 1032 [ F1F799F596CA296EE9725EFEA01A63D7 ] C:\Windows\System32\msconfig.exe
19:56:41.0078 1032 C:\Windows\System32\msconfig.exe - ok
19:56:41.0093 1032 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\SysWOW64\winnsi.dll
19:56:41.0093 1032 C:\Windows\SysWOW64\winnsi.dll - ok
19:56:41.0093 1032 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\SysWOW64\dhcpcsvc6.dll
19:56:41.0093 1032 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
19:56:41.0109 1032 [ 03C1410DBD7B35D105B732424FEB7516 ] C:\Windows\System32\AuthFWGP.dll
19:56:41.0109 1032 C:\Windows\System32\AuthFWGP.dll - ok
19:56:41.0109 1032 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\SysWOW64\NapiNSP.dll
19:56:41.0109 1032 C:\Windows\SysWOW64\NapiNSP.dll - ok
19:56:41.0124 1032 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\SysWOW64\pnrpnsp.dll
19:56:41.0124 1032 C:\Windows\SysWOW64\pnrpnsp.dll - ok
19:56:41.0124 1032 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\SysWOW64\winrnr.dll
19:56:41.0124 1032 C:\Windows\SysWOW64\winrnr.dll - ok
19:56:41.0124 1032 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\SysWOW64\Wldap32.dll
19:56:41.0124 1032 C:\Windows\SysWOW64\Wldap32.dll - ok
19:56:41.0140 1032 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\SysWOW64\psapi.dll
19:56:41.0140 1032 C:\Windows\SysWOW64\psapi.dll - ok
19:56:41.0140 1032 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\SysWOW64\rasadhlp.dll
19:56:41.0140 1032 C:\Windows\SysWOW64\rasadhlp.dll - ok
19:56:41.0156 1032 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\14165985.sys
19:56:41.0156 1032 C:\Windows\System32\drivers\14165985.sys - ok
19:56:41.0156 1032 [ 7385F1F00CD9461C0C36A9CD21C31932 ] C:\Windows\System32\spool\drivers\x64\3\dlbapswx.exe
19:56:41.0156 1032 C:\Windows\System32\spool\drivers\x64\3\dlbapswx.exe - ok
19:56:41.0171 1032 [ E2A1D6A0B04295159A9000AFA52B527D ] C:\Windows\System32\spool\drivers\x64\3\dlbastrn.dll
19:56:41.0171 1032 C:\Windows\System32\spool\drivers\x64\3\dlbastrn.dll - ok
19:56:41.0171 1032 [ C94C8D42A8312AC97E753B3525765DFE ] C:\Windows\hh.exe
19:56:41.0171 1032 C:\Windows\hh.exe - ok
19:56:41.0171 1032 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\SysWOW64\msi.dll
19:56:41.0171 1032 C:\Windows\SysWOW64\msi.dll - ok
19:56:41.0187 1032 [ 10446646D128E580C46615338E74E672 ] C:\Windows\System32\rundll32.exe
19:56:41.0187 1032 C:\Windows\System32\rundll32.exe - ok
19:56:41.0187 1032 [ F0FF73C5381BFE0A6C75D530B7868B2B ] C:\Windows\System32\BCMWLCPL.CPL
19:56:41.0187 1032 C:\Windows\System32\BCMWLCPL.CPL - ok
19:56:41.0202 1032 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\SysWOW64\riched20.dll
19:56:41.0202 1032 C:\Windows\SysWOW64\riched20.dll - ok
19:56:41.0202 1032 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\SysWOW64\shdocvw.dll
19:56:41.0202 1032 C:\Windows\SysWOW64\shdocvw.dll - ok
19:56:41.0202 1032 [ 14D551ECD8C26A581EB41E0E431EBF0C ] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
19:56:41.0202 1032 C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe - ok
19:56:41.0218 1032 [ A823E43FDF9836DBAB9CBA40C96242E3 ] C:\Program Files\ESET\ESET NOD32 Antivirus\SysInspector.exe
19:56:41.0218 1032 C:\Program Files\ESET\ESET NOD32 Antivirus\SysInspector.exe - ok
19:56:41.0218 1032 [ AB63D69E5B16460D439710212C197091 ] C:\Program Files\ESET\ESET NOD32 Antivirus\SysRescue.exe
19:56:41.0218 1032 C:\Program Files\ESET\ESET NOD32 Antivirus\SysRescue.exe - ok
19:56:41.0234 1032 [ 3757EB89E39791C94CA1C484E03857AB ] C:\Program Files\ESET\ESET NOD32 Antivirus\callmsi.exe
19:56:41.0234 1032 C:\Program Files\ESET\ESET NOD32 Antivirus\callmsi.exe - ok
19:56:41.0234 1032 [ E4D4500B9F619DF2F1765FE259B12A4F ] C:\Windows\System32\WindowsAnytimeUpgrade.exe
19:56:41.0234 1032 C:\Windows\System32\WindowsAnytimeUpgrade.exe - ok
19:56:41.0249 1032 [ 23E4E5A6876082BADECA7B80DD7B21C0 ] C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
19:56:41.0249 1032 C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll - ok
19:56:41.0249 1032 [ DF4F9708003752B4C475300BEC1F042B ] C:\Program Files\Microsoft Games\Chess\Chess.exe
19:56:41.0249 1032 C:\Program Files\Microsoft Games\Chess\Chess.exe - ok
19:56:41.0265 1032 [ CD2B49ACFAD057AD5577AA26040CC052 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
19:56:41.0265 1032 C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
19:56:41.0265 1032 [ F2DB8923DBF9491BC7D387E305505CF5 ] C:\Windows\System32\gameux.dll
19:56:41.0265 1032 C:\Windows\System32\gameux.dll - ok
19:56:41.0265 1032 [ 69C0460E837047E172A3B92858ED7AB3 ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe
19:56:41.0265 1032 C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok
19:56:41.0280 1032 [ B4761127BA6B6353566FF735EC22F4A4 ] C:\Program Files\Microsoft Games\inkball\inkball.exe
19:56:41.0280 1032 C:\Program Files\Microsoft Games\inkball\inkball.exe - ok
19:56:41.0280 1032 [ A0CB916FDBB52C039F5D482701645E86 ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
19:56:41.0280 1032 C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok
19:56:41.0296 1032 [ 45EEA3DBE0182FBCFCF9B1F286178BB9 ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
19:56:41.0296 1032 C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok
19:56:41.0296 1032 [ C4E6DF4D491A82DFF4EA56BD4C3A6633 ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
19:56:41.0296 1032 C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok
19:56:41.0312 1032 [ 4EF7F56C5D3D3FC63E7296F2A3D283D5 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
19:56:41.0312 1032 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
19:56:41.0312 1032 [ EF6D2BC5AF87B6DDFB52245FF77046B7 ] C:\Windows\System32\brcpl.dll
19:56:41.0312 1032 C:\Windows\System32\brcpl.dll - ok
19:56:41.0312 1032 [ 406121C827A2901E72DAB2197DAE180E ] C:\Windows\System32\wercon.exe
19:56:41.0312 1032 C:\Windows\System32\wercon.exe - ok
19:56:41.0327 1032 [ 5767ED421A03FA524B5F18A2C28C1143 ] C:\Windows\System32\msra.exe
19:56:41.0327 1032 C:\Windows\System32\msra.exe - ok
19:56:41.0327 1032 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
19:56:41.0327 1032 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe - ok
19:56:41.0343 1032 [ 7E2CF680C69680064D43F4FFE5831DD1 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
19:56:41.0343 1032 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe - ok
19:56:41.0343 1032 [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
19:56:41.0343 1032 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe - ok
19:56:41.0358 1032 [ FF6669F7A1782D54E338F5C6EC806E1E ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
19:56:41.0358 1032 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe - ok
19:56:41.0358 1032 [ E1AB2AC4A4D50B479DF1B1CEA4A7409B ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
19:56:41.0358 1032 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe - ok
19:56:41.0374 1032 [ 3E5AA6A816FA331E64C38A45C6FF5637 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
19:56:41.0374 1032 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe - ok
19:56:41.0374 1032 [ 051023B22D675856D49360356293A939 ] C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll
19:56:41.0374 1032 C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll - ok
19:56:41.0374 1032 [ FC94371FCE85F391F976F2BB560367CF ] C:\Windows\System32\url.dll
19:56:41.0374 1032 C:\Windows\System32\url.dll - ok
19:56:41.0390 1032 [ E21FFFE678FF09BAA6BF5F76BD8805C6 ] C:\Windows\System32\esent.dll
19:56:41.0390 1032 C:\Windows\System32\esent.dll - ok
19:56:41.0390 1032 [ 11D415DB881C617288D3CB81BB1FE51D ] C:\Windows\System32\wbem\NCProv.dll
19:56:41.0390 1032 C:\Windows\System32\wbem\NCProv.dll - ok
19:56:41.0405 1032 [ 06FDEA0167BAD4CDE26210F92F33FDBA ] C:\Windows\System32\wbem\wbemcons.dll
19:56:41.0405 1032 C:\Windows\System32\wbem\wbemcons.dll - ok
19:56:41.0405 1032 [ 7DC262AEEA66CCD6ED86DAAB16C4CDFF ] C:\Windows\System32\ntlanman.dll
19:56:41.0405 1032 C:\Windows\System32\ntlanman.dll - ok
19:56:41.0421 1032 [ 2790F04DFDDA00B7B6DE6719399A8739 ] C:\Windows\System32\drprov.dll
19:56:41.0421 1032 C:\Windows\System32\drprov.dll - ok
19:56:41.0421 1032 [ AAC4DFF79689736D8B316FC05A3E25EC ] C:\Windows\System32\davclnt.dll
19:56:41.0421 1032 C:\Windows\System32\davclnt.dll - ok
19:56:41.0421 1032 ============================================================
19:56:41.0421 1032 Scan finished
19:56:41.0421 1032 ============================================================
19:56:41.0436 2044 Detected object count: 249
19:56:41.0436 2044 Actual detected object count: 249
19:57:20.0842 2044 AeLookupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0842 2044 AeLookupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0842 2044 AESTFilters ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0858 2044 AESTFilters ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0858 2044 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0858 2044 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0858 2044 aksdf ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0858 2044 aksdf ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0858 2044 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0858 2044 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0858 2044 AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0858 2044 AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0858 2044 Appinfo ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0858 2044 Appinfo ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0858 2044 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0858 2044 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0873 2044 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0873 2044 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0873 2044 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0873 2044 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0873 2044 BFE ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0873 2044 BFE ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0873 2044 BITS ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0873 2044 BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0873 2044 blbdrive ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0873 2044 blbdrive ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0873 2044 bowser ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0873 2044 bowser ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0873 2044 BrFiltLo ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0873 2044 BrFiltLo ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0889 2044 BrFiltUp ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0889 2044 BrFiltUp ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0889 2044 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0889 2044 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0889 2044 Brserid ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0889 2044 Brserid ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0889 2044 BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0889 2044 BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0889 2044 BrUsbMdm ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0889 2044 BrUsbMdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0889 2044 BrUsbSer ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0889 2044 BrUsbSer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0904 2044 BTHMODEM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0904 2044 BTHMODEM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0904 2044 cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0904 2044 cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0904 2044 cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0904 2044 cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0904 2044 CertPropSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0904 2044 CertPropSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0904 2044 circlass ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0904 2044 circlass ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0920 2044 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0920 2044 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0920 2044 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0920 2044 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0920 2044 DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0920 2044 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0920 2044 DfsC ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0920 2044 DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0920 2044 DFSR ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0920 2044 DFSR ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0920 2044 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0920 2044 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0936 2044 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0936 2044 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0936 2044 dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0936 2044 dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0936 2044 DPS ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0936 2044 DPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0936 2044 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0936 2044 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0936 2044 E1G60 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0936 2044 E1G60 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0936 2044 EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0936 2044 EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0936 2044 ehRecvr ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0936 2044 ehRecvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0951 2044 ehSched ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0951 2044 ehSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0951 2044 ehstart ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0951 2044 ehstart ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0951 2044 EMDMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0951 2044 EMDMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0951 2044 ErrDev ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0951 2044 ErrDev ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0951 2044 EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0951 2044 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0951 2044 exfat ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0951 2044 exfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0967 2044 fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0967 2044 fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0967 2044 fdc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0967 2044 fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0967 2044 fdPHost ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0967 2044 fdPHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0967 2044 FDResPub ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0967 2044 FDResPub ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0967 2044 Filetrace ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0967 2044 Filetrace ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0982 2044 flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0982 2044 flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0982 2044 FontCache ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0982 2044 FontCache ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0982 2044 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0982 2044 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0982 2044 gpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0982 2044 gpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0982 2044 hardlock ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0982 2044 hardlock ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0982 2044 HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0982 2044 HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0982 2044 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0982 2044 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0998 2044 HidBth ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0998 2044 HidBth ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0998 2044 HidIr ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0998 2044 HidIr ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0998 2044 hidserv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0998 2044 hidserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0998 2044 HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0998 2044 HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0998 2044 hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0998 2044 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0998 2044 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0998 2044 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0014 2044 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0014 2044 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0014 2044 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0014 2044 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0014 2044 IKEEXT ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0014 2044 IKEEXT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0014 2044 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0014 2044 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0014 2044 IPBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0014 2044 IPBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0014 2044 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0014 2044 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0014 2044 iphlpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0014 2044 iphlpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0029 2044 IPMIDRV ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0029 2044 IPMIDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0029 2044 IPNAT ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0029 2044 IPNAT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0029 2044 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0029 2044 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0029 2044 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0029 2044 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0029 2044 KeyIso ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0029 2044 KeyIso ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0045 2044 ksthunk ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0045 2044 ksthunk ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0045 2044 KtmRm ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0045 2044 KtmRm ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0045 2044 LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0045 2044 LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0045 2044 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0045 2044 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0045 2044 lltdio ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0045 2044 lltdio ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0045 2044 lltdsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0045 2044 lltdsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0060 2044 lmhosts ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0060 2044 lmhosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0060 2044 luafv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0060 2044 luafv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0060 2044 Mcx2Svc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0060 2044 Mcx2Svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0060 2044 MMCSS ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0060 2044 MMCSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0060 2044 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0060 2044 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0060 2044 monitor ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0060 2044 monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0060 2044 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0060 2044 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0076 2044 mpsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0076 2044 mpsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0076 2044 MpsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0076 2044 MpsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0076 2044 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0076 2044 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0076 2044 mrxsmb ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0076 2044 mrxsmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0076 2044 mrxsmb10 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0076 2044 mrxsmb10 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0076 2044 mrxsmb20 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0076 2044 mrxsmb20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0092 2044 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0092 2044 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0092 2044 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0092 2044 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0092 2044 MSiSCSI ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0092 2044 MSiSCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0092 2044 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0092 2044 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0092 2044 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0092 2044 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0107 2044 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0107 2044 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0107 2044 MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0107 2044 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0107 2044 napagent ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0107 2044 napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0107 2044 NativeWifiP ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0107 2044 NativeWifiP ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0107 2044 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0107 2044 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0107 2044 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0107 2044 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0107 2044 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0107 2044 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0123 2044 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0123 2044 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0123 2044 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0123 2044 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0123 2044 netbt ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0123 2044 netbt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0123 2044 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0123 2044 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0123 2044 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0123 2044 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0123 2044 netprofm ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0123 2044 netprofm ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0123 2044 NlaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0123 2044 NlaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0138 2044 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0138 2044 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0138 2044 nsi ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0138 2044 nsi ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0138 2044 nsiproxy ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0138 2044 nsiproxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0138 2044 Null ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0138 2044 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0138 2044 OA009Ufd ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0138 2044 OA009Ufd ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0138 2044 OA009Vid ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0138 2044 OA009Vid ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0138 2044 ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0154 2044 ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0154 2044 p2pimsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0154 2044 p2pimsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0154 2044 p2psvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0154 2044 p2psvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0154 2044 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0154 2044 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0154 2044 PcaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0154 2044 PcaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0154 2044 PEAUTH ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0154 2044 PEAUTH ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0170 2044 PerfHost ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0170 2044 PerfHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0170 2044 pla ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0170 2044 pla ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0170 2044 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0170 2044 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0170 2044 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0170 2044 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0170 2044 PNRPsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0170 2044 PNRPsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0170 2044 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0170 2044 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0185 2044 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0185 2044 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0185 2044 Processor ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0185 2044 Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0185 2044 ProfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0185 2044 ProfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0185 2044 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0185 2044 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0185 2044 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0185 2044 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0185 2044 QWAVE ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0185 2044 QWAVE ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0185 2044 QWAVEdrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0185 2044 QWAVEdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0201 2044 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0201 2044 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0201 2044 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0201 2044 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0201 2044 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0201 2044 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0201 2044 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0201 2044 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0201 2044 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0201 2044 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0201 2044 RasSstp ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0201 2044 RasSstp ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0216 2044 rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0216 2044 rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0216 2044 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0216 2044 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0216 2044 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0216 2044 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0216 2044 RDPENCDD ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0216 2044 RDPENCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0216 2044 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0216 2044 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0232 2044 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0232 2044 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0232 2044 RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0232 2044 RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0232 2044 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0232 2044 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0232 2044 RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0232 2044 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0232 2044 rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0232 2044 rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0232 2044 RTSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0232 2044 RTSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0248 2044 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0248 2044 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0248 2044 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0248 2044 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0248 2044 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0248 2044 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0248 2044 SCPolicySvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0248 2044 SCPolicySvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0248 2044 SDRSVC ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0248 2044 SDRSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0248 2044 secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0248 2044 secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0263 2044 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0263 2044 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0263 2044 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0263 2044 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0263 2044 Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0263 2044 Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0263 2044 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0263 2044 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0263 2044 sermouse ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0263 2044 sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0263 2044 SessionEnv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0263 2044 SessionEnv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0263 2044 sffdisk ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0263 2044 sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0279 2044 sffp_mmc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0279 2044 sffp_mmc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0279 2044 sffp_sd ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0279 2044 sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0279 2044 sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0279 2044 sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0279 2044 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0279 2044 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0279 2044 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0279 2044 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0294 2044 slsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0294 2044 slsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0294 2044 SLUINotify ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0294 2044 SLUINotify ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0294 2044 Smb ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0294 2044 Smb ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0294 2044 SNMPTRAP ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0294 2044 SNMPTRAP ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0294 2044 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0294 2044 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0294 2044 srv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0294 2044 srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0310 2044 srv2 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0310 2044 srv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0310 2044 srvnet ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0310 2044 srvnet ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0310 2044 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0310 2044 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0310 2044 SstpSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0310 2044 SstpSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0310 2044 STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0310 2044 STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0310 2044 STHDA ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0310 2044 STHDA ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0310 2044 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0310 2044 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0326 2044 swprv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0326 2044 swprv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0326 2044 SysMain ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0326 2044 SysMain ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0326 2044 TabletInputService ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0326 2044 TabletInputService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0326 2044 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0326 2044 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0326 2044 TBS ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0326 2044 TBS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0326 2044 tcpipreg ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0326 2044 tcpipreg ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0341 2044 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0341 2044 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0341 2044 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0341 2044 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0341 2044 tdx ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0341 2044 tdx ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0341 2044 TermService ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0341 2044 TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0341 2044 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0341 2044 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0357 2044 THREADORDER ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0357 2044 THREADORDER ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0357 2044 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0357 2044 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0357 2044 TrustedInstaller ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0357 2044 TrustedInstaller ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0357 2044 tssecsrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0357 2044 tssecsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0357 2044 tunmp ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0357 2044 tunmp ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0357 2044 tunnel ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0357 2044 tunnel ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0357 2044 udfs ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0357 2044 udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0372 2044 UI0Detect ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0372 2044 UI0Detect ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0372 2044 umbus ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0372 2044 umbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0372 2044 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0372 2044 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0372 2044 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0372 2044 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0372 2044 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0372 2044 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0372 2044 usbcir ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0372 2044 usbcir ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0372 2044 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0372 2044 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0388 2044 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0388 2044 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0388 2044 usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0388 2044 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0388 2044 usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0388 2044 usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0388 2044 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0388 2044 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0388 2044 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0388 2044 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0388 2044 usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0388 2044 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0388 2044 usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0388 2044 usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0404 2044 UxSms ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0404 2044 UxSms ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0404 2044 vds ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0404 2044 vds ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0404 2044 vga ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0404 2044 vga ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0404 2044 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0404 2044 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0404 2044 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0404 2044 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0419 2044 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0419 2044 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0419 2044 WacomPen ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0419 2044 WacomPen ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0419 2044 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0419 2044 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0419 2044 Wanarpv6 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0419 2044 Wanarpv6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0419 2044 wcncsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0419 2044 wcncsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0419 2044 WcsPlugInService ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0419 2044 WcsPlugInService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0435 2044 WdiServiceHost ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0435 2044 WdiServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0435 2044 WdiSystemHost ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0435 2044 WdiSystemHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0435 2044 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0435 2044 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0435 2044 Wecsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0435 2044 Wecsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0435 2044 wercplsupport ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0435 2044 wercplsupport ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0435 2044 WerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0435 2044 WerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0435 2044 Winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0435 2044 Winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0450 2044 WinRM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0450 2044 WinRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0450 2044 Wlansvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0450 2044 Wlansvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0450 2044 WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0450 2044 WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0450 2044 wmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0450 2044 wmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0450 2044 WPCSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0450 2044 WPCSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0450 2044 WPDBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0450 2044 WPDBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0466 2044 WpdUsb ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0466 2044 WpdUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0466 2044 ws2ifsl ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0466 2044 ws2ifsl ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0466 2044 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0466 2044 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0466 2044 WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0466 2044 WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0466 2044 wudfsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0466 2044 wudfsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0482 2044 yukonx64 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:21.0482 2044 yukonx64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:21.0825 2044 \Device\Harddisk0\DR0\# - copied to quarantine
19:57:21.0825 2044 \Device\Harddisk0\DR0 - copied to quarantine
19:57:21.0903 2044 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
19:57:21.0903 2044 \Device\Harddisk0\DR0 - ok
19:57:21.0903 2044 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
19:57:31.0902 1864 Deinitialize success
  • 0

#8
Jasmyne
Posted 25 May 2013 - 04:39 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Thank you for the first TDSSKiller log. We generally advise against running aswMBR or TDSSKiller unless you have been asked to do so for a few reasons. If you had been unable to find the first log we might have spent a lot of time trying to find the infection that had already removed. Also had the wrong option been selected during the run important system files could have been deleted. Now to get rid of the other malware on your computer. :)

Step 1-OTL Fix

Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the code box below. To do this, highlight everything inside the code box, right click and click Copy.

:Commands
[createrestorepoint]

:OTL
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2233703
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No CLSID value found
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\URLSearchHook: {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbapp0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000225f852495
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes\{960467E7-C35E-4D1F-BEE4-4627CD6723D4}: "URL" = http://search.condui...&ctid=CT3227982
IE - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}: "URL" = http://dts.search-re...q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "appbario8 Customized Web Search"
FF - prefs.js..browser.search.order.1: "appbario8 Customized Web Search"
FF - prefs.js..browser.search.selectedEngine: "appbario8 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT3227982&SearchSource=13"
FF - prefs.js..extensions.enabledAddons: specialsavings%40superfish.com:1.2.0.14FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3227982&SearchSource=2&q="
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected] [2013/05/19 23:25:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Sidekick Manager\2.6.1123.78\{6f06cdeb-5de2-4520-aef2-1aa556ca7a6b}\FirefoxExtension [2013/01/31 18:42:46 | 000,000,000 | ---D | M]
[2013/05/19 23:25:39 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\extensions\[email protected]
[2012/05/12 21:43:02 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (DataMngr) - {34DEE7AD-47D7-45e9-91FC-3E511083493F} - C:\PROGRA~2\SAVEVI~2\Datamngr\BROWSE~1.DLL File not found
O2 - BHO: (SpecialSavings) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (appbario8 Toolbar) - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbapp0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\Toolbar\WebBrowser: (no name) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No CLSID value found.
O3 - HKU\S-1-5-21-4270958396-3272677963-532609597-1000\..\Toolbar\WebBrowser: (appbario8 Toolbar) - {0CC09160-108C-4759-BAB1-5C12C216E005} - C:\Program Files (x86)\appbario8\prxtbapp0.dll (Conduit Ltd.)
O9 - Extra Button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)

:Commands
[emptytemp]

2. Please re-open Posted Image on your desktop.
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).

Step 2-Microsoft Fixit

Windows Sidebar is running on your computer and it is know to have some security issues. Microsoft has published information about the vulnerabilities here. I would advise you disable it using this Fix it

Step 3-AdwCleaner

  • Download AdwCleaner from here or here and save it to your desktop.
  • Run AdwCleaner and select Delete

    Posted Image
  • Once it has completed it will ask to reboot the computer, please allow it to so.
  • After the computer reboots, a log will be produced. Please attach that log to your next post.

Step 4-OTL Quick Scan

Finally, please run a quick scan so we can check to make sure everything has been removed.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad file, OTL.Txt. It will be saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post them in your topic.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. OTL Fix Log
2. AdwCleaner Log
3. OTL Quick Scan Log
4. How is your computer running?
  • 0

#9
Kristin51505
Posted 26 May 2013 - 02:36 PM

Kristin51505

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts
Okay, I finished all the scans and my computer has been running normally; I haven't gotten any more alerts from ESET about trojans, so that seems like a good sign! The first OTL scan took a long time to finish (is it supposed to take several hours?); I thought that it was frozen or stuck at one point and stopped it, so there are two logs from the "Fix" scan. I disabled Windows Sidebar and ran the other scans . . . all the logs are below :)

Thanks!

Kristin


Files\Folders moved on Reboot...
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\Sidekick Manager\2.2.513.159\{6f06cdeb-5de2-4520-aef2-1aa556ca7a6b} not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\Sidekick Manager\2.2.513.159 not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\Sidekick Manager not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\searchplugins not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\defaults\preferences not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\defaults not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\components not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\chrome\superfish\skin not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\chrome\superfish\content not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\chrome\superfish not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected]\chrome not found!
File\Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected] not found!
File\Folder C:\Users\Kristin\AppData\Local\Temp\flaE5C3.tmp not found!
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat scheduled to be moved on reboot.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X9Z9GU0C\pageview[1].htm moved successfully.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X5KANT4E\1[randomNo]@x03[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X5KANT4E\728[1].htm not found!
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X5KANT4E\matomymediaproxy[1].htm scheduled to be moved on reboot.
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X5KANT4E\st[1].htm scheduled to be moved on reboot.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1KPEO7F\cm[1] not found!
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1KPEO7F\sh116[1].htm moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1KPEO7F\_;mtfIFrameRequest=false;ord=1369536265[1].htm moved successfully.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VLF8PTAR\fc[1].htm not found!
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VLF8PTAR\pageview[1].htm moved successfully.
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\USNOUOF0\1[randomNo]@x04[1].htm scheduled to be moved on reboot.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\USNOUOF0\728[1].htm not found!
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\USNOUOF0\fc[1].htm scheduled to be moved on reboot.
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\USNOUOF0\type_simple_nrmp-zoom-in[1].ico scheduled to be moved on reboot.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SCE1MD77\728[1].htm not found!
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SCE1MD77\my_yahoo_com[2].htm scheduled to be moved on reboot.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SCE1MD77\pageview[1].htm moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SCE1MD77\pageview[2].htm moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q0Z1Q8RN\pageview[1].htm moved successfully.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q0Z1Q8RN\placement_cookie[1].htm not found!
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q0Z1Q8RN\syncuppixels[1].htm moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1ABQEKH\-iGmidt4SirRkI4DjBoTLA[1].eot moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1ABQEKH\2PKIMKLK5EKW8a82a669[1].htm moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1ABQEKH\ext-render-secure[1].htm moved successfully.
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1ABQEKH\ext-render[1].htm scheduled to be moved on reboot.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKU4KM1X\pd[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKU4KM1X\xd_arbiter[2].htm not found!
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A3J1IS6D\ff2[1].htm scheduled to be moved on reboot.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VFT2NJN\728[1].htm moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VFT2NJN\ba[1].htm moved successfully.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VFT2NJN\pd[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VFT2NJN\st[4] not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VFT2NJN\st[5] not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VFT2NJN\xd_arbiter[1].htm not found!
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VFT2NJN\xd_arbiter[2].htm moved successfully.
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HZIA1X9\csc-render[1].htm scheduled to be moved on reboot.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HZIA1X9\pd[1].htm not found!
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OMZGDY2\ff2[2].htm scheduled to be moved on reboot.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OMZGDY2\fm[1].htm moved successfully.
File move failed. C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5092JEBF\season-2-episode-20[1].htm scheduled to be moved on reboot.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5092JEBF\serve[1].htm moved successfully.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\119ZW0C1\fc[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\119ZW0C1\like[2].htm not found!
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\119ZW0C1\pageview[1].htm moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry value HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\ not found.
Registry value HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0cc09160-108c-4759-bab1-5c12c216e005} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0cc09160-108c-4759-bab1-5c12c216e005}\ not found.
File C:\Program Files (x86)\appbario8\prxtbapp0.dll not found.
HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{960467E7-C35E-4D1F-BEE4-4627CD6723D4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{960467E7-C35E-4D1F-BEE4-4627CD6723D4}\ not found.
Registry key HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}\ not found.
Prefs.js: "appbario8 Customized Web Search" removed from browser.search.defaultenginename
Prefs.js: "appbario8 Customized Web Search" removed from browser.search.order.1
Prefs.js: "appbario8 Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.condui...earchSource=13" removed from browser.startup.homepage
Prefs.js: specialsavings%40superfish.com:1.2.0.14FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q=" removed from extensions.enabledAddons
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected] not found.
File C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles/tmmm7cnk.default\extensions\[email protected] not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58bd07eb-0ee0-4df0-8121-dc9b693373df}\ not found.
File C:\ProgramData\Sidekick Manager\2.6.1123.78\{6f06cdeb-5de2-4520-aef2-1aa556ca7a6b}\FirefoxExtension not found.
Folder C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\extensions\[email protected]\ not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34DEE7AD-47D7-45e9-91FC-3E511083493F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34DEE7AD-47D7-45e9-91FC-3E511083493F}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\ not found.
File C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0cc09160-108c-4759-bab1-5c12c216e005} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0cc09160-108c-4759-bab1-5c12c216e005}\ not found.
File C:\Program Files (x86)\appbario8\prxtbapp0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
Registry value HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}\ not found.
Registry value HKEY_USERS\S-1-5-21-4270958396-3272677963-532609597-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0CC09160-108C-4759-BAB1-5C12C216E005} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CC09160-108C-4759-BAB1-5C12C216E005}\ not found.
File C:\Program Files (x86)\appbario8\prxtbapp0.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}\ not found.
File C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Kristin
->Temp folder emptied: 81920 bytes
->Temporary Internet Files folder emptied: 21938930 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 411191445 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2936742927 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 112225641 bytes
RecycleBin emptied: 58855981 bytes

Total Files Cleaned = 3,377.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05252013_221905

Files\Folders moved on Reboot...
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X9Z9GU0C\B7657021[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X5KANT4E\matomymediaproxy[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1KPEO7F\1[randomNo]@x03[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1KPEO7F\1[randomNo]@x04[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1KPEO7F\5ZCWESQT7I4C[1].flv not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1KPEO7F\like[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VLF8PTAR\xd_arbiter[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\USNOUOF0\fc[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\USNOUOF0\type_simple_nrmp-zoom-in[1].ico not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SCE1MD77\728i[2].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SCE1MD77\my_yahoo_com[2].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SCE1MD77\p-01-0VIaSjnOLg[1].gif not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JS942B2B\300[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JS942B2B\audmeasure[1].gif not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1ABQEKH\ext-render[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1ABQEKH\imp[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1ABQEKH\p-01-0VIaSjnOLg[1].gif not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKU4KM1X\-iGmidt4SirRkI4DjBoTLA[1].eot not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A3J1IS6D\ff2[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A3J1IS6D\p-01-0VIaSjnOLg[1].gif not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VFT2NJN\1669454188@x96[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VFT2NJN\p-01-0VIaSjnOLg[1].gif not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VFT2NJN\sh116[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HZIA1X9\5ZCWESQT7I4C8a82a669[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HZIA1X9\csc-render[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HZIA1X9\xd_arbiter[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OMZGDY2\330337-infected-with-win32olmariktdl4-trojan-need-help[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OMZGDY2\ff2[2].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OMZGDY2\season-2-episode-21[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5092JEBF\his728[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\119ZW0C1\300[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\119ZW0C1\p-01-0VIaSjnOLg[1].gif not found!
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



# AdwCleaner v2.301 - Logfile created 05/26/2013 at 10:09:30
# Updated 16/05/2013 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Kristin - KRISTIN-PC
# Boot Mode : Normal
# Running from : C:\Users\Kristin\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\appbario8
Deleted on reboot : C:\Program Files (x86)\Conduit
Deleted on reboot : C:\Program Files (x86)\SpecialSavings
Deleted on reboot : C:\Program Files\Sidekick Manager
Deleted on reboot : C:\ProgramData\Babylon
Deleted on reboot : C:\ProgramData\boost_interprocess
Deleted on reboot : C:\ProgramData\Sidekick Manager
Deleted on reboot : C:\Users\Kristin\AppData\Local\Babylon
Deleted on reboot : C:\Users\Kristin\AppData\Local\Conduit
Deleted on reboot : C:\Users\Kristin\AppData\Local\PackageAware
Deleted on reboot : C:\Users\Kristin\AppData\LocalLow\appbario8
Deleted on reboot : C:\Users\Kristin\AppData\LocalLow\PriceGong
Deleted on reboot : C:\Users\Kristin\AppData\Roaming\Babylon
Deleted on reboot : C:\Users\Kristin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidekick Manager
Deleted on reboot : C:\Users\Kristin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings
Deleted on reboot : C:\Users\Kristin\Desktop\Sidekick Manager
Deleted on reboot : C:\Users\Kristin\Documents\Sidekick Manager
Deleted on reboot : C:\Users\Kristin\Sidekick Manager
Deleted on reboot : C:\Windows\SysWOW64\Sidekick Manager
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\bProtector_extensions.rdf
File Deleted : C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\bprotector_prefs.js
File Deleted : C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\searchplugins\Search_Results.xml

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\appbario8
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\SpecialSavings
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\appbario8 Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SpecialSavings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0CC09160-108C-4759-BAB1-5C12C216E005}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\5968bd1e13aeb10
Key Deleted : HKLM\Software\appbario8
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2233703
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3227982
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17FBAC21-3A8E-43BD-AB17-F02E52037EDB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\5968bd1e13aeb10
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{17FBAC21-3A8E-43BD-AB17-F02E52037EDB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7964D39D-6FAD-4A5B-9A73-4DBB44421AD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE4941BB-76CF-4D8E-ACCF-22DB07972684}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0CC09160-108C-4759-BAB1-5C12C216E005}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\appbario8 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\DataMngr
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0CC09160-108C-4759-BAB1-5C12C216E005}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\prefs.js

C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\user.js ... Deleted !

Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935&tt=100512_3_");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "20e8e67a00000000000000225f852495");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "20e8e67a00000000000000225f852495");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15473");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109935&tt=10051[...]
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1721:43:08");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227982&SearchSource=2&q=[...]

*************************

AdwCleaner[S1].txt - [333 octets] - [26/05/2013 07:52:28]
AdwCleaner[S2].txt - [11841 octets] - [26/05/2013 10:09:30]

########## EOF - C:\AdwCleaner[S2].txt - [11902 octets] ##########



OTL logfile created on: 5/26/2013 12:45:12 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kristin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.51 Gb Available Physical Memory | 63.33% Memory free
8.10 Gb Paging File | 6.63 Gb Available in Paging File | 81.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.30 Gb Total Space | 90.08 Gb Free Space | 32.25% Space Free | Partition Type: NTFS
Drive E: | 18.75 Gb Total Space | 10.95 Gb Free Space | 58.43% Space Free | Partition Type: NTFS

Computer Name: KRISTIN-PC | User Name: Kristin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013/05/24 16:43:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kristin\Desktop\OTL.exe
PRC - [2013/04/16 07:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/12/21 05:08:56 | 001,333,424 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011/08/10 13:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
PRC - [2008/06/03 15:54:56 | 000,446,635 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe
PRC - [2008/05/23 14:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 17:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/26 10:17:07 | 000,128,512 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_elementtree.pyd
MOD - [2013/05/26 10:17:07 | 000,044,032 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_socket.pyd
MOD - [2013/05/26 10:17:06 | 001,022,416 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\windows._cacheinvalidation.pyd
MOD - [2013/05/26 10:17:06 | 000,805,888 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._gdi_.pyd
MOD - [2013/05/26 10:17:06 | 000,557,056 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\pysqlite2._sqlite.pyd
MOD - [2013/05/26 10:17:06 | 000,320,512 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32com.shell.shell.pyd
MOD - [2013/05/26 10:17:06 | 000,098,816 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32api.pyd
MOD - [2013/05/26 10:17:06 | 000,070,656 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._html2.pyd
MOD - [2013/05/26 10:17:06 | 000,026,624 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_multiprocessing.pyd
MOD - [2013/05/26 10:17:06 | 000,022,528 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32ts.pyd
MOD - [2013/05/26 10:17:06 | 000,017,408 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32profile.pyd
MOD - [2013/05/26 10:17:06 | 000,011,264 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32crypt.pyd
MOD - [2013/05/26 10:17:05 | 000,735,232 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._misc_.pyd
MOD - [2013/05/26 10:17:05 | 000,364,544 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\pythoncom27.dll
MOD - [2013/05/26 10:17:05 | 000,110,080 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\PyWinTypes27.dll
MOD - [2013/05/26 10:17:05 | 000,108,544 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32security.pyd
MOD - [2013/05/26 10:17:05 | 000,087,040 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_ctypes.pyd
MOD - [2013/05/26 10:17:04 | 001,175,040 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._core_.pyd
MOD - [2013/05/26 10:17:03 | 001,153,024 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_ssl.pyd
MOD - [2013/05/26 10:17:01 | 000,811,008 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._windows_.pyd
MOD - [2013/05/26 10:17:01 | 000,711,680 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_hashlib.pyd
MOD - [2013/05/26 10:17:01 | 000,035,840 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32process.pyd
MOD - [2013/05/26 10:17:01 | 000,025,600 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32pdh.pyd
MOD - [2013/05/26 10:17:00 | 000,122,368 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._wizard.pyd
MOD - [2013/05/26 10:16:59 | 000,119,808 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32file.pyd
MOD - [2013/05/26 10:16:59 | 000,038,912 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32inet.pyd
MOD - [2013/05/26 10:16:51 | 001,062,400 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._controls_.pyd
MOD - [2013/05/26 10:16:50 | 000,127,488 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\pyexpat.pyd
MOD - [2013/05/26 10:16:50 | 000,018,432 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32event.pyd
MOD - [2013/05/26 10:16:49 | 000,686,080 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\unicodedata.pyd
MOD - [2013/05/26 10:16:45 | 000,010,240 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\select.pyd
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/11/03 15:51:26 | 000,039,712 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/12/21 05:08:56 | 001,333,424 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/12/30 07:39:40 | 004,889,032 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/02/26 02:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_54cb4575\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_54cb4575\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/11/17 08:29:18 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/03/26 16:16:02 | 000,567,280 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlbacoms.exe -- (dlba_device)
SRV:64bit: - [2006/11/02 04:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2013/05/15 01:02:00 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/16 15:18:38 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/28 09:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/08/10 13:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe -- (NSL)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/29 21:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/05/24 15:46:01 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\63506565.sys -- (51270607)
DRV:64bit: - [2012/12/21 05:09:28 | 000,139,768 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012/12/21 05:08:54 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/21 05:08:18 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\eamonm.sys -- (eamonm)
DRV:64bit: - [2012/02/29 06:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/22 14:14:54 | 000,139,592 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2011/11/22 14:14:54 | 000,078,208 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2011/09/28 15:31:30 | 000,321,536 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2011/08/08 16:38:05 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys -- (ccSet_NST)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/02/26 02:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/09/30 17:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/03/19 17:02:00 | 000,311,296 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2009/02/23 16:18:58 | 000,069,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2009/01/16 10:00:32 | 010,275,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/11/17 08:29:18 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/11/17 08:29:14 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/07/24 18:40:26 | 000,199,728 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/07/24 10:03:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/05/07 17:40:38 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://securityrespo...r/fix_homepage/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/?_bc=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledAddons: specialsavings%40superfish.com:1.2.0.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.0.8
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kristin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2013/03/11 11:48:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\ [2013/05/26 10:14:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/16 15:18:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/16 15:18:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/03/11 11:48:47 | 000,000,000 | ---D | M]

[2013/03/11 11:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Extensions
[2013/05/25 19:12:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\extensions
[2012/04/24 10:50:17 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/04/16 15:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/16 15:18:17 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\KRISTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TMMM7CNK.DEFAULT\EXTENSIONS\[email protected]
[2013/04/16 15:18:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/04/16 15:18:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/04/16 15:18:32 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Kristin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{642F4715-C26C-4272-9F8C-7893530A3D30}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B85AA5E9-7BE2-4593-939E-734CA1D054AA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\sideki~1\261123~1.78\{6f06c~1\sskmngr.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Kristin\Pictures\a06f032f-8d4f-401d-bbb7-ac3a6fbb1fba_5.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kristin\Pictures\a06f032f-8d4f-401d-bbb7-ac3a6fbb1fba_5.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/25 18:47:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/24 19:57:21 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/05/24 16:43:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kristin\Desktop\OTL.exe
[2013/05/24 15:46:01 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\63506565.sys
[2013/05/24 15:38:19 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Kristin\Desktop\tdsskiller.exe
[2013/05/24 13:58:03 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Kristin\Desktop\aswMBR.exe
[2013/05/21 15:16:42 | 000,000,000 | ---D | C] -- C:\Users\Kristin\Desktop\Steph's Pics
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/26 12:41:56 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/26 12:41:56 | 000,605,080 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/26 12:41:56 | 000,104,934 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/26 12:41:21 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4270958396-3272677963-532609597-1000UA.job
[2013/05/26 12:41:16 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/26 12:41:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/26 12:41:13 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/26 10:15:26 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/26 10:14:39 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/26 10:14:39 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/26 07:52:11 | 000,632,031 | ---- | M] () -- C:\Users\Kristin\Desktop\adwcleaner.exe
[2013/05/25 19:36:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4270958396-3272677963-532609597-1000Core.job
[2013/05/24 19:25:29 | 000,000,512 | ---- | M] () -- C:\Users\Kristin\Desktop\MBR.dat
[2013/05/24 16:43:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kristin\Desktop\OTL.exe
[2013/05/24 15:46:01 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\63506565.sys
[2013/05/24 15:38:43 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Kristin\Desktop\tdsskiller.exe
[2013/05/24 13:59:04 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Kristin\Desktop\aswMBR.exe
[2013/05/01 10:05:48 | 000,002,675 | ---- | M] () -- C:\Users\Kristin\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2013/04/29 02:00:06 | 000,006,756 | ---- | M] () -- C:\Users\Kristin\AppData\Local\d3d9caps.dat
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/26 07:52:11 | 000,632,031 | ---- | C] () -- C:\Users\Kristin\Desktop\adwcleaner.exe
[2013/05/24 14:01:49 | 000,000,512 | ---- | C] () -- C:\Users\Kristin\Desktop\MBR.dat
[2013/02/19 14:25:17 | 000,000,004 | ---- | C] () -- C:\Users\Kristin\AppData\Roaming\skype.ini
[2012/08/03 20:02:07 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/07/05 03:48:58 | 000,036,232 | ---- | C] () -- C:\Windows\SysWow64\rgbacodec.dll
[2012/05/12 13:22:03 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/05/08 05:02:48 | 000,258,415 | ---- | C] () -- C:\Users\Kristin\Kristen Ashley - Unfinished Hero 01 - Knight (v5.0).epub
[2012/01/27 16:48:42 | 000,378,449 | ---- | C] () -- C:\Users\Kristin\Three Wishes - Kristen Ashley.epub
[2011/05/18 15:29:08 | 000,001,940 | ---- | C] () -- C:\Users\Kristin\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/06 11:35:20 | 000,000,000 | ---- | C] () -- C:\Users\Kristin\AppData\Local\{48C18FA4-5AF8-4ABD-9808-A7D0401A196A}
[2011/04/20 21:12:29 | 000,052,736 | -H-- | C] () -- C:\Users\Kristin\AppData\Roaming\RBSpriteSurface400.dll
[2011/02/05 23:56:40 | 000,195,072 | ---- | C] () -- C:\Users\Kristin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/24 22:16:48 | 000,006,756 | ---- | C] () -- C:\Users\Kristin\AppData\Local\d3d9caps.dat
[2010/03/24 21:05:06 | 000,007,460 | ---- | C] () -- C:\Users\Kristin\AppData\Local\d3d9caps64.dat

========== ZeroAccess Check ==========

[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"" = C:\Users\Kristin\AppData\Local\Temp\sribtuq\sbycefq\wow64.dll

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"" = C:\Users\Kristin\AppData\Local\Temp\sribtuq\sbycefq\wow64.dll

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 10:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/04/27 21:05:15 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\Canon
[2013/04/23 06:05:00 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\ConverterLite
[2012/09/09 15:03:36 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\go
[2012/05/12 17:52:23 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\MOVAVI
[2010/07/25 16:12:07 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\Tific
[2010/03/24 21:38:55 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\TMP
[2011/02/05 19:49:24 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\Windows SideBar

========== Purity Check ==========



< End of report >
  • 0

#10
Jasmyne
Posted 27 May 2013 - 07:54 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Glad to hear your computer is running better! There are a few more things that still need to be removed and then some final scans to make sure all the remnants are gone. :)

Step 1 - New OTL Fix

Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the code box below. To do this, highlight everything inside the code box, right click and click Copy.

:Commands
[createrestorepoint}

:OTL
MOD - [2013/05/26 10:17:07 | 000,128,512 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_elementtree.pyd
MOD - [2013/05/26 10:17:07 | 000,044,032 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_socket.pyd
MOD - [2013/05/26 10:17:06 | 001,022,416 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\windows._cacheinvalidation.pyd
MOD - [2013/05/26 10:17:06 | 000,805,888 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._gdi_.pyd
MOD - [2013/05/26 10:17:06 | 000,557,056 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\pysqlite2._sqlite.pyd
MOD - [2013/05/26 10:17:06 | 000,320,512 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32com.shell.shell.pyd
MOD - [2013/05/26 10:17:06 | 000,098,816 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32api.pyd
MOD - [2013/05/26 10:17:06 | 000,070,656 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._html2.pyd
MOD - [2013/05/26 10:17:06 | 000,026,624 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_multiprocessing.pyd
MOD - [2013/05/26 10:17:06 | 000,022,528 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32ts.pyd
MOD - [2013/05/26 10:17:06 | 000,017,408 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32profile.pyd
MOD - [2013/05/26 10:17:06 | 000,011,264 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32crypt.pyd
MOD - [2013/05/26 10:17:05 | 000,735,232 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._misc_.pyd
MOD - [2013/05/26 10:17:05 | 000,364,544 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\pythoncom27.dll
MOD - [2013/05/26 10:17:05 | 000,110,080 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\PyWinTypes27.dll
MOD - [2013/05/26 10:17:05 | 000,108,544 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32security.pyd
MOD - [2013/05/26 10:17:05 | 000,087,040 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_ctypes.pyd
MOD - [2013/05/26 10:17:04 | 001,175,040 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._core_.pyd
MOD - [2013/05/26 10:17:03 | 001,153,024 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_ssl.pyd
MOD - [2013/05/26 10:17:01 | 000,811,008 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._windows_.pyd
MOD - [2013/05/26 10:17:01 | 000,711,680 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\_hashlib.pyd
MOD - [2013/05/26 10:17:01 | 000,035,840 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32process.pyd
MOD - [2013/05/26 10:17:01 | 000,025,600 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32pdh.pyd
MOD - [2013/05/26 10:17:00 | 000,122,368 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._wizard.pyd
MOD - [2013/05/26 10:16:59 | 000,119,808 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32file.pyd
MOD - [2013/05/26 10:16:59 | 000,038,912 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32inet.pyd
MOD - [2013/05/26 10:16:51 | 001,062,400 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\wx._controls_.pyd
MOD - [2013/05/26 10:16:50 | 000,127,488 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\pyexpat.pyd
MOD - [2013/05/26 10:16:50 | 000,018,432 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\win32event.pyd
MOD - [2013/05/26 10:16:49 | 000,686,080 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\unicodedata.pyd
MOD - [2013/05/26 10:16:45 | 000,010,240 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI9802\select.pyd
FF - prefs.js..extensions.enabledAddons: specialsavings%40superfish.com:1.2.0.14
File not found (No name found) -- C:\USERS\KRISTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TMMM7CNK.DEFAULT\EXTENSIONS\[email protected]

:Commands
[emptytemp]

2. Please re-open Posted Image on your desktop.
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
10. Run OTL again and click the Posted Image button. Post the log it produces in your next reply.

Step 2-Run MalwareBytes

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 3 - Kaspersky Scan
  • Go to here
  • Click the download button under Kaspersky Security Scan
  • Download and run the file
  • It will start to download the Kaspersky Security Scan program data
  • Once downloaded the installer will begin
  • Click Next
  • Accept the License Agreement
  • Click Install
  • The program will now install
  • Click Finish
  • Kaspersky Security Scan will now start

    Posted Image
  • Click the Full Scan button

    Posted Image
  • The scan will take about an hour or two depending on the amount of data on your hard drive
  • If the scan detects problems it will open a Problems found window
  • Click Details to generate a scan results report

    Posted Image
  • Once the scan is complete do the following:
    • Navigate to C:\ProgramData\Kaspersky Lab\KSS2\DataRoot
    • Right-click on the HtmlReport folder --> Click Send to --> Click Compressed (zipped) folder
    • Attach the HtmlReport zipped folder to your next post
      Posted Image
      Posted Image
      Posted Image
  • You can now close Kaspersky Security Scan

4. Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. OTL Fix
2. New OTL Log
3. MalwareBytes Log
4. Kaspersky Scan
5. Security Check Log (checkup.txt)
  • 0

Advertisements

#11
Kristin51505
Posted 27 May 2013 - 07:56 PM

Kristin51505

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts
Hi Jasmyne,

I have the logs for the OTL Fix and Quick Scan, as well as the logs for MalwareBytes (although when I finished the MalwareBytes scan nothing was found, so I couldn't follow all of your directions since there wasn't anything for me to remove)and the Security Check. However, I'm a bit confused with the Kaspersky Security Scan; I finished it and I can open the "details" section, it comes up as C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\HtmlReport\index.html but I can't find the folder you asked for on my C drive. On my computer, I can go as far as C:\ProgramFiles(x86)\Kaspersky Lab\KasperskySecurityScan2.0 and that's where I get stuck. I don't seem to have a Program Data folder (mine's under Program Files (x86)) and I don't see a Data Root folder to open; In the Kaspersky Security Scan 2.0 folder, I have the following folders: DesktopShortcut, Doc, imageformats, skin, StartMenu, and x86 . . . no Data Root folder and I can't find a HtmlReport in any of the folders that I do have. Am I looking in the wrong place? I'll post the logs that I have so far.

Thanks,

Kristin




All processes killed
========== COMMANDS ==========
Error: Unable to interpret <[createrestorepoint} > in the current context!
========== OTL ==========
Prefs.js: specialsavings%40superfish.com:1.2.0.14 removed from extensions.enabledAddons
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Kristin
->Temp folder emptied: 212911369 bytes
->Temporary Internet Files folder emptied: 300827055 bytes
->Java cache emptied: 51759 bytes
->FireFox cache emptied: 170197711 bytes
->Flash cache emptied: 5172 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 120091865 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 767.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05272013_111809

Files\Folders moved on Reboot...
C:\Users\Kristin\AppData\Local\Temp\AdobeARM.log moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9X1JU6Q\1[randomNo]@x04[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9X1JU6Q\fastbutton[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9X1JU6Q\my_yahoo_com[1].htm not found!
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOZ009RB\xd_arbiter[1].htm moved successfully.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOZ009RB\_;mtfIFrameRequest=false;ord=1369676668[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MP700CXC\csc-render[2].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MP700CXC\ext-render[2].htm not found!
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MP700CXC\ff2[2].htm moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MP700CXC\matomymediaproxy[1].htm moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MP700CXC\type_simple_nrmp-zoom-in[2].ico moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DODAJUGD\300[1].htm moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DODAJUGD\300[2].htm moved successfully.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DODAJUGD\aceUAC[1].js not found!
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\964N688H\ff2[2].htm moved successfully.
C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3DF4BPMO\Beautiful Disaster (The Bet) - Phal, Francette.pdf moved successfully.
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3DF4BPMO\my_yahoo_com[1].htm not found!
File\Folder C:\Users\Kristin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3DF4BPMO\season-4-episode-21[1].htm not found!
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



OTL logfile created on: 5/27/2013 1:34:15 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kristin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 59.43% Memory free
8.10 Gb Paging File | 6.44 Gb Available in Paging File | 79.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.30 Gb Total Space | 88.58 Gb Free Space | 31.71% Space Free | Partition Type: NTFS
Drive E: | 18.75 Gb Total Space | 10.95 Gb Free Space | 58.43% Space Free | Partition Type: NTFS

Computer Name: KRISTIN-PC | User Name: Kristin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013/05/24 16:43:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kristin\Desktop\OTL.exe
PRC - [2013/04/16 07:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/12/21 05:08:56 | 001,333,424 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011/08/10 13:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
PRC - [2008/06/03 15:54:56 | 000,446,635 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe
PRC - [2008/05/23 14:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 17:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/27 12:42:51 | 000,128,512 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\_elementtree.pyd
MOD - [2013/05/27 12:42:51 | 000,044,032 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\_socket.pyd
MOD - [2013/05/27 12:42:50 | 000,557,056 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\pysqlite2._sqlite.pyd
MOD - [2013/05/27 12:42:50 | 000,098,816 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32api.pyd
MOD - [2013/05/27 12:42:50 | 000,026,624 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\_multiprocessing.pyd
MOD - [2013/05/27 12:42:50 | 000,022,528 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32ts.pyd
MOD - [2013/05/27 12:42:49 | 000,320,512 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32com.shell.shell.pyd
MOD - [2013/05/27 12:42:49 | 000,070,656 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\wx._html2.pyd
MOD - [2013/05/27 12:42:48 | 000,805,888 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\wx._gdi_.pyd
MOD - [2013/05/27 12:42:48 | 000,011,264 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32crypt.pyd
MOD - [2013/05/27 12:42:47 | 001,022,416 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\windows._cacheinvalidation.pyd
MOD - [2013/05/27 12:42:46 | 000,364,544 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\pythoncom27.dll
MOD - [2013/05/27 12:42:46 | 000,087,040 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\_ctypes.pyd
MOD - [2013/05/27 12:42:46 | 000,017,408 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32profile.pyd
MOD - [2013/05/27 12:42:45 | 000,735,232 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\wx._misc_.pyd
MOD - [2013/05/27 12:42:44 | 000,110,080 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\PyWinTypes27.dll
MOD - [2013/05/27 12:42:44 | 000,108,544 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32security.pyd
MOD - [2013/05/27 12:42:43 | 001,175,040 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\wx._core_.pyd
MOD - [2013/05/27 12:42:41 | 001,153,024 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\_ssl.pyd
MOD - [2013/05/27 12:42:40 | 000,711,680 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\_hashlib.pyd
MOD - [2013/05/27 12:42:40 | 000,035,840 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32process.pyd
MOD - [2013/05/27 12:42:40 | 000,025,600 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32pdh.pyd
MOD - [2013/05/27 12:42:39 | 000,811,008 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\wx._windows_.pyd
MOD - [2013/05/27 12:42:39 | 000,122,368 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\wx._wizard.pyd
MOD - [2013/05/27 12:42:39 | 000,119,808 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32file.pyd
MOD - [2013/05/27 12:42:38 | 000,038,912 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32inet.pyd
MOD - [2013/05/27 12:42:33 | 001,062,400 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\wx._controls_.pyd
MOD - [2013/05/27 12:42:32 | 000,127,488 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\pyexpat.pyd
MOD - [2013/05/27 12:42:32 | 000,018,432 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\win32event.pyd
MOD - [2013/05/27 12:42:31 | 000,686,080 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\unicodedata.pyd
MOD - [2013/05/27 12:42:28 | 000,010,240 | ---- | M] () -- C:\Users\Kristin\AppData\Local\Temp\_MEI31562\select.pyd
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/11/03 15:51:26 | 000,039,712 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/12/21 05:08:56 | 001,333,424 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/12/30 07:39:40 | 004,889,032 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/02/26 02:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_54cb4575\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_54cb4575\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/11/17 08:29:18 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/03/26 16:16:02 | 000,567,280 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlbacoms.exe -- (dlba_device)
SRV:64bit: - [2006/11/02 04:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2013/05/15 01:02:00 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/16 15:18:38 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/28 09:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/08/10 13:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe -- (NSL)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/29 21:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/05/24 15:46:01 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\63506565.sys -- (51270607)
DRV:64bit: - [2012/12/21 05:09:28 | 000,139,768 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012/12/21 05:08:54 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/21 05:08:18 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\eamonm.sys -- (eamonm)
DRV:64bit: - [2012/02/29 06:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/22 14:14:54 | 000,139,592 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2011/11/22 14:14:54 | 000,078,208 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2011/09/28 15:31:30 | 000,321,536 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2011/08/08 16:38:05 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys -- (ccSet_NST)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/02/26 02:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/09/30 17:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/03/19 17:02:00 | 000,311,296 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2009/02/23 16:18:58 | 000,069,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2009/01/16 10:00:32 | 010,275,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/11/17 08:29:18 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/11/17 08:29:14 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/07/24 18:40:26 | 000,199,728 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/07/24 10:03:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/05/07 17:40:38 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://securityrespo...r/fix_homepage/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/?_bc=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.0.8
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kristin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2013/03/11 11:48:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\ [2013/05/27 12:40:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/16 15:18:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/16 15:18:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/03/11 11:48:47 | 000,000,000 | ---D | M]

[2013/03/11 11:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Extensions
[2013/05/25 19:12:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\extensions
[2012/04/24 10:50:17 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Kristin\AppData\Roaming\Mozilla\Firefox\Profiles\tmmm7cnk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/04/16 15:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/16 15:18:17 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/27 01:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013/05/27 01:04:55 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/27 01:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/05/27 01:05:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/04/16 15:18:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/04/16 15:18:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/04/16 15:18:32 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Kristin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{642F4715-C26C-4272-9F8C-7893530A3D30}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B85AA5E9-7BE2-4593-939E-734CA1D054AA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\sideki~1\261123~1.78\{6f06c~1\sskmngr.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Kristin\Pictures\a06f032f-8d4f-401d-bbb7-ac3a6fbb1fba_5.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kristin\Pictures\a06f032f-8d4f-401d-bbb7-ac3a6fbb1fba_5.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/25 18:47:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/24 19:57:21 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/05/24 16:43:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kristin\Desktop\OTL.exe
[2013/05/24 15:46:01 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\63506565.sys
[2013/05/24 15:38:19 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Kristin\Desktop\tdsskiller.exe
[2013/05/24 13:58:03 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Kristin\Desktop\aswMBR.exe
[2013/05/21 15:16:42 | 000,000,000 | ---D | C] -- C:\Users\Kristin\Desktop\Steph's Pics
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/27 13:36:03 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4270958396-3272677963-532609597-1000UA.job
[2013/05/27 13:35:32 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/27 13:35:32 | 000,605,080 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/27 13:35:32 | 000,104,934 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/27 13:32:09 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/27 13:32:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/27 13:32:08 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/27 12:41:41 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/27 12:40:19 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/27 12:40:19 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/26 16:42:03 | 000,002,279 | ---- | M] () -- C:\Users\Kristin\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2013/05/26 13:42:39 | 000,000,597 | ---- | M] () -- C:\Users\Public\Desktop\Internet Security 2014.lnk
[2013/05/26 07:52:11 | 000,632,031 | ---- | M] () -- C:\Users\Kristin\Desktop\adwcleaner.exe
[2013/05/25 19:36:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4270958396-3272677963-532609597-1000Core.job
[2013/05/24 19:25:29 | 000,000,512 | ---- | M] () -- C:\Users\Kristin\Desktop\MBR.dat
[2013/05/24 16:43:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kristin\Desktop\OTL.exe
[2013/05/24 15:46:01 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\63506565.sys
[2013/05/24 15:38:43 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Kristin\Desktop\tdsskiller.exe
[2013/05/24 13:59:04 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Kristin\Desktop\aswMBR.exe
[2013/05/01 10:05:48 | 000,002,675 | ---- | M] () -- C:\Users\Kristin\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2013/04/29 02:00:06 | 000,006,756 | ---- | M] () -- C:\Users\Kristin\AppData\Local\d3d9caps.dat
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/26 13:42:39 | 000,000,597 | ---- | C] () -- C:\Users\Public\Desktop\Internet Security 2014.lnk
[2013/05/26 07:52:11 | 000,632,031 | ---- | C] () -- C:\Users\Kristin\Desktop\adwcleaner.exe
[2013/05/24 14:01:49 | 000,000,512 | ---- | C] () -- C:\Users\Kristin\Desktop\MBR.dat
[2013/02/19 14:25:17 | 000,000,004 | ---- | C] () -- C:\Users\Kristin\AppData\Roaming\skype.ini
[2012/08/03 20:02:07 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/07/05 03:48:58 | 000,036,232 | ---- | C] () -- C:\Windows\SysWow64\rgbacodec.dll
[2012/05/12 13:22:03 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/05/08 05:02:48 | 000,258,415 | ---- | C] () -- C:\Users\Kristin\Kristen Ashley - Unfinished Hero 01 - Knight (v5.0).epub
[2012/01/27 16:48:42 | 000,378,449 | ---- | C] () -- C:\Users\Kristin\Three Wishes - Kristen Ashley.epub
[2011/05/18 15:29:08 | 000,001,940 | ---- | C] () -- C:\Users\Kristin\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/06 11:35:20 | 000,000,000 | ---- | C] () -- C:\Users\Kristin\AppData\Local\{48C18FA4-5AF8-4ABD-9808-A7D0401A196A}
[2011/04/20 21:12:29 | 000,052,736 | -H-- | C] () -- C:\Users\Kristin\AppData\Roaming\RBSpriteSurface400.dll
[2011/02/05 23:56:40 | 000,195,072 | ---- | C] () -- C:\Users\Kristin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/24 22:16:48 | 000,006,756 | ---- | C] () -- C:\Users\Kristin\AppData\Local\d3d9caps.dat
[2010/03/24 21:05:06 | 000,007,460 | ---- | C] () -- C:\Users\Kristin\AppData\Local\d3d9caps64.dat

========== ZeroAccess Check ==========

[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"" = C:\Users\Kristin\AppData\Local\Temp\sribtuq\sbycefq\wow64.dll

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"" = C:\Users\Kristin\AppData\Local\Temp\sribtuq\sbycefq\wow64.dll

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 10:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/04/27 21:05:15 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\Canon
[2013/04/23 06:05:00 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\ConverterLite
[2012/09/09 15:03:36 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\go
[2012/05/12 17:52:23 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\MOVAVI
[2010/07/25 16:12:07 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\Tific
[2010/03/24 21:38:55 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\TMP
[2011/02/05 19:49:24 | 000,000,000 | ---D | M] -- C:\Users\Kristin\AppData\Roaming\Windows SideBar

========== Purity Check ==========



< End of report >



Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.05.27.07

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Kristin :: KRISTIN-PC [administrator]

5/27/2013 1:49:48 PM
mbam-log-2013-05-27 (13-49-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220551
Time elapsed: 3 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Results of screen317's Security Check version 0.99.64
Windows Vista Service Pack 2 x64 (UAC is disabled!)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
ESET NOD32 Antivirus 6.0
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 9
Java version out of Date!
Adobe Flash Player 11.7.700.202
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 20.0.1 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
Kaspersky Lab Kaspersky Security Scan 2.0 kss.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 21 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
  • 0

#12
Jasmyne
Posted 27 May 2013 - 08:08 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Kristin51505,

Did you click the details button to view the report after the scan was completed? If that step is missed the html report isn't created.

Jasmyne
  • 0

#13
Kristin51505
Posted 27 May 2013 - 09:32 PM

Kristin51505

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts
Yeah, I can see the report, I have it open on my computer right now, I just can't find the file location to send it to you. Should I copy and paste the report that I have on here?

Kristin
  • 0

#14
Jasmyne
Posted 27 May 2013 - 09:33 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Yes, just copy and paste it. :)
  • 0

#15
Kristin51505
Posted 27 May 2013 - 09:48 PM

Kristin51505

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts
Okay, here it is!


Computer protection (1)



Information about anti-virus software and firewalls installed on the computer.
.
Kaspersky recommends .


Firewall is disabled.




Malware (2)



Information about malware detected on the computer.
.
Kaspersky recommends .
1.
Rootkit.Boot.Harbinger.a

mbr

C:\TDSSKiller_Quarantine\24.05.2013_19.55.52\mbr0000\mbr0000\tsk0001.dta/

2.
Rootkit.Boot.Harbinger.a

tsk0000.dta

C:\TDSSKiller_Quarantine\24.05.2013_19.55.52\mbr0000\mbr0000





Vulnerabilities (6)



Information about applications and operating system components in which vulnerabilities have been detected.
1.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

2.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

3.
C:\Program Files (x86)\Java\jre7\bin\java.exe

4.
C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe

5.
C:\Program Files (x86)\VideoLAN\VLC\vlc-cache-gen.exe

6.
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe





Other issues (13)



Information about vulnerabilities associated with the settings of installed applications and the operating system.
1.
"Autorun from hard drives is allowed"

2.
"Autorun from network drives is enabled"

3.
"CD/DVD autorun is enabled"

4.
"Removable media autorun is enabled"

5.
"Windows Explorer - show extensions of known file types"

6.
"Microsoft Internet Explorer: clear history of typed URLs"

7.
"Microsoft Internet Explorer - disable caching data received via protected channel"

8.
"Microsoft Internet Explorer: disable sending error reports"

9.
"Microsoft Internet Explorer: delete cookies"

10.
"Microsoft Internet Explorer: clear list of pop-up blocker exceptions"

11.
"Microsoft Internet Explorer: enable cache autocleanup on browser closing"

12.
"Windows Explorer: display of known file types extensions is disabled"

13.
"Microsoft Internet Explorer: start page reset"
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP