Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Something lurking in my PC? [Solved]


  • This topic is locked This topic is locked

#1
zfastss

zfastss

    Member

  • Member
  • PipPip
  • 33 posts
Time to call the experts...
A while ago (1-2 months) I remember downloading a file and as soon as it finished downloading Norton 360 popped up and tried to halt everything and I instantly knew something bad was happening :(
Anyway, I ended up with a rootkit which I think I was successfully able to get rid of via TDSSKiller. It impacted my boot record and I couldn't even boot without a BSOD, but again I think I fixed that.
I've run multiple scans of Malwarebytes, Norton 360, and Norton power eraser (in safe mode and normal windows) and they haven't found anything out of the ordinary.
Right now I seem to be okay except I keep getting notifications from Norton (the firewall part) that it has blocked various intrusion attempts and gives different malicious toolkit exploit references. I almost feel like there is still something on my computer that seems like it is "calling home" and trying to download something in return. It seems random though...sometimes I will get 5 Norton notifications within a few minutes, other times I can go a full day without any notifications. I do notice a couple of instances of iexplorer.exe running in the task manager (even though I haven't opened IE yet on a fresh restart), though I don't know if that has anything to do with anything.
It seems like Norton is doing it's job blocking the intrusion attempts, but I'd like an expert to offer their thoughts on what is going on here and why the are happening to begin with. I want to make sure my info is safe.
I am behind a router and since there are 2 computers on my network it changes the last 3 digits of my IP based on which computer connects to the internet first. The other computer has no issues at all so I don't think that my IP is being directly targeted by someone, which makes me think something is hiding on my specific computer "calling out".

I'd appreciate any help you can offer. Thanks in advance.
I've run the OTL scan and the results are below:



OTL logfile created on: 7/20/2013 3:10:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.96 Gb Total Physical Memory | 9.06 Gb Available Physical Memory | 75.77% Memory free
23.92 Gb Paging File | 19.45 Gb Available in Paging File | 81.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.42 Gb Total Space | 645.95 Gb Free Space | 70.18% Space Free | Partition Type: NTFS
Drive D: | 11.00 Gb Total Space | 1.60 Gb Free Space | 14.59% Space Free | Partition Type: NTFS

Computer Name: ALAN-PC | User Name: Alan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013/07/20 15:10:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Alan\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/20 21:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe
PRC - [2013/05/10 00:57:36 | 000,840,768 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2013/05/10 00:57:24 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/01 14:50:22 | 001,641,368 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
PRC - [2012/01/31 10:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/10/02 13:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/07/16 12:35:18 | 000,130,400 | ---- | M] (Microsoft Corp.) -- c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msntask.exe
PRC - [2009/07/13 18:14:30 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\regsvr32.exe
PRC - [2008/12/09 10:32:06 | 000,055,120 | ---- | M] (NewSoft Technology Corporation) -- C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe
PRC - [2008/11/20 11:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2003/10/27 04:33:54 | 000,065,536 | ---- | M] (Alexandria Software Consulting) -- C:\Program Files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe
PRC - [2001/11/20 06:37:06 | 000,165,376 | ---- | M] (TransAction Software, D 81737 Munich) -- C:\Program Files (x86)\GM SPO\eSI\Transbase\tbmux32.exe
PRC - [2001/11/20 06:36:48 | 001,148,928 | ---- | M] (TransAction Software, D 81737 Munich) -- C:\Program Files (x86)\GM SPO\eSI\Transbase\tbkern32.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/13 10:35:15 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll
MOD - [2013/07/13 10:34:49 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013/07/13 10:34:44 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013/07/13 10:34:39 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013/07/13 10:34:37 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013/07/13 10:34:25 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013/07/13 10:34:22 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/13 10:34:15 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/05/10 00:57:34 | 002,897,488 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
MOD - [2012/05/30 07:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\wincfi39.dll
MOD - [2012/05/04 19:29:40 | 000,150,408 | ---- | M] () -- C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll
MOD - [2012/05/04 19:29:38 | 000,015,760 | ---- | M] () -- C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2native.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 01:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2009/12/01 20:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/20 16:53:48 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/03/28 18:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/09/27 12:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2008/07/29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2013/05/20 21:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe -- (N360)
SRV - [2013/05/10 00:57:24 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/31 10:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010/06/03 10:48:28 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2003/10/27 04:33:54 | 000,065,536 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- C:\Program Files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe -- (SITomcat)
SRV - [2003/01/17 04:59:56 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysWOW64\drivers\papycpu2.sys -- (papycpu2)
SRV - [2003/01/17 04:59:56 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysWOW64\drivers\papyjoy.sys -- (papyjoy)
SRV - [2001/11/20 06:37:06 | 000,165,376 | ---- | M] (TransAction Software, D 81737 Munich) [Auto | Running] -- C:\Program Files (x86)\GM SPO\eSI\Transbase\tbmux32.exe -- (SITransbase)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/18 18:30:59 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/05/22 22:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/05/20 22:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\symds64.sys -- (SymDS)
DRV:64bit: - [2013/05/15 22:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/04/24 17:43:56 | 000,433,752 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/04/15 19:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/03/28 19:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/03/28 18:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/03/04 18:21:36 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/27 20:05:22 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/08/05 13:09:58 | 000,022,016 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2010/04/27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/03/18 02:00:40 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2010/03/18 02:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/03/18 02:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010/03/18 01:59:52 | 000,013,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2010/03/18 01:59:44 | 000,074,320 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2009/11/19 00:30:56 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/11/11 18:44:26 | 000,034,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64k.sys -- (Point64)
DRV:64bit: - [2009/11/04 03:58:42 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2009/10/02 04:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/20 17:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/05/31 09:58:18 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/05/25 11:05:42 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130720.007\ex64.sys -- (NAVEX15)
DRV - [2013/05/25 11:05:42 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130720.007\eng64.sys -- (NAVENG)
DRV - [2013/04/27 16:01:14 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/04/27 16:01:14 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/04/26 18:57:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2003/01/17 04:59:56 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown (-1) | Stopped] -- C:\Windows\SysWOW64\drivers\papycpu2.sys -- (papycpu2)
DRV - [2003/01/17 04:59:56 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown (-1) | Stopped] -- C:\Windows\SysWOW64\drivers\papyjoy.sys -- (papyjoy)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {71D9D274-83A4-4607-B1D2-FAE258EFE8EB}
IE:64bit: - HKLM\..\SearchScopes\{57019A13-E8A0-41AE-8C8A-65E0B0ED6A6C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{71D9D274-83A4-4607-B1D2-FAE258EFE8EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {71D9D274-83A4-4607-B1D2-FAE258EFE8EB}
IE - HKLM\..\SearchScopes\{57019A13-E8A0-41AE-8C8A-65E0B0ED6A6C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{71D9D274-83A4-4607-B1D2-FAE258EFE8EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {3EBE71D1-38AC-4B04-AF30-B1239C008BB2}
IE - HKCU\..\SearchScopes\{3EBE71D1-38AC-4B04-AF30-B1239C008BB2}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{57019A13-E8A0-41AE-8C8A-65E0B0ED6A6C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{71D9D274-83A4-4607-B1D2-FAE258EFE8EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/05/25 11:38:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/11/25 18:19:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/07/20 10:26:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013/04/27 16:13:37 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2013/07/14 10:37:35 | 000,004,922 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns-5.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 112 more lines...
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Alan\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [PANTONE] C:\windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PMSpeed] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5547C998-8F8A-4858-8BE0-4B824FA1024D}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A27453A4-4EB8-4A97-BE68-7F57954B53C7}: DhcpNameServer = 10.1.1.4 10.1.3.2
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/04/20 16:15:12 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/20 15:10:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
[2013/07/18 19:03:58 | 000,684,416 | ---- | C] (File.Net) -- C:\Users\Alan\Desktop\windows-process-viewer.exe
[2013/07/13 12:27:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2013/07/13 12:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
[2013/07/13 12:23:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/13 12:19:37 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/13 11:19:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/07/13 11:19:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/07/13 11:19:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/07/13 11:18:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/07/13 11:18:27 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/07/13 10:15:02 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013/06/29 16:47:46 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Local\PANTONE

========== Files - Modified Within 30 Days ==========

[2013/07/20 15:10:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
[2013/07/20 13:56:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/07/20 10:33:59 | 000,015,984 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/20 10:33:59 | 000,015,984 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/20 10:25:48 | 1041,559,550 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/18 19:03:59 | 000,684,416 | ---- | M] (File.Net) -- C:\Users\Alan\Desktop\windows-process-viewer.exe
[2013/07/18 18:40:27 | 000,002,460 | ---- | M] () -- C:\Users\Alan\Desktop\Norton Security Suite.lnk
[2013/07/18 18:33:17 | 002,581,080 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1404000.028\Cat.DB
[2013/07/18 18:33:10 | 000,014,818 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1404000.028\VT20130115.021
[2013/07/18 18:30:59 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/07/18 18:30:59 | 000,007,631 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/07/18 18:30:59 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/07/14 18:16:57 | 000,043,816 | ---- | M] () -- C:\Users\Alan\Desktop\cc_20130714_181648.reg
[2013/07/14 10:37:35 | 000,004,922 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013/07/14 09:56:02 | 000,000,328 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForAlan.job
[2013/07/13 13:33:39 | 000,001,456 | ---- | M] () -- C:\Users\Alan\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/07/13 12:27:19 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/07/13 10:29:37 | 005,989,048 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/07/06 14:22:01 | 002,240,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Alan\Desktop\TDSSKiller.exe
[2013/07/04 00:34:28 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1404000.028\isolate.ini
[2013/06/29 11:30:57 | 000,904,213 | ---- | M] () -- C:\Users\Alan\Desktop\Spark Plug Rebate form.pdf

========== Files Created - No Company Name ==========

[2013/07/18 18:40:27 | 000,002,460 | ---- | C] () -- C:\Users\Alan\Desktop\Norton Security Suite.lnk
[2013/07/14 18:16:51 | 000,043,816 | ---- | C] () -- C:\Users\Alan\Desktop\cc_20130714_181648.reg
[2013/07/13 12:27:18 | 000,002,187 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/07/13 11:19:47 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/07/13 11:19:47 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/07/13 11:19:47 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/07/13 11:19:47 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/07/13 11:19:47 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/06/29 11:30:57 | 000,904,213 | ---- | C] () -- C:\Users\Alan\Desktop\Spark Plug Rebate form.pdf
[2013/03/28 19:13:14 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe
[2013/03/28 19:13:12 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe
[2012/06/16 15:58:49 | 000,000,132 | ---- | C] () -- C:\Users\Alan\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/02/14 19:36:36 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/02/14 19:36:36 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2011/12/31 17:31:58 | 000,000,132 | ---- | C] () -- C:\Users\Alan\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/09/12 15:06:16 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/05/21 10:07:28 | 000,001,940 | ---- | C] () -- C:\Users\Alan\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/01/30 11:46:06 | 000,001,456 | ---- | C] () -- C:\Users\Alan\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/04/09 15:29:05 | 000,879,173 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpPICTURE 010.0
[2010/04/09 15:29:05 | 000,231,500 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpPICTURE 010.JPG
[2010/04/02 07:34:40 | 001,088,191 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpLIMB TUBE.JPG
[2010/04/02 07:34:39 | 004,511,755 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpLIMB TUBE.0
[2010/03/25 17:09:48 | 000,981,762 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpLIMB TUBE 2010.JPG
[2010/03/25 17:09:03 | 000,929,100 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpLIMB TUBE 2010.0
[2010/03/19 15:23:03 | 000,033,055 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmp!BOO-ZOQ!2K~$(KGRHGOH-C!EJLLL0VKGBLMSFTO5J!~~_12.JPG
[2010/03/19 15:23:03 | 000,029,849 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmp!BOO-ZOQ!2K~$(KGRHGOH-C!EJLLL0VKGBLMSFTO5J!~~_12.0
[2010/03/19 15:07:01 | 000,031,472 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmp!BOLI2LG!MK~$(KGRHQYOKIWEU,7DHWIRBLN+MTIRSG~~_12.JPG
[2010/03/19 15:07:01 | 000,030,543 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmp!BOLI2LG!MK~$(KGRHQYOKIWEU,7DHWIRBLN+MTIRSG~~_12.0
[2010/03/19 15:05:58 | 000,027,402 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmp!BOLI1VQ!WK~$(KGRHQQOKIWEU,TS9BLBBLN+MRO4Z!~~_12.JPG
[2010/03/19 15:05:58 | 000,020,018 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmp!BOLI1VQ!WK~$(KGRHQQOKIWEU,TS9BLBBLN+MRO4Z!~~_12.0
[2010/03/19 09:55:13 | 003,120,645 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpFBPI-2-M-B.0
[2010/03/19 09:55:13 | 000,888,460 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpFBPI-2-M-B.JPG
[2010/03/19 07:44:26 | 002,510,851 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpFORCEFIELD_449.JPG
[2010/03/19 07:39:18 | 002,311,805 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpFORCEFIELD_498.JPG
[2010/03/19 07:39:16 | 006,293,264 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpFORCEFIELD_498.0
[2010/03/19 07:37:25 | 006,881,025 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpFORCEFIELD_449.0
[2010/03/19 07:36:08 | 002,311,805 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpFORCEFIELD_498[1].JPG
[2010/03/19 07:36:06 | 006,293,264 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpFORCEFIELD_498[1].0
[2010/03/12 07:06:59 | 000,007,598 | ---- | C] () -- C:\Users\Alan\AppData\Local\Resmon.ResmonCfg
[2010/02/28 10:07:11 | 000,423,151 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpANDREW_MICKEY_DENNIS.JPG
[2010/02/26 10:53:25 | 000,037,991 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpBUBBLEBACK 4.4
[2010/02/26 10:53:24 | 000,041,458 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpBUBBLEBACK 4.3
[2010/02/26 10:53:23 | 000,040,203 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpBUBBLEBACK 4.2
[2010/02/26 10:53:21 | 000,039,887 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpBUBBLEBACK 4.1
[2010/02/26 10:53:19 | 000,038,547 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpBUBBLEBACK 4.JPG
[2010/02/26 10:53:19 | 000,037,991 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpBUBBLEBACK 4.0
[2010/02/26 10:52:17 | 000,021,428 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpBUBBLEBACK.JPG
[2010/02/26 10:52:17 | 000,019,091 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpBUBBLEBACK.0
[2010/02/26 08:25:31 | 001,201,233 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpIMG_0301.0
[2010/02/26 08:25:31 | 000,619,021 | ---- | C] () -- C:\Users\Alan\AppData\Local\tmpIMG_0301.JPG
[2010/02/25 14:09:28 | 000,000,110 | ---- | C] () -- C:\Users\Alan\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 06:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 06:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 06:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/20 10:26:49 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\.oit
[2011/03/13 14:10:08 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\2K Sports
[2013/07/13 16:22:47 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Audacity
[2013/06/08 11:18:05 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Autodesk
[2011/02/05 13:37:05 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/06/01 15:09:13 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Encore
[2010/11/25 10:48:03 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Epson
[2010/07/30 09:28:19 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Leadertech
[2010/03/07 09:23:47 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\NewSoft
[2011/03/05 15:42:26 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\PACE Anti-Piracy
[2010/11/26 15:45:02 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Passware
[2010/02/25 13:54:56 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\PictureMover
[2011/12/18 14:08:38 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2011/03/05 15:46:06 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/02/26 07:11:02 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Template
[2012/03/17 10:02:30 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Tific
[2010/04/23 11:46:31 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\WildTangent
[2010/03/11 09:27:25 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\WinBatch
[2010/10/21 08:58:09 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 917 bytes -> C:\Program Files\Common Files\System:Xgub7TugsYJsWjZAlXfksQF7v
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:A1EDB939
@Alternate Data Stream - 1092 bytes -> C:\ProgramData\Microsoft:cVcxTDH4bATMcsF67LOgFaVL8
@Alternate Data Stream - 1035 bytes -> C:\ProgramData\Microsoft:HIzlOVLPL5SQzvpTNbvHp

< End of report >





OTL Extras logfile created on: 7/20/2013 3:10:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.96 Gb Total Physical Memory | 9.06 Gb Available Physical Memory | 75.77% Memory free
23.92 Gb Paging File | 19.45 Gb Available in Paging File | 81.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.42 Gb Total Space | 645.95 Gb Free Space | 70.18% Space Free | Partition Type: NTFS
Drive D: | 11.00 Gb Total Space | 1.60 Gb Free Space | 14.59% Space Free | Partition Type: NTFS

Computer Name: ALAN-PC | User Name: Alan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11741B79-D4CB-4057-9D75-D45B698B5C73}" = rport=445 | protocol=6 | dir=out | app=system |
"{12096FE8-131E-44A9-824A-7DFE06D6F8AB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{196CB66A-BFE8-4597-ADAF-F9CFC208A00F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{21DD1E0F-C80B-4230-B669-8C24B15224E2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4FEFACF4-983F-4F26-8299-1A889EB526FF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{501C805A-FFCA-4A82-B50A-D88A50586E6E}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{5FA6E43D-5ECA-4798-B6BA-FA85CB95265B}" = lport=139 | protocol=6 | dir=in | app=system |
"{608B02DB-F78F-424D-981D-C3D41F108A42}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{665E9642-08ED-49B1-8F35-FB45F1E25205}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6D8A5783-D310-4D2D-871A-1B4FD4B5221D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{72461829-02AC-4227-9C6B-EF8451DB7D1E}" = lport=445 | protocol=6 | dir=in | app=system |
"{7E673661-5A55-41BE-9BF4-0019269AE443}" = rport=138 | protocol=17 | dir=out | app=system |
"{84A121B6-4672-4AB9-9EE7-8512A19C1F67}" = lport=49166 | protocol=6 | dir=in | name=akamai netsession interface |
"{8500E00F-C3D7-4507-B066-0A2ECE08E8CA}" = lport=137 | protocol=17 | dir=in | app=system |
"{8895B65F-66B1-445F-95B5-A59C075A4081}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8AE2B399-4A20-425D-AF88-8BB53EA7EBFA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A358AB40-6CBA-4FD2-BED1-651527D59872}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ACBCABA3-6A32-4FB7-9286-16FFFCCC6774}" = lport=10777 | protocol=17 | dir=in | name=passware kit enterprise 9.7 |
"{AFAF2C59-7F7D-4956-83EC-70D051D19EAF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B5517632-E40A-4F03-875B-0D8BAA2045B4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C46507B0-3CCF-4A06-B307-731891C7F20D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C8A672EC-EB8D-480C-93BA-64833331BAB0}" = rport=137 | protocol=17 | dir=out | app=system |
"{CE861B17-39D9-477D-AD7F-E7E9C0DD7B6C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{DD4F90ED-3842-417E-866B-E3BD3CA80DE9}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{DF70D827-A305-4D63-B6DF-CDB8C282184C}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{E0DDE82A-C77C-4318-B80E-90068A9804FE}" = rport=139 | protocol=6 | dir=out | app=system |
"{E1C180A7-E38D-40EB-A5CC-9963F67A804D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E636537C-855F-40B9-9243-5304079C8641}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EFE00081-BD5D-4A4D-97C3-45DCDA168E01}" = lport=138 | protocol=17 | dir=in | app=system |
"{F36FD152-6247-47F5-BF8A-CE657EA9C6E1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA031859-9449-4D10-9242-A6A6FB205587}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05826402-2146-4021-AF31-9EFD4E728CA2}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{06F4EFE5-B818-4DBB-8A23-A6DF442C089C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0A8E5918-C485-4AB5-8AE0-FDB99FF3DEF0}" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\major league baseball 2k11\mlb2k11.exe |
"{146A6105-E4AA-470E-A1AC-A91895990962}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
"{161D6900-DF4F-4349-A493-2B2EF0558202}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{1B77C682-A40D-4391-B779-5DD25B330BF5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20E8DD1E-A236-423D-A766-13AC3CC07760}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{222E9DF8-AA03-4D20-B5E6-AAA51C1495E3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2B233653-580B-48A5-9698-80FDBB4AE4E7}" = protocol=6 | dir=out | app=system |
"{302809CF-F142-4DFD-8457-84F73074A36F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{302DC796-C4BB-4584-80AF-8C539E9BBA48}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{31C0C315-0E43-410B-8085-50AD4BC5C69F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{44C4941B-E23C-4132-8C0B-CE89F01623F2}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed™ hot pursuit\launcher.exe |
"{45A6910C-343E-44E0-8EC0-8655AF830961}" = protocol=6 | dir=in | app=c:\users\alan\appdata\local\akamai\netsession_win.exe |
"{4DA83B3B-C36E-4C09-A39F-F404A4F853B8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62DEE95D-6D4C-4460-AB94-55494C1DBD73}" = protocol=58 | dir=out | [email protected],-28546 |
"{637DD279-9A63-4D50-ADD5-D98E486A59A3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6A4BA8E9-0C0F-460C-9EEF-9D3523974745}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{74DD22D8-8F9B-46E4-ABE9-CE4EB6884812}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{77B7E7BE-2763-4C72-BA50-7787330DDA48}" = protocol=1 | dir=out | [email protected],-28544 |
"{7F188FC1-3C89-461D-88FF-0CCB6F948C72}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{7F38EE7F-BECD-45F0-96C6-A118FDADEBDA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86A6DC7A-C77B-4350-A3CF-87F26FDAE0CF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{946FFE75-A0FA-4C66-8652-5E8560268B06}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{94A6DE47-6E2F-4625-B764-276A9420D3C3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{94D454E5-E47E-4AC9-9838-763DD5EA7540}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FE817D6-73F6-40E3-A031-DE7C9A7F9EC2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A38437E1-9813-4EF6-A263-CE20C1201C43}" = protocol=17 | dir=in | app=c:\users\alan\appdata\local\akamai\netsession_win.exe |
"{A6728B7C-03AC-4935-8D2A-1E41C35CACD6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{A9E057A2-E5A7-4D07-9DB3-0EA6F293A6F8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B017753D-34DF-4F09-95F0-8E4D2ED3A870}" = protocol=58 | dir=in | [email protected],-28545 |
"{B0A6484E-9240-4F60-AF3D-77C31FE0FA62}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B3E8E079-B9AB-470F-9B81-0D6F699B89EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5526AE2-B25B-463F-896D-1AA801EBE793}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B9FFAC5D-2C44-4FAF-AB72-A67A620C3631}" = protocol=1 | dir=in | [email protected],-28543 |
"{C0DBC8A6-EB11-45B9-AF5E-EE4F24D03CA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C5F92603-910B-4632-8FD0-3EAEFA258968}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6D2538E-889D-4FB6-91E0-AE55645799FE}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed™ hot pursuit\launcher.exe |
"{CADF05C3-6432-4D8A-B8D5-61ECC589BDBE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D15C3EDE-22E1-4B83-B4CB-7C78C9B55BBC}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{DA7673B7-AF44-4EB1-83D4-DC3415FDE8C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E483D6A6-1B42-4C6E-A490-77FC1730697A}" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\major league baseball 2k11\mlb2k11.exe |
"{E8D3E324-7906-491B-B1C6-C045B3C6E86F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{EC473E4B-F70B-470A-B563-C48A106EF830}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"TCP Query User{849B18F5-CE76-40A8-A9B0-B9C0A95214E7}C:\users\alan\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\alan\appdata\local\akamai\netsession_win.exe |
"UDP Query User{AC840304-F997-48BF-8A4D-D1E653D8D2C7}C:\users\alan\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\alan\appdata\local\akamai\netsession_win.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11672AB2-3D48-4D38-9123-719E5FF93333}" = Autodesk Workflows 2014
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 - English
"{5783F2D7-D001-0409-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack - English
"{5783F2D7-D001-0409-2102-0060B0CE6BBA}" = AutoCAD 2014 - English
"{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}" = Microsoft IntelliPoint 7.1
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{653B9326-BD45-53BE-681A-A49CAAEE8A3C}" = ccc-utility64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7346B4A0-1200-0210-0409-705C0D862004}" = Revit Structure 2012
"{7346B4A0-1200-0211-0409-705C0D862004}" = Revit Structure 2012 Language Pack - English
"{7346B4A0-1300-0510-0409-705C0D862004}" = Revit 2013
"{7346B4A0-1300-0511-0409-705C0D862004}" = Revit 2013 Language Pack - English
"{7346B4A0-1400-0510-0000-705C0D862004}" = Revit 2014
"{7346B4A0-1400-0511-0409-705C0D862004}" = Revit 2014 Language Pack - English
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{850C7AF6-7376-464D-A69C-E8419EC7ACA7}" = Microsoft IntelliType Pro 7.0
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A61B820-598D-05B2-5F8D-7388E15AE2DB}" = AMD Drag and Drop Transcoding
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}" = AMD Catalyst Install Manager
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0}" = AMD Media Foundation Decoders
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"AutoCAD 2014 - English" = Autodesk AutoCAD 2014 - English
"Autodesk Revit 2013" = Autodesk Revit 2013
"Autodesk Revit 2013 UR1" = Autodesk Revit 2013 UR1
"Autodesk Revit 2013 UR2" = Autodesk Revit 2013 UR2
"Autodesk Revit 2014" = Autodesk Revit 2014
"Autodesk Revit Structure 2012" = Autodesk Revit Structure 2012
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"CCleaner" = CCleaner
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"SP6" = Logitech SetPoint 6.32
"WhoCrashed_is1" = WhoCrashed 4.01
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E3C6C75-872D-4B0D-B0B2-31C717250691}" = Adobe Encore CS5 Third Party Royalty Content
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{1A2CDD52-4D6A-4937-B0E8-7FFFCF01E97F}" = SI Stand-alone application
"{1A9E6C1B-17C7-4C4E-903C-F55430086084}" = JustAddCommerce for Microsoft FrontPage 2003
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}" = Autodesk Material Library Low Resolution Image Library 2012
"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java™ 6 Update 39
"{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}" = Autodesk Material Library Low Resolution Image Library 2013
"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2C3060F6-F0DC-4F63-A70F-2070BE57EEDC}" = The Print Shop 3.0 Fonts
"{2F48C80C-3A76-495A-A4B5-C0CC946FEEBD}" = Autodesk Download Manager
"{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}" = LightScribe System Software
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It! Library 10
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Premium 10
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{4B75C418-A7DF-4C11-B854-EB5EBFB07C88}" = The Print Shop 3.0 Professional
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{53E4CE64-629E-4590-AB43-1D8C85A6E621}" = The Print Shop 2.0 Deluxe
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{565DE707-5798-4FC3-8DF6-0F58A348A9B0}" = Adobe Premiere Pro CS5 Third Party Royalty Content
"{58760EEC-8B6A-43F4-81AA-696E381DFADD}" = Autodesk Material Library Medium Resolution Image Library 2013
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{5C29CC1F-218F-4C30-948A-11066CAC59FB}" = Autodesk Material Library Low Resolution Image Library 2014
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DDABB74-A879-4BE7-A4C6-FD41793942DB}" = Adobe Media Encoder CS5 Dolby X64
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)
"{5F8D931D-B230-47F3-A9C0-0C8CA459A332}" = Microsoft Expression Web 4
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6C32ACBF-B9CA-4d53-BB71-C4FA97582286}_is1" = Sothink DHTML Menu 9
"{6DA2B636-698A-3294-BF4A-B5E11B238CDD}" = Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = Catalyst Control Center
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73CD9967-000C-49C6-A900-C87D5B2D253F}" = Presto! PageManager 8.15.01 SE
"{757E0E87-8F54-46FD-BA00-54CCF341F4A9}" = ArcSoft Print Creations
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{7FC8C210-A319-4835-A87D-B935EFB4C148}" = Microsoft Live Search Toolbar
"{801B0DA3-A3FF-46CC-B97F-D76D510AF5AE}" = Microsoft Silverlight 4 SDK
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed™ Hot Pursuit
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit)
"{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}" = Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91221AAC-F2A0-4028-8016-C7DAF63CB6CC}" = FARO LS 1.1.408.2
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{96A628B7-93D6-46CC-9E74-02F7D2E21E96}" = Major League Baseball 2K11
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}" = HP MediaSmart Demo
"{9E0908EB-943F-484C-938E-7DE7D62F6845}" = SI Data SIen v2004.19
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}" = Autodesk Material Library Medium Resolution Image Library 2014
"{A06FE62B-CEBC-4E94-AED8-92DCC33BC8EA}" = Microsoft Expression Studio 4
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3BC1DBD-64D6-4EBC-0091-24C811662D40}" = Madden NFL 08
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACC2E059-40E9-4464-B18D-C9BDD9A02CED}" = NASCAR® Racing 2003 Season
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{BF127B80-CFD5-4379-9752-E8AF1A5D0141}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}" = Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729
"{C3DF1C57-780A-DB9C-F30A-68EB45526761}" = Catalyst Control Center InstallProxy
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE5DE662-2ECB-4D93-967B-221FBCC8A736}" = Adobe Soundbooth CS5 Codecs
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E4641D0C-1C16-4930-BCCC-04C6C01EA6BA}" = SI Tiff Viewer Plugin v4
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F319804F-E3A4-4C02-8AEC-CB39A4F6447E}" = Adobe Soundbooth CS5 Royalty Codecs
"{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}" = Microsoft Expression Web 4 Service Pack 2
"{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}" = Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729
"{F9C71630-0EE3-475C-9E2B-ED95AE197DBD}" = Adobe Media Encoder CS5 PCI X64
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FE6CC1A6-D898-4D34-99B8-4D5F29E8DC91}" = Passware Kit Enterprise 9.7
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Audacity_is1" = Audacity 2.0.3
"Autodesk Content Service" = Autodesk Content Service
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"BearShare" = BearShare
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cisco Connect" = Cisco Connect
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ExpressionStudio_4.0.20525.0" = Microsoft Expression Studio 4
"FARO LS_is1" = FARO LS 4.8.2.25521
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"N360" = Norton Security Suite
"Need for Speed Most Wanted_is1" = Need for Speed Most Wanted
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PictureItPrem_v10" = Microsoft Picture It! Premium 10
"Shockwave" = Shockwave
"Web_4.0.1303.0" = Microsoft Expression Web 4
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WildTangent hp Master Uninstall" = HP Games

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/13/2013 4:03:38 PM | Computer Name = Alan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: HPSF_Tasks.exe, version: 7.0.39.15, time
stamp: 0x50645753 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x0002e8a5 Faulting process
id: 0xdc4 Faulting application start time: 0x01ce8001e4e5233d Faulting application
path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe
Faulting
module path: C:\windows\SysWOW64\ntdll.dll Report Id: 4def3e57-ebf7-11e2-b55e-40618694b862

Error - 7/13/2013 4:05:52 PM | Computer Name = Alan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: HPSF_Tasks.exe, version: 7.0.39.15, time
stamp: 0x50645753 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x0002ecd0 Faulting process
id: 0x19e0 Faulting application start time: 0x01ce8002369e6f52 Faulting application
path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe
Faulting
module path: C:\windows\SysWOW64\ntdll.dll Report Id: 9dc1c30c-ebf7-11e2-b55e-40618694b862

Error - 7/13/2013 9:21:07 PM | Computer Name = Alan-PC | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 10.0.9200.16635 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1838 Start
Time: 01ce802f19a52c61 Termination Time: 45 Application Path: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Report Id:

Error - 7/14/2013 1:47:52 PM | Computer Name = Alan-PC | Source = ESENT | ID = 455
Description = taskhost (1492) WebCacheLocal: Error -1811 occurred while opening
logfile C:\Users\Alan\AppData\Local\Microsoft\Windows\WebCache\V0100D8E.log.

Error - 7/20/2013 1:34:27 PM | Computer Name = Alan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Acrobat.exe, version: 10.1.7.27, time stamp:
0x518c95a8 Faulting module name: EScript.api, version: 10.1.7.27, time stamp: 0x518ca10f
Exception
code: 0xc0000005 Fault offset: 0x000bd1c5 Faulting process id: 0x19ac Faulting application
start time: 0x01ce856f5db74f6f Faulting application path: C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\Acrobat.exe Faulting module path: C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\plug_ins\EScript.api Report Id: 9faad34d-f162-11e2-904a-40618694b862

Error - 7/20/2013 1:34:39 PM | Computer Name = Alan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Acrobat.exe, version: 10.1.7.27, time stamp:
0x518c95a8 Faulting module name: EScript.api, version: 10.1.7.27, time stamp: 0x518ca10f
Exception
code: 0xc0000005 Fault offset: 0x000bd1c5 Faulting process id: 0xce4 Faulting application
start time: 0x01ce856f67d82fa3 Faulting application path: C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\Acrobat.exe Faulting module path: C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\plug_ins\EScript.api Report Id: a6e1a3b1-f162-11e2-904a-40618694b862

Error - 7/20/2013 1:36:16 PM | Computer Name = Alan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Acrobat.exe, version: 10.1.7.27, time stamp:
0x518c95a8 Faulting module name: EScript.api, version: 10.1.7.27, time stamp: 0x518ca10f
Exception
code: 0xc0000005 Fault offset: 0x000bd1c5 Faulting process id: 0x868 Faulting application
start time: 0x01ce856fa21ceec2 Faulting application path: C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\Acrobat.exe Faulting module path: C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\plug_ins\EScript.api Report Id: e10ad367-f162-11e2-904a-40618694b862

Error - 7/20/2013 2:58:16 PM | Computer Name = Alan-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/20/2013 2:58:16 PM | Computer Name = Alan-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11122

Error - 7/20/2013 2:58:16 PM | Computer Name = Alan-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11122

[ Hewlett-Packard Events ]
Error - 6/1/2013 2:52:41 PM | Computer Name = Alan-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 12247
Ram
Utilization: 20 TargetSite: Void addTempSession()

Error - 6/8/2013 2:29:05 PM | Computer Name = Alan-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 12247
Ram
Utilization: 20 TargetSite: Void addTempSession()

Error - 6/15/2013 4:03:57 PM | Computer Name = Alan-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 12247
Ram
Utilization: 20 TargetSite: Void addTempSession()

Error - 6/22/2013 2:20:15 PM | Computer Name = Alan-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 12247
Ram
Utilization: 20 TargetSite: Void addTempSession()

Error - 6/29/2013 1:06:47 PM | Computer Name = Alan-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 12247
Ram
Utilization: 20 TargetSite: Void addTempSession()

Error - 6/29/2013 8:06:54 PM | Computer Name = Alan-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 12247
Ram
Utilization: 20 TargetSite: Void addTempSession()

Error - 7/6/2013 5:22:59 PM | Computer Name = Alan-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 12247
Ram
Utilization: 20 TargetSite: Void addTempSession()

Error - 7/13/2013 1:23:51 PM | Computer Name = Alan-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 12247
Ram
Utilization: TargetSite: Void addTempSession()

Error - 7/13/2013 2:01:04 PM | Computer Name = Alan-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.addTempSession()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 12247
Ram
Utilization: 20 TargetSite: Void addTempSession()

Error - 7/13/2013 3:24:13 PM | Computer Name = Alan-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Common.AppProperties.SupportAssistantCommon.get_LogsPath()

at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Common.AppProperties.SupportAssistantCommon.get_LogsPath()

at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Common Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
12247 Ram Utilization: 10 TargetSite: System.String get_LogsPath()

[ System Events ]
Error - 7/18/2013 9:22:48 PM | Computer Name = Alan-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\papycpu2.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 7/18/2013 9:22:48 PM | Computer Name = Alan-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\papyjoy.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 7/18/2013 9:24:01 PM | Computer Name = Alan-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
papycpu2 papyjoy

Error - 7/18/2013 9:36:40 PM | Computer Name = Alan-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\papycpu2.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 7/18/2013 9:36:40 PM | Computer Name = Alan-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\papyjoy.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 7/18/2013 9:39:05 PM | Computer Name = Alan-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
papycpu2 papyjoy

Error - 7/20/2013 1:25:44 PM | Computer Name = Alan-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\papycpu2.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 7/20/2013 1:25:44 PM | Computer Name = Alan-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\papyjoy.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 7/20/2013 1:26:29 PM | Computer Name = Alan-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
papycpu2 papyjoy

Error - 7/20/2013 1:27:13 PM | Computer Name = Alan-PC | Source = WMPNetworkSvc | ID = 866300
Description =


< End of report >
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello zfastss

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

When they are complete let me have the two reports and let me know how things are running.

Gringo
  • 0

#3
zfastss

zfastss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hello Gringo. Thank you for the quick response. The requested logs are posted below. For the JRT tool I was paranoid about turning off my protection, so I did, but I also unplugged my lan cable then ran the scan. Hope that was okay. So far I haven't gotten any notification from Norton about malicious attacks, but it is too early to say for sure as it seemed totally random before.

ADWCleaner:
# AdwCleaner v2.306 - Logfile created 07/21/2013 at 10:21:08
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Alan - ALAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Alan\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [752 octets] - [21/07/2013 10:21:08]

########## EOF - C:\AdwCleaner[S1].txt - [811 octets] ##########


JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.9 (07.20.2013:3)
OS: Windows 7 Home Premium x64
Ran by Alan on Sun 07/21/2013 at 10:27:10.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{57019A13-E8A0-41AE-8C8A-65E0B0ED6A6C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{57019A13-E8A0-41AE-8C8A-65E0B0ED6A6C}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 07/21/2013 at 10:34:18.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#4
zfastss

zfastss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Well, I just got a new notification from Norton alerting me to another malicious toolkit attack. Here are the specifics incase it helps:
Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
7/21/2013 10:44:52 AM,High,An intrusion attempt by ompareads.us was blocked.,Blocked,No Action Required,Web Attack: Exploit Toolkit Website 21,No Action Required,No Action Required,"ompareads.us (31.3.232.117, 80)",ompareads.us/in.cgi?6&vando=suxmi&eaff=3-3482&parameter=boost_interprocess&CS=1,"ALAN-PC (******, 50421)",31.3.232.117 (31.3.232.117),"TCP, www-http"
Network traffic from <b>ompareads.us/in.cgi?6&vando=suxmi&eaff=3-3482&parameter=boost_interprocess&CS=1</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.

I deleded my IP from the above report out of paranoia. All I did was google search "boost_interprocess" since that was one of the items the tools you mentioned found, and when going to a link that google suggestes (sevenforums.com) the notification appeared.
  • 0

#5
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello zfastss

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#6
zfastss

zfastss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Combofix log below (In the middle of it running a RunDLL box appeared saying there was a problem starting c:\users\Alan\AppData\Local\PACE Anti-Piracy\PowerCinema\pdpe.dll, The specified module could not be found.

ComboFix 13-07-20.03 - Alan 07/21/2013 11:06:31.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12247.10095 [GMT -7:00]
Running from: c:\users\Alan\Desktop\ComboFix.exe
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Alan\AppData\Local\PACE Anti-Piracy\PowerCinema\pdpe.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-06-21 to 2013-07-21 )))))))))))))))))))))))))))))))
.
.
2013-07-21 18:14 . 2013-07-21 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-21 17:27 . 2013-07-21 17:27 -------- d-----w- c:\windows\ERUNT
2013-07-21 02:18 . 2013-07-21 02:18 -------- d-----w- c:\users\Alan\AppData\Local\Passware
2013-07-21 00:12 . 2013-07-21 00:12 545200 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-07-21 00:12 . 2013-07-21 00:12 526768 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-21 00:12 . 2013-07-21 00:12 196528 ----a-w- c:\windows\system32\javaws.exe
2013-07-21 00:12 . 2013-07-21 00:12 172976 ----a-w- c:\windows\system32\javaw.exe
2013-07-21 00:12 . 2013-07-21 00:12 172976 ----a-w- c:\windows\system32\java.exe
2013-07-21 00:12 . 2013-07-21 00:12 -------- d-----w- c:\program files\Java
2013-07-19 01:30 . 2013-07-19 01:33 -------- d-----w- c:\windows\system32\drivers\N360x64\1404000.028
2013-07-13 19:24 . 2013-07-13 19:24 -------- d-----w- c:\programdata\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-07-13 17:15 . 2013-07-13 17:16 -------- d-----w- c:\windows\system32\MRT
2013-07-13 17:11 . 2013-06-11 23:25 15404032 ----a-w- c:\windows\system32\ieframe.dll
2013-07-13 17:11 . 2013-06-11 23:25 19238912 ----a-w- c:\windows\system32\mshtml.dll
2013-06-29 23:47 . 2013-07-06 21:33 -------- d-----w- c:\users\Alan\AppData\Local\PANTONE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-19 01:30 . 2013-04-27 23:00 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-14 17:00 . 2012-04-15 17:22 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-14 17:00 . 2011-05-15 02:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-13 17:15 . 2010-02-25 21:01 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-05-13 05:51 . 2013-06-15 20:00 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-15 20:00 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-15 20:00 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-15 20:00 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-15 20:00 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-15 20:00 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-15 20:00 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-15 20:00 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-15 20:00 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-15 20:00 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 07:57 . 2013-05-10 07:57 27208 ----a-w- c:\windows\system32\AdobePDFUI.dll
2013-05-10 07:57 . 2013-05-10 07:57 55872 ----a-w- c:\windows\system32\AdobePDF.dll
2013-05-10 05:49 . 2013-06-15 20:00 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-15 20:00 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-15 20:00 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-01 10:59 . 2013-05-01 10:59 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 10:59 . 2013-05-01 10:59 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2013-04-28 17:46 . 2013-04-28 17:46 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-26 05:51 . 2013-06-15 20:00 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-04-26 04:55 . 2013-06-15 20:00 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-04-25 23:30 . 2013-06-15 20:00 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMSpeed"="c:\program files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.EXE" [2008-12-09 55120]
"Akamai NetSession Interface"="c:\users\Alan\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2013-05-10 1272912]
"PANTONE"="c:\users\Alan\AppData\Local\PANTONE\pzrnmgqx.dll" [2013-07-06 891904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2013-05-10 38984]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2013-05-10 840768]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2013-02-01 1641368]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-29 642656]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-03-21 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe -det [2009-6-3 430080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver 03/15/2010,1.12.0.1;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys;c:\windows\SYSNATIVE\DRIVERS\point64k.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 SITomcat;SI Tomcat;c:\program files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe;c:\program files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe [x]
S2 SITransbase;SI Transbase;c:\program files (x86)\GM SPO\eSI\Transbase\tbmux32.exe;c:\program files (x86)\GM SPO\eSI\Transbase\tbmux32.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 23:05 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-14 c:\windows\Tasks\HPCeeScheduleForAlan.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-03-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-15 610360]
"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-05-21 2342800]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-12 2320752]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2008-05-24 26448]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-15 190536]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-PowerCinema - c:\users\Alan\AppData\Local\PACE Anti-Piracy\PowerCinema\pdpe.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-Run-PowerCinema - c:\users\Alan\AppData\Local\PACE Anti-Piracy\PowerCinema\pdpe.dll
SafeBoot-57297413.sys
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:a1,c6,c6,8c,3e,a7,b1,99,c4,ba,da,d0,a6,57,95,e8,80,94,1b,9e,53,
44,37,d0,1e,3b,20,89,b7,30,e1,27,d4,71,b2,b7,00,16,27,a6,ab,96,a6,d2,7e,52,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:a1,c6,c6,8c,3e,a7,b1,99,c4,ba,da,d0,a6,57,95,e8,80,94,1b,9e,53,
44,37,d0,1e,3b,20,89,b7,30,e1,27,d4,71,b2,b7,00,16,27,a6,ab,96,a6,d2,7e,52,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\System32\spool\drivers\x64\3\WrtProc.exe
c:\windows\SysWOW64\regsvr32.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files (x86)\GM SPO\eSI\Transbase\tbkern32.exe
c:\program files (x86)\GM SPO\eSI\Transbase\tbkern32.exe
c:\program files (x86)\Internet Explorer\IEXPLORE.EXE
.
**************************************************************************
.
Completion time: 2013-07-21 11:22:43 - machine was rebooted
ComboFix-quarantined-files.txt 2013-07-21 18:22
ComboFix2.txt 2013-07-13 18:44
.
Pre-Run: 692,223,508,480 bytes free
Post-Run: 692,146,864,128 bytes free
.
- - End Of File - - C7EC121652CFF6CCB1914EC47BEC1D1F
D41D8CD98F00B204E9800998ECF8427E
  • 0

#7
zfastss

zfastss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Just got another notification from Norton:

Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
7/21/2013 12:02:44 PM,High,An intrusion attempt by shgg.11bajen.info was blocked.,Blocked,No Action Required,Web Attack: Exploit Toolkit Website 5,No Action Required,No Action Required,"shgg.11bajen.info (46.165.246.73, 80)",shgg.11bajen.info/b8767334c56c5f8bc03c0acc428616ec/1b30e4f5c5a100253e5a875e7b344db8.jnlp,"ALAN-PC (192.168.1.142, 55899)",46.165.246.73 (46.165.246.73),"TCP, www-http"
Network traffic from <b>shgg.11bajen.info/b8767334c56c5f8bc03c0acc428616ec/1b30e4f5c5a100253e5a875e7b344db8.jnlp</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\JAVA\JRE6\BIN\JAVAW.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.

These only seem to happen if I am active within internet explorer (IE10).

Edited by zfastss, 21 July 2013 - 01:05 PM.

  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello zfastss

I am not so sure that this is a problem

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+

send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo
  • 0

#9
zfastss

zfastss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Logs are below. RogueKiller made two logs but they both contained [0], so I pasted both. Also I'm wondering if I just got on some list somewhere that is directing attacks my way. On the last couple of attacks, I've permanently blocked the attacking IP addresses (instead of the default 30min block by Norton) and the attacks seems to have slowed. I've also read elsewhere that if this is the case and it is purely an external attack, as long as it is being blocked they will eventually stop on their own.
Please let me know if you are seeing anything. Most of what the reports have shown as being suspicious are familiar programs that I know are safe and have been installed for years with no issue.

TDSSKiller log:
19:08:45.0167 2992 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
19:08:45.0885 2992 ============================================================
19:08:45.0885 2992 Current date / time: 2013/07/21 19:08:45.0885
19:08:45.0885 2992 SystemInfo:
19:08:45.0885 2992
19:08:45.0885 2992 OS Version: 6.1.7601 ServicePack: 1.0
19:08:45.0885 2992 Product type: Workstation
19:08:45.0885 2992 ComputerName: ALAN-PC
19:08:45.0885 2992 UserName: Alan
19:08:45.0885 2992 Windows directory: C:\windows
19:08:45.0885 2992 System windows directory: C:\windows
19:08:45.0885 2992 Running under WOW64
19:08:45.0885 2992 Processor architecture: Intel x64
19:08:45.0885 2992 Number of processors: 8
19:08:45.0885 2992 Page size: 0x1000
19:08:45.0885 2992 Boot type: Normal boot
19:08:45.0885 2992 ============================================================
19:08:45.0885 2992 BG loaded
19:08:47.0367 2992 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:08:47.0398 2992 ============================================================
19:08:47.0398 2992 \Device\Harddisk0\DR0:
19:08:47.0398 2992 MBR partitions:
19:08:47.0398 2992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:08:47.0398 2992 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x730D51C1
19:08:47.0398 2992 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x731079C1, BlocksNum 0x15FE000
19:08:47.0398 2992 ============================================================
19:08:47.0507 2992 C: <-> \Device\Harddisk0\DR0\Partition2
19:08:50.0580 2992 D: <-> \Device\Harddisk0\DR0\Partition3
19:08:50.0580 2992 ============================================================
19:08:50.0580 2992 Initialize success
19:08:50.0580 2992 ============================================================
19:10:09.0336 1572 ============================================================
19:10:09.0336 1572 Scan started
19:10:09.0336 1572 Mode: Manual; SigCheck; TDLFS;
19:10:09.0336 1572 ============================================================
19:10:46.0496 1572 ================ Scan system memory ========================
19:10:46.0496 1572 System memory - ok
19:10:46.0496 1572 ================ Scan services =============================
19:10:50.0942 1572 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:10:51.0644 1572 1394ohci - ok
19:10:52.0424 1572 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:10:52.0455 1572 ACDaemon - ok
19:10:52.0517 1572 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:10:52.0548 1572 ACPI - ok
19:10:52.0860 1572 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:10:54.0186 1572 AcpiPmi - ok
19:10:55.0965 1572 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:10:55.0980 1572 AdobeARMservice - ok
19:10:56.0370 1572 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
19:10:56.0402 1572 adp94xx - ok
19:10:56.0885 1572 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
19:10:56.0932 1572 adpahci - ok
19:10:57.0150 1572 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
19:10:57.0150 1572 adpu320 - ok
19:10:57.0400 1572 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:10:58.0898 1572 AeLookupSvc - ok
19:10:59.0069 1572 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
19:10:59.0990 1572 AFD - ok
19:11:00.0723 1572 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
19:11:00.0738 1572 agp440 - ok
19:11:01.0721 1572 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
19:11:01.0924 1572 ALG - ok
19:11:02.0626 1572 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
19:11:02.0642 1572 aliide - ok
19:11:02.0782 1572 [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
19:11:07.0290 1572 AMD External Events Utility - ok
19:11:08.0398 1572 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
19:11:08.0398 1572 amdide - ok
19:11:08.0616 1572 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
19:11:09.0194 1572 AmdK8 - ok
19:11:12.0048 1572 [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
19:11:12.0236 1572 amdkmdag - ok
19:11:13.0780 1572 [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
19:11:14.0404 1572 amdkmdap - ok
19:11:14.0607 1572 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
19:11:14.0763 1572 AmdPPM - ok
19:11:15.0184 1572 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
19:11:15.0215 1572 amdsata - ok
19:11:15.0340 1572 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
19:11:15.0371 1572 amdsbs - ok
19:11:15.0480 1572 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
19:11:15.0496 1572 amdxata - ok
19:11:15.0683 1572 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
19:11:16.0572 1572 AppID - ok
19:11:16.0978 1572 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:11:17.0243 1572 AppIDSvc - ok
19:11:17.0680 1572 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll
19:11:17.0867 1572 Appinfo - ok
19:11:18.0179 1572 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:11:18.0195 1572 Apple Mobile Device - ok
19:11:18.0507 1572 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
19:11:18.0522 1572 arc - ok
19:11:19.0193 1572 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
19:11:19.0224 1572 arcsas - ok
19:11:20.0550 1572 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:11:20.0738 1572 aspnet_state - ok
19:11:20.0987 1572 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:11:21.0237 1572 AsyncMac - ok
19:11:21.0408 1572 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
19:11:21.0440 1572 atapi - ok
19:11:21.0830 1572 [ D481083348138B4933ACFE95812DB71C ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
19:11:21.0845 1572 AtiHdmiService - ok
19:11:22.0095 1572 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:11:22.0157 1572 AudioEndpointBuilder - ok
19:11:22.0454 1572 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:11:22.0500 1572 AudioSrv - ok
19:11:23.0000 1572 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
19:11:23.0062 1572 Autodesk Content Service - ok
19:11:23.0202 1572 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
19:11:23.0639 1572 AxInstSV - ok
19:11:23.0780 1572 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
19:11:23.0982 1572 b06bdrv - ok
19:11:24.0138 1572 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:11:24.0248 1572 b57nd60a - ok
19:11:24.0404 1572 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
19:11:24.0513 1572 BDESVC - ok
19:11:24.0622 1572 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
19:11:24.0731 1572 Beep - ok
19:11:25.0106 1572 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
19:11:25.0152 1572 BFE - ok
19:11:25.0901 1572 [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys
19:11:25.0932 1572 BHDrvx64 - ok
19:11:25.0995 1572 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
19:11:26.0088 1572 BITS - ok
19:11:26.0135 1572 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:11:26.0182 1572 blbdrive - ok
19:11:26.0307 1572 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:11:26.0322 1572 Bonjour Service - ok
19:11:26.0369 1572 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:11:26.0432 1572 bowser - ok
19:11:26.0510 1572 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
19:11:26.0572 1572 BrFiltLo - ok
19:11:26.0619 1572 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
19:11:26.0650 1572 BrFiltUp - ok
19:11:26.0697 1572 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
19:11:26.0775 1572 BridgeMP - ok
19:11:26.0837 1572 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
19:11:26.0853 1572 Browser - ok
19:11:26.0868 1572 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:11:26.0915 1572 Brserid - ok
19:11:26.0915 1572 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:11:26.0946 1572 BrSerWdm - ok
19:11:26.0993 1572 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:11:27.0071 1572 BrUsbMdm - ok
19:11:27.0071 1572 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:11:27.0102 1572 BrUsbSer - ok
19:11:27.0227 1572 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
19:11:27.0305 1572 BthEnum - ok
19:11:27.0321 1572 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
19:11:27.0383 1572 BTHMODEM - ok
19:11:27.0414 1572 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
19:11:27.0461 1572 BthPan - ok
19:11:27.0602 1572 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
19:11:27.0680 1572 BTHPORT - ok
19:11:27.0742 1572 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
19:11:27.0804 1572 bthserv - ok
19:11:27.0836 1572 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
19:11:27.0836 1572 BTHUSB - ok
19:11:27.0867 1572 catchme - ok
19:11:27.0960 1572 [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_N360 C:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys
19:11:27.0992 1572 ccSet_N360 - ok
19:11:28.0023 1572 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:11:28.0101 1572 cdfs - ok
19:11:28.0163 1572 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
19:11:28.0210 1572 cdrom - ok
19:11:28.0304 1572 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
19:11:28.0366 1572 CertPropSvc - ok
19:11:28.0397 1572 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
19:11:28.0428 1572 circlass - ok
19:11:28.0491 1572 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
19:11:28.0506 1572 CLFS - ok
19:11:28.0600 1572 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:11:28.0616 1572 clr_optimization_v2.0.50727_32 - ok
19:11:28.0647 1572 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:11:28.0647 1572 clr_optimization_v2.0.50727_64 - ok
19:11:28.0803 1572 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:11:28.0896 1572 clr_optimization_v4.0.30319_32 - ok
19:11:28.0928 1572 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:11:28.0974 1572 clr_optimization_v4.0.30319_64 - ok
19:11:28.0990 1572 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:11:29.0037 1572 CmBatt - ok
19:11:29.0068 1572 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
19:11:29.0084 1572 cmdide - ok
19:11:29.0130 1572 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\windows\system32\Drivers\cng.sys
19:11:29.0177 1572 CNG - ok
19:11:29.0240 1572 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
19:11:29.0271 1572 Compbatt - ok
19:11:29.0302 1572 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
19:11:29.0349 1572 CompositeBus - ok
19:11:29.0364 1572 COMSysApp - ok
19:11:29.0396 1572 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
19:11:29.0411 1572 crcdisk - ok
19:11:29.0442 1572 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\windows\system32\cryptsvc.dll
19:11:29.0505 1572 CryptSvc - ok
19:11:29.0552 1572 [ DB0459AFD124CE5CCB649E33F95D715F ] dc3d C:\windows\system32\DRIVERS\dc3d.sys
19:11:29.0614 1572 dc3d - ok
19:11:29.0645 1572 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
19:11:29.0723 1572 DcomLaunch - ok
19:11:29.0739 1572 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
19:11:29.0801 1572 defragsvc - ok
19:11:29.0864 1572 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:11:29.0910 1572 DfsC - ok
19:11:29.0942 1572 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
19:11:30.0020 1572 Dhcp - ok
19:11:30.0020 1572 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
19:11:30.0098 1572 discache - ok
19:11:30.0160 1572 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
19:11:30.0191 1572 Disk - ok
19:11:30.0254 1572 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:11:30.0316 1572 Dnscache - ok
19:11:30.0363 1572 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
19:11:30.0441 1572 dot3svc - ok
19:11:30.0456 1572 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
19:11:30.0503 1572 DPS - ok
19:11:30.0566 1572 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:11:30.0628 1572 drmkaud - ok
19:11:30.0659 1572 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:11:30.0690 1572 DXGKrnl - ok
19:11:30.0706 1572 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
19:11:30.0737 1572 EapHost - ok
19:11:31.0580 1572 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
19:11:31.0689 1572 ebdrv - ok
19:11:31.0782 1572 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:11:31.0814 1572 eeCtrl - ok
19:11:31.0845 1572 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
19:11:31.0907 1572 EFS - ok
19:11:32.0016 1572 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:11:32.0094 1572 ehRecvr - ok
19:11:32.0235 1572 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
19:11:32.0297 1572 ehSched - ok
19:11:32.0344 1572 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
19:11:32.0360 1572 elxstor - ok
19:11:32.0422 1572 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:11:32.0422 1572 EraserUtilRebootDrv - ok
19:11:32.0453 1572 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
19:11:32.0469 1572 ErrDev - ok
19:11:32.0547 1572 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
19:11:32.0578 1572 EventSystem - ok
19:11:32.0609 1572 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
19:11:32.0640 1572 exfat - ok
19:11:32.0640 1572 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
19:11:32.0687 1572 fastfat - ok
19:11:32.0781 1572 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
19:11:32.0843 1572 Fax - ok
19:11:32.0843 1572 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
19:11:32.0874 1572 fdc - ok
19:11:32.0906 1572 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
19:11:32.0952 1572 fdPHost - ok
19:11:32.0999 1572 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
19:11:33.0062 1572 FDResPub - ok
19:11:33.0077 1572 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:11:33.0093 1572 FileInfo - ok
19:11:33.0108 1572 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:11:33.0140 1572 Filetrace - ok
19:11:33.0249 1572 [ 4ABED7916DB028C614C888D2A6826311 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:11:33.0311 1572 FLEXnet Licensing Service 64 - ok
19:11:33.0327 1572 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
19:11:33.0342 1572 flpydisk - ok
19:11:33.0374 1572 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:11:33.0374 1572 FltMgr - ok
19:11:33.0420 1572 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
19:11:33.0452 1572 FontCache - ok
19:11:33.0498 1572 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:11:33.0514 1572 FontCache3.0.0.0 - ok
19:11:33.0561 1572 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:11:33.0576 1572 FsDepends - ok
19:11:33.0592 1572 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:11:33.0608 1572 Fs_Rec - ok
19:11:33.0623 1572 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:11:33.0654 1572 fvevol - ok
19:11:33.0654 1572 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
19:11:33.0670 1572 gagp30kx - ok
19:11:33.0748 1572 [ 521A469CAF61F00E1DE081CC2099C1D6 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:11:33.0779 1572 GameConsoleService - ok
19:11:33.0795 1572 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
19:11:33.0810 1572 GEARAspiWDM - ok
19:11:33.0842 1572 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
19:11:33.0951 1572 gpsvc - ok
19:11:33.0966 1572 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:11:33.0982 1572 hcw85cir - ok
19:11:34.0013 1572 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
19:11:34.0060 1572 HDAudBus - ok
19:11:34.0091 1572 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
19:11:34.0107 1572 HECIx64 - ok
19:11:34.0138 1572 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
19:11:34.0169 1572 HidBatt - ok
19:11:34.0200 1572 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
19:11:34.0232 1572 HidBth - ok
19:11:34.0263 1572 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
19:11:34.0325 1572 HidIr - ok
19:11:34.0388 1572 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
19:11:34.0466 1572 hidserv - ok
19:11:34.0481 1572 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
19:11:34.0512 1572 HidUsb - ok
19:11:34.0544 1572 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
19:11:34.0606 1572 hkmsvc - ok
19:11:34.0637 1572 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:11:34.0653 1572 HomeGroupListener - ok
19:11:34.0668 1572 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:11:34.0715 1572 HomeGroupProvider - ok
19:11:34.0824 1572 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:11:34.0840 1572 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
19:11:34.0840 1572 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
19:11:34.0934 1572 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:11:34.0980 1572 hpqwmiex - ok
19:11:35.0012 1572 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:11:35.0027 1572 HpSAMD - ok
19:11:35.0168 1572 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:11:35.0246 1572 HTTP - ok
19:11:35.0292 1572 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:11:35.0308 1572 hwpolicy - ok
19:11:35.0324 1572 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
19:11:35.0339 1572 i8042prt - ok
19:11:35.0386 1572 [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
19:11:35.0417 1572 iaStor - ok
19:11:35.0464 1572 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:11:35.0480 1572 IAStorDataMgrSvc - ok
19:11:35.0511 1572 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:11:35.0542 1572 iaStorV - ok
19:11:35.0589 1572 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:11:35.0636 1572 idsvc - ok
19:11:35.0994 1572 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSvia64.sys
19:11:36.0026 1572 IDSVia64 - ok
19:11:36.0041 1572 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
19:11:36.0057 1572 iirsp - ok
19:11:36.0072 1572 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
19:11:36.0135 1572 IKEEXT - ok
19:11:36.0244 1572 [ 028E40182A6F0374978C755F85B9F07C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
19:11:36.0275 1572 IntcAzAudAddService - ok
19:11:36.0306 1572 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
19:11:36.0322 1572 intelide - ok
19:11:36.0338 1572 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:11:36.0369 1572 intelppm - ok
19:11:36.0431 1572 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:11:36.0494 1572 IPBusEnum - ok
19:11:36.0572 1572 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:11:36.0650 1572 IpFilterDriver - ok
19:11:36.0696 1572 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
19:11:36.0728 1572 iphlpsvc - ok
19:11:36.0743 1572 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:11:36.0790 1572 IPMIDRV - ok
19:11:36.0806 1572 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:11:36.0884 1572 IPNAT - ok
19:11:36.0946 1572 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:11:36.0977 1572 iPod Service - ok
19:11:37.0008 1572 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
19:11:37.0055 1572 IRENUM - ok
19:11:37.0086 1572 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:11:37.0118 1572 isapnp - ok
19:11:37.0133 1572 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:11:37.0149 1572 iScsiPrt - ok
19:11:37.0180 1572 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
19:11:37.0211 1572 kbdclass - ok
19:11:37.0258 1572 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
19:11:37.0289 1572 kbdhid - ok
19:11:37.0320 1572 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
19:11:37.0336 1572 KeyIso - ok
19:11:37.0367 1572 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:11:37.0383 1572 KSecDD - ok
19:11:37.0414 1572 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:11:37.0430 1572 KSecPkg - ok
19:11:37.0430 1572 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
19:11:37.0508 1572 ksthunk - ok
19:11:37.0539 1572 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
19:11:37.0601 1572 KtmRm - ok
19:11:37.0632 1572 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
19:11:37.0664 1572 LanmanServer - ok
19:11:37.0695 1572 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:11:37.0773 1572 LanmanWorkstation - ok
19:11:37.0882 1572 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
19:11:37.0913 1572 LBTServ - ok
19:11:37.0960 1572 [ 8817ABA3A9180F6C4B8938842925B1E1 ] LEqdUsb C:\windows\system32\DRIVERS\LEqdUsb.Sys
19:11:37.0976 1572 LEqdUsb - ok
19:11:37.0976 1572 [ 8BCB069C2B6DA65B5F6F561293EE447C ] LHidEqd C:\windows\system32\DRIVERS\LHidEqd.Sys
19:11:37.0991 1572 LHidEqd - ok
19:11:38.0007 1572 [ 0A7D6ED578D85F0C35353424EE3F5245 ] LHidFilt C:\windows\system32\DRIVERS\LHidFilt.Sys
19:11:38.0022 1572 LHidFilt - ok
19:11:38.0069 1572 [ 76CBD1FAC76653A6B57F8E1C641E50A0 ] libusb0 C:\windows\system32\DRIVERS\libusb0.sys
19:11:38.0116 1572 libusb0 - ok
19:11:38.0163 1572 [ 71C6A95A5F0CCC87298C4DD0F2C3635A ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:11:38.0194 1572 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:11:38.0194 1572 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:11:38.0225 1572 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:11:38.0288 1572 lltdio - ok
19:11:38.0319 1572 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
19:11:38.0381 1572 lltdsvc - ok
19:11:38.0412 1572 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
19:11:38.0444 1572 lmhosts - ok
19:11:38.0459 1572 [ 6542E2E6DB58118FBB1B82A68CE3AFF9 ] LMouFilt C:\windows\system32\DRIVERS\LMouFilt.Sys
19:11:38.0459 1572 LMouFilt - ok
19:11:38.0490 1572 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
19:11:38.0522 1572 LSI_FC - ok
19:11:38.0553 1572 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
19:11:38.0553 1572 LSI_SAS - ok
19:11:38.0568 1572 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
19:11:38.0584 1572 LSI_SAS2 - ok
19:11:38.0584 1572 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
19:11:38.0600 1572 LSI_SCSI - ok
19:11:38.0615 1572 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
19:11:38.0662 1572 luafv - ok
19:11:38.0709 1572 [ DA3494DF01C62D821911ED91CE5E1642 ] LUsbFilt C:\windows\system32\Drivers\LUsbFilt.Sys
19:11:38.0709 1572 LUsbFilt - ok
19:11:38.0756 1572 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:11:38.0771 1572 Mcx2Svc - ok
19:11:38.0880 1572 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
19:11:38.0896 1572 MDM - ok
19:11:38.0927 1572 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
19:11:38.0943 1572 megasas - ok
19:11:38.0958 1572 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
19:11:38.0974 1572 MegaSR - ok
19:11:39.0068 1572 Microsoft SharePoint Workspace Audit Service - ok
19:11:39.0083 1572 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
19:11:39.0146 1572 MMCSS - ok
19:11:39.0161 1572 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
19:11:39.0224 1572 Modem - ok
19:11:39.0255 1572 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:11:39.0302 1572 monitor - ok
19:11:39.0333 1572 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
19:11:39.0348 1572 mouclass - ok
19:11:39.0380 1572 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:11:39.0411 1572 mouhid - ok
19:11:39.0442 1572 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:11:39.0458 1572 mountmgr - ok
19:11:39.0489 1572 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
19:11:39.0504 1572 mpio - ok
19:11:39.0520 1572 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:11:39.0551 1572 mpsdrv - ok
19:11:39.0582 1572 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
19:11:39.0629 1572 MpsSvc - ok
19:11:39.0645 1572 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:11:39.0676 1572 MRxDAV - ok
19:11:39.0707 1572 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:11:39.0770 1572 mrxsmb - ok
19:11:39.0785 1572 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:11:39.0832 1572 mrxsmb10 - ok
19:11:39.0863 1572 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:11:39.0894 1572 mrxsmb20 - ok
19:11:39.0910 1572 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
19:11:39.0926 1572 msahci - ok
19:11:39.0941 1572 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:11:39.0957 1572 msdsm - ok
19:11:39.0972 1572 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
19:11:40.0004 1572 MSDTC - ok
19:11:40.0035 1572 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
19:11:40.0066 1572 Msfs - ok
19:11:40.0097 1572 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:11:40.0128 1572 mshidkmdf - ok
19:11:40.0160 1572 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:11:40.0175 1572 msisadrv - ok
19:11:40.0191 1572 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:11:40.0222 1572 MSiSCSI - ok
19:11:40.0222 1572 msiserver - ok
19:11:40.0238 1572 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:11:40.0284 1572 MSKSSRV - ok
19:11:40.0331 1572 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:11:40.0394 1572 MSPCLOCK - ok
19:11:40.0409 1572 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:11:40.0456 1572 MSPQM - ok
19:11:40.0487 1572 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:11:40.0503 1572 MsRPC - ok
19:11:40.0518 1572 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
19:11:40.0534 1572 mssmbios - ok
19:11:40.0550 1572 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:11:40.0596 1572 MSTEE - ok
19:11:41.0283 1572 [ CB4A082AF58D1A0969F931816D5CFB05 ] msvsmon90 c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
19:11:41.0408 1572 msvsmon90 - ok
19:11:41.0423 1572 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
19:11:41.0439 1572 MTConfig - ok
19:11:41.0470 1572 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
19:11:41.0470 1572 Mup - ok
19:11:41.0595 1572 [ 1BF9D6476061B31CD7FC2BF848529A56 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
19:11:41.0626 1572 N360 - ok
19:11:41.0751 1572 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
19:11:41.0829 1572 napagent - ok
19:11:41.0860 1572 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:11:41.0907 1572 NativeWifiP - ok
19:11:42.0000 1572 [ 56540E526B46E379A476FB5BC381B290 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\ENG64.SYS
19:11:42.0016 1572 NAVENG - ok
19:11:42.0094 1572 [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\EX64.SYS
19:11:42.0125 1572 NAVEX15 - ok
19:11:42.0203 1572 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
19:11:42.0250 1572 NDIS - ok
19:11:42.0297 1572 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:11:42.0359 1572 NdisCap - ok
19:11:42.0406 1572 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:11:42.0437 1572 NdisTapi - ok
19:11:42.0453 1572 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:11:42.0484 1572 Ndisuio - ok
19:11:42.0531 1572 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:11:42.0593 1572 NdisWan - ok
19:11:42.0609 1572 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:11:42.0656 1572 NDProxy - ok
19:11:42.0671 1572 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:11:42.0734 1572 NetBIOS - ok
19:11:42.0765 1572 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:11:42.0827 1572 NetBT - ok
19:11:42.0858 1572 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
19:11:42.0858 1572 Netlogon - ok
19:11:42.0921 1572 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
19:11:42.0983 1572 Netman - ok
19:11:43.0108 1572 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:11:43.0139 1572 NetMsmqActivator - ok
19:11:43.0170 1572 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:11:43.0202 1572 NetPipeActivator - ok
19:11:43.0217 1572 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
19:11:43.0280 1572 netprofm - ok
19:11:43.0311 1572 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:11:43.0326 1572 NetTcpActivator - ok
19:11:43.0326 1572 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:11:43.0342 1572 NetTcpPortSharing - ok
19:11:43.0373 1572 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
19:11:43.0389 1572 nfrd960 - ok
19:11:43.0436 1572 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
19:11:43.0467 1572 NlaSvc - ok
19:11:43.0482 1572 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
19:11:43.0514 1572 Npfs - ok
19:11:43.0545 1572 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
19:11:43.0607 1572 nsi - ok
19:11:43.0623 1572 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:11:43.0670 1572 nsiproxy - ok
19:11:43.0716 1572 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:11:43.0794 1572 Ntfs - ok
19:11:43.0810 1572 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
19:11:43.0872 1572 Null - ok
19:11:43.0935 1572 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
19:11:43.0950 1572 nvraid - ok
19:11:43.0982 1572 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
19:11:43.0997 1572 nvstor - ok
19:11:44.0044 1572 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:11:44.0075 1572 nv_agp - ok
19:11:44.0091 1572 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:11:44.0106 1572 ohci1394 - ok
19:11:44.0153 1572 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:11:44.0169 1572 ose - ok
19:11:44.0684 1572 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:11:44.0808 1572 osppsvc - ok
19:11:44.0855 1572 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:11:44.0918 1572 p2pimsvc - ok
19:11:44.0933 1572 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
19:11:44.0964 1572 p2psvc - ok
19:11:45.0011 1572 papycpu2 - ok
19:11:45.0011 1572 papyjoy - ok
19:11:45.0058 1572 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
19:11:45.0074 1572 Parport - ok
19:11:45.0089 1572 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
19:11:45.0120 1572 partmgr - ok
19:11:45.0136 1572 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
19:11:45.0167 1572 PcaSvc - ok
19:11:45.0214 1572 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
19:11:45.0230 1572 pci - ok
19:11:45.0261 1572 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
19:11:45.0276 1572 pciide - ok
19:11:45.0292 1572 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
19:11:45.0308 1572 pcmcia - ok
19:11:45.0339 1572 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
19:11:45.0354 1572 pcw - ok
19:11:45.0370 1572 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:11:45.0464 1572 PEAUTH - ok
19:11:45.0557 1572 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
19:11:45.0588 1572 PerfHost - ok
19:11:45.0838 1572 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
19:11:45.0916 1572 pla - ok
19:11:45.0963 1572 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:11:46.0025 1572 PlugPlay - ok
19:11:46.0056 1572 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:11:46.0103 1572 PNRPAutoReg - ok
19:11:46.0119 1572 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:11:46.0134 1572 PNRPsvc - ok
19:11:46.0181 1572 [ 9ABFF71FF6F3B9492686D3403FA5DCDB ] Point64 C:\windows\system32\DRIVERS\point64k.sys
19:11:46.0197 1572 Point64 - ok
19:11:46.0228 1572 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:11:46.0306 1572 PolicyAgent - ok
19:11:46.0337 1572 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
19:11:46.0353 1572 Power - ok
19:11:46.0415 1572 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:11:46.0462 1572 PptpMiniport - ok
19:11:46.0493 1572 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
19:11:46.0509 1572 Processor - ok
19:11:46.0524 1572 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
19:11:46.0556 1572 ProfSvc - ok
19:11:46.0556 1572 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
19:11:46.0571 1572 ProtectedStorage - ok
19:11:46.0602 1572 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:11:46.0665 1572 Psched - ok
19:11:46.0712 1572 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
19:11:46.0727 1572 PxHlpa64 - ok
19:11:46.0852 1572 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
19:11:46.0914 1572 ql2300 - ok
19:11:46.0930 1572 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
19:11:46.0946 1572 ql40xx - ok
19:11:46.0977 1572 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
19:11:47.0024 1572 QWAVE - ok
19:11:47.0039 1572 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:11:47.0070 1572 QWAVEdrv - ok
19:11:47.0086 1572 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:11:47.0133 1572 RasAcd - ok
19:11:47.0195 1572 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:11:47.0242 1572 RasAgileVpn - ok
19:11:47.0258 1572 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
19:11:47.0289 1572 RasAuto - ok
19:11:47.0320 1572 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:11:47.0382 1572 Rasl2tp - ok
19:11:47.0429 1572 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
19:11:47.0460 1572 RasMan - ok
19:11:47.0460 1572 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:11:47.0507 1572 RasPppoe - ok
19:11:47.0507 1572 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:11:47.0538 1572 RasSstp - ok
19:11:47.0585 1572 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:11:47.0632 1572 rdbss - ok
19:11:47.0663 1572 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
19:11:47.0679 1572 rdpbus - ok
19:11:47.0710 1572 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:11:47.0757 1572 RDPCDD - ok
19:11:47.0757 1572 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:11:47.0804 1572 RDPENCDD - ok
19:11:47.0819 1572 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:11:47.0835 1572 RDPREFMP - ok
19:11:47.0882 1572 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
19:11:47.0913 1572 RdpVideoMiniport - ok
19:11:47.0944 1572 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:11:47.0991 1572 RDPWD - ok
19:11:48.0022 1572 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:11:48.0053 1572 rdyboost - ok
19:11:48.0084 1572 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
19:11:48.0131 1572 RemoteAccess - ok
19:11:48.0162 1572 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:11:48.0225 1572 RemoteRegistry - ok
19:11:48.0287 1572 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
19:11:48.0318 1572 RFCOMM - ok
19:11:48.0350 1572 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:11:48.0428 1572 RpcEptMapper - ok
19:11:48.0443 1572 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
19:11:48.0459 1572 RpcLocator - ok
19:11:48.0490 1572 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
19:11:48.0521 1572 RpcSs - ok
19:11:48.0537 1572 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:11:48.0568 1572 rspndr - ok
19:11:48.0615 1572 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
19:11:48.0677 1572 RTL8167 - ok
19:11:48.0693 1572 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
19:11:48.0708 1572 SamSs - ok
19:11:48.0755 1572 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:11:48.0771 1572 sbp2port - ok
19:11:48.0802 1572 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
19:11:48.0864 1572 SCardSvr - ok
19:11:48.0880 1572 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:11:48.0942 1572 scfilter - ok
19:11:49.0005 1572 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
19:11:49.0067 1572 Schedule - ok
19:11:49.0114 1572 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
19:11:49.0161 1572 SCPolicySvc - ok
19:11:49.0176 1572 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:11:49.0239 1572 SDRSVC - ok
19:11:49.0254 1572 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:11:49.0301 1572 secdrv - ok
19:11:49.0317 1572 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
19:11:49.0348 1572 seclogon - ok
19:11:49.0379 1572 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
19:11:49.0426 1572 SENS - ok
19:11:49.0442 1572 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
19:11:49.0488 1572 SensrSvc - ok
19:11:49.0520 1572 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
19:11:49.0551 1572 Serenum - ok
19:11:49.0582 1572 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
19:11:49.0598 1572 Serial - ok
19:11:49.0644 1572 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
19:11:49.0676 1572 sermouse - ok
19:11:49.0707 1572 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
19:11:49.0754 1572 SessionEnv - ok
19:11:49.0769 1572 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:11:49.0785 1572 sffdisk - ok
19:11:49.0800 1572 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:11:49.0816 1572 sffp_mmc - ok
19:11:49.0816 1572 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:11:49.0847 1572 sffp_sd - ok
19:11:49.0878 1572 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
19:11:49.0910 1572 sfloppy - ok
19:11:49.0941 1572 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
19:11:49.0972 1572 SharedAccess - ok
19:11:50.0034 1572 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:11:50.0081 1572 ShellHWDetection - ok
19:11:50.0112 1572 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
19:11:50.0112 1572 SiSRaid2 - ok
19:11:50.0128 1572 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
19:11:50.0144 1572 SiSRaid4 - ok
19:11:50.0222 1572 [ 4787EA164E01CAFBF5DA384B6EDC9FC5 ] SITomcat C:\Program Files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe
19:11:50.0268 1572 SITomcat ( UnsignedFile.Multi.Generic ) - warning
19:11:50.0268 1572 SITomcat - detected UnsignedFile.Multi.Generic (1)
19:11:50.0315 1572 [ D5A310D8F315E96884EB06CB453B0A3C ] SITransbase C:\Program Files (x86)\GM SPO\eSI\Transbase\tbmux32.exe
19:11:50.0346 1572 SITransbase ( UnsignedFile.Multi.Generic ) - warning
19:11:50.0346 1572 SITransbase - detected UnsignedFile.Multi.Generic (1)
19:11:50.0393 1572 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
19:11:50.0440 1572 Smb - ok
19:11:50.0471 1572 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:11:50.0471 1572 SNMPTRAP - ok
19:11:50.0487 1572 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
19:11:50.0487 1572 spldr - ok
19:11:50.0518 1572 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
19:11:50.0565 1572 Spooler - ok
19:11:50.0627 1572 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
19:11:50.0674 1572 sppsvc - ok
19:11:50.0690 1572 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:11:50.0752 1572 sppuinotify - ok
19:11:50.0877 1572 [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP C:\windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS
19:11:50.0908 1572 SRTSP - ok
19:11:50.0955 1572 [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX C:\windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS
19:11:50.0970 1572 SRTSPX - ok
19:11:51.0002 1572 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
19:11:51.0064 1572 srv - ok
19:11:51.0095 1572 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:11:51.0126 1572 srv2 - ok
19:11:51.0158 1572 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:11:51.0204 1572 srvnet - ok
19:11:51.0236 1572 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:11:51.0298 1572 SSDPSRV - ok
19:11:51.0329 1572 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
19:11:51.0360 1572 SstpSvc - ok
19:11:51.0376 1572 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
19:11:51.0392 1572 stexstor - ok
19:11:51.0423 1572 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
19:11:51.0438 1572 stisvc - ok
19:11:51.0470 1572 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
19:11:51.0470 1572 swenum - ok
19:11:51.0594 1572 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:11:51.0641 1572 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
19:11:51.0641 1572 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
19:11:51.0672 1572 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
19:11:51.0766 1572 swprv - ok
19:11:51.0797 1572 [ 52DC0048D667757A8A2E4C87182890AC ] SymDS C:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS
19:11:51.0813 1572 SymDS - ok
19:11:51.0875 1572 [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA C:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS
19:11:51.0922 1572 SymEFA - ok
19:11:51.0969 1572 [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
19:11:51.0984 1572 SymEvent - ok
19:11:52.0031 1572 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS
19:11:52.0047 1572 SymIRON - ok
19:11:52.0078 1572 [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS C:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS
19:11:52.0094 1572 SymNetS - ok
19:11:52.0265 1572 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
19:11:52.0328 1572 SysMain - ok
19:11:52.0343 1572 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:11:52.0374 1572 TabletInputService - ok
19:11:52.0390 1572 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
19:11:52.0452 1572 TapiSrv - ok
19:11:52.0484 1572 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
19:11:52.0515 1572 TBS - ok
19:11:52.0936 1572 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:11:53.0030 1572 Tcpip - ok
19:11:53.0076 1572 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:11:53.0108 1572 TCPIP6 - ok
19:11:53.0123 1572 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:11:53.0139 1572 tcpipreg - ok
19:11:53.0154 1572 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:11:53.0217 1572 TDPIPE - ok
19:11:53.0248 1572 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:11:53.0295 1572 TDTCP - ok
19:11:53.0326 1572 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:11:53.0357 1572 tdx - ok
19:11:53.0404 1572 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
19:11:53.0420 1572 TermDD - ok
19:11:53.0466 1572 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
19:11:53.0513 1572 TermService - ok
19:11:53.0560 1572 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
19:11:53.0591 1572 Themes - ok
19:11:53.0622 1572 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
19:11:53.0638 1572 THREADORDER - ok
19:11:53.0669 1572 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
19:11:53.0700 1572 TrkWks - ok
19:11:53.0763 1572 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:11:53.0841 1572 TrustedInstaller - ok
19:11:53.0872 1572 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:11:53.0934 1572 tssecsrv - ok
19:11:53.0997 1572 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:11:54.0075 1572 TsUsbFlt - ok
19:11:54.0137 1572 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:11:54.0200 1572 tunnel - ok
19:11:54.0231 1572 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
19:11:54.0246 1572 uagp35 - ok
19:11:54.0293 1572 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:11:54.0371 1572 udfs - ok
19:11:54.0387 1572 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:11:54.0402 1572 UI0Detect - ok
19:11:54.0465 1572 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:11:54.0480 1572 uliagpkx - ok
19:11:54.0527 1572 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
19:11:54.0590 1572 umbus - ok
19:11:54.0621 1572 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
19:11:54.0668 1572 UmPass - ok
19:11:54.0714 1572 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
19:11:54.0761 1572 upnphost - ok
19:11:54.0808 1572 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
19:11:54.0870 1572 USBAAPL64 - ok
19:11:54.0917 1572 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:11:54.0980 1572 usbccgp - ok
19:11:55.0011 1572 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:11:55.0042 1572 usbcir - ok
19:11:55.0089 1572 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
19:11:55.0120 1572 usbehci - ok
19:11:55.0182 1572 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:11:55.0229 1572 usbhub - ok
19:11:55.0245 1572 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
19:11:55.0276 1572 usbohci - ok
19:11:55.0338 1572 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
19:11:55.0385 1572 usbprint - ok
19:11:55.0401 1572 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
19:11:55.0432 1572 usbscan - ok
19:11:55.0463 1572 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:11:55.0526 1572 USBSTOR - ok
19:11:55.0557 1572 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:11:55.0588 1572 usbuhci - ok
19:11:55.0619 1572 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
19:11:55.0666 1572 UxSms - ok
19:11:55.0697 1572 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
19:11:55.0713 1572 VaultSvc - ok
19:11:55.0744 1572 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:11:55.0775 1572 vdrvroot - ok
19:11:55.0916 1572 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
19:11:56.0009 1572 vds - ok
19:11:56.0040 1572 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:11:56.0056 1572 vga - ok
19:11:56.0072 1572 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
19:11:56.0118 1572 VgaSave - ok
19:11:56.0150 1572 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:11:56.0165 1572 vhdmp - ok
19:11:56.0181 1572 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
19:11:56.0196 1572 viaide - ok
19:11:56.0259 1572 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:11:56.0274 1572 volmgr - ok
19:11:56.0352 1572 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:11:56.0368 1572 volmgrx - ok
19:11:56.0446 1572 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
19:11:56.0477 1572 volsnap - ok
19:11:56.0540 1572 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
19:11:56.0571 1572 vsmraid - ok
19:11:56.0758 1572 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
19:11:56.0836 1572 VSS - ok
19:11:56.0852 1572 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
19:11:56.0898 1572 vwifibus - ok
19:11:56.0945 1572 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
19:11:57.0008 1572 W32Time - ok
19:11:57.0039 1572 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
19:11:57.0054 1572 WacomPen - ok
19:11:57.0101 1572 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:11:57.0164 1572 WANARP - ok
19:11:57.0164 1572 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:11:57.0195 1572 Wanarpv6 - ok
19:11:57.0382 1572 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:11:57.0429 1572 WatAdminSvc - ok
19:11:57.0585 1572 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
19:11:57.0725 1572 wbengine - ok
19:11:57.0756 1572 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:11:57.0772 1572 WbioSrvc - ok
19:11:57.0819 1572 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
19:11:57.0897 1572 wcncsvc - ok
19:11:57.0928 1572 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:11:58.0006 1572 WcsPlugInService - ok
19:11:58.0053 1572 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
19:11:58.0084 1572 Wd - ok
19:11:58.0162 1572 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:11:58.0209 1572 Wdf01000 - ok
19:11:58.0240 1572 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
19:11:58.0755 1572 WdiServiceHost - ok
19:11:58.0755 1572 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
19:11:58.0786 1572 WdiSystemHost - ok
19:11:58.0848 1572 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
19:11:58.0942 1572 WebClient - ok
19:11:59.0036 1572 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\windows\system32\wecsvc.dll
19:11:59.0114 1572 Wecsvc - ok
19:11:59.0176 1572 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
19:11:59.0238 1572 wercplsupport - ok
19:11:59.0270 1572 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
19:11:59.0301 1572 WerSvc - ok
19:11:59.0348 1572 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:11:59.0394 1572 WfpLwf - ok
19:11:59.0426 1572 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:11:59.0441 1572 WIMMount - ok
19:11:59.0488 1572 WinDefend - ok
19:11:59.0550 1572 WinHttpAutoProxySvc - ok
19:11:59.0706 1572 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:11:59.0769 1572 Winmgmt - ok
19:12:00.0096 1572 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\windows\system32\WsmSvc.dll
19:12:00.0206 1572 WinRM - ok
19:12:00.0315 1572 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
19:12:00.0393 1572 WinUsb - ok
19:12:00.0580 1572 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
19:12:00.0627 1572 Wlansvc - ok
19:12:00.0642 1572 [ 680A7846370000D20D7E74917D5B7936 ] WmBEnum C:\windows\system32\drivers\WmBEnum.sys
19:12:00.0658 1572 WmBEnum - ok
19:12:00.0720 1572 [ 14C35BA8189C6F65D839163AA285E954 ] WmFilter C:\windows\system32\drivers\WmFilter.sys
19:12:00.0736 1572 WmFilter - ok
19:12:00.0752 1572 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
19:12:00.0798 1572 WmiAcpi - ok
19:12:00.0814 1572 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:12:00.0861 1572 wmiApSrv - ok
19:12:00.0923 1572 WMPNetworkSvc - ok
19:12:00.0986 1572 [ 8488DD91A3EE54A8E29F02AD7BB8201E ] WmVirHid C:\windows\system32\drivers\WmVirHid.sys
19:12:01.0001 1572 WmVirHid - ok
19:12:01.0032 1572 [ 14802B3A30AA849C97CB968CCC813BF3 ] WmXlCore C:\windows\system32\drivers\WmXlCore.sys
19:12:01.0048 1572 WmXlCore - ok
19:12:01.0110 1572 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
19:12:01.0157 1572 WPCSvc - ok
19:12:01.0188 1572 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:12:01.0188 1572 WPDBusEnum - ok
19:12:01.0220 1572 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:12:01.0266 1572 ws2ifsl - ok
19:12:01.0313 1572 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
19:12:01.0329 1572 wscsvc - ok
19:12:01.0344 1572 WSearch - ok
19:12:01.0422 1572 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
19:12:01.0454 1572 wuauserv - ok
19:12:01.0485 1572 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:12:01.0547 1572 WudfPf - ok
19:12:01.0625 1572 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:12:01.0641 1572 WUDFRd - ok
19:12:01.0688 1572 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:12:01.0703 1572 wudfsvc - ok
19:12:01.0766 1572 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\windows\System32\wwansvc.dll
19:12:01.0828 1572 WwanSvc - ok
19:12:01.0906 1572 ================ Scan global ===============================
19:12:01.0922 1572 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:12:02.0015 1572 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
19:12:02.0046 1572 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
19:12:02.0078 1572 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:12:02.0140 1572 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:12:02.0140 1572 [Global] - ok
19:12:02.0140 1572 ================ Scan MBR ==================================
19:12:02.0140 1572 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:12:04.0262 1572 \Device\Harddisk0\DR0 - ok
19:12:04.0262 1572 ================ Scan VBR ==================================
19:12:04.0293 1572 [ 0B30C272234390FC7E42DE40917CD583 ] \Device\Harddisk0\DR0\Partition1
19:12:04.0293 1572 \Device\Harddisk0\DR0\Partition1 - ok
19:12:04.0308 1572 [ 901E0BECDB6D36E1588D12D234D75F03 ] \Device\Harddisk0\DR0\Partition2
19:12:04.0324 1572 \Device\Harddisk0\DR0\Partition2 - ok
19:12:04.0511 1572 [ 8E2D3CB0AF854C530AAC5A37157CFCA1 ] \Device\Harddisk0\DR0\Partition3
19:12:04.0527 1572 \Device\Harddisk0\DR0\Partition3 - ok
19:12:04.0527 1572 ================ Scan active images ========================
19:12:04.0527 1572 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
19:12:04.0527 1572 C:\Windows\System32\drivers\crashdmp.sys - ok
19:12:04.0527 1572 [ 631FA8935163B01FC0C02966CB3ADB92 ] C:\Windows\System32\drivers\iaStor.sys
19:12:04.0527 1572 C:\Windows\System32\drivers\iaStor.sys - ok
19:12:04.0542 1572 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
19:12:04.0542 1572 C:\Windows\System32\drivers\dumpfve.sys - ok
19:12:04.0542 1572 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
19:12:04.0542 1572 C:\Windows\System32\drivers\cdrom.sys - ok
19:12:04.0542 1572 [ 56685951208AC81CF923B9B08BEDF3B7 ] C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys
19:12:04.0542 1572 C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys - ok
19:12:04.0542 1572 [ 2FD9346F9D76CB4192D37329CFA47A82 ] C:\Windows\System32\drivers\N360x64\1404000.028\srtsp64.sys
19:12:04.0542 1572 C:\Windows\System32\drivers\N360x64\1404000.028\srtsp64.sys - ok
19:12:04.0558 1572 [ 0E76CEF892C45734F7AED09FDDF35D4D ] C:\Windows\System32\drivers\N360x64\1404000.028\srtspx64.sys
19:12:04.0558 1572 C:\Windows\System32\drivers\N360x64\1404000.028\srtspx64.sys - ok
19:12:04.0558 1572 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys
19:12:04.0558 1572 C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys - ok
19:12:04.0558 1572 [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS
19:12:04.0558 1572 C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok
19:12:04.0558 1572 [ 8A19D3991F9F14B885CDE8BC640F6B68 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\ex64.sys
19:12:04.0558 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\ex64.sys - ok
19:12:04.0574 1572 [ 56540E526B46E379A476FB5BC381B290 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\eng64.sys
19:12:04.0574 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\eng64.sys - ok
19:12:04.0574 1572 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
19:12:04.0574 1572 C:\Windows\System32\drivers\null.sys - ok
19:12:04.0574 1572 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
19:12:04.0574 1572 C:\Windows\System32\drivers\beep.sys - ok
19:12:04.0574 1572 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
19:12:04.0574 1572 C:\Windows\System32\drivers\watchdog.sys - ok
19:12:04.0574 1572 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
19:12:04.0574 1572 C:\Windows\System32\drivers\videoprt.sys - ok
19:12:04.0574 1572 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
19:12:04.0574 1572 C:\Windows\System32\drivers\vga.sys - ok
19:12:04.0589 1572 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
19:12:04.0589 1572 C:\Windows\System32\drivers\RDPCDD.sys - ok
19:12:04.0589 1572 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
19:12:04.0589 1572 C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:12:04.0589 1572 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
19:12:04.0589 1572 C:\Windows\System32\drivers\RDPREFMP.sys - ok
19:12:04.0589 1572 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
19:12:04.0589 1572 C:\Windows\System32\drivers\msfs.sys - ok
19:12:04.0589 1572 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
19:12:04.0589 1572 C:\Windows\System32\drivers\npfs.sys - ok
19:12:04.0589 1572 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
19:12:04.0589 1572 C:\Windows\System32\drivers\tdi.sys - ok
19:12:04.0605 1572 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
19:12:04.0605 1572 C:\Windows\System32\drivers\tdx.sys - ok
19:12:04.0605 1572 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
19:12:04.0605 1572 C:\Windows\System32\drivers\afd.sys - ok
19:12:04.0605 1572 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
19:12:04.0605 1572 C:\Windows\System32\drivers\netbt.sys - ok
19:12:04.0605 1572 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
19:12:04.0605 1572 C:\Windows\System32\drivers\ws2ifsl.sys - ok
19:12:04.0605 1572 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
19:12:04.0605 1572 C:\Windows\System32\drivers\wfplwf.sys - ok
19:12:04.0605 1572 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
19:12:04.0605 1572 C:\Windows\System32\drivers\pacer.sys - ok
19:12:04.0605 1572 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
19:12:04.0605 1572 C:\Windows\System32\drivers\netbios.sys - ok
19:12:04.0620 1572 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
19:12:04.0620 1572 C:\Windows\System32\drivers\wanarp.sys - ok
19:12:04.0620 1572 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
19:12:04.0620 1572 C:\Windows\System32\drivers\termdd.sys - ok
19:12:04.0620 1572 [ 9CDCA70485BD6B9D230365F67C31F132 ] C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys
19:12:04.0620 1572 C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys - ok
19:12:04.0620 1572 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
19:12:04.0620 1572 C:\Windows\System32\drivers\rdbss.sys - ok
19:12:04.0620 1572 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
19:12:04.0620 1572 C:\Windows\System32\drivers\nsiproxy.sys - ok
19:12:04.0620 1572 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
19:12:04.0620 1572 C:\Windows\System32\drivers\mssmbios.sys - ok
19:12:04.0636 1572 [ A48928D4CCA6F8B731989DB08CF2C0AB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSviA64.sys
19:12:04.0636 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSviA64.sys - ok
19:12:04.0636 1572 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:12:04.0636 1572 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok
19:12:04.0636 1572 [ C5BCCB378D0A896304A3E71BE7215983 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:12:04.0636 1572 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
19:12:04.0636 1572 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
19:12:04.0636 1572 C:\Windows\System32\drivers\discache.sys - ok
19:12:04.0636 1572 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
19:12:04.0636 1572 C:\Windows\System32\drivers\dfsc.sys - ok
19:12:04.0652 1572 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
19:12:04.0652 1572 C:\Windows\System32\drivers\blbdrive.sys - ok
19:12:04.0652 1572 [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys
19:12:04.0652 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys - ok
19:12:04.0652 1572 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
19:12:04.0652 1572 C:\Windows\System32\drivers\tunnel.sys - ok
19:12:04.0652 1572 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
19:12:04.0652 1572 C:\Windows\System32\drivers\intelppm.sys - ok
19:12:04.0652 1572 [ 07561D3B7FD99F6E186C49C2D0628E38 ] C:\Windows\System32\drivers\atikmpag.sys
19:12:04.0652 1572 C:\Windows\System32\drivers\atikmpag.sys - ok
19:12:04.0652 1572 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
19:12:04.0652 1572 C:\Windows\System32\ntdll.dll - ok
19:12:04.0652 1572 [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
19:12:04.0652 1572 C:\Windows\System32\smss.exe - ok
19:12:04.0667 1572 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
19:12:04.0667 1572 C:\Windows\System32\autochk.exe - ok
19:12:04.0667 1572 [ 79CC9BE187E3144E1B58A54B842475E7 ] C:\Windows\System32\drivers\atikmdag.sys
19:12:04.0667 1572 C:\Windows\System32\drivers\atikmdag.sys - ok
19:12:04.0667 1572 [ AF2E16242AA723F68F461B6EAE2EAD3D ] C:\Windows\System32\drivers\dxgkrnl.sys
19:12:04.0667 1572 C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:12:04.0667 1572 [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
19:12:04.0667 1572 C:\Windows\System32\drivers\dxgmms1.sys - ok
19:12:04.0667 1572 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
19:12:04.0667 1572 C:\Windows\System32\drivers\hdaudbus.sys - ok
19:12:04.0667 1572 [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
19:12:04.0667 1572 C:\Windows\System32\drivers\HECIx64.sys - ok
19:12:04.0683 1572 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
19:12:04.0683 1572 C:\Windows\System32\drivers\usbport.sys - ok
19:12:04.0683 1572 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
19:12:04.0683 1572 C:\Windows\System32\drivers\usbehci.sys - ok
19:12:04.0683 1572 [ 3B01789EE4EAEE97F5EB46B711387D5E ] C:\Windows\System32\drivers\Rt64win7.sys
19:12:04.0683 1572 C:\Windows\System32\drivers\Rt64win7.sys - ok
19:12:04.0683 1572 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
19:12:04.0683 1572 C:\Windows\System32\drivers\1394ohci.sys - ok
19:12:04.0683 1572 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
19:12:04.0683 1572 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
19:12:04.0683 1572 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
19:12:04.0683 1572 C:\Windows\System32\drivers\wmiacpi.sys - ok
19:12:04.0698 1572 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
19:12:04.0698 1572 C:\Windows\System32\drivers\CompositeBus.sys - ok
19:12:04.0698 1572 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
19:12:04.0698 1572 C:\Windows\System32\drivers\agilevpn.sys - ok
19:12:04.0698 1572 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
19:12:04.0698 1572 C:\Windows\System32\drivers\rasl2tp.sys - ok
19:12:04.0698 1572 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
19:12:04.0698 1572 C:\Windows\System32\drivers\ndistapi.sys - ok
19:12:04.0698 1572 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
19:12:04.0698 1572 C:\Windows\System32\drivers\ndiswan.sys - ok
19:12:04.0698 1572 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
19:12:04.0698 1572 C:\Windows\System32\drivers\raspppoe.sys - ok
19:12:04.0714 1572 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
19:12:04.0714 1572 C:\Windows\System32\drivers\raspptp.sys - ok
19:12:04.0714 1572 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
19:12:04.0714 1572 C:\Windows\System32\drivers\rassstp.sys - ok
19:12:04.0714 1572 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
19:12:04.0714 1572 C:\Windows\System32\drivers\kbdclass.sys - ok
19:12:04.0714 1572 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
19:12:04.0714 1572 C:\Windows\System32\drivers\mouclass.sys - ok
19:12:04.0714 1572 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
19:12:04.0714 1572 C:\Windows\System32\drivers\ks.sys - ok
19:12:04.0714 1572 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
19:12:04.0714 1572 C:\Windows\System32\drivers\swenum.sys - ok
19:12:04.0730 1572 [ 680A7846370000D20D7E74917D5B7936 ] C:\Windows\System32\drivers\WmBEnum.sys
19:12:04.0730 1572 C:\Windows\System32\drivers\WmBEnum.sys - ok
19:12:04.0730 1572 [ 14802B3A30AA849C97CB968CCC813BF3 ] C:\Windows\System32\drivers\WmXlCore.sys
19:12:04.0730 1572 C:\Windows\System32\drivers\WmXlCore.sys - ok
19:12:04.0730 1572 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
19:12:04.0730 1572 C:\Windows\System32\drivers\umbus.sys - ok
19:12:04.0730 1572 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
19:12:04.0730 1572 C:\Windows\System32\drivers\usbhub.sys - ok
19:12:04.0730 1572 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
19:12:04.0730 1572 C:\Windows\System32\drivers\ndproxy.sys - ok
19:12:04.0730 1572 [ D481083348138B4933ACFE95812DB71C ] C:\Windows\System32\drivers\AtiHdmi.sys
19:12:04.0730 1572 C:\Windows\System32\drivers\AtiHdmi.sys - ok
19:12:04.0730 1572 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
19:12:04.0730 1572 C:\Windows\System32\drivers\drmk.sys - ok
19:12:04.0745 1572 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
19:12:04.0745 1572 C:\Windows\System32\drivers\portcls.sys - ok
19:12:04.0745 1572 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
19:12:04.0745 1572 C:\Windows\System32\drivers\ksthunk.sys - ok
19:12:04.0745 1572 [ 028E40182A6F0374978C755F85B9F07C ] C:\Windows\System32\drivers\RTKVHD64.sys
19:12:04.0745 1572 C:\Windows\System32\drivers\RTKVHD64.sys - ok
19:12:04.0745 1572 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
19:12:04.0745 1572 C:\Windows\System32\imm32.dll - ok
19:12:04.0745 1572 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
19:12:04.0745 1572 C:\Windows\System32\ole32.dll - ok
19:12:04.0745 1572 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
19:12:04.0745 1572 C:\Windows\System32\sechost.dll - ok
19:12:04.0761 1572 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
19:12:04.0761 1572 C:\Windows\System32\lpk.dll - ok
19:12:04.0761 1572 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
19:12:04.0761 1572 C:\Windows\System32\user32.dll - ok
19:12:04.0761 1572 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
19:12:04.0761 1572 C:\Windows\System32\msctf.dll - ok
19:12:04.0761 1572 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
19:12:04.0761 1572 C:\Windows\System32\comdlg32.dll - ok
19:12:04.0761 1572 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
19:12:04.0761 1572 C:\Windows\System32\setupapi.dll - ok
19:12:04.0761 1572 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
19:12:04.0761 1572 C:\Windows\System32\imagehlp.dll - ok
19:12:04.0776 1572 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
19:12:04.0776 1572 C:\Windows\System32\drivers\usbccgp.sys - ok
19:12:04.0776 1572 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
19:12:04.0776 1572 C:\Windows\System32\drivers\usbd.sys - ok
19:12:04.0776 1572 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
19:12:04.0776 1572 C:\Windows\System32\msvcrt.dll - ok
19:12:04.0776 1572 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
19:12:04.0776 1572 C:\Windows\System32\difxapi.dll - ok
19:12:04.0776 1572 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
19:12:04.0776 1572 C:\Windows\System32\drivers\hidclass.sys - ok
19:12:04.0776 1572 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
19:12:04.0776 1572 C:\Windows\System32\drivers\hidparse.sys - ok
19:12:04.0792 1572 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
19:12:04.0792 1572 C:\Windows\System32\drivers\hidusb.sys - ok
19:12:04.0792 1572 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
19:12:04.0792 1572 C:\Windows\System32\drivers\kbdhid.sys - ok
19:12:04.0792 1572 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
19:12:04.0792 1572 C:\Windows\System32\psapi.dll - ok
19:12:04.0792 1572 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
19:12:04.0792 1572 C:\Windows\System32\drivers\mouhid.sys - ok
19:12:04.0792 1572 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
19:12:04.0792 1572 C:\Windows\System32\nsi.dll - ok
19:12:04.0792 1572 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
19:12:04.0792 1572 C:\Windows\System32\rpcrt4.dll - ok
19:12:04.0808 1572 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
19:12:04.0808 1572 C:\Windows\System32\drivers\USBSTOR.SYS - ok
19:12:04.0808 1572 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
19:12:04.0808 1572 C:\Windows\System32\Wldap32.dll - ok
19:12:04.0808 1572 [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\Windows\System32\shell32.dll
19:12:04.0808 1572 C:\Windows\System32\shell32.dll - ok
19:12:04.0808 1572 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
19:12:04.0808 1572 C:\Windows\System32\kernel32.dll - ok
19:12:04.0808 1572 [ 9E0D8010D7368856617D3FE0FA5DA58F ] C:\Windows\System32\iertutil.dll
19:12:04.0808 1572 C:\Windows\System32\iertutil.dll - ok
19:12:04.0808 1572 [ FAF6EC2460AD5FBBD38D8E1AE28B0D77 ] C:\Windows\System32\wininet.dll
19:12:04.0808 1572 C:\Windows\System32\wininet.dll - ok
19:12:04.0808 1572 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
19:12:04.0808 1572 C:\Windows\System32\ws2_32.dll - ok
19:12:04.0823 1572 [ 792685A9538424CC1F3FA6A816FE147C ] C:\Windows\System32\urlmon.dll
19:12:04.0823 1572 C:\Windows\System32\urlmon.dll - ok
19:12:04.0823 1572 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
19:12:04.0823 1572 C:\Windows\System32\advapi32.dll - ok
19:12:04.0823 1572 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
19:12:04.0823 1572 C:\Windows\System32\clbcatq.dll - ok
19:12:04.0823 1572 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
19:12:04.0823 1572 C:\Windows\System32\normaliz.dll - ok
19:12:04.0823 1572 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
19:12:04.0823 1572 C:\Windows\System32\shlwapi.dll - ok
19:12:04.0823 1572 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
19:12:04.0823 1572 C:\Windows\System32\gdi32.dll - ok
19:12:04.0839 1572 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
19:12:04.0839 1572 C:\Windows\System32\usp10.dll - ok
19:12:04.0839 1572 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
19:12:04.0839 1572 C:\Windows\System32\oleaut32.dll - ok
19:12:04.0839 1572 [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
19:12:04.0839 1572 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
19:12:04.0839 1572 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
19:12:04.0839 1572 C:\Windows\System32\wintrust.dll - ok
19:12:04.0839 1572 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
19:12:04.0839 1572 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
19:12:04.0839 1572 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
19:12:04.0839 1572 C:\Windows\System32\cfgmgr32.dll - ok
19:12:04.0854 1572 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
19:12:04.0854 1572 C:\Windows\System32\KernelBase.dll - ok
19:12:04.0854 1572 [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
19:12:04.0854 1572 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
19:12:04.0854 1572 [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
19:12:04.0854 1572 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
19:12:04.0854 1572 [ A96D5ECA5742603E0E345C4F6B801F5E ] C:\Windows\System32\crypt32.dll
19:12:04.0854 1572 C:\Windows\System32\crypt32.dll - ok
19:12:04.0854 1572 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
19:12:04.0854 1572 C:\Windows\System32\devobj.dll - ok
19:12:04.0854 1572 [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
19:12:04.0854 1572 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
19:12:04.0870 1572 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
19:12:04.0870 1572 C:\Windows\System32\comctl32.dll - ok
19:12:04.0870 1572 [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
19:12:04.0870 1572 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
19:12:04.0870 1572 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
19:12:04.0870 1572 C:\Windows\System32\msasn1.dll - ok
19:12:04.0870 1572 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
19:12:04.0870 1572 C:\Windows\SysWOW64\normaliz.dll - ok
19:12:04.0870 1572 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
19:12:04.0870 1572 C:\Windows\System32\drivers\dxapi.sys - ok
19:12:04.0870 1572 [ 73601028E7C44154318AE91D2EB2EDB3 ] C:\Windows\System32\win32k.sys
19:12:04.0870 1572 C:\Windows\System32\win32k.sys - ok
19:12:04.0886 1572 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
19:12:04.0886 1572 C:\Windows\System32\csrss.exe - ok
19:12:04.0886 1572 [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
19:12:04.0886 1572 C:\Windows\System32\csrsrv.dll - ok
19:12:04.0886 1572 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
19:12:04.0886 1572 C:\Windows\System32\basesrv.dll - ok
19:12:04.0886 1572 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
19:12:04.0886 1572 C:\Windows\System32\winsrv.dll - ok
19:12:04.0886 1572 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
19:12:04.0886 1572 C:\Windows\System32\drivers\monitor.sys - ok
19:12:04.0886 1572 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
19:12:04.0886 1572 C:\Windows\System32\tsddd.dll - ok
19:12:04.0901 1572 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
19:12:04.0901 1572 C:\Windows\System32\sxssrv.dll - ok
19:12:04.0901 1572 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
19:12:04.0901 1572 C:\Windows\System32\wininit.exe - ok
19:12:04.0901 1572 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
19:12:04.0901 1572 C:\Windows\System32\profapi.dll - ok
19:12:04.0901 1572 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
19:12:04.0901 1572 C:\Windows\System32\cdd.dll - ok
19:12:04.0901 1572 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
19:12:04.0901 1572 C:\Windows\System32\RpcRtRemote.dll - ok
19:12:04.0901 1572 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
19:12:04.0901 1572 C:\Windows\System32\KBDUS.DLL - ok
19:12:04.0917 1572 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
19:12:04.0917 1572 C:\Windows\System32\winlogon.exe - ok
19:12:04.0917 1572 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
19:12:04.0917 1572 C:\Windows\System32\WlS0WndH.dll - ok
19:12:04.0917 1572 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
19:12:04.0917 1572 C:\Windows\System32\sxs.dll - ok
19:12:04.0917 1572 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
19:12:04.0917 1572 C:\Windows\System32\winsta.dll - ok
19:12:04.0917 1572 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
19:12:04.0917 1572 C:\Windows\System32\cryptbase.dll - ok
19:12:04.0917 1572 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
19:12:04.0917 1572 C:\Windows\System32\apphelp.dll - ok
19:12:04.0932 1572 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
19:12:04.0932 1572 C:\Windows\System32\services.exe - ok
19:12:04.0932 1572 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
19:12:04.0932 1572 C:\Windows\System32\sspicli.dll - ok
19:12:04.0932 1572 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
19:12:04.0932 1572 C:\Windows\System32\scext.dll - ok
19:12:04.0932 1572 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
19:12:04.0932 1572 C:\Windows\System32\secur32.dll - ok
19:12:04.0932 1572 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
19:12:04.0932 1572 C:\Windows\System32\scesrv.dll - ok
19:12:04.0932 1572 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
19:12:04.0932 1572 C:\Windows\System32\srvcli.dll - ok
19:12:04.0932 1572 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
19:12:04.0932 1572 C:\Windows\System32\lsass.exe - ok
19:12:04.0948 1572 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
19:12:04.0948 1572 C:\Windows\System32\sspisrv.dll - ok
19:12:04.0948 1572 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
19:12:04.0948 1572 C:\Windows\System32\lsasrv.dll - ok
19:12:04.0948 1572 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
19:12:04.0948 1572 C:\Windows\System32\samsrv.dll - ok
19:12:04.0948 1572 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
19:12:04.0948 1572 C:\Windows\System32\cryptdll.dll - ok
19:12:04.0948 1572 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
19:12:04.0948 1572 C:\Windows\System32\wevtapi.dll - ok
19:12:04.0948 1572 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
19:12:04.0948 1572 C:\Windows\System32\cngaudit.dll - ok
19:12:04.0964 1572 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
19:12:04.0964 1572 C:\Windows\System32\authz.dll - ok
19:12:04.0964 1572 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
19:12:04.0964 1572 C:\Windows\System32\ncrypt.dll - ok
19:12:04.0964 1572 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
19:12:04.0964 1572 C:\Windows\System32\lsm.exe - ok
19:12:04.0964 1572 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
19:12:04.0964 1572 C:\Windows\System32\sysntfy.dll - ok
19:12:04.0964 1572 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
19:12:04.0964 1572 C:\Windows\System32\bcrypt.dll - ok
19:12:04.0964 1572 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
19:12:04.0964 1572 C:\Windows\System32\wmsgapi.dll - ok
19:12:04.0964 1572 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
19:12:04.0964 1572 C:\Windows\System32\msprivs.dll - ok
19:12:04.0979 1572 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
19:12:04.0979 1572 C:\Windows\System32\netjoin.dll - ok
19:12:04.0979 1572 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
19:12:04.0979 1572 C:\Windows\System32\negoexts.dll - ok
19:12:04.0979 1572 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
19:12:04.0979 1572 C:\Windows\System32\kerberos.dll - ok
19:12:04.0979 1572 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
19:12:04.0979 1572 C:\Windows\System32\cryptsp.dll - ok
19:12:04.0979 1572 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
19:12:04.0979 1572 C:\Windows\System32\version.dll - ok
19:12:04.0979 1572 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
19:12:04.0979 1572 C:\Windows\System32\mswsock.dll - ok
19:12:04.0995 1572 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
19:12:04.0995 1572 C:\Windows\System32\wship6.dll - ok
19:12:04.0995 1572 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
19:12:04.0995 1572 C:\Windows\System32\msv1_0.dll - ok
19:12:04.0995 1572 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
19:12:04.0995 1572 C:\Windows\System32\netlogon.dll - ok
19:12:04.0995 1572 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
19:12:04.0995 1572 C:\Windows\System32\dnsapi.dll - ok
19:12:04.0995 1572 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
19:12:04.0995 1572 C:\Windows\System32\logoncli.dll - ok
19:12:04.0995 1572 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
19:12:04.0995 1572 C:\Windows\System32\schannel.dll - ok
19:12:05.0010 1572 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
19:12:05.0010 1572 C:\Windows\System32\atmfd.dll - ok
19:12:05.0010 1572 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
19:12:05.0010 1572 C:\Windows\System32\wdigest.dll - ok
19:12:05.0010 1572 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
19:12:05.0010 1572 C:\Windows\System32\rsaenh.dll - ok
19:12:05.0010 1572 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
19:12:05.0010 1572 C:\Windows\System32\TSpkg.dll - ok
19:12:05.0010 1572 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
19:12:05.0010 1572 C:\Windows\System32\pku2u.dll - ok
19:12:05.0010 1572 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
19:12:05.0010 1572 C:\Windows\System32\bcryptprimitives.dll - ok
19:12:05.0026 1572 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
19:12:05.0026 1572 C:\Windows\System32\efslsaext.dll - ok
19:12:05.0026 1572 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
19:12:05.0026 1572 C:\Windows\System32\credssp.dll - ok
19:12:05.0026 1572 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
19:12:05.0026 1572 C:\Windows\System32\scecli.dll - ok
19:12:05.0026 1572 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
19:12:05.0026 1572 C:\Windows\System32\ubpm.dll - ok
19:12:05.0026 1572 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
19:12:05.0026 1572 C:\Windows\System32\svchost.exe - ok
19:12:05.0026 1572 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
19:12:05.0026 1572 C:\Windows\System32\umpnpmgr.dll - ok
19:12:05.0026 1572 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
19:12:05.0026 1572 C:\Windows\System32\SPInf.dll - ok
19:12:05.0042 1572 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
19:12:05.0042 1572 C:\Windows\System32\devrtl.dll - ok
19:12:05.0042 1572 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
19:12:05.0042 1572 C:\Windows\System32\userenv.dll - ok
19:12:05.0042 1572 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
19:12:05.0042 1572 C:\Windows\System32\gpapi.dll - ok
19:12:05.0042 1572 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
19:12:05.0042 1572 C:\Windows\System32\umpo.dll - ok
19:12:05.0042 1572 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
19:12:05.0042 1572 C:\Windows\System32\pcwum.dll - ok
19:12:05.0042 1572 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
19:12:05.0042 1572 C:\Windows\System32\powrprof.dll - ok
19:12:05.0057 1572 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
19:12:05.0057 1572 C:\Windows\System32\drivers\luafv.sys - ok
19:12:05.0057 1572 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
19:12:05.0057 1572 C:\Windows\System32\rpcss.dll - ok
19:12:05.0057 1572 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
19:12:05.0057 1572 C:\Windows\System32\RpcEpMap.dll - ok
19:12:05.0057 1572 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
19:12:05.0057 1572 C:\Windows\System32\WSHTCPIP.DLL - ok
19:12:05.0057 1572 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
19:12:05.0057 1572 C:\Windows\System32\wshqos.dll - ok
19:12:05.0057 1572 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
19:12:05.0057 1572 C:\Windows\System32\FirewallAPI.dll - ok
19:12:05.0073 1572 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
19:12:05.0073 1572 C:\Windows\System32\LogonUI.exe - ok
19:12:05.0073 1572 [ 310F86335B0505DDC6D2DD48E66EF06B ] C:\Windows\System32\atiesrxx.exe
19:12:05.0073 1572 C:\Windows\System32\atiesrxx.exe - ok
19:12:05.0073 1572 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
19:12:05.0073 1572 C:\Windows\System32\wtsapi32.dll - ok
19:12:05.0073 1572 [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
19:12:05.0073 1572 C:\Windows\System32\authui.dll - ok
19:12:05.0073 1572 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
19:12:05.0073 1572 C:\Windows\System32\cryptui.dll - ok
19:12:05.0073 1572 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
19:12:05.0073 1572 C:\Windows\System32\wevtsvc.dll - ok
19:12:05.0088 1572 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
19:12:05.0088 1572 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
19:12:05.0088 1572 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
19:12:05.0088 1572 C:\Windows\System32\audiosrv.dll - ok
19:12:05.0088 1572 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
19:12:05.0088 1572 C:\Windows\System32\mmcss.dll - ok
19:12:05.0088 1572 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
19:12:05.0088 1572 C:\Windows\System32\avrt.dll - ok
19:12:05.0088 1572 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
19:12:05.0088 1572 C:\Windows\System32\shacct.dll - ok
19:12:05.0088 1572 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
19:12:05.0088 1572 C:\Windows\System32\ntmarta.dll - ok
19:12:05.0088 1572 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
19:12:05.0088 1572 C:\Windows\System32\MMDevAPI.dll - ok
19:12:05.0104 1572 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
19:12:05.0104 1572 C:\Windows\System32\netprofm.dll - ok
19:12:05.0104 1572 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
19:12:05.0104 1572 C:\Windows\System32\samlib.dll - ok
19:12:05.0104 1572 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
19:12:05.0104 1572 C:\Windows\System32\propsys.dll - ok
19:12:05.0104 1572 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
19:12:05.0104 1572 C:\Windows\System32\adtschema.dll - ok
19:12:05.0104 1572 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
19:12:05.0104 1572 C:\Windows\System32\uxtheme.dll - ok
19:12:05.0104 1572 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
19:12:05.0104 1572 C:\Windows\System32\FntCache.dll - ok
19:12:05.0120 1572 [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
19:12:05.0120 1572 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
19:12:05.0120 1572 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
19:12:05.0120 1572 C:\Windows\System32\MPSSVC.dll - ok
19:12:05.0120 1572 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
19:12:05.0120 1572 C:\Windows\System32\audiodg.exe - ok
19:12:05.0120 1572 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
19:12:05.0120 1572 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
19:12:05.0120 1572 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
19:12:05.0120 1572 C:\Windows\System32\WUDFPlatform.dll - ok
19:12:05.0120 1572 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
19:12:05.0120 1572 C:\Windows\System32\gpsvc.dll - ok
19:12:05.0135 1572 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
19:12:05.0135 1572 C:\Windows\System32\profsvc.dll - ok
19:12:05.0135 1572 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
19:12:05.0135 1572 C:\Windows\System32\nlaapi.dll - ok
19:12:05.0135 1572 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
19:12:05.0135 1572 C:\Windows\System32\atl.dll - ok
19:12:05.0135 1572 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
19:12:05.0135 1572 C:\Windows\System32\drivers\fltMgr.sys - ok
19:12:05.0135 1572 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
19:12:05.0135 1572 C:\Windows\System32\dsrole.dll - ok
19:12:05.0135 1572 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
19:12:05.0135 1572 C:\Windows\System32\slc.dll - ok
19:12:05.0135 1572 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
19:12:05.0135 1572 C:\Windows\System32\themeservice.dll - ok
19:12:05.0151 1572 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
19:12:05.0151 1572 C:\Windows\System32\PSHED.DLL - ok
19:12:05.0151 1572 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
19:12:05.0151 1572 C:\Windows\System32\dui70.dll - ok
19:12:05.0151 1572 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
19:12:05.0151 1572 C:\Windows\System32\es.dll - ok
19:12:05.0151 1572 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
19:12:05.0151 1572 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
19:12:05.0151 1572 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
19:12:05.0151 1572 C:\Windows\System32\comres.dll - ok
19:12:05.0151 1572 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
19:12:05.0151 1572 C:\Windows\System32\Sens.dll - ok
19:12:05.0166 1572 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
19:12:05.0166 1572 C:\Windows\System32\duser.dll - ok
19:12:05.0166 1572 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
19:12:05.0166 1572 C:\Windows\System32\uxsms.dll - ok
19:12:05.0166 1572 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
19:12:05.0166 1572 C:\Windows\System32\drivers\lltdio.sys - ok
19:12:05.0166 1572 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
19:12:05.0166 1572 C:\Windows\System32\SndVolSSO.dll - ok
19:12:05.0166 1572 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
19:12:05.0166 1572 C:\Windows\System32\hid.dll - ok
19:12:05.0166 1572 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
19:12:05.0166 1572 C:\Windows\System32\drivers\rspndr.sys - ok
19:12:05.0182 1572 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
19:12:05.0182 1572 C:\Windows\System32\lmhsvc.dll - ok
19:12:05.0182 1572 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
19:12:05.0182 1572 C:\Windows\System32\nsisvc.dll - ok
19:12:05.0182 1572 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
19:12:05.0182 1572 C:\Windows\System32\IPHLPAPI.DLL - ok
19:12:05.0182 1572 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
19:12:05.0182 1572 C:\Windows\System32\winnsi.dll - ok
19:12:05.0182 1572 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
19:12:05.0182 1572 C:\Windows\System32\dnsrslvr.dll - ok
19:12:05.0182 1572 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
19:12:05.0182 1572 C:\Windows\System32\nrpsrv.dll - ok
19:12:05.0198 1572 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
19:12:05.0198 1572 C:\Windows\System32\FWPUCLNT.DLL - ok
19:12:05.0198 1572 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
19:12:05.0198 1572 C:\Windows\System32\dhcpcore.dll - ok
19:12:05.0198 1572 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
19:12:05.0198 1572 C:\Windows\System32\dnsext.dll - ok
19:12:05.0198 1572 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
19:12:05.0198 1572 C:\Windows\System32\dhcpcsvc6.dll - ok
19:12:05.0198 1572 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
19:12:05.0198 1572 C:\Windows\System32\dhcpcsvc.dll - ok
19:12:05.0198 1572 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
19:12:05.0198 1572 C:\Windows\System32\dwmapi.dll - ok
19:12:05.0213 1572 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
19:12:05.0213 1572 C:\Windows\System32\dhcpcore6.dll - ok
19:12:05.0213 1572 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
19:12:05.0213 1572 C:\Windows\System32\xmllite.dll - ok
19:12:05.0213 1572 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
19:12:05.0213 1572 C:\Windows\System32\shsvcs.dll - ok
19:12:05.0213 1572 [ 3D7BB6DD7A87B3E36E44CA94444247A8 ] C:\Windows\System32\WindowsCodecs.dll
19:12:05.0213 1572 C:\Windows\System32\WindowsCodecs.dll - ok
19:12:05.0213 1572 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
19:12:05.0213 1572 C:\Windows\System32\schedsvc.dll - ok
19:12:05.0213 1572 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
19:12:05.0213 1572 C:\Windows\System32\netapi32.dll - ok
19:12:05.0229 1572 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
19:12:05.0229 1572 C:\Windows\System32\netutils.dll - ok
19:12:05.0229 1572 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
19:12:05.0229 1572 C:\Windows\System32\wkscli.dll - ok
19:12:05.0229 1572 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
19:12:05.0229 1572 C:\Windows\System32\ktmw32.dll - ok
19:12:05.0229 1572 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
19:12:05.0229 1572 C:\Windows\System32\winbrand.dll - ok
19:12:05.0229 1572 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
19:12:05.0229 1572 C:\Windows\System32\fveapi.dll - ok
19:12:05.0229 1572 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
19:12:05.0229 1572 C:\Windows\System32\tbs.dll - ok
19:12:05.0229 1572 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
19:12:05.0229 1572 C:\Windows\System32\fvecerts.dll - ok
19:12:05.0244 1572 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
19:12:05.0244 1572 C:\Windows\System32\taskcomp.dll - ok
19:12:05.0244 1572 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
19:12:05.0244 1572 C:\Windows\System32\VaultCredProvider.dll - ok
19:12:05.0244 1572 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:12:05.0244 1572 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:12:05.0244 1572 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
19:12:05.0244 1572 C:\Windows\System32\BioCredProv.dll - ok
19:12:05.0244 1572 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
19:12:05.0244 1572 C:\Windows\System32\winbio.dll - ok
19:12:05.0244 1572 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
19:12:05.0244 1572 C:\Windows\System32\credui.dll - ok
19:12:05.0260 1572 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
19:12:05.0260 1572 C:\Windows\System32\vaultcli.dll - ok
19:12:05.0260 1572 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
19:12:05.0260 1572 C:\Windows\System32\samcli.dll - ok
19:12:05.0260 1572 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
19:12:05.0260 1572 C:\Windows\System32\wiarpc.dll - ok
19:12:05.0260 1572 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
19:12:05.0260 1572 C:\Windows\System32\certCredProvider.dll - ok
19:12:05.0260 1572 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
19:12:05.0260 1572 C:\Windows\System32\drivers\http.sys - ok
19:12:05.0260 1572 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
19:12:05.0260 1572 C:\Windows\System32\rasplap.dll - ok
19:12:05.0276 1572 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
19:12:05.0276 1572 C:\Windows\System32\rasapi32.dll - ok
19:12:05.0276 1572 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
19:12:05.0276 1572 C:\Windows\System32\rasman.dll - ok
19:12:05.0276 1572 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
19:12:05.0276 1572 C:\Windows\System32\rtutils.dll - ok
19:12:05.0276 1572 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
19:12:05.0276 1572 C:\Windows\System32\UXInit.dll - ok
19:12:05.0276 1572 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
19:12:05.0276 1572 C:\Windows\System32\oleacc.dll - ok
19:12:05.0276 1572 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
19:12:05.0276 1572 C:\Windows\System32\UIAutomationCore.dll - ok
19:12:05.0291 1572 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
19:12:05.0291 1572 C:\Windows\System32\spoolsv.exe - ok
19:12:05.0291 1572 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
19:12:05.0291 1572 C:\Windows\System32\imageres.dll - ok
19:12:05.0291 1572 [ B8FFCE08932042E0D108F92FED9CF59E ] C:\Windows\System32\atieclxx.exe
19:12:05.0291 1572 C:\Windows\System32\atieclxx.exe - ok
19:12:05.0291 1572 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
19:12:05.0291 1572 C:\Windows\System32\BFE.DLL - ok
19:12:05.0291 1572 [ 0757449922DCE98322F9EA56F221EF05 ] C:\Windows\System32\atiadlxx.dll
19:12:05.0291 1572 C:\Windows\System32\atiadlxx.dll - ok
19:12:05.0291 1572 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
19:12:05.0291 1572 C:\Windows\System32\drivers\bowser.sys - ok
19:12:05.0307 1572 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
19:12:05.0307 1572 C:\Windows\System32\drivers\mpsdrv.sys - ok
19:12:05.0307 1572 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
19:12:05.0307 1572 C:\Windows\System32\drivers\mrxsmb.sys - ok
19:12:05.0307 1572 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
19:12:05.0307 1572 C:\Windows\System32\wfapigp.dll - ok
19:12:05.0307 1572 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
19:12:05.0307 1572 C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:12:05.0307 1572 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
19:12:05.0307 1572 C:\Windows\System32\mscms.dll - ok
19:12:05.0307 1572 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
19:12:05.0307 1572 C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:12:05.0322 1572 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
19:12:05.0322 1572 C:\Windows\System32\pcasvc.dll - ok
19:12:05.0322 1572 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
19:12:05.0322 1572 C:\Windows\System32\wkssvc.dll - ok
19:12:05.0322 1572 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
19:12:05.0322 1572 C:\Windows\System32\snmptrap.exe - ok
19:12:05.0322 1572 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
19:12:05.0322 1572 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
19:12:05.0322 1572 [ D6DA9DDCB8DEA5FD995D37BA346D84DC ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
19:12:05.0322 1572 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
19:12:05.0322 1572 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
19:12:05.0322 1572 C:\Windows\System32\provsvc.dll - ok
19:12:05.0338 1572 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
19:12:05.0338 1572 C:\Windows\System32\sstpsvc.dll - ok
19:12:05.0338 1572 [ ADC420616C501B45D26C0FD3EF1E54E4 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:12:05.0338 1572 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - ok
19:12:05.0338 1572 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
19:12:05.0338 1572 C:\Windows\SysWOW64\ntdll.dll - ok
19:12:05.0338 1572 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
19:12:05.0338 1572 C:\Windows\System32\wow64.dll - ok
19:12:05.0338 1572 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
19:12:05.0338 1572 C:\Windows\System32\wow64win.dll - ok
19:12:05.0338 1572 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
19:12:05.0338 1572 C:\Windows\System32\wow64cpu.dll - ok
19:12:05.0338 1572 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
19:12:05.0338 1572 C:\Windows\SysWOW64\kernel32.dll - ok
19:12:05.0354 1572 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
19:12:05.0354 1572 C:\Windows\SysWOW64\KernelBase.dll - ok
19:12:05.0354 1572 [ 86746345DF43C7C79107D740D8698351 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\UMEngx86.dll
19:12:05.0354 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\UMEngx86.dll - ok
19:12:05.0354 1572 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
19:12:05.0354 1572 C:\Windows\SysWOW64\shlwapi.dll - ok
19:12:05.0354 1572 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
19:12:05.0354 1572 C:\Windows\SysWOW64\gdi32.dll - ok
19:12:05.0354 1572 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
19:12:05.0354 1572 C:\Windows\SysWOW64\user32.dll - ok
19:12:05.0354 1572 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
19:12:05.0354 1572 C:\Windows\SysWOW64\advapi32.dll - ok
19:12:05.0369 1572 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
19:12:05.0369 1572 C:\Windows\SysWOW64\msvcrt.dll - ok
19:12:05.0369 1572 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
19:12:05.0369 1572 C:\Windows\SysWOW64\sechost.dll - ok
19:12:05.0369 1572 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
19:12:05.0369 1572 C:\Windows\SysWOW64\rpcrt4.dll - ok
19:12:05.0369 1572 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
19:12:05.0369 1572 C:\Windows\SysWOW64\sspicli.dll - ok
19:12:05.0369 1572 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
19:12:05.0369 1572 C:\Windows\SysWOW64\cryptbase.dll - ok
19:12:05.0369 1572 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
19:12:05.0369 1572 C:\Windows\SysWOW64\lpk.dll - ok
19:12:05.0385 1572 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
19:12:05.0385 1572 C:\Windows\SysWOW64\usp10.dll - ok
19:12:05.0385 1572 [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\SysWOW64\shell32.dll
19:12:05.0385 1572 C:\Windows\SysWOW64\shell32.dll - ok
19:12:05.0385 1572 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
19:12:05.0385 1572 C:\Windows\System32\dllhost.exe - ok
19:12:05.0385 1572 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
19:12:05.0385 1572 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
19:12:05.0385 1572 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
19:12:05.0385 1572 C:\Windows\System32\IDStore.dll - ok
19:12:05.0385 1572 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
19:12:05.0385 1572 C:\Program Files\Bonjour\mdnsNSP.dll - ok
19:12:05.0400 1572 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
19:12:05.0400 1572 C:\Windows\System32\rasadhlp.dll - ok
19:12:05.0400 1572 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
19:12:05.0400 1572 C:\Windows\System32\taskhost.exe - ok
19:12:05.0400 1572 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
19:12:05.0400 1572 C:\Windows\System32\umb.dll - ok
19:12:05.0400 1572 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
19:12:05.0400 1572 C:\Windows\System32\localspl.dll - ok
19:12:05.0400 1572 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
19:12:05.0400 1572 C:\Windows\System32\PlaySndSrv.dll - ok
19:12:05.0400 1572 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
19:12:05.0400 1572 C:\Windows\System32\MsCtfMonitor.dll - ok
19:12:05.0416 1572 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
19:12:05.0416 1572 C:\Windows\System32\msutb.dll - ok
19:12:05.0416 1572 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
19:12:05.0416 1572 C:\Windows\System32\spoolss.dll - ok
19:12:05.0416 1572 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
19:12:05.0416 1572 C:\Windows\System32\winspool.drv - ok
19:12:05.0416 1572 [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
19:12:05.0416 1572 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
19:12:05.0416 1572 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
19:12:05.0416 1572 C:\Windows\System32\HotStartUserAgent.dll - ok
19:12:05.0416 1572 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
19:12:05.0416 1572 C:\Windows\System32\PrintIsolationProxy.dll - ok
19:12:05.0432 1572 [ B91BAB2B9086CF4B15DA08AA139C1A2F ] C:\Windows\System32\AdobePDF.dll
19:12:05.0432 1572 C:\Windows\System32\AdobePDF.dll - ok
19:12:05.0432 1572 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
19:12:05.0432 1572 C:\Windows\System32\esent.dll - ok
19:12:05.0432 1572 [ 7655EB239E44FF3C0144BEE459C76DD3 ] C:\Windows\System32\CNBLM3_2.DLL
19:12:05.0432 1572 C:\Windows\System32\CNBLM3_2.DLL - ok
19:12:05.0432 1572 [ 059B16DB7FD14D38B7F4E312D793B972 ] C:\Windows\System32\E_ILMFRA.DLL
19:12:05.0432 1572 C:\Windows\System32\E_ILMFRA.DLL - ok
19:12:05.0432 1572 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
19:12:05.0432 1572 C:\Windows\System32\FXSMON.dll - ok
19:12:05.0432 1572 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
19:12:05.0432 1572 C:\Windows\System32\tcpmon.dll - ok
19:12:05.0447 1572 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
19:12:05.0447 1572 C:\Windows\System32\snmpapi.dll - ok
19:12:05.0447 1572 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
19:12:05.0447 1572 C:\Windows\System32\wsnmp32.dll - ok
19:12:05.0447 1572 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
19:12:05.0447 1572 C:\Windows\System32\msxml6.dll - ok
19:12:05.0447 1572 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
19:12:05.0447 1572 C:\Windows\System32\usbmon.dll - ok
19:12:05.0447 1572 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
19:12:05.0447 1572 C:\Windows\System32\WSDMon.dll - ok
19:12:05.0447 1572 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
19:12:05.0447 1572 C:\Windows\System32\AtBroker.exe - ok
19:12:05.0463 1572 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
19:12:05.0463 1572 C:\Windows\System32\WSDApi.dll - ok
19:12:05.0463 1572 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
19:12:05.0463 1572 C:\Windows\System32\mpr.dll - ok
19:12:05.0463 1572 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
19:12:05.0463 1572 C:\Windows\System32\winmm.dll - ok
19:12:05.0463 1572 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
19:12:05.0463 1572 C:\Windows\System32\webservices.dll - ok
19:12:05.0463 1572 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
19:12:05.0463 1572 C:\Windows\SysWOW64\psapi.dll - ok
19:12:05.0463 1572 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
19:12:05.0463 1572 C:\Windows\SysWOW64\userenv.dll - ok
19:12:05.0463 1572 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
19:12:05.0463 1572 C:\Windows\SysWOW64\profapi.dll - ok
19:12:05.0478 1572 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
19:12:05.0478 1572 C:\Windows\System32\fundisc.dll - ok
19:12:05.0478 1572 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
19:12:05.0478 1572 C:\Windows\System32\fdPnp.dll - ok
19:12:05.0478 1572 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
19:12:05.0478 1572 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
19:12:05.0478 1572 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
19:12:05.0478 1572 C:\Windows\SysWOW64\imm32.dll - ok
19:12:05.0478 1572 [ 371D003DE5D81C7465A0E8CD911D2E9C ] C:\Windows\System32\spool\prtprocs\x64\CNBPP3.DLL
19:12:05.0478 1572 C:\Windows\System32\spool\prtprocs\x64\CNBPP3.DLL - ok
19:12:05.0478 1572 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
19:12:05.0478 1572 C:\Windows\SysWOW64\msctf.dll - ok
19:12:05.0494 1572 [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
19:12:05.0494 1572 C:\Windows\System32\win32spl.dll - ok
19:12:05.0494 1572 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
19:12:05.0494 1572 C:\Windows\SysWOW64\ole32.dll - ok
19:12:05.0494 1572 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
19:12:05.0494 1572 C:\Windows\System32\inetpp.dll - ok
19:12:05.0494 1572 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
19:12:05.0494 1572 C:\Windows\System32\cscapi.dll - ok
19:12:05.0494 1572 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
19:12:05.0494 1572 C:\Windows\System32\userinit.exe - ok
19:12:05.0494 1572 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:12:05.0494 1572 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
19:12:05.0510 1572 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
19:12:05.0510 1572 C:\Windows\SysWOW64\oleaut32.dll - ok
19:12:05.0510 1572 [ 92245C959E5BC378809D2CC5E9F6E9C7 ] C:\Windows\SysWOW64\crypt32.dll
19:12:05.0510 1572 C:\Windows\SysWOW64\crypt32.dll - ok
19:12:05.0510 1572 [ 7548C242D95CBFF76908360AD629C09F ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\ArcCon.dll
19:12:05.0510 1572 C:\Program Files (x86)\Common Files\ArcSoft\Bin\ArcCon.dll - ok
19:12:05.0510 1572 [ 225D276C730DF08CC83EABAC407F0D75 ] C:\Windows\SysWOW64\urlmon.dll
19:12:05.0510 1572 C:\Windows\SysWOW64\urlmon.dll - ok
19:12:05.0510 1572 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
19:12:05.0510 1572 C:\Windows\explorer.exe - ok
19:12:05.0510 1572 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
19:12:05.0510 1572 C:\Windows\SysWOW64\msasn1.dll - ok
19:12:05.0525 1572 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
19:12:05.0525 1572 C:\Windows\SysWOW64\wintrust.dll - ok
19:12:05.0525 1572 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
19:12:05.0525 1572 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
19:12:05.0525 1572 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
19:12:05.0525 1572 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
19:12:05.0525 1572 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
19:12:05.0525 1572 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
19:12:05.0525 1572 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
19:12:05.0525 1572 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
19:12:05.0541 1572 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
19:12:05.0541 1572 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
19:12:05.0541 1572 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
19:12:05.0541 1572 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
19:12:05.0541 1572 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
19:12:05.0541 1572 C:\Windows\SysWOW64\version.dll - ok
19:12:05.0541 1572 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
19:12:05.0541 1572 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
19:12:05.0541 1572 [ FE29131E35902038066C924CF9C59DF8 ] C:\Windows\SysWOW64\iertutil.dll
19:12:05.0541 1572 C:\Windows\SysWOW64\iertutil.dll - ok
19:12:05.0541 1572 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
19:12:05.0541 1572 C:\Windows\System32\ExplorerFrame.dll - ok
19:12:05.0556 1572 [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:12:05.0556 1572 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
19:12:05.0556 1572 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
19:12:05.0556 1572 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
19:12:05.0556 1572 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
19:12:05.0556 1572 C:\Windows\System32\dwm.exe - ok
19:12:05.0556 1572 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
19:12:05.0556 1572 C:\Windows\System32\dwmredir.dll - ok
19:12:05.0556 1572 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
19:12:05.0556 1572 C:\Windows\System32\dwmcore.dll - ok
19:12:05.0556 1572 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
19:12:05.0556 1572 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
19:12:05.0572 1572 [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
19:12:05.0572 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
19:12:05.0572 1572 [ 6D41F6AA35220E7A54543075B27E8F83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
19:12:05.0572 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
19:12:05.0572 1572 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
19:12:05.0572 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
19:12:05.0572 1572 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
19:12:05.0572 1572 C:\Windows\System32\d3d10_1.dll - ok
19:12:05.0572 1572 [ BB8E9045B93F41BECA6AAFD1F86350DE ] C:\Windows\System32\AcSignIcon.dll
19:12:05.0572 1572 C:\Windows\System32\AcSignIcon.dll - ok
19:12:05.0572 1572 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
19:12:05.0572 1572 C:\Windows\System32\d3d10_1core.dll - ok
19:12:05.0588 1572 [ 85ED13922DF97474AF9979CA456C6748 ] C:\Windows\System32\mfc100u.dll
19:12:05.0588 1572 C:\Windows\System32\mfc100u.dll - ok
19:12:05.0588 1572 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
19:12:05.0588 1572 C:\Windows\SysWOW64\ws2_32.dll - ok
19:12:05.0588 1572 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
19:12:05.0588 1572 C:\Windows\System32\dxgi.dll - ok
19:12:05.0588 1572 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
19:12:05.0588 1572 C:\Windows\SysWOW64\nsi.dll - ok
19:12:05.0588 1572 [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
19:12:05.0588 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
19:12:05.0588 1572 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
19:12:05.0588 1572 C:\Windows\SysWOW64\wsock32.dll - ok
19:12:05.0603 1572 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
19:12:05.0603 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
19:12:05.0603 1572 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
19:12:05.0603 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
19:12:05.0603 1572 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
19:12:05.0603 1572 C:\Windows\SysWOW64\winmm.dll - ok
19:12:05.0603 1572 [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
19:12:05.0603 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
19:12:05.0603 1572 [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll
19:12:05.0603 1572 C:\Windows\System32\d3d11.dll - ok
19:12:05.0603 1572 [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
19:12:05.0603 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
19:12:05.0619 1572 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
19:12:05.0619 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
19:12:05.0619 1572 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
19:12:05.0619 1572 C:\Windows\System32\msvcr100.dll - ok
19:12:05.0619 1572 [ 546C4E640711D56775136C7A5DB7B214 ] C:\Windows\System32\aticfx64.dll
19:12:05.0619 1572 C:\Windows\System32\aticfx64.dll - ok
19:12:05.0619 1572 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
19:12:05.0619 1572 C:\Windows\System32\msimg32.dll - ok
19:12:05.0619 1572 [ 5E2F28A979A0CE9B43F1815A593617C5 ] C:\Windows\System32\mfc100enu.dll
19:12:05.0619 1572 C:\Windows\System32\mfc100enu.dll - ok
19:12:05.0619 1572 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
19:12:05.0619 1572 C:\Windows\System32\EhStorShell.dll - ok
19:12:05.0634 1572 [ FC51A330A31A2A77F7193137F122A289 ] C:\Windows\System32\atiuxp64.dll
19:12:05.0634 1572 C:\Windows\System32\atiuxp64.dll - ok
19:12:05.0634 1572 [ F1D2ABA7038E01F7465E36F2057E7C13 ] C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
19:12:05.0634 1572 C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL - ok
19:12:05.0634 1572 [ 5A6DC10D5FFB01AE6CA8DB99205EA3CB ] C:\Windows\System32\atidxx64.dll
19:12:05.0634 1572 C:\Windows\System32\atidxx64.dll - ok
19:12:05.0634 1572 [ 9BF7C7654EFD098EE3A27B49492A382A ] C:\Windows\SysWOW64\wininet.dll
19:12:05.0634 1572 C:\Windows\SysWOW64\wininet.dll - ok
19:12:05.0634 1572 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
19:12:05.0634 1572 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
19:12:05.0634 1572 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
19:12:05.0634 1572 C:\Windows\SysWOW64\msi.dll - ok
19:12:05.0650 1572 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
19:12:05.0650 1572 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
19:12:05.0650 1572 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
19:12:05.0650 1572 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
19:12:05.0650 1572 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:12:05.0650 1572 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:12:05.0650 1572 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
19:12:05.0650 1572 C:\Windows\SysWOW64\ntmarta.dll - ok
19:12:05.0650 1572 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
19:12:05.0650 1572 C:\Windows\SysWOW64\Wldap32.dll - ok
19:12:05.0650 1572 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
19:12:05.0650 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
19:12:05.0666 1572 [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
19:12:05.0666 1572 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
19:12:05.0666 1572 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
19:12:05.0666 1572 C:\Windows\SysWOW64\setupapi.dll - ok
19:12:05.0666 1572 [ 66E3C667D853DF349E310568F60B9B6A ] C:\PROGRA~1\MICROS~4\Office14\1033\GrooveIntlResource.dll
19:12:05.0666 1572 C:\PROGRA~1\MICROS~4\Office14\1033\GrooveIntlResource.dll - ok
19:12:05.0666 1572 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
19:12:05.0666 1572 C:\Windows\SysWOW64\cfgmgr32.dll - ok
19:12:05.0666 1572 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
19:12:05.0666 1572 C:\Windows\SysWOW64\devobj.dll - ok
19:12:05.0666 1572 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
19:12:05.0666 1572 C:\Windows\SysWOW64\wtsapi32.dll - ok
19:12:05.0666 1572 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
19:12:05.0666 1572 C:\Windows\SysWOW64\dnssd.dll - ok
19:12:05.0681 1572 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
19:12:05.0681 1572 C:\Windows\SysWOW64\mswsock.dll - ok
19:12:05.0681 1572 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
19:12:05.0681 1572 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
19:12:05.0681 1572 [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
19:12:05.0681 1572 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
19:12:05.0681 1572 [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
19:12:05.0681 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
19:12:05.0681 1572 [ F431DC5D94F4B2FDBC927655D8A9B10E ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
19:12:05.0681 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe - ok
19:12:05.0697 1572 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
19:12:05.0697 1572 C:\Windows\SysWOW64\mscoree.dll - ok
19:12:05.0697 1572 [ AB22BFF47D0C26749E4951680F64349C ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
19:12:05.0697 1572 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
19:12:05.0697 1572 [ D34EEFD07A6578D9C4CF9C1A2F255468 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
19:12:05.0697 1572 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
19:12:05.0697 1572 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
19:12:05.0697 1572 C:\Windows\System32\uDWM.dll - ok
19:12:05.0697 1572 [ 66F46BF7C001AEBDF009ACD7626980D8 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\bushell.dll
19:12:05.0697 1572 C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\bushell.dll - ok
19:12:05.0712 1572 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\msvcp100.dll
19:12:05.0712 1572 C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\msvcp100.dll - ok
19:12:05.0712 1572 [ 956B6ACA4EFF31046403F0DD6235332E ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
19:12:05.0712 1572 C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
19:12:05.0712 1572 [ 8C5D58BA9F0F541CED0AB984B9DADA9C ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\ccl120u.dll
19:12:05.0712 1572 C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\ccl120u.dll - ok
19:12:05.0712 1572 [ A7DDDDE163F16AB49DF3DE9EEC715495 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
19:12:05.0712 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
19:12:05.0712 1572 [ 6F5B88206472E5FE171A6763A80447E9 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\efacli64.dll
19:12:05.0712 1572 C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\efacli64.dll - ok
19:12:05.0712 1572 [ EE1FF8F1B6861B195F744F8405E23B4D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
19:12:05.0712 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll - ok
19:12:05.0728 1572 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
19:12:05.0728 1572 C:\Windows\System32\ntshrui.dll - ok
19:12:05.0728 1572 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
19:12:05.0728 1572 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
19:12:05.0728 1572 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
19:12:05.0728 1572 C:\Windows\System32\IconCodecService.dll - ok
19:12:05.0728 1572 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
19:12:05.0728 1572 C:\Windows\SysWOW64\winnsi.dll - ok
19:12:05.0728 1572 [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
19:12:05.0728 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
19:12:05.0744 1572 [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
19:12:05.0744 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
19:12:05.0744 1572 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
19:12:05.0744 1572 C:\Windows\System32\runonce.exe - ok
19:12:05.0744 1572 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
19:12:05.0744 1572 C:\Windows\SysWOW64\runonce.exe - ok
19:12:05.0744 1572 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
19:12:05.0744 1572 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
19:12:05.0744 1572 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
19:12:05.0744 1572 C:\Windows\SysWOW64\uxtheme.dll - ok
19:12:05.0744 1572 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
19:12:05.0744 1572 C:\Windows\SysWOW64\clbcatq.dll - ok
19:12:05.0759 1572 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
19:12:05.0759 1572 C:\Windows\SysWOW64\propsys.dll - ok
19:12:05.0759 1572 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
19:12:05.0759 1572 C:\Windows\SysWOW64\apphelp.dll - ok
19:12:05.0759 1572 [ 660C8E78B94F483E44B0243A774A4746 ] C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
19:12:05.0759 1572 C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL - ok
19:12:05.0759 1572 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
19:12:05.0759 1572 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
19:12:05.0759 1572 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
19:12:05.0759 1572 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
19:12:05.0759 1572 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
19:12:05.0759 1572 C:\Windows\SysWOW64\cryptsp.dll - ok
19:12:05.0775 1572 [ E1B2BF9FB51D09E90EDF75B1D9F968E9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
19:12:05.0775 1572 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
19:12:05.0775 1572 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
19:12:05.0775 1572 C:\Windows\SysWOW64\rsaenh.dll - ok
19:12:05.0775 1572 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:12:05.0775 1572 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:12:05.0775 1572 [ 72A2A4C94C53660D9A15ABF41E1DD35A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9c7c3cd390aa067130df3a89c0d3b6e4\System.ni.dll
19:12:05.0775 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9c7c3cd390aa067130df3a89c0d3b6e4\System.ni.dll - ok
19:12:05.0775 1572 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
19:12:05.0775 1572 C:\Windows\SysWOW64\secur32.dll - ok
19:12:05.0775 1572 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
19:12:05.0775 1572 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
19:12:05.0790 1572 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
19:12:05.0790 1572 C:\Windows\SysWOW64\cmd.exe - ok
19:12:05.0790 1572 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
19:12:05.0790 1572 C:\Windows\System32\conhost.exe - ok
19:12:05.0790 1572 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
19:12:05.0790 1572 C:\Windows\SysWOW64\winbrand.dll - ok
19:12:05.0790 1572 [ 94B9E0CCD51B67B84DEE68EF92844A45 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\d87de4bbcefb0a67eaae225f35964a4f\System.Configuration.ni.dll
19:12:05.0790 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\d87de4bbcefb0a67eaae225f35964a4f\System.Configuration.ni.dll - ok
19:12:05.0790 1572 [ F03E4BC9DAC312C3A0C57D1572F4DAE6 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Shared.ResourcesAndLocale.dll
19:12:05.0790 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Shared.ResourcesAndLocale.dll - ok
19:12:05.0790 1572 [ CC3FD6DEEE458D0BE9A69241E0749717 ] C:\Windows\SysWOW64\ieframe.dll
19:12:05.0790 1572 C:\Windows\SysWOW64\ieframe.dll - ok
19:12:05.0806 1572 [ 1119D63EABF7D60A2CED946D4383C922 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\1c2c7074f15ce2472a1dac64931cbfcc\System.ServiceProcess.ni.dll
19:12:05.0806 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\1c2c7074f15ce2472a1dac64931cbfcc\System.ServiceProcess.ni.dll - ok
19:12:05.0806 1572 [ 0301D5E212E2E699536C7D3BE62C31D9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\858e88af3a72319bdce4f6e1f9492f46\System.Xml.ni.dll
19:12:05.0806 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\858e88af3a72319bdce4f6e1f9492f46\System.Xml.ni.dll - ok
19:12:05.0806 1572 [ 60A8F8BCB1B435BBCFC04CFA6B3BDF8E ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
19:12:05.0806 1572 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
19:12:05.0806 1572 [ AE23898A58E747DFFB59D98813D02946 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Exception.dll
19:12:05.0806 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Exception.dll - ok
19:12:05.0806 1572 [ 0720A084A23F1FD3E656EA0D205DC9D5 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.MetaStore.dll
19:12:05.0806 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.MetaStore.dll - ok
19:12:05.0822 1572 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
19:12:05.0822 1572 C:\Program Files\Bonjour\mDNSResponder.exe - ok
19:12:05.0822 1572 [ C2F1F7A0DFE45B4E8307EF069C8E0CBD ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Indexing.dll
19:12:05.0822 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Indexing.dll - ok
19:12:05.0822 1572 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
19:12:05.0822 1572 C:\Windows\System32\efssvc.dll - ok
19:12:05.0822 1572 [ 5B1CE390DFE9277A4C8369DE597052C3 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Content.dll
19:12:05.0822 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Content.dll - ok
19:12:05.0822 1572 [ 404019744D69D822467EE5F4FEF3E8DF ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Services.dll
19:12:05.0822 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Services.dll - ok
19:12:05.0822 1572 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
19:12:05.0822 1572 C:\Windows\System32\efscore.dll - ok
19:12:05.0837 1572 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
19:12:05.0837 1572 C:\Windows\System32\dps.dll - ok
19:12:05.0837 1572 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
19:12:05.0837 1572 C:\Windows\System32\efsutil.dll - ok
19:12:05.0837 1572 [ F3DA25EBA882A81612DDFE3C951C4154 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Contracts.dll
19:12:05.0837 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Contracts.dll - ok
19:12:05.0837 1572 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
19:12:05.0837 1572 C:\Windows\System32\IKEEXT.DLL - ok
19:12:05.0837 1572 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
19:12:05.0837 1572 C:\Windows\System32\taskschd.dll - ok
19:12:05.0837 1572 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
19:12:05.0837 1572 C:\Windows\System32\FDResPub.dll - ok
19:12:05.0853 1572 [ 71C6A95A5F0CCC87298C4DD0F2C3635A ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:12:05.0853 1572 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
19:12:05.0853 1572 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] C:\Windows\System32\cryptsvc.dll
19:12:05.0853 1572 C:\Windows\System32\cryptsvc.dll - ok
19:12:05.0853 1572 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
19:12:05.0853 1572 C:\Windows\System32\vpnikeapi.dll - ok
19:12:05.0853 1572 [ 7E4EAEAB5E97B32A186C3939492E286A ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
19:12:05.0853 1572 C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
19:12:05.0853 1572 [ F340FBDE11082FF08970C6994DE0662F ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
19:12:05.0853 1572 C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
19:12:05.0853 1572 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
19:12:05.0853 1572 C:\Windows\System32\winhttp.dll - ok
19:12:05.0868 1572 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
19:12:05.0868 1572 C:\Windows\System32\webio.dll - ok
19:12:05.0868 1572 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
19:12:05.0868 1572 C:\Windows\System32\httpapi.dll - ok
19:12:05.0868 1572 [ 2C4C22EA1735F21F355EB1A39832F7DF ] C:\Windows\System32\cryptnet.dll
19:12:05.0868 1572 C:\Windows\System32\cryptnet.dll - ok
19:12:05.0868 1572 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
19:12:05.0868 1572 C:\Windows\System32\vssapi.dll - ok
19:12:05.0868 1572 [ 23EDA513256A48AA4674A7A447511692 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\0e5a4b9b215047e0ef087a95683e4ece\System.Core.ni.dll
19:12:05.0868 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\0e5a4b9b215047e0ef087a95683e4ece\System.Core.ni.dll - ok
19:12:05.0868 1572 [ 11F714F85530A2BD134074DC30E99FCA ] C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\MDM.EXE
19:12:05.0868 1572 C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\MDM.EXE - ok
19:12:05.0884 1572 [ BFC68382466436FAE8B7A27966FB98CB ] C:\Windows\AppPatch\acwow64.dll
19:12:05.0884 1572 C:\Windows\AppPatch\acwow64.dll - ok
19:12:05.0884 1572 [ 325C4B221CD23B6C97E0C6F0AFD94334 ] C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\PDM.DLL
19:12:05.0884 1572 C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\PDM.DLL - ok
19:12:05.0884 1572 [ 3D811BF538D6F359735D757C94F484B6 ] C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\msdbg2.dll
19:12:05.0884 1572 C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\msdbg2.dll - ok
19:12:05.0884 1572 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
19:12:05.0884 1572 C:\Windows\System32\vsstrace.dll - ok
19:12:05.0884 1572 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
19:12:05.0884 1572 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
19:12:05.0884 1572 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
19:12:05.0884 1572 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
19:12:05.0900 1572 [ B00C1315BDFDF39CCFB8EDEFF4256C56 ] C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\csm.dll
19:12:05.0900 1572 C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\csm.dll - ok
19:12:05.0900 1572 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
19:12:05.0900 1572 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
19:12:05.0900 1572 [ 1BF9D6476061B31CD7FC2BF848529A56 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe
19:12:05.0900 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe - ok
19:12:05.0900 1572 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\msvcp100.dll
19:12:05.0900 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\msvcp100.dll - ok
19:12:05.0900 1572 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\msvcr100.dll
19:12:05.0900 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\msvcr100.dll - ok
19:12:05.0900 1572 [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\SysWOW64\shdocvw.dll
19:12:05.0900 1572 C:\Windows\SysWOW64\shdocvw.dll - ok
19:12:05.0915 1572 [ 8E390B34F7B94EC6E3EB8D2C4EA28282 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccl120u.dll
19:12:05.0915 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccl120u.dll - ok
19:12:05.0915 1572 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
19:12:05.0915 1572 C:\Windows\SysWOW64\dbghelp.dll - ok
19:12:05.0915 1572 [ 7D8A36064B2DBE1338572B650C50F15E ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccvrtrst.dll
19:12:05.0915 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccvrtrst.dll - ok
19:12:05.0915 1572 [ C8004D4214E6973E604D613F6FFE7845 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\53ebd9b7686485bbbeb8ed939d2185c7\System.ServiceModel.ni.dll
19:12:05.0915 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\53ebd9b7686485bbbeb8ed939d2185c7\System.ServiceModel.ni.dll - ok
19:12:05.0915 1572 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
19:12:05.0915 1572 C:\Windows\System32\nlasvc.dll - ok
19:12:05.0931 1572 [ E44BF5B383D365D0078FEF735A305E24 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\efacli.dll
19:12:05.0931 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\efacli.dll - ok
19:12:05.0931 1572 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
19:12:05.0931 1572 C:\Windows\System32\ncsi.dll - ok
19:12:05.0931 1572 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
19:12:05.0931 1572 C:\Windows\System32\ssdpapi.dll - ok
19:12:05.0931 1572 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
19:12:05.0931 1572 C:\Windows\System32\drivers\PEAuth.sys - ok
19:12:05.0931 1572 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
19:12:05.0931 1572 C:\Windows\System32\netman.dll - ok
19:12:05.0931 1572 [ A43418F77D0738FC6807FD73F7A72353 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvc.dll
19:12:05.0931 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvc.dll - ok
19:12:05.0931 1572 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
19:12:05.0931 1572 C:\Windows\System32\aepic.dll - ok
19:12:05.0946 1572 [ 0E0A7D4537C90603D17A9C0F69F44A1A ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\srtsp32.dll
19:12:05.0946 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\srtsp32.dll - ok
19:12:05.0946 1572 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
19:12:05.0946 1572 C:\Windows\System32\sfc.dll - ok
19:12:05.0946 1572 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
19:12:05.0946 1572 C:\Windows\System32\sfc_os.dll - ok
19:12:05.0946 1572 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
19:12:05.0946 1572 C:\Windows\System32\drivers\secdrv.sys - ok
19:12:05.0946 1572 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
19:12:05.0946 1572 C:\Windows\System32\seclogon.dll - ok
19:12:05.0946 1572 [ 51639DFB1DD77A0B3DE8B2FE89977C3E ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccipc.dll
19:12:05.0946 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccipc.dll - ok
19:12:05.0962 1572 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
19:12:05.0962 1572 C:\Windows\System32\aeevts.dll - ok
19:12:05.0962 1572 [ 4787EA164E01CAFBF5DA384B6EDC9FC5 ] C:\Program Files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe
19:12:05.0962 1572 C:\Program Files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe - ok
19:12:05.0962 1572 [ 039D6E53B5CFE6081CFDE6B44C6B9BE7 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\dimaster.dll
19:12:05.0962 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\dimaster.dll - ok
19:12:05.0962 1572 [ D5A310D8F315E96884EB06CB453B0A3C ] C:\Program Files (x86)\GM SPO\eSI\Transbase\tbmux32.exe
19:12:05.0962 1572 C:\Program Files (x86)\GM SPO\eSI\Transbase\tbmux32.exe - ok
19:12:05.0962 1572 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
19:12:05.0962 1572 C:\Windows\SysWOW64\winhttp.dll - ok
19:12:05.0978 1572 [ B324509707022C48C7E56E281A586B97 ] C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll
19:12:05.0978 1572 C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll - ok
19:12:05.0978 1572 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
19:12:05.0978 1572 C:\Windows\SysWOW64\nlaapi.dll - ok
19:12:05.0978 1572 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
19:12:05.0978 1572 C:\Windows\System32\drivers\srvnet.sys - ok
19:12:05.0978 1572 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
19:12:05.0978 1572 C:\Windows\SysWOW64\NapiNSP.dll - ok
19:12:05.0978 1572 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
19:12:05.0978 1572 C:\Windows\SysWOW64\webio.dll - ok
19:12:05.0978 1572 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
19:12:05.0978 1572 C:\Windows\System32\drivers\tcpipreg.sys - ok
19:12:05.0993 1572 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
19:12:05.0993 1572 C:\Windows\SysWOW64\pnrpnsp.dll - ok
19:12:05.0993 1572 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
19:12:05.0993 1572 C:\Windows\SysWOW64\wshbth.dll - ok
19:12:05.0993 1572 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
19:12:05.0993 1572 C:\Windows\System32\sysmain.dll - ok
19:12:05.0993 1572 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
19:12:05.0993 1572 C:\Windows\System32\wiaservc.dll - ok
19:12:05.0993 1572 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
19:12:05.0993 1572 C:\Windows\SysWOW64\winsta.dll - ok
19:12:05.0993 1572 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
19:12:05.0993 1572 C:\Windows\System32\wiatrace.dll - ok
19:12:05.0993 1572 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
19:12:05.0993 1572 C:\Windows\System32\drivers\srv2.sys - ok
19:12:06.0009 1572 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
19:12:06.0009 1572 C:\Windows\SysWOW64\dnsapi.dll - ok
19:12:06.0009 1572 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
19:12:06.0009 1572 C:\Windows\SysWOW64\winrnr.dll - ok
19:12:06.0009 1572 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
19:12:06.0009 1572 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
19:12:06.0009 1572 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
19:12:06.0009 1572 C:\Windows\System32\drivers\srv.sys - ok
19:12:06.0009 1572 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
19:12:06.0009 1572 C:\Windows\System32\tapisrv.dll - ok
19:12:06.0024 1572 [ 136760C1E9697BAF4ECDEAE5590A0806 ] C:\Windows\System32\wbem\WMIsvc.dll
19:12:06.0024 1572 C:\Windows\System32\wbem\WMIsvc.dll - ok
19:12:06.0024 1572 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
19:12:06.0024 1572 C:\Windows\System32\trkwks.dll - ok
19:12:06.0024 1572 [ A5ACADEE1EC8F9105CBD683A4D722CFE ] C:\Windows\System32\wbemcomn2.dll
19:12:06.0024 1572 C:\Windows\System32\wbemcomn2.dll - ok
19:12:06.0024 1572 [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
19:12:06.0024 1572 C:\Windows\System32\regsvc.dll - ok
19:12:06.0024 1572 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
19:12:06.0024 1572 C:\Windows\SysWOW64\msvcr71.dll - ok
19:12:06.0024 1572 [ 3CE41EFB7C048F02CF449451FF69D0BC ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccset.dll
19:12:06.0024 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccset.dll - ok
19:12:06.0040 1572 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
19:12:06.0040 1572 C:\Windows\System32\rasmans.dll - ok
19:12:06.0040 1572 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
19:12:06.0040 1572 C:\Windows\System32\eappprxy.dll - ok
19:12:06.0040 1572 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
19:12:06.0040 1572 C:\Windows\System32\srvsvc.dll - ok
19:12:06.0040 1572 [ 593F6E66837111A8C54E29A081DEA0E3 ] C:\Program Files (x86)\Java\jre6\bin\verify.dll
19:12:06.0040 1572 C:\Program Files (x86)\Java\jre6\bin\verify.dll - ok
19:12:06.0040 1572 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
19:12:06.0040 1572 C:\Windows\System32\browser.dll - ok
19:12:06.0056 1572 [ 636681CA4ECC169E763A611991E7A0C7 ] C:\Windows\System32\wbem\WmiDcPrv.dll
19:12:06.0056 1572 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
19:12:06.0056 1572 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
19:12:06.0056 1572 C:\Windows\System32\netmsg.dll - ok
19:12:06.0056 1572 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
19:12:06.0056 1572 C:\Windows\System32\rastapi.dll - ok
19:12:06.0056 1572 [ FCEABD99844A035DB8D96E6E8BCCBA5E ] C:\Windows\System32\wbem\fastprox.dll
19:12:06.0056 1572 C:\Windows\System32\wbem\fastprox.dll - ok
19:12:06.0056 1572 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:12:06.0056 1572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
19:12:06.0056 1572 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
19:12:06.0056 1572 C:\Windows\System32\tapi32.dll - ok
19:12:06.0071 1572 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
19:12:06.0071 1572 C:\Windows\System32\sscore.dll - ok
19:12:06.0071 1572 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
19:12:06.0071 1572 C:\Windows\System32\clusapi.dll - ok
19:12:06.0071 1572 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
19:12:06.0071 1572 C:\Windows\System32\ntdsapi.dll - ok
19:12:06.0071 1572 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
19:12:06.0071 1572 C:\Windows\System32\resutils.dll - ok
19:12:06.0071 1572 [ 4D485945E7589FC64E4D6E59ECD483B7 ] C:\Windows\System32\wbem\wbemprox.dll
19:12:06.0071 1572 C:\Windows\System32\wbem\wbemprox.dll - ok
19:12:06.0071 1572 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
19:12:06.0071 1572 C:\Windows\System32\unimdm.tsp - ok
19:12:06.0087 1572 [ 0C212FA537F003B8F8C90A85D0F8DF27 ] C:\Windows\System32\wbem\wbemcore.dll
19:12:06.0087 1572 C:\Windows\System32\wbem\wbemcore.dll - ok
19:12:06.0087 1572 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
19:12:06.0087 1572 C:\Windows\System32\uniplat.dll - ok
19:12:06.0087 1572 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
19:12:06.0087 1572 C:\Windows\System32\kmddsp.tsp - ok
19:12:06.0087 1572 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
19:12:06.0087 1572 C:\Windows\System32\ndptsp.tsp - ok
19:12:06.0087 1572 [ A67E03E39172459935C591F6E0534569 ] C:\Windows\System32\wbem\esscli.dll
19:12:06.0087 1572 C:\Windows\System32\wbem\esscli.dll - ok
19:12:06.0087 1572 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
19:12:06.0087 1572 C:\Windows\System32\hidphone.tsp - ok
19:12:06.0102 1572 [ BA5CA827B50D8FE46478BA867B08D020 ] C:\Windows\System32\wbem\wbemsvc.dll
19:12:06.0102 1572 C:\Windows\System32\wbem\wbemsvc.dll - ok
19:12:06.0102 1572 [ 2A6653598FE6CE1EC1D8E598E2AF1BB2 ] C:\Program Files (x86)\Java\jre6\bin\java.dll
19:12:06.0102 1572 C:\Program Files (x86)\Java\jre6\bin\java.dll - ok
19:12:06.0102 1572 [ F37BCA66EA95079C806D80B23E041876 ] C:\Windows\System32\wbem\wmiutils.dll
19:12:06.0102 1572 C:\Windows\System32\wbem\wmiutils.dll - ok
19:12:06.0102 1572 [ 56C9C92B854E6AB6ECDA5C531B6ACF5A ] C:\Windows\System32\wbem\repdrvfs.dll
19:12:06.0102 1572 C:\Windows\System32\wbem\repdrvfs.dll - ok
19:12:06.0102 1572 [ 268BD6D148B3FD64A2BB1CEEE6537E83 ] C:\Program Files (x86)\Java\jre6\bin\zip.dll
19:12:06.0102 1572 C:\Program Files (x86)\Java\jre6\bin\zip.dll - ok
19:12:06.0102 1572 [ 997714A70C11ED43A771AE5A95F0D026 ] C:\Windows\System32\wbem\WinMgmtR.dll
19:12:06.0102 1572 C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:12:06.0118 1572 [ D9EB000FC7C43833BC8E4E7A7F6FA3AE ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coSvcPlg.dll
19:12:06.0118 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coSvcPlg.dll - ok
19:12:06.0118 1572 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
19:12:06.0118 1572 C:\Windows\System32\rasppp.dll - ok
19:12:06.0118 1572 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
19:12:06.0118 1572 C:\Windows\System32\eappcfg.dll - ok
19:12:06.0118 1572 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
19:12:06.0118 1572 C:\Windows\System32\vpnike.dll - ok
19:12:06.0118 1572 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
19:12:06.0118 1572 C:\Windows\System32\taskeng.exe - ok
19:12:06.0118 1572 [ E2E7F20A0E525932859058DEC8F979DE ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Logging.dll
19:12:06.0118 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Logging.dll - ok
19:12:06.0134 1572 [ 37B6EBA4E783A0B25F3FE05EF86722CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
19:12:06.0134 1572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
19:12:06.0134 1572 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
19:12:06.0134 1572 C:\Windows\System32\raschap.dll - ok
19:12:06.0134 1572 [ 156FDE0E85025D180598E8FBD4DB3D23 ] C:\Windows\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.1.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
19:12:06.0134 1572 C:\Windows\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.1.0__89845dcd8080cc91\System.Data.SqlServerCe.dll - ok
19:12:06.0134 1572 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
19:12:06.0134 1572 C:\Windows\System32\TSChannel.dll - ok
19:12:06.0134 1572 [ F2CA336DB46EC0941B08A11DD03620BD ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coFFPlgn.dll
19:12:06.0134 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coFFPlgn.dll - ok
19:12:06.0149 1572 [ 0945668AF74CA765BD4A33778B78338E ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\b4fcc1b2a37c20f2e082c78a8d22a318\System.Data.ni.dll
19:12:06.0149 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\b4fcc1b2a37c20f2e082c78a8d22a318\System.Data.ni.dll - ok
19:12:06.0149 1572 [ 6C399566C1E3E7D475C3698297221A20 ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:12:06.0149 1572 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:12:06.0149 1572 [ 30426544CDDC55B8B71DEB556722ECE3 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
19:12:06.0149 1572 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe - ok
19:12:06.0149 1572 [ 67780A0EF83C92A5DB517953C95344E1 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccgevt.dll
19:12:06.0149 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccgevt.dll - ok
19:12:06.0149 1572 [ 0281DDC918760773F676CE924B153AAF ] C:\Windows\System32\ncobjapi.dll
19:12:06.0149 1572 C:\Windows\System32\ncobjapi.dll - ok
19:12:06.0165 1572 [ 5935C3E7DCDA36AA0E4D9284C8AC319B ] C:\Windows\System32\wbem\wbemess.dll
19:12:06.0165 1572 C:\Windows\System32\wbem\wbemess.dll - ok
19:12:06.0165 1572 [ D3C70E737492837C9AF3875F3E210625 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccglog.dll
19:12:06.0165 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccglog.dll - ok
19:12:06.0165 1572 [ F2CA336DB46EC0941B08A11DD03620BD ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\components\coFFPlgn.dll
19:12:06.0165 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\components\coFFPlgn.dll - ok
19:12:06.0165 1572 [ 80A9ADB30ABDF99A8B5A6C233DB3F1D8 ] C:\Users\Alan\AppData\Local\Temp\0D431AD3-4946-446A-9D66-3A0B420DD003.exe
19:12:06.0165 1572 C:\Users\Alan\AppData\Local\Temp\0D431AD3-4946-446A-9D66-3A0B420DD003.exe - ok
19:12:06.0165 1572 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
19:12:06.0165 1572 C:\Windows\SysWOW64\imagehlp.dll - ok
19:12:06.0165 1572 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
19:12:06.0165 1572 C:\Windows\SysWOW64\ncrypt.dll - ok
19:12:06.0180 1572 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
19:12:06.0180 1572 C:\Windows\SysWOW64\actxprxy.dll - ok
19:12:06.0180 1572 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
19:12:06.0180 1572 C:\Windows\SysWOW64\bcrypt.dll - ok
19:12:06.0180 1572 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
19:12:06.0180 1572 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
19:12:06.0180 1572 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
19:12:06.0180 1572 C:\Windows\SysWOW64\ntshrui.dll - ok
19:12:06.0180 1572 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
19:12:06.0180 1572 C:\Windows\SysWOW64\gpapi.dll - ok
19:12:06.0180 1572 [ 8A8B277067C22F4BF6AA9A31692FC4D3 ] C:\Windows\SysWOW64\cryptnet.dll
19:12:06.0180 1572 C:\Windows\SysWOW64\cryptnet.dll - ok
19:12:06.0196 1572 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
19:12:06.0196 1572 C:\Windows\SysWOW64\SensApi.dll - ok
19:12:06.0196 1572 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
19:12:06.0196 1572 C:\Windows\SysWOW64\srvcli.dll - ok
19:12:06.0196 1572 [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
19:12:06.0196 1572 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
19:12:06.0196 1572 [ B5B1140DE0097811B32A9F0AC5508814 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccjobmgr.dll
19:12:06.0196 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccjobmgr.dll - ok
19:12:06.0196 1572 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
19:12:06.0196 1572 C:\Windows\SysWOW64\cscapi.dll - ok
19:12:06.0196 1572 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
19:12:06.0196 1572 C:\Windows\SysWOW64\slc.dll - ok
19:12:06.0212 1572 [ 6BE672F5453B0369E58DE12DDB7BCF6B ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
19:12:06.0212 1572 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
19:12:06.0212 1572 [ 31E0DC5FF63DF7D926C6FFA2B9B33614 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsubeng.dll
19:12:06.0212 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsubeng.dll - ok
19:12:06.0212 1572 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
19:12:06.0212 1572 C:\Windows\SysWOW64\msvcp71.dll - ok
19:12:06.0212 1572 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
19:12:06.0212 1572 C:\Windows\SysWOW64\dwmapi.dll - ok
19:12:06.0212 1572 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
19:12:06.0212 1572 C:\Windows\SysWOW64\powrprof.dll - ok
19:12:06.0212 1572 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
19:12:06.0212 1572 C:\Windows\SysWOW64\msiltcfg.dll - ok
19:12:06.0227 1572 [ F83C0E8BA0B70CBAD208F87AE5F3FBF3 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccemlpxy.dll
19:12:06.0227 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccemlpxy.dll - ok
19:12:06.0227 1572 [ 5251CA57CDC4FC752226A7A2C46982DE ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\iron.dll
19:12:06.0227 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\iron.dll - ok
19:12:06.0227 1572 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
19:12:06.0227 1572 C:\Windows\SysWOW64\sfc.dll - ok
19:12:06.0227 1572 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
19:12:06.0227 1572 C:\Windows\SysWOW64\sfc_os.dll - ok
19:12:06.0227 1572 [ D4B99AF45CCBB793F9C15CE79B17B50F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\f9de29ddb27e57e159f8d9786f53d4e7\System.Transactions.ni.dll
19:12:06.0227 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\f9de29ddb27e57e159f8d9786f53d4e7\System.Transactions.ni.dll - ok
19:12:06.0227 1572 [ F80443368FDE9432F10390933A1307BC ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\busvc.dll
19:12:06.0227 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\busvc.dll - ok
19:12:06.0243 1572 [ 8A9D7D75CB9BEF94058502AFE53CD677 ] C:\Program Files (x86)\Common Files\microsoft shared\ink\skchui.dll
19:12:06.0243 1572 C:\Program Files (x86)\Common Files\microsoft shared\ink\skchui.dll - ok
19:12:06.0243 1572 [ 44BCD8E217B7C4254EF081755BAEE9BC ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
19:12:06.0243 1572 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
19:12:06.0243 1572 [ 45C62DA229562EEC381F45ECE16A3DF5 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
19:12:06.0243 1572 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll - ok
19:12:06.0243 1572 [ 4300447A5D8D42D3EFDA70DC5A55D6E5 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Utilities.dll
19:12:06.0243 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Utilities.dll - ok
19:12:06.0243 1572 [ A36FB747298925AE58E866A48B6D394D ] C:\Program Files (x86)\Common Files\microsoft shared\ink\penusa.dll
19:12:06.0243 1572 C:\Program Files (x86)\Common Files\microsoft shared\ink\penusa.dll - ok
19:12:06.0258 1572 [ 6E357D1217E29A42E78CAD392AE594F3 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\symredir.dll
19:12:06.0258 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\symredir.dll - ok
19:12:06.0258 1572 [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll
19:12:06.0258 1572 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
19:12:06.0258 1572 [ 063AA78559CCD459E8613A727EE1CBE4 ] C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceme35.dll
19:12:06.0258 1572 C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceme35.dll - ok
19:12:06.0258 1572 [ 7AC14F1976B3E372CEF4FC97345D5F20 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\bucomm.dll
19:12:06.0258 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\bucomm.dll - ok
19:12:06.0258 1572 [ 0BE914C883471E9F728E9E690D51BDEC ] C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceer35EN.dll
19:12:06.0258 1572 C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceer35EN.dll - ok
19:12:06.0258 1572 [ F400387A9F86CA917D89E53D46DEB02E ] C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlcese35.dll
19:12:06.0258 1572 C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlcese35.dll - ok
19:12:06.0274 1572 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
19:12:06.0274 1572 C:\Windows\SysWOW64\EhStorShell.dll - ok
19:12:06.0274 1572 [ 30B8190C119EE82A2FEA935C82F90BF8 ] C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceqp35.dll
19:12:06.0274 1572 C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceqp35.dll - ok
19:12:06.0274 1572 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll
19:12:06.0274 1572 C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
19:12:06.0274 1572 [ DDF05CD7CCD8995D73D4162CD5E3A105 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\bueng.dll
19:12:06.0274 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\bueng.dll - ok
19:12:06.0274 1572 [ 33A77D477EF9D7A5C65A950129DF2E47 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
19:12:06.0274 1572 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok
19:12:06.0290 1572 [ C8D53C921BC93056423C73E347DBE6B3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\917c3dc87838fb56f84f1670f0a15209\System.EnterpriseServices.ni.dll
19:12:06.0290 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\917c3dc87838fb56f84f1670f0a15209\System.EnterpriseServices.ni.dll - ok
19:12:06.0290 1572 [ B8CC9A70D2956CC58176883864AA5F62 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
19:12:06.0290 1572 C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - ok
19:12:06.0290 1572 [ D6B925CA5740453B124A2D9B0505EDA0 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\917c3dc87838fb56f84f1670f0a15209\System.EnterpriseServices.Wrapper.dll
19:12:06.0290 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\917c3dc87838fb56f84f1670f0a15209\System.EnterpriseServices.Wrapper.dll - ok
19:12:06.0290 1572 [ 61A30DEAE67AE7D42160394F16A810F0 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Scheduler.dll
19:12:06.0290 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Scheduler.dll - ok
19:12:06.0290 1572 [ A722DD3D6894B9EC6E53106D02830B74 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Users.dll
19:12:06.0290 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Users.dll - ok
19:12:06.0290 1572 [ 3B872A3E95C4B5B37D0EB6493B855886 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\isDataPr.dll
19:12:06.0290 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\isDataPr.dll - ok
19:12:06.0305 1572 [ B89CB7F3F1A1E2807E708F5435DEB13D ] C:\Program Files (x86)\Autodesk\Content Service\log4net.dll
19:12:06.0305 1572 C:\Program Files (x86)\Autodesk\Content Service\log4net.dll - ok
19:12:06.0305 1572 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
19:12:06.0305 1572 C:\Windows\SysWOW64\msxml3.dll - ok
19:12:06.0305 1572 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
19:12:06.0305 1572 C:\Windows\SysWOW64\imageres.dll - ok
19:12:06.0305 1572 [ 1856213A31E6AFDDEB1A014CD49AC98B ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\sndsvc.dll
19:12:06.0305 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\sndsvc.dll - ok
19:12:06.0305 1572 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
19:12:06.0305 1572 C:\Windows\SysWOW64\rasapi32.dll - ok
19:12:06.0321 1572 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
19:12:06.0321 1572 C:\Windows\SysWOW64\rasman.dll - ok
19:12:06.0321 1572 [ 4521C7BB2E6AA9BCC20C631907211F91 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\symrdrsv.dll
19:12:06.0321 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\symrdrsv.dll - ok
19:12:06.0321 1572 [ 56FC211194DB93DCCAAAD9C2EF5BF348 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\hncore.dll
19:12:06.0321 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\hncore.dll - ok
19:12:06.0321 1572 [ 118606A24EFA10AD521375CDFA236B1A ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\symneti.dll
19:12:06.0321 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\symneti.dll - ok
19:12:06.0321 1572 [ 774CA86BAB61D087B0ACAA54483C40D8 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\appmgr32.dll
19:12:06.0321 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\appmgr32.dll - ok
19:12:06.0321 1572 [ EE648287A7D7B75FFD33FDC5E63DD396 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\avmodule.dll
19:12:06.0321 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\avmodule.dll - ok
19:12:06.0336 1572 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
19:12:06.0336 1572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
19:12:06.0336 1572 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
19:12:06.0336 1572 C:\Windows\SysWOW64\mpr.dll - ok
19:12:06.0336 1572 [ 96FAF00A7ADC61AF68192445623402FA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
19:12:06.0336 1572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll - ok
19:12:06.0336 1572 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
19:12:06.0336 1572 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
19:12:06.0336 1572 [ 4C759C5DE4A29D7088793D534F9F1A87 ] C:\Program Files (x86)\Autodesk\Content Service\Lucene.Net.dll
19:12:06.0336 1572 C:\Program Files (x86)\Autodesk\Content Service\Lucene.Net.dll - ok
19:12:06.0352 1572 [ AE3527015B6D2E32C0EC0DB4C43F65AD ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ncw.dll
19:12:06.0352 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ncw.dll - ok
19:12:06.0352 1572 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
19:12:06.0352 1572 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
19:12:06.0352 1572 [ F9C6C2C4B5F265C1CF727B5660278073 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.FileStore.dll
19:12:06.0352 1572 C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.FileStore.dll - ok
19:12:06.0352 1572 [ 612D62566C617682782FCFDD27D70EAB ] C:\Windows\System32\wbem\NCProv.dll
19:12:06.0352 1572 C:\Windows\System32\wbem\NCProv.dll - ok
19:12:06.0352 1572 [ C08C49CEE996EE77B110967ABA062745 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\b12556142d5dacb3e760128b5eca28af\SMDiagnostics.ni.dll
19:12:06.0352 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\b12556142d5dacb3e760128b5eca28af\SMDiagnostics.ni.dll - ok
19:12:06.0352 1572 [ 93B66BF170CEC853BFFC39238EB0EA21 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\668f9f32dc023634ba8fc985a872dbbe\System.ServiceModel.Internals.ni.dll
19:12:06.0352 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\668f9f32dc023634ba8fc985a872dbbe\System.ServiceModel.Internals.ni.dll - ok
19:12:06.0368 1572 [ EE1A73918DE645103F20204A831EAB2A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ffd7d69848e9e67973a92696ca31f51f\System.Runtime.Serialization.ni.dll
19:12:06.0368 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ffd7d69848e9e67973a92696ca31f51f\System.Runtime.Serialization.ni.dll - ok
19:12:06.0368 1572 [ 91EA5FF9F105D373216E8C96F57E88E2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f752f8cf702b7c7eff6c659b2e0c760a\System.ServiceProcess.ni.dll
19:12:06.0368 1572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f752f8cf702b7c7eff6c659b2e0c760a\System.ServiceProcess.ni.dll - ok
19:12:06.0368 1572 [ 40F55C563961C01C466E011B6AA61E27 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
19:12:06.0368 1572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
19:12:06.0368 1572 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
19:12:06.0368 1572 C:\Windows\System32\iphlpsvc.dll - ok
19:12:06.0368 1572 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
19:12:06.0368 1572 C:\Windows\SysWOW64\devrtl.dll - ok
19:12:06.0368 1572 [ 7FF74FECE8C0E7B0207D3629AE2A3D16 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
19:12:06.0368 1572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
19:12:06.0383 1572 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
19:12:06.0383 1572 C:\Windows\SysWOW64\netutils.dll - ok
19:12:06.0383 1572 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
19:12:06.0383 1572 C:\Windows\System32\sqmapi.dll - ok
19:12:06.0383 1572 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
19:12:06.0383 1572 C:\Windows\System32\wdscore.dll - ok
19:12:06.0383 1572 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
19:12:06.0383 1572 C:\Windows\System32\themeui.dll - ok
19:12:06.0383 1572 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
19:12:06.0383 1572 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
19:12:06.0383 1572 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
19:12:06.0383 1572 C:\Windows\SysWOW64\credssp.dll - ok
19:12:06.0399 1572 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
19:12:06.0399 1572 C:\Windows\SysWOW64\wship6.dll - ok
19:12:06.0399 1572 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
19:12:06.0399 1572 C:\Windows\SysWOW64\rasadhlp.dll - ok
19:12:06.0399 1572 [ F62235C8BE07C093B2738C70A97477DB ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\afa9d3881874d7f6ac5a887ecd59c353\System.ServiceModel.Web.ni.dll
19:12:06.0399 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\afa9d3881874d7f6ac5a887ecd59c353\System.ServiceModel.Web.ni.dll - ok
19:12:06.0399 1572 [ A329EE5A003E92538DF55D72CAF17A80 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\defutdcd.dll
19:12:06.0399 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\defutdcd.dll - ok
19:12:06.0399 1572 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
19:12:06.0399 1572 C:\Windows\System32\timedate.cpl - ok
19:12:06.0399 1572 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
19:12:06.0399 1572 C:\Windows\System32\ipnathlp.dll - ok
19:12:06.0414 1572 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
19:12:06.0414 1572 C:\Windows\System32\mprapi.dll - ok
19:12:06.0414 1572 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
19:12:06.0414 1572 C:\Windows\System32\netshell.dll - ok
19:12:06.0414 1572 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
19:12:06.0414 1572 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
19:12:06.0414 1572 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
19:12:06.0414 1572 C:\Windows\SysWOW64\ktmw32.dll - ok
19:12:06.0414 1572 [ FFC9128367BA19F175562CAFE23BAF8F ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ducclib.dll
19:12:06.0414 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ducclib.dll - ok
19:12:06.0414 1572 [ 05A321CF65AB46D8E29E717D13662519 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
19:12:06.0414 1572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll - ok
19:12:06.0430 1572 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
19:12:06.0430 1572 C:\Windows\System32\actxprxy.dll - ok
19:12:06.0430 1572 [ 030ACA137DFC88EA81EE8C07CD950E40 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\51870562b19d91a11039626896771787\System.Web.Services.ni.dll
19:12:06.0430 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\51870562b19d91a11039626896771787\System.Web.Services.ni.dll - ok
19:12:06.0430 1572 [ A3484A0159763330160FD820DE8C4624 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
19:12:06.0430 1572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll - ok
19:12:06.0430 1572 [ 4DF2442F76BAACB0684D544793DFEBD9 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\avpsvc32.dll
19:12:06.0430 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\avpsvc32.dll - ok
19:12:06.0430 1572 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
19:12:06.0430 1572 C:\Windows\System32\hnetcfg.dll - ok
19:12:06.0430 1572 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
19:12:06.0430 1572 C:\Windows\System32\netcfgx.dll - ok
19:12:06.0446 1572 [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\Windows\System32\shdocvw.dll
19:12:06.0446 1572 C:\Windows\System32\shdocvw.dll - ok
19:12:06.0446 1572 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
19:12:06.0446 1572 C:\Windows\System32\nci.dll - ok
19:12:06.0446 1572 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
19:12:06.0446 1572 C:\Windows\System32\linkinfo.dll - ok
19:12:06.0446 1572 [ 4E17D2324C6557F09F1CA05579608774 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\176317556bb5b88428283f2b14b260e5\System.IdentityModel.ni.dll
19:12:06.0446 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\176317556bb5b88428283f2b14b260e5\System.IdentityModel.ni.dll - ok
19:12:06.0446 1572 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
19:12:06.0446 1572 C:\Windows\SysWOW64\rtutils.dll - ok
19:12:06.0446 1572 [ E5C630EFF56FCDF8B6916566D4F4596C ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\avmail.dll
19:12:06.0446 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\avmail.dll - ok
19:12:06.0461 1572 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
19:12:06.0461 1572 C:\Windows\System32\msiltcfg.dll - ok
19:12:06.0461 1572 [ D51E6B0B861E7EEBF4E1026E0D344A3B ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\asengine.dll
19:12:06.0461 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\asengine.dll - ok
19:12:06.0461 1572 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
19:12:06.0461 1572 C:\Windows\System32\msi.dll - ok
19:12:06.0461 1572 [ D0DDA0B796FB5F9BB486EEB4F796D6BE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll
19:12:06.0461 1572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll - ok
19:12:06.0461 1572 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
19:12:06.0461 1572 C:\Windows\SysWOW64\pcwum.dll - ok
19:12:06.0461 1572 [ 0DE7A80F8B4A22F2B2FF3ED42302E193 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\5a2f75991839f9205b3f9d419ea44129\System.Net.Http.ni.dll
19:12:06.0461 1572 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\5a2f75991839f9205b3f9d419ea44129\System.Net.Http.ni.dll - ok
19:12:06.0477 1572 [ E8969A2864A30B2168F25A896088DE10 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
19:12:06.0477 1572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
19:12:06.0477 1572 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
19:12:06.0477 1572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
19:12:06.0477 1572 [ D0FFF1F89431A60A2CC077452B53A50D ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
19:12:06.0477 1572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
19:12:06.0477 1572 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
19:12:06.0477 1572 C:\Windows\SysWOW64\winspool.drv - ok
19:12:06.0477 1572 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll
19:12:06.0477 1572 C:\Windows\SysWOW64\httpapi.dll - ok
19:12:06.0477 1572 [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
19:12:06.0477 1572 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
19:12:06.0492 1572 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
19:12:06.0492 1572 C:\Windows\SysWOW64\riched20.dll - ok
19:12:06.0492 1572 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
19:12:06.0492 1572 C:\Windows\System32\msftedit.dll - ok
19:12:06.0492 1572 [ E11AE58B6D040AE7E1E55741CB9C6694 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
19:12:06.0492 1572 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll - ok
19:12:06.0492 1572 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
19:12:06.0492 1572 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
19:12:06.0492 1572 [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
19:12:06.0492 1572 C:\Windows\System32\msls31.dll - ok
19:12:06.0492 1572 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
19:12:06.0492 1572 C:\Windows\System32\gameux.dll - ok
19:12:06.0508 1572 [ 499C04A44D6068022970A101188A1933 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\cltpe.dll
19:12:06.0508 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\cltpe.dll - ok
19:12:06.0508 1572 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
19:12:06.0508 1572 C:\Windows\SysWOW64\duser.dll - ok
19:12:06.0508 1572 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
19:12:06.0508 1572 C:\Windows\SysWOW64\dui70.dll - ok
19:12:06.0508 1572 [ 70F4EF8D90C01BFD5F96404A01965613 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\datastor.dll
19:12:06.0508 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\datastor.dll - ok
19:12:06.0508 1572 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
19:12:06.0508 1572 C:\Windows\System32\wer.dll - ok
19:12:06.0508 1572 [ 8ACC5E2D106AC10FF9E2E42931DDBDC9 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\avifc.dll
19:12:06.0508 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\avifc.dll - ok
19:12:06.0524 1572 [ 73243A76A59640AE9651522C52ADEA6A ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\sqsvc.dll
19:12:06.0524 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\sqsvc.dll - ok
19:12:06.0524 1572 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
19:12:06.0524 1572 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
19:12:06.0524 1572 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
19:12:06.0524 1572 C:\Windows\System32\DeviceCenter.dll - ok
19:12:06.0524 1572 [ A5E7025E2B9FFD21956CD5D3E08BFE0D ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
19:12:06.0524 1572 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe - ok
19:12:06.0524 1572 [ E8AF798C140BA08A55F5DD39789C9048 ] C:\Program Files\PC-Doctor for Windows\localizer.exe
19:12:06.0524 1572 C:\Program Files\PC-Doctor for Windows\localizer.exe - ok
19:12:06.0539 1572 [ A417752DCEFED9460887F7F3AD65B812 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\NAVENG32.DLL
19:12:06.0539 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\NAVENG32.DLL - ok
19:12:06.0539 1572 [ 7E8A672B7B06A6EB11960C22E0360C59 ] C:\Windows\System32\d2d1.dll
19:12:06.0539 1572 C:\Windows\System32\d2d1.dll - ok
19:12:06.0539 1572 [ BB3D9BAB1BC1567762B6AF1A4D6ECAA8 ] C:\Program Files\Microsoft IntelliType Pro\itype.exe
19:12:06.0539 1572 C:\Program Files\Microsoft IntelliType Pro\itype.exe - ok
19:12:06.0539 1572 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
19:12:06.0539 1572 C:\Windows\System32\networkexplorer.dll - ok
19:12:06.0539 1572 [ 0A48B44355133741E8CFC46B9E30B668 ] C:\Program Files\Microsoft IntelliType Pro\SQMAPI.dll
19:12:06.0539 1572 C:\Program Files\Microsoft IntelliType Pro\SQMAPI.dll - ok
19:12:06.0539 1572 [ 67F5599391F5D61F3A05F7D9F29C1469 ] C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll
19:12:06.0539 1572 C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll - ok
19:12:06.0555 1572 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
19:12:06.0555 1572 C:\Windows\System32\drprov.dll - ok
19:12:06.0555 1572 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
19:12:06.0555 1572 C:\Windows\System32\ntlanman.dll - ok
19:12:06.0555 1572 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
19:12:06.0555 1572 C:\Windows\System32\davclnt.dll - ok
19:12:06.0555 1572 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
19:12:06.0555 1572 C:\Windows\System32\davhlpr.dll - ok
19:12:06.0555 1572 [ 391CD109EF28629644C267C855314DEE ] C:\Windows\System32\ieframe.dll
19:12:06.0555 1572 C:\Windows\System32\ieframe.dll - ok
19:12:06.0555 1572 [ 66D654BD87BAA3D97EE5909FD2596EC1 ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
19:12:06.0555 1572 C:\Program Files\Microsoft IntelliPoint\ipoint.exe - ok
19:12:06.0570 1572 [ CFE3866C577D0387BCC7272EC987B1EA ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\qsplugin.dll
19:12:06.0570 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\qsplugin.dll - ok
19:12:06.0570 1572 [ 5D5386EEAB9C674406373A79A5E98AB4 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\cltlms.dll
19:12:06.0570 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\cltlms.dll - ok
19:12:06.0570 1572 [ 9843AC8FC12DE5D6E5A6BB357069B18C ] C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll
19:12:06.0570 1572 C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll - ok
19:12:06.0570 1572 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
19:12:06.0570 1572 C:\Windows\System32\thumbcache.dll - ok
19:12:06.0570 1572 [ BA0B656616FEE9CF6F783011E0084CC6 ] C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll
19:12:06.0570 1572 C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll - ok
19:12:06.0570 1572 [ B8B1A3F5EFA0DBE88EAB41A7110B9A31 ] C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
19:12:06.0570 1572 C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe - ok
19:12:06.0586 1572 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
19:12:06.0586 1572 C:\Windows\SysWOW64\mfc42.dll - ok
19:12:06.0586 1572 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
19:12:06.0586 1572 C:\Windows\System32\rundll32.exe - ok
19:12:06.0586 1572 [ 14EAAD6A782FF16B05AADACFE05C8D2A ] C:\Windows\System32\LogiLDA.DLL
19:12:06.0586 1572 C:\Windows\System32\LogiLDA.DLL - ok
19:12:06.0586 1572 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
19:12:06.0586 1572 C:\Windows\SysWOW64\odbc32.dll - ok
19:12:06.0586 1572 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
19:12:06.0586 1572 C:\Windows\SysWOW64\odbcint.dll - ok
19:12:06.0586 1572 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
19:12:06.0586 1572 C:\Windows\System32\oledlg.dll - ok
19:12:06.0602 1572 [ C71861E53447055D4291F532A0DFA3FE ] C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
19:12:06.0602 1572 C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe - ok
19:12:06.0602 1572 [ 1FD37C00535502429DD964EC53D66FB8 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\bhsvcplg.dll
19:12:06.0602 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\bhsvcplg.dll - ok
19:12:06.0602 1572 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
19:12:06.0602 1572 C:\Windows\System32\stobject.dll - ok
19:12:06.0602 1572 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
19:12:06.0602 1572 C:\Windows\System32\batmeter.dll - ok
19:12:06.0602 1572 [ 14035B9BC224284772EE938AA7FF5D96 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\dscli.dll
19:12:06.0602 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\dscli.dll - ok
19:12:06.0602 1572 [ 3429E299485DAA041082DB099D5367E8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
19:12:06.0602 1572 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
19:12:06.0617 1572 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
19:12:06.0617 1572 C:\Windows\SysWOW64\netapi32.dll - ok
19:12:06.0617 1572 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
19:12:06.0617 1572 C:\Windows\SysWOW64\wkscli.dll - ok
19:12:06.0617 1572 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
19:12:06.0617 1572 C:\Windows\System32\prnfldr.dll - ok
19:12:06.0617 1572 [ DD85F00EC31F77315AE992B7B0411D65 ] C:\Windows\System32\DWrite.dll
19:12:06.0617 1572 C:\Windows\System32\DWrite.dll - ok
19:12:06.0617 1572 [ 0104F4CA73154C23FFB449501F6D2D53 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
19:12:06.0617 1572 C:\Program Files\Logitech\Gaming Software\LWEMon.exe - ok
19:12:06.0617 1572 [ 3648685140F900123ADE068C7493649D ] C:\Program Files\Logitech\Gaming Software\LWUtils.dll
19:12:06.0617 1572 C:\Program Files\Logitech\Gaming Software\LWUtils.dll - ok
19:12:06.0633 1572 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
19:12:06.0633 1572 C:\Windows\SysWOW64\taskschd.dll - ok
19:12:06.0633 1572 [ 8C3FFD77C9578374F14D9F0C9454943C ] C:\Program Files\Autodesk\Autodesk Sync\RealDwg\AcSignCore16.dll
19:12:06.0633 1572 C:\Program Files\Autodesk\Autodesk Sync\RealDwg\AcSignCore16.dll - ok
19:12:06.0633 1572 [ 8EAD6B803133A608774183D7F68E68A9 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\tudatapr.dll
19:12:06.0633 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\tudatapr.dll - ok
19:12:06.0633 1572 [ B1FDCFFF7609E121C10751A669AB1611 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll
19:12:06.0633 1572 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll - ok
19:12:06.0633 1572 [ 05AB21450095F9340E6811161EE849EC ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\ccvrtrst.dll
19:12:06.0633 1572 C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\ccvrtrst.dll - ok
19:12:06.0633 1572 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
19:12:06.0633 1572 C:\Windows\System32\DXP.dll - ok
19:12:06.0648 1572 [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
19:12:06.0648 1572 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
19:12:06.0648 1572 [ D3311F34BA02191784B8344DE94206CC ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\spocclnt.dll
19:12:06.0648 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\spocclnt.dll - ok
19:12:06.0648 1572 [ DF72D700CC33611206675B8A2FD4D4F9 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
19:12:06.0648 1572 C:\Program Files\Logitech\SetPointP\SetPoint.exe - ok
19:12:06.0648 1572 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
19:12:06.0648 1572 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
19:12:06.0648 1572 [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
19:12:06.0648 1572 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
19:12:06.0664 1572 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
19:12:06.0664 1572 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
19:12:06.0664 1572 [ 18921ED36B7AB65916C075E234E81930 ] C:\Program Files\Logitech\SetPointP\khalwrapper.dll
19:12:06.0664 1572 C:\Program Files\Logitech\SetPointP\khalwrapper.dll - ok
19:12:06.0664 1572 [ 52425F4F67DE0E8E7149EBC337D1A60A ] C:\Program Files\Logitech\SetPointP\KemUtil.dll
19:12:06.0664 1572 C:\Program Files\Logitech\SetPointP\KemUtil.dll - ok
19:12:06.0664 1572 [ E8111DAE0676C11AF186844785B73876 ] C:\Program Files\Logitech\Gaming Software\LWGStore.dll
19:12:06.0664 1572 C:\Program Files\Logitech\Gaming Software\LWGStore.dll - ok
19:12:06.0664 1572 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
19:12:06.0664 1572 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
19:12:06.0664 1572 [ B1BBD0E2C7E1B98509C709CFB69BF35C ] C:\Windows\System32\dinput.dll
19:12:06.0664 1572 C:\Windows\System32\dinput.dll - ok
19:12:06.0680 1572 [ 4F3183BBEAB344E019F63572C35BD02B ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\sqlite.dll
19:12:06.0680 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\sqlite.dll - ok
19:12:06.0680 1572 [ 8CFD7AA12A725A2B1D6F44ED97408426 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\ccset.dll
19:12:06.0680 1572 C:\Program Files (x86)\Norton Security Suite\Engine64\20.4.0.40\ccset.dll - ok
19:12:06.0680 1572 [ 442235AC4F20B195F932990CAE47408E ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
19:12:06.0680 1572 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
19:12:06.0680 1572 [ 181AED352052EF1EB32A7E7661BC996B ] C:\Program Files\Common Files\Logitech\Gaming Software\lwcomctl.dll
19:12:06.0680 1572 C:\Program Files\Common Files\Logitech\Gaming Software\lwcomctl.dll - ok
19:12:06.0680 1572 [ 1EF0104E5B99D282FEC0F4945E08BD68 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\comm.dll
19:12:06.0680 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\comm.dll - ok
19:12:06.0695 1572 [ C4F4D6E622A24E0BE60374BA3126E9BD ] C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
19:12:06.0695 1572 C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe - ok
19:12:06.0695 1572 [ F6BB797E967A9B195D8BC26C6F118CA3 ] C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
19:12:06.0695 1572 C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe - ok
19:12:06.0695 1572 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
19:12:06.0695 1572 C:\Windows\System32\msxml3.dll - ok
19:12:06.0695 1572 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
19:12:06.0695 1572 C:\Windows\System32\SearchIndexer.exe - ok
19:12:06.0695 1572 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
19:12:06.0695 1572 C:\Windows\System32\tquery.dll - ok
19:12:06.0695 1572 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
19:12:06.0695 1572 C:\Windows\SysWOW64\samcli.dll - ok
19:12:06.0711 1572 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
19:12:06.0711 1572 C:\Windows\System32\wdmaud.drv - ok
19:12:06.0711 1572 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
19:12:06.0711 1572 C:\Windows\System32\ksuser.dll - ok
19:12:06.0711 1572 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
19:12:06.0711 1572 C:\Windows\System32\Syncreg.dll - ok
19:12:06.0711 1572 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
19:12:06.0711 1572 C:\Windows\System32\ActionCenter.dll - ok
19:12:06.0711 1572 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
19:12:06.0711 1572 C:\Windows\System32\mssrch.dll - ok
19:12:06.0711 1572 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
19:12:06.0711 1572 C:\Windows\System32\FXSST.dll - ok
19:12:06.0726 1572 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
19:12:06.0726 1572 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
19:12:06.0726 1572 [ 7C7B8A47FFC43180FD49304A87EA78F5 ] C:\Program Files\Logitech\SetPointP\KemXML.dll
19:12:06.0726 1572 C:\Program Files\Logitech\SetPointP\KemXML.dll - ok
19:12:06.0726 1572 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
19:12:06.0726 1572 C:\Windows\System32\FXSAPI.dll - ok
19:12:06.0726 1572 [ 451F41C7FEF78BC7CC6F442F9CDBAE62 ] C:\Program Files\Logitech\SetPointP\kemutb.dll
19:12:06.0726 1572 C:\Program Files\Logitech\SetPointP\kemutb.dll - ok
19:12:06.0726 1572 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
19:12:06.0726 1572 C:\Windows\System32\UIAnimation.dll - ok
19:12:06.0726 1572 [ 93B3D6E86E710CEDA136C973D0EDAA42 ] C:\Program Files\Logitech\SetPointP\KemWnd.dll
19:12:06.0726 1572 C:\Program Files\Logitech\SetPointP\KemWnd.dll - ok
19:12:06.0726 1572 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
19:12:06.0726 1572 C:\Windows\ehome\ehSSO.dll - ok
19:12:06.0742 1572 [ 5197BFB7F70F44B8C5E56EF7C4F30200 ] C:\Program Files\Logitech\SetPointP\SetPointCOM.dll
19:12:06.0742 1572 C:\Program Files\Logitech\SetPointP\SetPointCOM.dll - ok
19:12:06.0742 1572 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
19:12:06.0742 1572 C:\Windows\System32\FXSRESM.dll - ok
19:12:06.0742 1572 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
19:12:06.0742 1572 C:\Windows\SysWOW64\wshqos.dll - ok
19:12:06.0742 1572 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
19:12:06.0742 1572 C:\Windows\System32\AudioSes.dll - ok
19:12:06.0742 1572 [ AB1DA2D0D77C4EF70ACED4F2F8DD39E6 ] C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll
19:12:06.0742 1572 C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll - ok
19:12:06.0742 1572 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
19:12:06.0742 1572 C:\Windows\System32\msidle.dll - ok
19:12:06.0758 1572 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
19:12:06.0758 1572 C:\Windows\System32\WPDShServiceObj.dll - ok
19:12:06.0758 1572 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
19:12:06.0758 1572 C:\Windows\System32\mssprxy.dll - ok
19:12:06.0758 1572 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
19:12:06.0758 1572 C:\Windows\System32\PortableDeviceTypes.dll - ok
19:12:06.0758 1572 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
19:12:06.0758 1572 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
19:12:06.0758 1572 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
19:12:06.0758 1572 C:\Windows\SysWOW64\mssprxy.dll - ok
19:12:06.0758 1572 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
19:12:06.0758 1572 C:\Windows\System32\FXSSVC.exe - ok
19:12:06.0773 1572 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
19:12:06.0773 1572 C:\Windows\System32\PortableDeviceApi.dll - ok
19:12:06.0773 1572 [ 6ACD2793F63EBD2395793D6AF1C228E4 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\eventsvc.dll
19:12:06.0773 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\eventsvc.dll - ok
19:12:06.0773 1572 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
19:12:06.0773 1572 C:\Windows\System32\srchadmin.dll - ok
19:12:06.0773 1572 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
19:12:06.0773 1572 C:\Windows\System32\wdi.dll - ok
19:12:06.0773 1572 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
19:12:06.0773 1572 C:\Windows\System32\aelupsvc.dll - ok
19:12:06.0773 1572 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
19:12:06.0773 1572 C:\Windows\System32\diagperf.dll - ok
19:12:06.0789 1572 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
19:12:06.0789 1572 C:\Windows\System32\perftrack.dll - ok
19:12:06.0789 1572 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
19:12:06.0789 1572 C:\Windows\System32\en-US\tquery.dll.mui - ok
19:12:06.0789 1572 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
19:12:06.0789 1572 C:\Windows\System32\npmproxy.dll - ok
19:12:06.0789 1572 [ 30DE7A4E275E4531D2C7B1FDC65D18F0 ] C:\Program Files\Microsoft IntelliType Pro\Components\Commands\DPGHnt\DPGHnt.dll
19:12:06.0789 1572 C:\Program Files\Microsoft IntelliType Pro\Components\Commands\DPGHnt\DPGHnt.dll - ok
19:12:06.0789 1572 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
19:12:06.0789 1572 C:\Windows\System32\pnpts.dll - ok
19:12:06.0789 1572 [ 76D96A29DC13CCFDD8A49415725410E2 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe
19:12:06.0789 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe - ok
19:12:06.0804 1572 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
19:12:06.0804 1572 C:\Windows\System32\AltTab.dll - ok
19:12:06.0804 1572 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
19:12:06.0804 1572 C:\Windows\System32\pnidui.dll - ok
19:12:06.0804 1572 [ 57ACF47B4FA24A6B9464C9919412C411 ] C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
19:12:06.0804 1572 C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll - ok
19:12:06.0804 1572 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
19:12:06.0804 1572 C:\Windows\System32\radardt.dll - ok
19:12:06.0804 1572 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
19:12:06.0804 1572 C:\Windows\System32\wdiasqmmodule.dll - ok
19:12:06.0804 1572 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
19:12:06.0804 1572 C:\Windows\System32\QUTIL.DLL - ok
19:12:06.0820 1572 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
19:12:06.0820 1572 C:\Windows\System32\msacm32.drv - ok
19:12:06.0820 1572 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
19:12:06.0820 1572 C:\Windows\System32\hidserv.dll - ok
19:12:06.0820 1572 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
19:12:06.0820 1572 C:\Windows\System32\IPSECSVC.DLL - ok
19:12:06.0820 1572 [ 798387534977217525F11B758B3517AE ] C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll
19:12:06.0820 1572 C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll - ok
19:12:06.0820 1572 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
19:12:06.0820 1572 C:\Windows\System32\msacm32.dll - ok
19:12:06.0820 1572 [ EDEEAA5B121A89425A5DF7AB28E4E544 ] C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll
19:12:06.0820 1572 C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll - ok
19:12:06.0836 1572 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
19:12:06.0836 1572 C:\Windows\System32\bthprops.cpl - ok
19:12:06.0836 1572 [ C498EF41B93986BCBD483597573EB96D ] C:\Windows\System32\d3d10warp.dll
19:12:06.0836 1572 C:\Windows\System32\d3d10warp.dll - ok
19:12:06.0836 1572 [ A01BB0CF2315E5E2784706DFA7FF7815 ] C:\Program Files\Autodesk\AutoCAD 2014\acad.exe
19:12:06.0836 1572 C:\Program Files\Autodesk\AutoCAD 2014\acad.exe - ok
19:12:06.0836 1572 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
19:12:06.0836 1572 C:\Windows\System32\wpdbusenum.dll - ok
19:12:06.0836 1572 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
19:12:06.0836 1572 C:\Windows\System32\p2pcollab.dll - ok
19:12:06.0836 1572 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
19:12:06.0836 1572 C:\Windows\System32\Apphlpdm.dll - ok
19:12:06.0851 1572 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
19:12:06.0851 1572 C:\Windows\System32\FwRemoteSvr.dll - ok
19:12:06.0851 1572 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
19:12:06.0851 1572 C:\Windows\System32\midimap.dll - ok
19:12:06.0851 1572 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
19:12:06.0851 1572 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
19:12:06.0851 1572 [ 563C4641DAE5355C08DF4DDC4134E196 ] C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll
19:12:06.0851 1572 C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll - ok
19:12:06.0851 1572 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
19:12:06.0851 1572 C:\Windows\System32\QAGENTRT.DLL - ok
19:12:06.0851 1572 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
19:12:06.0851 1572 C:\Windows\System32\SyncCenter.dll - ok
19:12:06.0851 1572 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
19:12:06.0867 1572 C:\Windows\System32\AudioEng.dll - ok
19:12:06.0867 1572 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
19:12:06.0867 1572 C:\Windows\System32\drivers\WUDFRd.sys - ok
19:12:06.0867 1572 [ 754BDBD9A6B351E83A8648AB469E238A ] C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll
19:12:06.0867 1572 C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll - ok
19:12:06.0867 1572 [ 28076AACBED5709F3F5C97B6D73A62EA ] C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE
19:12:06.0867 1572 C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE - ok
19:12:06.0867 1572 [ B8F7FA586A70918FEC5C768250724635 ] C:\Program Files\Logitech\SetPointP\KemMon.dll
19:12:06.0867 1572 C:\Program Files\Logitech\SetPointP\KemMon.dll - ok
19:12:06.0867 1572 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
19:12:06.0867 1572 C:\Windows\System32\AUDIOKSE.dll - ok
19:12:06.0867 1572 [ F954C05026733043C6EC83CE3EF51C48 ] C:\Windows\System32\RtkAPO64.dll
19:12:06.0867 1572 C:\Windows\System32\RtkAPO64.dll - ok
19:12:06.0882 1572 [ D5A69B24039442FD76B410CD2D7FEB7B ] C:\Program Files\Common Files\LogiShrd\KHAL3\KHALAPI.dll
19:12:06.0882 1572 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALAPI.dll - ok
19:12:06.0882 1572 [ 10E89F598469C60D8C87A8218089A87D ] C:\Users\Alan\AppData\Local\Akamai\netsession_win.exe
19:12:06.0882 1572 C:\Users\Alan\AppData\Local\Akamai\netsession_win.exe - ok
19:12:06.0882 1572 [ 03CC97EC838FBBA69E6E5FD744012C31 ] C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
19:12:06.0882 1572 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe - ok
19:12:06.0882 1572 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
19:12:06.0882 1572 C:\Windows\System32\drivers\WUDFPf.sys - ok
19:12:06.0882 1572 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
19:12:06.0882 1572 C:\Windows\System32\fveui.dll - ok
19:12:06.0882 1572 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
19:12:06.0882 1572 C:\Windows\System32\WMALFXGFXDSP.dll - ok
19:12:06.0898 1572 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
19:12:06.0898 1572 C:\Windows\System32\rasdlg.dll - ok
19:12:06.0898 1572 [ EE2DBFBFE0B16E816A74AD505CF0379C ] C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.dll
19:12:06.0898 1572 C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.dll - ok
19:12:06.0898 1572 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
19:12:06.0898 1572 C:\Windows\System32\mfplat.dll - ok
19:12:06.0898 1572 [ 4EB19202D44B012387602DB5536FD093 ] C:\Program Files\Common Files\LogiShrd\KHAL3\KHALITCH.dll
19:12:06.0898 1572 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALITCH.dll - ok
19:12:06.0898 1572 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
19:12:06.0898 1572 C:\Windows\System32\WUDFSvc.dll - ok
19:12:06.0898 1572 [ 18F2D656D28363939DEE16ADE2F7F127 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\bhclient.dll
19:12:06.0898 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\bhclient.dll - ok
19:12:06.0914 1572 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
19:12:06.0914 1572 C:\Windows\System32\dot3api.dll - ok
19:12:06.0914 1572 [ D17277381B4522FA34FAE7851E705051 ] C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMW.dll
19:12:06.0914 1572 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMW.dll - ok
19:12:06.0914 1572 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
19:12:06.0914 1572 C:\Windows\System32\wlanhlp.dll - ok
19:12:06.0914 1572 [ 2F57CAA1295B8B8B9E56AEBCB850873A ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\proxyclt.dll
19:12:06.0914 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\proxyclt.dll - ok
19:12:06.0914 1572 [ AF09A713D190B2E9DDFCC2CE89357302 ] C:\Program Files\Common Files\LogiShrd\KHAL3\KHALHPP.dll
19:12:06.0914 1572 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALHPP.dll - ok
19:12:06.0914 1572 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
19:12:06.0914 1572 C:\Windows\System32\wlanapi.dll - ok
19:12:06.0929 1572 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
19:12:06.0929 1572 C:\Windows\System32\wlanutil.dll - ok
19:12:06.0929 1572 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
19:12:06.0929 1572 C:\Windows\System32\SensApi.dll - ok
19:12:06.0929 1572 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
19:12:06.0929 1572 C:\Windows\System32\onex.dll - ok
19:12:06.0929 1572 [ CA3A6F3C9C963DA7BE8964848D739E9C ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHEngine.dll
19:12:06.0929 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHEngine.dll - ok
19:12:06.0929 1572 [ 356656B5EEA8C990238E8FAE5C63395C ] C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMOU.dll
19:12:06.0929 1572 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMOU.dll - ok
19:12:06.0945 1572 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
19:12:06.0945 1572 C:\Windows\System32\WWanAPI.dll - ok
19:12:06.0945 1572 [ 1A4E49BBBBCD5CE19F8BF6B5D20AFC68 ] C:\Program Files\Common Files\LogiShrd\KHAL3\KHALHID.dll
19:12:06.0945 1572 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALHID.dll - ok
19:12:06.0945 1572 [ 6ABC6575EF4FEA6E7A44F5C61C66C9E1 ] C:\Program Files\Common Files\LogiShrd\KHAL3\KHALUSB.dll
19:12:06.0945 1572 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALUSB.dll - ok
19:12:06.0945 1572 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
19:12:06.0945 1572 C:\Windows\System32\wwapi.dll - ok
19:12:06.0945 1572 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
19:12:06.0945 1572 C:\Windows\System32\QAGENT.DLL - ok
19:12:06.0945 1572 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
19:12:06.0945 1572 C:\Windows\System32\WUDFHost.exe - ok
19:12:06.0960 1572 [ 760DF1D09A91781F25F178595E4FDC47 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe
19:12:06.0960 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe - ok
19:12:06.0960 1572 [ 50EFBC0F319C780E67D43AA7DDB12BF3 ] C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
19:12:06.0960 1572 C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe - ok
19:12:06.0960 1572 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
19:12:06.0960 1572 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
19:12:06.0960 1572 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
19:12:06.0960 1572 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
19:12:06.0960 1572 [ 3A91AAA7EDC8DE349699BB91A328DC3D ] C:\Program Files\Logitech\SetPointP\KGame.dll
19:12:06.0960 1572 C:\Program Files\Logitech\SetPointP\KGame.dll - ok
19:12:06.0960 1572 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
19:12:06.0960 1572 C:\Windows\System32\WUDFx.dll - ok
19:12:06.0976 1572 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
19:12:06.0976 1572 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
19:12:06.0976 1572 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
19:12:06.0976 1572 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
19:12:06.0976 1572 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
19:12:06.0976 1572 C:\Windows\System32\WMVCORE.DLL - ok
19:12:06.0976 1572 [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
19:12:06.0976 1572 C:\Windows\System32\regsvr32.exe - ok
19:12:06.0976 1572 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
19:12:06.0976 1572 C:\Windows\SysWOW64\pdh.dll - ok
19:12:06.0976 1572 [ C866F8C29508363A09FAC5C235855D56 ] C:\PROGRA~2\MICROS~2\Office14\WINWORD.EXE
19:12:06.0976 1572 C:\PROGRA~2\MICROS~2\Office14\WINWORD.EXE - ok
19:12:06.0976 1572 [ 554A50B5310E702029D3A675459108FF ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
19:12:06.0976 1572 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe - ok
19:12:06.0992 1572 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
19:12:06.0992 1572 C:\Windows\System32\dimsjob.dll - ok
19:12:06.0992 1572 [ B6A17555D2CB159A47E910670DE6F7AF ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
19:12:06.0992 1572 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
19:12:06.0992 1572 [ 852F12CA7C4FC7E3D77B606492435556 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
19:12:06.0992 1572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
19:12:06.0992 1572 [ B232CABFC4B499F82D85C9362D8BB981 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\cltlmj.dll
19:12:06.0992 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\cltlmj.dll - ok
19:12:06.0992 1572 [ A7810B302294793DE88542AAE177D1B1 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
19:12:06.0992 1572 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe - ok
19:12:07.0007 1572 [ B00743B9009BD4104C34DD0C09D49DD1 ] C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
19:12:07.0007 1572 C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe - ok
19:12:07.0007 1572 [ B7B42FE536E6346E8226F91B12EC1CBF ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\mclntask.dll
19:12:07.0007 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\mclntask.dll - ok
19:12:07.0007 1572 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
19:12:07.0007 1572 C:\Windows\System32\WMASF.DLL - ok
19:12:07.0007 1572 [ 638FF23CF69460AD30D2F155F39A9258 ] C:\Program Files (x86)\PictureMover\Bin\Core.dll
19:12:07.0007 1572 C:\Program Files (x86)\PictureMover\Bin\Core.dll - ok
19:12:07.0007 1572 [ F400694D7D2785F60133C20F7F2F4F7A ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
19:12:07.0007 1572 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac - ok
19:12:07.0007 1572 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
19:12:07.0007 1572 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
19:12:07.0023 1572 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:12:07.0023 1572 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
19:12:07.0023 1572 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
19:12:07.0023 1572 C:\Windows\System32\wsock32.dll - ok
19:12:07.0023 1572 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
19:12:07.0023 1572 C:\Windows\System32\drmv2clt.dll - ok
19:12:07.0023 1572 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
19:12:07.0023 1572 C:\Windows\System32\wmdrmdev.dll - ok
19:12:07.0023 1572 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
19:12:07.0023 1572 C:\Windows\System32\NapiNSP.dll - ok
19:12:07.0023 1572 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
19:12:07.0023 1572 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
19:12:07.0038 1572 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
19:12:07.0038 1572 C:\Windows\System32\pnrpnsp.dll - ok
19:12:07.0038 1572 [ 0CFB90C28768E26498834D780FBBD754 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AXE8SharedExpat.dll
19:12:07.0038 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AXE8SharedExpat.dll - ok
19:12:07.0038 1572 [ 759D71FC9442AB5A9B5749C0F6C0C263 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIB.dll
19:12:07.0038 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIB.dll - ok
19:12:07.0038 1572 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
19:12:07.0038 1572 C:\Windows\System32\wshbth.dll - ok
19:12:07.0038 1572 [ 6FC30299BCA75E7D694422428FBC77A8 ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagCore.dll
19:12:07.0038 1572 C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagCore.dll - ok
19:12:07.0038 1572 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
19:12:07.0038 1572 C:\Windows\System32\winrnr.dll - ok
19:12:07.0054 1572 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
19:12:07.0054 1572 C:\Windows\SysWOW64\regsvr32.exe - ok
19:12:07.0054 1572 [ 9CC69E21A1ACA941C7DAE1F13212F233 ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagPCMac.dll
19:12:07.0054 1572 C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagPCMac.dll - ok
19:12:07.0054 1572 [ 59A6413FB2CC89FD8651B1D2962FB8B9 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\msvcp60.dll
19:12:07.0054 1572 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\msvcp60.dll - ok
19:12:07.0054 1572 [ FC3D4A55C23B2350BEE07CF5177BBC06 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\sqlite.dll
19:12:07.0054 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\sqlite.dll - ok
19:12:07.0054 1572 [ DD502A2E7B85EA7A3814C1034E6C23D3 ] C:\Windows\AppPatch\AcGenral.dll
19:12:07.0054 1572 C:\Windows\AppPatch\AcGenral.dll - ok
19:12:07.0070 1572 [ 638FF23CF69460AD30D2F155F39A9258 ] C:\Users\Alan\AppData\Roaming\PictureMover\Bin\Core.dll
19:12:07.0070 1572 C:\Users\Alan\AppData\Roaming\PictureMover\Bin\Core.dll - ok
19:12:07.0070 1572 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
19:12:07.0070 1572 C:\Windows\SysWOW64\security.dll - ok
19:12:07.0070 1572 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
19:12:07.0070 1572 C:\Windows\SysWOW64\msv1_0.dll - ok
19:12:07.0070 1572 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
19:12:07.0070 1572 C:\Windows\SysWOW64\cryptdll.dll - ok
19:12:07.0070 1572 [ 75CEF0D7583535D2B6A7922AF93AA505 ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagUICommon.dll
19:12:07.0070 1572 C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagUICommon.dll - ok
19:12:07.0070 1572 [ B06B80A4C0324ACF89E73E9BEE2AD64D ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
19:12:07.0070 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe - ok
19:12:07.0085 1572 [ C939E909CC23598B10F78FA0A109F755 ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagUIEngine.dll
19:12:07.0085 1572 C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagUIEngine.dll - ok
19:12:07.0085 1572 [ 7024A561B23675098234E50A377D49A6 ] C:\Program Files\Adobe\Adobe Media Encoder CS5\Adobe Media Encoder.exe
19:12:07.0085 1572 C:\Program Files\Adobe\Adobe Media Encoder CS5\Adobe Media Encoder.exe - ok
19:12:07.0085 1572 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
19:12:07.0085 1572 C:\Windows\System32\wmp.dll - ok
19:12:07.0085 1572 [ 6E9A40A51F6588DB3F0FF3687512B4D2 ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagUICommonET.dll
19:12:07.0085 1572 C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagUICommonET.dll - ok
19:12:07.0085 1572 [ A0B5D04C293FE83E13498BC4E1A1293F ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagUIInter.dll
19:12:07.0085 1572 C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagUIInter.dll - ok
19:12:07.0085 1572 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
19:12:07.0085 1572 C:\Windows\SysWOW64\mscms.dll - ok
19:12:07.0101 1572 [ 0EB1510A539AF2DC59C890E57496EA92 ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagUIImage.dll
19:12:07.0101 1572 C:\Program Files (x86)\Common Files\ArcSoft\Bin\MagUIImage.dll - ok
19:12:07.0101 1572 [ FE798CC2F350E3567E75266F37B98BE2 ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\magPltfm.dll
19:12:07.0101 1572 C:\Program Files (x86)\Common Files\ArcSoft\Bin\magPltfm.dll - ok
19:12:07.0101 1572 [ 8A58B094F5073CCB89DE39DCCBBE6008 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\naHelper.dll
19:12:07.0101 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\naHelper.dll - ok
19:12:07.0101 1572 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
19:12:07.0101 1572 C:\Windows\SysWOW64\msvfw32.dll - ok
19:12:07.0101 1572 [ 6BEB3FEC56D3434671215BE50A10573E ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
19:12:07.0101 1572 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
19:12:07.0101 1572 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
19:12:07.0101 1572 C:\Windows\SysWOW64\icm32.dll - ok
19:12:07.0116 1572 [ 57AF9F47253E53E94D22C790FA5D6024 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
19:12:07.0116 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe - ok
19:12:07.0116 1572 [ 65DAC8E18FA734305100566484433F3A ] C:\Program Files\Adobe\Adobe Premiere Pro CS5\Adobe Premiere Pro.exe
19:12:07.0116 1572 C:\Program Files\Adobe\Adobe Premiere Pro CS5\Adobe Premiere Pro.exe - ok
19:12:07.0116 1572 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
19:12:07.0116 1572 C:\Windows\SysWOW64\msacm32.dll - ok
19:12:07.0116 1572 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
19:12:07.0116 1572 C:\Windows\SysWOW64\comdlg32.dll - ok
19:12:07.0116 1572 [ D5B783DACE1BBDD382A63C894BAB8E1E ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
19:12:07.0116 1572 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe - ok
19:12:07.0116 1572 [ A916790060389ABE8CB043A7248DAEBF ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
19:12:07.0116 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe - ok
19:12:07.0132 1572 [ A9B36CAB809EF486D456FA1A3B204152 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
19:12:07.0132 1572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll - ok
19:12:07.0132 1572 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:12:07.0132 1572 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
19:12:07.0132 1572 [ C5D664FCEFE3B7E1541B38529A9E994A ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ipsplug.dll
19:12:07.0132 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ipsplug.dll - ok
19:12:07.0132 1572 [ 42251362E097134CCA9FC60A1B932EF8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
19:12:07.0132 1572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll - ok
19:12:07.0132 1572 [ 949CEC9F16AE5A342953391037F2DB37 ] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
19:12:07.0132 1572 C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe - ok
19:12:07.0148 1572 [ 2522162D10B7CA5DB2498CBA2DEFCFB5 ] C:\Users\Alan\AppData\Local\PANTONE\pzrnmgqx.dll
19:12:07.0148 1572 C:\Users\Alan\AppData\Local\PANTONE\pzrnmgqx.dll - ok
19:12:07.0148 1572 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
19:12:07.0148 1572 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
19:12:07.0148 1572 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
19:12:07.0148 1572 C:\Windows\System32\wmploc.DLL - ok
19:12:07.0148 1572 [ B433E7FA46C737ACF176EA93B2A2CE39 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\isdatasv.dll
19:12:07.0148 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\isdatasv.dll - ok
19:12:07.0148 1572 [ 61E4289E91E88C90478D7F4BEB10DCF7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:12:07.0148 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
19:12:07.0148 1572 [ CE5C9977DA751DDC30952AC4DCBCA788 ] C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
19:12:07.0148 1572 C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe - ok
19:12:07.0163 1572 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
19:12:07.0163 1572 C:\Windows\System32\upnp.dll - ok
19:12:07.0163 1572 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll
19:12:07.0163 1572 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll - ok
19:12:07.0163 1572 [ 3073BFF2DE45BC5B5E6EDA3DEB81C3DB ] C:\PROGRA~2\MICROS~2\Office14\OUTLOOK.EXE
19:12:07.0163 1572 C:\PROGRA~2\MICROS~2\Office14\OUTLOOK.EXE - ok
19:12:07.0163 1572 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libeay32.dll
19:12:07.0163 1572 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libeay32.dll - ok
19:12:07.0163 1572 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\ssleay32.dll
19:12:07.0163 1572 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\ssleay32.dll - ok
19:12:07.0163 1572 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll
19:12:07.0163 1572 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll - ok
19:12:07.0179 1572 [ E72831417985680AAF432610DE880E53 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\AcStBmhE.exe
19:12:07.0179 1572 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\AcStBmhE.exe - ok
19:12:07.0179 1572 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
19:12:07.0179 1572 C:\Windows\System32\ssdpsrv.dll - ok
19:12:07.0179 1572 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
19:12:07.0179 1572 C:\Windows\SysWOW64\oleacc.dll - ok
19:12:07.0179 1572 [ B44C5909CDA640DF61B07856470A2D28 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Esl\Aiod.dll
19:12:07.0179 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Esl\Aiod.dll - ok
19:12:07.0179 1572 [ C551B8C8B1E543F691F80EBE1D045783 ] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
19:12:07.0179 1572 C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe - ok
19:12:07.0194 1572 [ 13820B972D74B3DE4F6552A57AC799A7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
19:12:07.0194 1572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
19:12:07.0194 1572 [ 30E7CA4620500FE012EB464F0E1DE91E ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
19:12:07.0194 1572 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
19:12:07.0194 1572 [ DC15650D521B80B1814D721B851E389A ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\fwcore.dll
19:12:07.0194 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\fwcore.dll - ok
19:12:07.0194 1572 [ 2E2C533592AC3C543DEFFE29770BCA8C ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe
19:12:07.0194 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe - ok
19:12:07.0194 1572 [ 916A020A8C88A48B7F67AEE1D8F9CECD ] C:\Program Files\Internet Explorer\ieproxy.dll
19:12:07.0194 1572 C:\Program Files\Internet Explorer\ieproxy.dll - ok
19:12:07.0194 1572 [ 85E8E3560D31D56B27F724718C13F160 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\fwgenplg.dll
19:12:07.0194 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\fwgenplg.dll - ok
19:12:07.0210 1572 [ C0E2E7898707E94BAA38DADF676DBAC8 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcBmhE.dll
19:12:07.0210 1572 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcBmhE.dll - ok
19:12:07.0210 1572 [ B9CAD2ABD2E5450799FD5257761D78D0 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\fwsetup.dll
19:12:07.0210 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\fwsetup.dll - ok
19:12:07.0210 1572 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
19:12:07.0210 1572 C:\Windows\SysWOW64\shfolder.dll - ok
19:12:07.0210 1572 [ 14D289F63D9538306CB560C4CD12172F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSxpx86.dll
19:12:07.0210 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSxpx86.dll - ok
19:12:07.0210 1572 [ ECC9B782385F30965970ACA1BEA26B27 ] C:\Program Files\CCleaner\CCleaner64.exe
19:12:07.0210 1572 C:\Program Files\CCleaner\CCleaner64.exe - ok
19:12:07.0226 1572 [ FA79F8F87C84BC931D5B19C338228109 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\fwhelper.dll
19:12:07.0226 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\fwhelper.dll - ok
19:12:07.0226 1572 [ C9B8E081B4D02108930CB3D9D537B9C4 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccvw.dll
19:12:07.0226 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccvw.dll - ok
19:12:07.0226 1572 [ 996C6E958FD4981C2C44F3C754A23F44 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\idsaux.dll
19:12:07.0226 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\idsaux.dll - ok
19:12:07.0226 1572 [ 7C73B5C50CAEDB1771A049142026906B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
19:12:07.0226 1572 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
19:12:07.0226 1572 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
19:12:07.0226 1572 C:\Windows\SysWOW64\perfos.dll - ok
19:12:07.0226 1572 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
19:12:07.0226 1572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
19:12:07.0241 1572 [ 5D50BB423CCC09BCABFE9BD5551BFA08 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IPSFFPl.dll
19:12:07.0241 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IPSFFPl.dll - ok
19:12:07.0241 1572 [ DCF47823C0939643CFB805AA47BC17A0 ] C:\Windows\SysWOW64\atiadlxy.dll
19:12:07.0241 1572 C:\Windows\SysWOW64\atiadlxy.dll - ok
19:12:07.0241 1572 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
19:12:07.0241 1572 C:\Windows\SysWOW64\FirewallAPI.dll - ok
19:12:07.0241 1572 [ D432E38C5244824E68CD74D23531D41D ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccfi.dll
19:12:07.0241 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccfi.dll - ok
19:12:07.0241 1572 [ 5836C34A6600B13C80F9A6B8D037DDD1 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\wvcore.dll
19:12:07.0241 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\wvcore.dll - ok
19:12:07.0241 1572 [ 823DE3A097C735FAA1608A7AD9E27A43 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccfut.dll
19:12:07.0241 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccfut.dll - ok
19:12:07.0257 1572 [ E169BFF3DC78C07443779CDB2DFCB248 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\SCCUT.DLL
19:12:07.0257 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\SCCUT.DLL - ok
19:12:07.0257 1572 [ 8D58C34EA1304DAB6D8B16925265B5AA ] C:\Program Files\Common Files\LogiShrd\SP6\LU\LULnchr.exe
19:12:07.0257 1572 C:\Program Files\Common Files\LogiShrd\SP6\LU\LULnchr.exe - ok
19:12:07.0257 1572 [ 5D50BB423CCC09BCABFE9BD5551BFA08 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\components\ipsffpl.dll
19:12:07.0257 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\components\ipsffpl.dll - ok
19:12:07.0257 1572 [ EE0553C07A85536090B5E2651F98AA1D ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccca.dll
19:12:07.0257 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccca.dll - ok
19:12:07.0257 1572 [ A48093ABF41F121651F390C58050FCF4 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccda.dll
19:12:07.0257 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccda.dll - ok
19:12:07.0272 1572 [ C3995D7510C68B6D6C3B69C7B591BCFD ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccfa.dll
19:12:07.0272 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccfa.dll - ok
19:12:07.0272 1572 [ 6B6C47244AA9AA4F6AC10146432D3321 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccch.dll
19:12:07.0272 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccch.dll - ok
19:12:07.0272 1572 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
19:12:07.0272 1572 C:\Windows\System32\wmpps.dll - ok
19:12:07.0272 1572 [ 110F647566806095CAE06344F3A007F3 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodistdll.dll
19:12:07.0272 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodistdll.dll - ok
19:12:07.0272 1572 [ AD919F97051338CC6B57F49CCBB852C8 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\codatapr.dll
19:12:07.0272 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\codatapr.dll - ok
19:12:07.0272 1572 [ 3F97C93871C360C4493D80ADE627E09A ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccind.dll
19:12:07.0272 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccind.dll - ok
19:12:07.0288 1572 [ 8DEA23054C3C2E32BA1D652004EC7DC6 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccfmt.dll
19:12:07.0288 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccfmt.dll - ok
19:12:07.0288 1572 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
19:12:07.0288 1572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
19:12:07.0288 1572 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
19:12:07.0288 1572 C:\Windows\System32\wmpmde.dll - ok
19:12:07.0288 1572 [ B4C07F51DA6B614FDA4443062D16F526 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccdu.dll
19:12:07.0288 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccdu.dll - ok
19:12:07.0288 1572 [ 9ACCBC5891BA51B5B29C1A88F80D4CE3 ] C:\Program Files (x86)\QuickTime\QTTask.exe
19:12:07.0288 1572 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
19:12:07.0288 1572 [ 1A9C1FC1415474029F02074D19CEE6BF ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccanno.dll
19:12:07.0288 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccanno.dll - ok
19:12:07.0304 1572 [ 1E09DFA4048196C9D3CC40C485A39422 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
19:12:07.0304 1572 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
19:12:07.0304 1572 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
19:12:07.0304 1572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
19:12:07.0304 1572 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
19:12:07.0304 1572 C:\Windows\System32\WinSATAPI.dll - ok
19:12:07.0304 1572 [ 8451FBE6EAF3BC8BE6A7A9571DDB0D55 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\npctray.dll
19:12:07.0304 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\npctray.dll - ok
19:12:07.0304 1572 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
19:12:07.0304 1572 C:\Windows\System32\MSMPEG2ENC.DLL - ok
19:12:07.0304 1572 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
19:12:07.0304 1572 C:\Windows\System32\mscoree.dll - ok
19:12:07.0319 1572 [ A9F9D081518AC03A51C1195986076F42 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
19:12:07.0319 1572 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
19:12:07.0319 1572 [ 127AA81343A7C6F665C22CB1293B0A90 ] C:\Windows\splwow64.exe
19:12:07.0319 1572 C:\Windows\splwow64.exe - ok
19:12:07.0319 1572 [ CB253965675FEC86560ACAE140A7105B ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coshdobj.dll
19:12:07.0319 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coshdobj.dll - ok
19:12:07.0319 1572 [ C653D7F4BDC08A06A187BF48050FE23C ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
19:12:07.0319 1572 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
19:12:07.0319 1572 [ 3CD4C7D67EF3AA12D42504FA84DD15FE ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\uimain.dll
19:12:07.0319 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\uimain.dll - ok
19:12:07.0335 1572 [ FBC46A1B7E008A7E979F06DA92735DA1 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ispwd.dll
19:12:07.0335 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ispwd.dll - ok
19:12:07.0335 1572 [ E18FB695084BF2D748E977813119CE6F ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
19:12:07.0335 1572 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
19:12:07.0335 1572 [ E45989C127C0476A937D6BEAA6E28211 ] C:\Program Files\Common Files\LogiShrd\SP6\LU\LogitechUpdate.exe
19:12:07.0335 1572 C:\Program Files\Common Files\LogiShrd\SP6\LU\LogitechUpdate.exe - ok
19:12:07.0335 1572 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
19:12:07.0335 1572 C:\Windows\System32\devenum.dll - ok
19:12:07.0335 1572 [ C83470111578D3039DB619529AF40720 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
19:12:07.0335 1572 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
19:12:07.0335 1572 [ 9FFC8306BFB98A9F32B5F5C8EDD3F4E5 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\distrptr.dll
19:12:07.0335 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\distrptr.dll - ok
19:12:07.0350 1572 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
19:12:07.0350 1572 C:\Windows\System32\msdmo.dll - ok
19:12:07.0350 1572 [ 5E21285DA720664CEC9B57664D4D2407 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
19:12:07.0350 1572 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
19:12:07.0350 1572 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\unidrv.dll
19:12:07.0350 1572 C:\Windows\System32\spool\drivers\x64\3\unidrv.dll - ok
19:12:07.0350 1572 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
19:12:07.0350 1572 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
19:12:07.0350 1572 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
19:12:07.0350 1572 C:\Windows\System32\upnphost.dll - ok
19:12:07.0350 1572 [ 3E3163AE66522946836314472BC8D895 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\budatacl.dll
19:12:07.0350 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\budatacl.dll - ok
19:12:07.0366 1572 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
19:12:07.0366 1572 C:\Windows\SysWOW64\msimg32.dll - ok
19:12:07.0366 1572 [ 6E8B0BE2B8D8563B2CE1C51EEE09FF04 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\buprov.dll
19:12:07.0366 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\buprov.dll - ok
19:12:07.0366 1572 [ E83D2495D5867E224FBF42EF40D8856C ] C:\Program Files\DVD Maker\DVDMaker.exe
19:12:07.0366 1572 C:\Program Files\DVD Maker\DVDMaker.exe - ok
19:12:07.0366 1572 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
19:12:07.0366 1572 C:\Windows\SysWOW64\d3d9.dll - ok
19:12:07.0366 1572 [ 204619D1E01030D30D1A8AE40F4A44E8 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
19:12:07.0366 1572 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
19:12:07.0366 1572 [ 4FC36B1BA8C8642EDD310A93D36008B1 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\gwrks32.dll
19:12:07.0366 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\gwrks32.dll - ok
19:12:07.0382 1572 [ 8D02F91F6DF5E93A566634506F765785 ] C:\Windows\System32\spool\drivers\x64\3\CNBUI3.DLL
19:12:07.0382 1572 C:\Windows\System32\spool\drivers\x64\3\CNBUI3.DLL - ok
19:12:07.0382 1572 [ 00120204D347C4FECE76F18E2A2EE295 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\gearaw32.dll
19:12:07.0382 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\gearaw32.dll - ok
19:12:07.0382 1572 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
19:12:07.0382 1572 C:\Windows\SysWOW64\d3d8thk.dll - ok
19:12:07.0382 1572 [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
19:12:07.0382 1572 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
19:12:07.0382 1572 [ 97EA663282E10C6306769FEAD4E76867 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ahclient.dll
19:12:07.0382 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ahclient.dll - ok
19:12:07.0397 1572 [ 06CABCD25920159660B4F73B8BE85D5A ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeXMP.dll
19:12:07.0397 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeXMP.dll - ok
19:12:07.0397 1572 [ 819EB5ABEAE5B1728EDFF0AC8B696769 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ACE.dll
19:12:07.0397 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ACE.dll - ok
19:12:07.0397 1572 [ C2537EC0FB9E94AE23888670718A738C ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\symhtmdx.dll
19:12:07.0397 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\symhtmdx.dll - ok
19:12:07.0397 1572 [ A6EEAA483C89714C811323DF4A2E8E26 ] C:\Windows\System32\spool\drivers\x64\3\CNBI560.DLL
19:12:07.0397 1572 C:\Windows\System32\spool\drivers\x64\3\CNBI560.DLL - ok
19:12:07.0397 1572 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
19:12:07.0397 1572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
19:12:07.0397 1572 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
19:12:07.0397 1572 C:\Windows\System32\PrintIsolationHost.exe - ok
19:12:07.0413 1572 [ 8CCCC9A53B6C8B781FBAFB17B6207125 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobePDFL.dll
19:12:07.0413 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobePDFL.dll - ok
19:12:07.0413 1572 [ 344E1FD5060D642B86F197259544CA7B ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\oswin32.dll
19:12:07.0413 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\oswin32.dll - ok
19:12:07.0413 1572 [ DD4D392FFBCA7AC55A2A6B3358AD330E ] C:\Program Files (x86)\Java\jre6\bin\net.dll
19:12:07.0413 1572 C:\Program Files (x86)\Java\jre6\bin\net.dll - ok
19:12:07.0413 1572 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
19:12:07.0413 1572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
19:12:07.0413 1572 [ 0FF335D687C85097725A53458160E81E ] C:\Program Files\iPod\bin\iPodService.exe
19:12:07.0413 1572 C:\Program Files\iPod\bin\iPodService.exe - ok
19:12:07.0413 1572 [ 241CBD0F099F3D68892D19879E53722D ] C:\Windows\System32\wbem\WmiPrvSE.exe
19:12:07.0413 1572 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
19:12:07.0428 1572 [ ADFF528CA09752078F26B620A6F42760 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
19:12:07.0428 1572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
19:12:07.0428 1572 [ 206C68F6ADD89A774741CBDEE715233E ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\scclo.dll
19:12:07.0428 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\scclo.dll - ok
19:12:07.0428 1572 [ D4974295EDE9516D9ABBE40BDA76DAFB ] C:\Windows\System32\spool\drivers\x64\3\CNBDR3_5.DLL
19:12:07.0428 1572 C:\Windows\System32\spool\drivers\x64\3\CNBDR3_5.DLL - ok
19:12:07.0428 1572 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
19:12:07.0428 1572 C:\Windows\System32\wbem\wmiprov.dll - ok
19:12:07.0428 1572 [ 776E039440EEC014DD1A8C8E0610D9AA ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccscanw.dll
19:12:07.0428 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccscanw.dll - ok
19:12:07.0428 1572 [ C1AC499B0A45D5E941E6894D49606A5E ] C:\Windows\System32\spool\drivers\x64\3\CNBUR.DLL
19:12:07.0428 1572 C:\Windows\System32\spool\drivers\x64\3\CNBUR.DLL - ok
19:12:07.0444 1572 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
19:12:07.0444 1572 C:\Windows\System32\wbemcomn.dll - ok
19:12:07.0444 1572 [ 1C0E369575F387460E2A5F28269B2CC4 ] C:\Windows\SysWOW64\DWrite.dll
19:12:07.0444 1572 C:\Windows\SysWOW64\DWrite.dll - ok
19:12:07.0444 1572 [ F1C48535CD981B0E024D139C21529E7F ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
19:12:07.0444 1572 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
19:12:07.0444 1572 [ 75EAA6150FD1D7B0C042A1A48AEF1752 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
19:12:07.0444 1572 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
19:12:07.0444 1572 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
19:12:07.0444 1572 C:\Windows\SysWOW64\sxs.dll - ok
19:12:07.0460 1572 [ ACA30B753EF16345AE2100E40603BF14 ] C:\Windows\System32\msvcr110_clr0400.dll
19:12:07.0460 1572 C:\Windows\System32\msvcr110_clr0400.dll - ok
19:12:07.0460 1572 [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\SysWOW64\d3d10_1.dll
19:12:07.0460 1572 C:\Windows\SysWOW64\d3d10_1.dll - ok
19:12:07.0460 1572 [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\SysWOW64\d3d10_1core.dll
19:12:07.0460 1572 C:\Windows\SysWOW64\d3d10_1core.dll - ok
19:12:07.0460 1572 [ F890C197ADF21D08DBA4643C9AA54B9F ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ecmldr32.dll
19:12:07.0460 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ecmldr32.dll - ok
19:12:07.0460 1572 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
19:12:07.0460 1572 C:\Windows\SysWOW64\dxgi.dll - ok
19:12:07.0460 1572 [ 755D0F9F93E5893EBDA81FF12F0AEE10 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\ECMSVR32.DLL
19:12:07.0460 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\ECMSVR32.DLL - ok
19:12:07.0475 1572 [ 6DE66FE7C526637E74CD066461C7C871 ] C:\Windows\SysWOW64\d3d11.dll
19:12:07.0475 1572 C:\Windows\SysWOW64\d3d11.dll - ok
19:12:07.0475 1572 [ F16C0CD6CDF7CD5704492C7717889BA3 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\NAVEX32A.DLL
19:12:07.0475 1572 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130721.004\NAVEX32A.DLL - ok
19:12:07.0475 1572 [ 35949420A79D3042C4C68D713F49582F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\c57eba08ab60f48e7d57228849d92a34\System.Web.ni.dll
19:12:07.0475 1572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\c57eba08ab60f48e7d57228849d92a34\System.Web.ni.dll - ok
19:12:07.0475 1572 [ 8DF354F0F7193C097620B04DE2D03093 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\JP2KLib.dll
19:12:07.0475 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\JP2KLib.dll - ok
19:12:07.0475 1572 [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll
19:12:07.0475 1572 C:\Windows\System32\webcheck.dll - ok
19:12:07.0475 1572 [ 73518E4BF2D50171F8614E2458942A53 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\d42c334cb5f55ece9de045701a3cf37f\mscorlib.ni.dll
19:12:07.0475 1572 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\d42c334cb5f55ece9de045701a3cf37f\mscorlib.ni.dll - ok
19:12:07.0491 1572 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
19:12:07.0491 1572 C:\Windows\System32\mlang.dll - ok
19:12:07.0491 1572 [ B05953F956EB87A02E62096EAAFA9C5F ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIBUtils.dll
19:12:07.0491 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIBUtils.dll - ok
19:12:07.0491 1572 [ 30F03C23C5EBD9589C74D3775892C572 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AGM.dll
19:12:07.0491 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AGM.dll - ok
19:12:07.0491 1572 [ 1E0526AE21A961DCA5D07CBF143F9BBC ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ashelper.dll
19:12:07.0491 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ashelper.dll - ok
19:12:07.0491 1572 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
19:12:07.0491 1572 C:\Windows\System32\imapi2.dll - ok
19:12:07.0491 1572 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
19:12:07.0491 1572 C:\Windows\System32\udhisapi.dll - ok
19:12:07.0506 1572 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
19:12:07.0506 1572 C:\Windows\System32\hgcpl.dll - ok
19:12:07.0506 1572 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
19:12:07.0506 1572 C:\Windows\System32\fdPHost.dll - ok
19:12:07.0506 1572 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
19:12:07.0506 1572 C:\Windows\System32\fdWSD.dll - ok
19:12:07.0506 1572 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
19:12:07.0506 1572 C:\Windows\System32\fdSSDP.dll - ok
19:12:07.0506 1572 [ 344EAA539954FEA3E74CB4A124E4A3B7 ] C:\Program Files\Common Files\Autodesk Shared\AdLM\R7\LMU.exe
19:12:07.0506 1572 C:\Program Files\Common Files\Autodesk Shared\AdLM\R7\LMU.exe - ok
19:12:07.0506 1572 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
19:12:07.0506 1572 C:\Windows\System32\fdProxy.dll - ok
19:12:07.0522 1572 [ 87893F6D4899A7D0D289F37192D96BF3 ] C:\Program Files\Logitech\SetPointP\LogiHelp.exe
19:12:07.0522 1572 C:\Program Files\Logitech\SetPointP\LogiHelp.exe - ok
19:12:07.0522 1572 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
19:12:07.0522 1572 C:\Windows\System32\SearchProtocolHost.exe - ok
19:12:07.0522 1572 [ 00000000000000000000000000000000 ] C:\MameUI64\Mameui64.exe
19:12:07.0522 1572 C:\MameUI64\Mameui64.exe - ok
19:12:07.0522 1572 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
19:12:07.0522 1572 C:\Windows\System32\msshooks.dll - ok
19:12:07.0522 1572 [ B3EE7BD189C5925D4C0D2BBFCA00FDD1 ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
19:12:07.0522 1572 C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok
19:12:07.0522 1572 [ CB7328C2A009C922C4D7A8367A6728C0 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\CoolType.dll
19:12:07.0522 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\CoolType.dll - ok
19:12:07.0522 1572 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
19:12:07.0522 1572 C:\Windows\System32\SearchFilterHost.exe - ok
19:12:07.0538 1572 [ 9CF0FCF3F396B2A7E9F439A9BAFF4ADA ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\asoehook.dll
19:12:07.0538 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\asoehook.dll - ok
19:12:07.0538 1572 [ 79BFC537A2D5005EDE7CBDE543B2C114 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ARE.dll
19:12:07.0538 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ARE.dll - ok
19:12:07.0538 1572 [ 97D8AFF9E90DC489A86CBDDDEEEF13A9 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Adist.dll
19:12:07.0538 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Adist.dll - ok
19:12:07.0538 1572 [ 8D240C91044980651DDAB6202F8BBED8 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\avpapp32.dll
19:12:07.0538 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\avpapp32.dll - ok
19:12:07.0538 1572 [ 9D26E14C0F3E5B081DAE517B99D36F70 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
19:12:07.0538 1572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll - ok
19:12:07.0553 1572 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
19:12:07.0553 1572 C:\Windows\System32\mssph.dll - ok
19:12:07.0553 1572 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
19:12:07.0553 1572 C:\Windows\SysWOW64\linkinfo.dll - ok
19:12:07.0553 1572 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
19:12:07.0553 1572 C:\Windows\System32\mapi32.dll - ok
19:12:07.0553 1572 [ E699D325EFC2C4A760AA8D0EF95EFDD3 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\adistres.dll
19:12:07.0553 1572 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\adistres.dll - ok
19:12:07.0553 1572 [ AF09B11C3AB96D599473FA3583B2EAF3 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\buuiplg.dll
19:12:07.0553 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\buuiplg.dll - ok
19:12:07.0569 1572 [ 590ECB7550211624A81EC1BF82F1087B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
19:12:07.0569 1572 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
19:12:07.0569 1572 [ C38D23F4022ACA56D8A1804209046DBF ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\cltaldis.dll
19:12:07.0569 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\cltaldis.dll - ok
19:12:07.0569 1572 [ 9879731CDFCE67A1214DD636DEBF62A3 ] C:\Program Files\PC-Doctor for Windows\pcdrcui.exe
19:12:07.0569 1572 C:\Program Files\PC-Doctor for Windows\pcdrcui.exe - ok
19:12:07.0569 1572 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
19:12:07.0569 1572 C:\Windows\System32\NaturalLanguage6.dll - ok
19:12:07.0569 1572 [ 127E978E23CA429768F2A3E5BC7C7CC7 ] C:\Program Files (x86)\Norton Security Suite\MUI\20.4.0.40\09\01\cltres.loc
19:12:07.0569 1572 C:\Program Files (x86)\Norton Security Suite\MUI\20.4.0.40\09\01\cltres.loc - ok
19:12:07.0584 1572 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
19:12:07.0584 1572 C:\Windows\System32\NlsData0009.dll - ok
19:12:07.0584 1572 [ 46B43BEEFAC91DF9CD1038E7F2B68772 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\fafa4afd4e622b0db0e08a5b3a622744\System.ni.dll
19:12:07.0584 1572 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\fafa4afd4e622b0db0e08a5b3a622744\System.ni.dll - ok
19:12:07.0584 1572 [ 8B9677E019D4E457832F847505CF01E2 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\fwsesal.dll
19:12:07.0584 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\fwsesal.dll - ok
19:12:07.0584 1572 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
19:12:07.0584 1572 C:\Windows\SysWOW64\samlib.dll - ok
19:12:07.0584 1572 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
19:12:07.0584 1572 C:\Windows\System32\NlsLexicons0009.dll - ok
19:12:07.0584 1572 [ AD535C92771143A9CDBF0EFD10ECD0E6 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coactmgr.dll
19:12:07.0584 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coactmgr.dll - ok
19:12:07.0600 1572 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
19:12:07.0600 1572 C:\Windows\SysWOW64\msxml6.dll - ok
19:12:07.0600 1572 [ 45D5610E63EA3EAFCE94B12EC3F3EF7E ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\wincfi39.dll
19:12:07.0600 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\wincfi39.dll - ok
19:12:07.0600 1572 [ 07DF3E2271E8BD49A06DD327BC0CB25A ] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
19:12:07.0600 1572 C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe - ok
19:12:07.0600 1572 [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
19:12:07.0600 1572 C:\Windows\SysWOW64\d2d1.dll - ok
19:12:07.0600 1572 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
19:12:07.0600 1572 C:\Windows\System32\ELSCore.dll - ok
19:12:07.0616 1572 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
19:12:07.0616 1572 C:\Windows\System32\elsTrans.dll - ok
19:12:07.0616 1572 [ DEDDD5BD5CF0F6FBA012028393216263 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\nuex.dll
19:12:07.0616 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\nuex.dll - ok
19:12:07.0616 1572 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
19:12:07.0616 1572 C:\Windows\System32\elslad.dll - ok
19:12:07.0616 1572 [ A42FBC61385A5F5F444209EE94D89F27 ] C:\Windows\System32\NlsData0021.dll
19:12:07.0616 1572 C:\Windows\System32\NlsData0021.dll - ok
19:12:07.0616 1572 [ 3A2E8F15748CAF70BB8264843D0BD713 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\53cb23d3c4222c8eac4b4036b2e02a44\System.Drawing.ni.dll
19:12:07.0616 1572 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\53cb23d3c4222c8eac4b4036b2e02a44\System.Drawing.ni.dll - ok
19:12:07.0616 1572 [ E5283AFD7590ECC37F8D62C4D6F1FB48 ] C:\Windows\System32\NlsLexicons0021.dll
19:12:07.0616 1572 C:\Windows\System32\NlsLexicons0021.dll - ok
19:12:07.0631 1572 [ 1087649B78D941BFF585E079D8B4D39A ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\sdkcmn.dll
19:12:07.0631 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\sdkcmn.dll - ok
19:12:07.0631 1572 [ 62F3473BDB2AF41523E2748AF91E9D67 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\uialert.dll
19:12:07.0631 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\uialert.dll - ok
19:12:07.0631 1572 [ 8667556E9A094E935212693AD05098E3 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:12:07.0631 1572 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
19:12:07.0631 1572 [ 8CA7360F37D2439702A2114957DCC73B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\6b2293a3936ead8ca9318a1f5c1e66d8\System.Windows.Forms.ni.dll
19:12:07.0631 1572 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\6b2293a3936ead8ca9318a1f5c1e66d8\System.Windows.Forms.ni.dll - ok
19:12:07.0631 1572 [ 3BE7AFF5C824D9500D3D9D7FDE8A2957 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\userctxt.dll
19:12:07.0631 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\userctxt.dll - ok
19:12:07.0647 1572 [ FB52B18F1379C36702AB0AC1E4B84823 ] C:\Program Files\Autodesk\Revit 2014\Revit.exe
19:12:07.0647 1572 C:\Program Files\Autodesk\Revit 2014\Revit.exe - ok
19:12:07.0647 1572 [ 1E11EE6EBA9876A9FFAFBB4499209EE8 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
19:12:07.0647 1572 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
19:12:07.0647 1572 [ 5BACFD51D926774C8DD8028BEC9B4374 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
19:12:07.0647 1572 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
19:12:07.0647 1572 [ D3CF161EC9F907F50F7823AE6A9CF21F ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\qbackup.dll
19:12:07.0647 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\qbackup.dll - ok
19:12:07.0647 1572 [ FE1897800D8FCA8579CCABC83A0CA181 ] C:\Program Files\WinRAR\WinRAR.exe
19:12:07.0647 1572 C:\Program Files\WinRAR\WinRAR.exe - ok
19:12:07.0647 1572 [ 715BFF236158F61C042928A53C0D5AA8 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
19:12:07.0647 1572 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
19:12:07.0662 1572 [ 57B789DB03B5F67EBD9394545DD5AEFB ] C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll
19:12:07.0662 1572 C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll - ok
19:12:07.0662 1572 [ 82AD91DD54CAA0258E28B8FB6FE8940A ] C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll
19:12:07.0662 1572 C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll - ok
19:12:07.0662 1572 [ 10A7B68B1DDE409B8A09EC67C201A490 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\cf5aebdf4ce7a45f7793889b9bf29929\System.Runtime.Remoting.ni.dll
19:12:07.0662 1572 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\cf5aebdf4ce7a45f7793889b9bf29929\System.Runtime.Remoting.ni.dll - ok
19:12:07.0662 1572 [ 74CDE657245C114B98816E89B8D4CCD1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
19:12:07.0662 1572 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
19:12:07.0662 1572 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
19:12:07.0662 1572 C:\Windows\SysWOW64\netprofm.dll - ok
19:12:07.0678 1572 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
19:12:07.0678 1572 C:\Windows\SysWOW64\npmproxy.dll - ok
19:12:07.0678 1572 [ C9A3881B033963F8A8457CFBB4B6E53E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\3236c6f57c0ce45dadbb533a5d443e32\System.Core.ni.dll
19:12:07.0678 1572 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\3236c6f57c0ce45dadbb533a5d443e32\System.Core.ni.dll - ok
19:12:07.0678 1572 [ C95FDA3855B750811760D40766460F68 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\imcfg.dll
19:12:07.0678 1572 C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\imcfg.dll - ok
19:12:07.0678 1572 [ 0032BA043475CFA6701C774A24A454D1 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccole.dll
19:12:07.0678 1572 C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\Inso\sccole.dll - ok
19:12:07.0678 1572 ============================================================
19:12:07.0678 1572 Scan finished
19:12:07.0678 1572 ============================================================
19:12:07.0694 4796 Detected object count: 5
19:12:07.0694 4796 Actual detected object count: 5
19:12:26.0273 4796 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:12:26.0273 4796 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:12:26.0289 4796 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:12:26.0289 4796 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:12:26.0289 4796 SITomcat ( UnsignedFile.Multi.Generic ) - skipped by user
19:12:26.0289 4796 SITomcat ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:12:26.0289 4796 SITransbase ( UnsignedFile.Multi.Generic ) - skipped by user
19:12:26.0289 4796 SITransbase ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:12:26.0289 4796 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
19:12:26.0289 4796 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:12:41.0998 2936 Deinitialize success


RogueKiller 1st log:
ogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Alan [Admin rights]
Mode : Scan -- Date : 07/21/2013 19:14:02
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : PANTONE (Regsvr32.exe C:\Users\Alan\AppData\Local\PANTONE\pzrnmgqx.dll [x][-]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-726397190-3390041725-1563339846-1001\[...]\Run : PANTONE (Regsvr32.exe C:\Users\Alan\AppData\Local\PANTONE\pzrnmgqx.dll [x][-]) -> FOUND
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST31000528AS +++++
--- User ---
[MBR] f0c4286b375e48af4d13552252114b8c
[BSP] f34e7a1dd8f17f9d75e2d8ecfebbe7db : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 942506 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1930459585 | Size: 11260 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_07212013_191402.txt >>





RogueKiller 2nd log:
RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Alan [Admin rights]
Mode : Remove -- Date : 07/21/2013 19:14:40
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : PANTONE (Regsvr32.exe C:\Users\Alan\AppData\Local\PANTONE\pzrnmgqx.dll [x][-]) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-21-726397190-3390041725-1563339846-1001\[...]\Run : PANTONE (Regsvr32.exe C:\Users\Alan\AppData\Local\PANTONE\pzrnmgqx.dll [x][-]) -> [0x2] The system cannot find the file specified.
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified.
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST31000528AS +++++
--- User ---
[MBR] f0c4286b375e48af4d13552252114b8c
[BSP] f34e7a1dd8f17f9d75e2d8ecfebbe7db : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 942506 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1930459585 | Size: 11260 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_07212013_191440.txt >>
RKreport[0]_S_07212013_191402.txt

Edited by zfastss, 21 July 2013 - 08:23 PM.

  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello zfastss

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::



Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

  • 0

Advertisements


#11
zfastss

zfastss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Latest combofix log:

ComboFix 13-07-20.03 - Alan 07/21/2013 20:25:27.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12247.9761 [GMT -7:00]
Running from: c:\users\Alan\Desktop\ComboFix.exe
Command switches used :: c:\users\Alan\Desktop\CFScript.txt
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-06-22 to 2013-07-22 )))))))))))))))))))))))))))))))
.
.
2013-07-22 03:32 . 2013-07-22 03:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-22 03:11 . 2013-05-29 05:25 96768 ----a-w- c:\windows\system32\mshtmled.dll
2013-07-22 03:11 . 2013-05-29 05:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-22 03:11 . 2013-05-29 01:33 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-07-21 17:27 . 2013-07-21 17:27 -------- d-----w- c:\windows\ERUNT
2013-07-21 02:18 . 2013-07-21 02:18 -------- d-----w- c:\users\Alan\AppData\Local\Passware
2013-07-21 00:12 . 2013-07-21 00:12 545200 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-07-21 00:12 . 2013-07-21 00:12 526768 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-21 00:12 . 2013-07-21 00:12 196528 ----a-w- c:\windows\system32\javaws.exe
2013-07-21 00:12 . 2013-07-21 00:12 172976 ----a-w- c:\windows\system32\javaw.exe
2013-07-21 00:12 . 2013-07-21 00:12 172976 ----a-w- c:\windows\system32\java.exe
2013-07-21 00:12 . 2013-07-21 00:12 -------- d-----w- c:\program files\Java
2013-07-19 01:30 . 2013-07-19 01:33 -------- d-----w- c:\windows\system32\drivers\N360x64\1404000.028
2013-07-13 19:24 . 2013-07-13 19:24 -------- d-----w- c:\programdata\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-07-13 17:15 . 2013-07-13 17:16 -------- d-----w- c:\windows\system32\MRT
2013-06-29 23:47 . 2013-07-06 21:33 -------- d-----w- c:\users\Alan\AppData\Local\PANTONE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-19 01:30 . 2013-04-27 23:00 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-14 17:00 . 2012-04-15 17:22 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-14 17:00 . 2011-05-15 02:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-13 17:15 . 2010-02-25 21:01 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-05-13 05:51 . 2013-06-15 20:00 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-15 20:00 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-15 20:00 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-15 20:00 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-15 20:00 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-15 20:00 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-15 20:00 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-15 20:00 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-15 20:00 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-15 20:00 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 07:57 . 2013-05-10 07:57 27208 ----a-w- c:\windows\system32\AdobePDFUI.dll
2013-05-10 07:57 . 2013-05-10 07:57 55872 ----a-w- c:\windows\system32\AdobePDF.dll
2013-05-10 05:49 . 2013-06-15 20:00 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-15 20:00 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-15 20:00 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-01 10:59 . 2013-05-01 10:59 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 10:59 . 2013-05-01 10:59 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2013-04-28 17:46 . 2013-04-28 17:46 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-26 05:51 . 2013-06-15 20:00 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-04-26 04:55 . 2013-06-15 20:00 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-04-25 23:30 . 2013-06-15 20:00 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMSpeed"="c:\program files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.EXE" [2008-12-09 55120]
"Akamai NetSession Interface"="c:\users\Alan\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2013-05-10 1272912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2013-05-10 38984]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2013-05-10 840768]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2013-02-01 1641368]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-29 642656]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-03-21 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe -det [2009-6-3 430080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver 03/15/2010,1.12.0.1;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys;c:\windows\SYSNATIVE\DRIVERS\point64k.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 SITomcat;SI Tomcat;c:\program files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe;c:\program files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe [x]
S2 SITransbase;SI Transbase;c:\program files (x86)\GM SPO\eSI\Transbase\tbmux32.exe;c:\program files (x86)\GM SPO\eSI\Transbase\tbmux32.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 23:05 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-14 c:\windows\Tasks\HPCeeScheduleForAlan.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-03-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-15 610360]
"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-05-21 2342800]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-12 2320752]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2008-05-24 26448]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-15 190536]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-51574194.sys
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:a1,c6,c6,8c,3e,a7,b1,99,c4,ba,da,d0,a6,57,95,e8,80,94,1b,9e,53,
44,37,d0,1e,3b,20,89,b7,30,e1,27,d4,71,b2,b7,00,16,27,a6,ab,96,a6,d2,7e,52,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:a1,c6,c6,8c,3e,a7,b1,99,c4,ba,da,d0,a6,57,95,e8,80,94,1b,9e,53,
44,37,d0,1e,3b,20,89,b7,30,e1,27,d4,71,b2,b7,00,16,27,a6,ab,96,a6,d2,7e,52,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-07-21 20:34:52
ComboFix-quarantined-files.txt 2013-07-22 03:34
ComboFix2.txt 2013-07-21 18:22
ComboFix3.txt 2013-07-13 18:44
.
Pre-Run: 692,324,589,568 bytes free
Post-Run: 692,923,805,696 bytes free
.
- - End Of File - - E7011FE54B901DF93C9FDB4F0CA3D585
D41D8CD98F00B204E9800998ECF8427E
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello zfastss

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0

#13
zfastss

zfastss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Sorry for the delayed response...don't use my home PC much during the week.
Log per your last instructions is below:

Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Community Help
Adobe Creative Suite 5 Master Collection
Adobe Encore CS5 Third Party Royalty Content
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Media Encoder CS5 Dolby X64
Adobe Media Encoder CS5 PCI X64
Adobe Media Player
Adobe Premiere Pro CS5 Third Party Royalty Content
Adobe Soundbooth CS5 Codecs
Adobe Soundbooth CS5 Royalty Codecs
Akamai NetSession Interface
Apple Application Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
Audacity 2.0.3
Autodesk Content Service
Autodesk Content Service Language Pack
Autodesk Design Review 2013
Autodesk Download Manager
Autodesk Material Library 2012
Autodesk Material Library 2013
Autodesk Material Library 2014
Autodesk Material Library Base Resolution Image Library 2012
Autodesk Material Library Base Resolution Image Library 2013
Autodesk Material Library Base Resolution Image Library 2014
Autodesk Material Library Low Resolution Image Library 2012
Autodesk Material Library Low Resolution Image Library 2013
Autodesk Material Library Low Resolution Image Library 2014
Autodesk Material Library Medium Resolution Image Library 2013
Autodesk Material Library Medium Resolution Image Library 2014
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cisco Connect
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite Deluxe
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectX for Managed Code Update (Summer 2004)
DVD Menu Pack for HP MediaSmart Video
eReg
FARO LS 1.1.406.58
FARO LS 1.1.408.2
FARO LS 1.1.501.0 (64bit)
FARO LS 4.8.2.25521
Hewlett-Packard ACLM.NET v1.2.1.1
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (KB944899)
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MediaSmart Demo
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart/TouchSmart Netflix
HP Odometer
HP Product Detection
HP Remote Solution
HP Setup
HP Support Assistant
HP Support Information
HP Update
Intel® Rapid Storage Technology
Java 2 Runtime Environment, SE v1.4.2_03
Java™ 6 Update 39
JavaFX 2.1.1
JustAddCommerce for Microsoft FrontPage 2003
LabelPrint
LightScribe System Software
Madden NFL 08
Major League Baseball 2K11
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Digital Image Library 9 - Blocker
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Expression Studio 4
Microsoft Expression Web 4
Microsoft Expression Web 4 Service Pack 2
Microsoft Live Search Toolbar
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office FrontPage 2003
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Picture It! Library 10
Microsoft Picture It! Premium 10
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140)
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Web Publishing Wizard 1.52
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Movie Theme Pack for HP MediaSmart Video
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NASCAR® Racing 2003 Season
Need for Speed Most Wanted
Need for Speed™ Hot Pursuit
Need for Speed™ SHIFT
NHL® 09
NirSoft BlueScreenView
Norton Security Suite
NVIDIA PhysX
Passware Kit Enterprise 9.7
PDF Settings CS5
PictureMover
Power2Go
PowerDirector
Presto! PageManager 8.15.01 SE
PxMergeModule
QuickTime
Realtek High Definition Audio Driver
Recovery Manager
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2804582)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
SHIFT 2 UNLEASHED™
Shockwave
SI Data SIen v2004.19
SI Stand-alone application
SI Tiff Viewer Plugin v4
SketchUp Import for AutoCAD 2014
Sothink DHTML Menu 9
Spelling Dictionaries Support For Adobe Reader 9
The Print Shop 2.0 Deluxe
The Print Shop 3.0 Fonts
The Print Shop 3.0 Professional
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft .NET Framework 4.5 (KB2805221)
Update for Microsoft .NET Framework 4.5 (KB2805226)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177
Windows Live Sync
WPF Toolkit February 2010 (Version 3.5.50211.1)
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

Java 2 Runtime Environment, SE v1.4.2_03
Java™ 6 Update 39
JavaFX 2.1.1

[/list]


Please download and install Revo Uninstaller Free

  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.

Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close




Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. default settings are fine
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

I see that you have MBAM installed - That is great!! and at this time I would like you to update it and run me a quick scan

  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic


"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

  • 0

#15
zfastss

zfastss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Unfortunately I need to keep Java 6 and the other 2 java items as a program I use for work is built on it (Apache Tomcat) and does not run under Java 7. So far no notifications from Norton of an attack...

MBAM log is here:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.23.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Alan :: ALAN-PC [administrator]

7/22/2013 7:53:53 PM
mbam-log-2013-07-22 (19-53-53).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 228062
Time elapsed: 3 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

HijackThis log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:00:17 PM, on 7/22/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Users\Alan\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Users\Alan\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msntask.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Users\Alan\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [PMSpeed] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.EXE
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Alan\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Global Startup: PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20270.www2.h...tDetection2.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset...lineScanner.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SI Tomcat (SITomcat) - Alexandria Software Consulting - C:\Program Files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe
O23 - Service: SI Transbase (SITransbase) - TransAction Software, D 81737 Munich - C:\Program Files (x86)\GM SPO\eSI\Transbase\tbmux32.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13838 bytes

Edited by zfastss, 22 July 2013 - 09:02 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP