Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

FBI MoneyPak/Trojans Zeroaccess.C & Gen.2 [Solved]

Started by beerman , Nov 12 2013 11:22 AM

This topic is locked

#1
beerman

Posted 12 November 2013 - 11:22 AM

Member

Member
188 posts

Hello GTG! Unfortunately I need your courteous and expert help once again; and in fact again for FBI MoneyPak, et. al. Can't boot the computer, even in Safe Mode where it gets stuck on the FBI MoneyPak screen. Symantec was also reporting Trojan.Zeroaccess.C and Trojan.Gen.2

We had a laptop get this earlier this year so I was able to go back and burn OTLPENet.exe to CD and download Farbar Recovery Scan Tool to a flash drive.

Booted to the CD and after some time I was able to run FBRT. Here is the log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by SYSTEM on Reatogo on 12-11-2013 11:59:57
Running from D:\
Microsoft Windows XP (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [atchk] - C:\Program Files\Intel\AMT\atchk.exe [408344 2007-06-12] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1036288 2007-08-01] (Analog Devices, Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [623992 2008-10-14] (Adobe Systems Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\WINDOWS\KHALMNPR.Exe [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [REGSHAVE] - C:\Program Files\REGSHAVE\Regshave.exe [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47904 2010-10-08] (Apple Inc.)
HKLM\...\Run: [RoxWatchTray] - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [236016 2009-07-08] (Sonic Solutions)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115560 2011-03-19] (Symantec Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2420248 2013-11-10] ()
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [MJ4bJ7o7.exe] - C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe [148176 2013-11-12] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] cmd.exe [x ] () <=== ATTENTION
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKLM\...\Command Processor: "C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe" <======= ATTENTION
HKU\administrator\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [ 2013-06-03] (AVG Secure Search)
HKU\banderson\...\Run: [RIMDeviceManager] - C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [ 2011-05-19] (Research In Motion Limited)
HKU\banderson\...\Run: [ISUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [ 2008-10-24] (Macrovision Corporation)
HKU\banderson\...\Run: [Google Update] - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [ 2009-03-27] (Google Inc.)
HKU\banderson\...\Run: [Uniblue RegistryBooster 2] - C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
HKU\banderson\...\Run: [DW6] - "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
HKU\banderson\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-08-26] (Google Inc.)
HKU\banderson\...\Run: [Google Update] - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [ 2009-03-27] (Google Inc.)
HKU\banderson\...\Run: [KB00518131.exe] - C:\Documents and Settings\banderson\Application Data\KB00518131.exe [ 2013-11-12] (Microsoft Corporation)
HKU\banderson\...\Run: [MJ4bJ7o7.exe] - C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe [ 2013-11-12] (Microsoft Corporation)
HKU\banderson\...\Winlogon: [Shell] cmd.exe [ 2008-04-13] (Microsoft Corporation) <==== ATTENTION
HKU\banderson\...\Command Processor: "C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe" <===== ATTENTION!
HKU\Brock Anderson\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [ 2013-06-03] (AVG Secure Search)
AppInit_DLLs: zehigipu.dll [ 2013-06-03] ()
Lsa: [Notification Packages] scecli zehigipu.dll holiditu.dll
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk
ShortcutTarget: Exif Launcher.lnk -> C:\Program Files\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sonic CinePlayer Quick Launch.lnk
ShortcutTarget: Sonic CinePlayer Quick Launch.lnk -> C:\Program Files\Common Files\Sonic Shared\CineTray.exe (Sonic Solutions)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)

========================== Services (Whitelisted) =================

S2 ASFAgent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [133968 2007-01-23] (Intel Corporation)
S2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-06-12] (Intel Corporation)
S2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.)
S2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2011-03-19] (Symantec Corporation)
S2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2011-03-19] (Symantec Corporation)
S2 gupdate1c9904786cffc28; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-16] (Google Inc.)
S2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
S3 LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [3093880 2010-02-17] (Symantec Corporation)
S2 LMS; C:\Program Files\Intel\AMT\LMS.exe [109336 2007-06-12] (Intel)
S2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S2 SharedAccess; C:\Windows\System32\svchost.exe [14336 2008-04-13] (Microsoft Corporation)
S2 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [1881368 2011-03-19] (Symantec Corporation)
S4 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [349512 2011-03-19] (Symantec Corporation)
S2 Symantec AntiVirus; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1831024 2011-03-19] (Symantec Corporation)
S2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2521880 2007-06-12] (Intel)
S2 vToolbarUpdater17.1.2; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [1734680 2013-11-10] (AVG Secure Search)
S3 IgniteService; "C:\Program Files\Miller Direct Connect\4072598\Program\IgniteService.exe" -Service [x]
S2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{9c506c62-ba34-9975-c908-07eb42692101}\ \ \???\{9c506c62-ba34-9975-c908-07eb42692101}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
S3 COH_Mon; C:\WINDOWS\system32\Drivers\COH_Mon.sys [23888 2011-03-19] (Symantec Corporation)
S1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-27] (Symantec Corporation)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
S2 iPodDrv; C:\WINDOWS\system32\drivers\iPodDrv.sys [6656 2012-12-20] (Windows ® Codename Longhorn DDK provider)
S2 MASPINT; C:\Windows\System32\Drivers\MASPINT.sys [8096 2000-03-29] (MicroStaff Co.,Ltd.)
S3 NAVENG; C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131111.032\NAVENG.SYS [93272 2013-11-04] (Symantec Corporation)
S3 NAVEX15; C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131111.032\NAVEX15.SYS [1612376 2013-11-04] (Symantec Corporation)
S3 PalmUSBD; C:\Windows\System32\drivers\PalmUSBD.sys [16694 2008-08-11] (PalmSource, Inc.)
S3 SenFiltService; C:\Windows\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
S1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [421424 2011-03-19] (Symantec Corporation)
S1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [283184 2011-03-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [320944 2011-03-19] (Symantec Corporation)
S1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2011-03-19] (Symantec Corporation)
S3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124976 2011-05-11] (Symantec Corporation)
S3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26416 2011-03-19] (Symantec Corporation)
S1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [188080 2011-03-19] (Symantec Corporation)
S3 catchme; \??\C:\combofix\catchme.sys [x]
S4 IntelIde; No ImagePath
S3 MRVW245; system32\DRIVERS\MRVW245.sys [x]
S5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

61884-139-31888 520:31889 - 2010-01-13 18:33 - 00006456 ____H C:\Windows\System32\gagogife
2013-11-12 11:59 - 2013-11-12 11:59 - 00000000 ____D C:\FRST
2013-11-12 11:01 - 2013-11-12 11:01 - 00299520 _____ C:\Documents and Settings\banderson\Local Settings\Application Data\Z4Fs4nvEN9
2013-11-12 11:01 - 2013-11-12 11:01 - 00299520 _____ C:\Documents and Settings\banderson\Application Data\x0a7PlXv
2013-11-12 11:01 - 2013-11-12 11:01 - 00299520 _____ C:\Documents and Settings\All Users\Application Data\IRxnNBDts
2013-11-12 08:28 - 2013-11-12 08:46 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4
2013-11-12 08:28 - 2013-11-12 08:28 - 00118784 _____ (Microsoft Corporation) C:\Documents and Settings\banderson\Application Data\KB00518131.exe
2013-11-12 08:28 - 2013-11-12 08:28 - 00000000 ___HD C:\Documents and Settings\banderson\Application Data\F13CEDF4
2013-10-28 06:16 - 2013-10-28 06:16 - 00816838 _____ C:\Documents and Settings\banderson\Desktop\Beer Lounge and Kitchen Ideas.pptx
2013-10-25 11:11 - 2013-10-25 11:11 - 00110592 _____ C:\Windows\Minidump\Mini102513-01.dmp

==================== One Month Modified Files and Folders =======

2013-11-12 11:59 - 2013-11-12 11:59 - 00000000 ____D C:\FRST
2013-11-12 11:17 - 2008-08-11 11:26 - 00000178 ___SH C:\Documents and Settings\banderson\ntuser.ini
2013-11-12 11:17 - 2008-08-11 10:12 - 01871873 _____ C:\Windows\WindowsUpdate.log
2013-11-12 11:01 - 2013-11-12 11:01 - 00299520 _____ C:\Documents and Settings\banderson\Local Settings\Application Data\Z4Fs4nvEN9
2013-11-12 11:01 - 2013-11-12 11:01 - 00299520 _____ C:\Documents and Settings\banderson\Application Data\x0a7PlXv
2013-11-12 11:01 - 2013-11-12 11:01 - 00299520 _____ C:\Documents and Settings\All Users\Application Data\IRxnNBDts
2013-11-12 11:01 - 2004-08-04 05:00 - 00002206 _____ C:\Windows\System32\wpa.dbl
2013-11-12 10:59 - 2008-08-11 11:19 - 00000120 _____ C:\Windows\System32\config\netlogon.ftl
2013-11-12 10:56 - 2008-08-11 10:15 - 00032466 _____ C:\Windows\SchedLgU.Txt
2013-11-12 10:56 - 2008-08-11 06:05 - 00000216 _____ C:\Windows\wiadebug.log
2013-11-12 10:49 - 2008-08-11 06:05 - 00000050 _____ C:\Windows\wiaservc.log
2013-11-12 09:56 - 2008-08-11 11:21 - 00000000 __SHD C:\Windows\CSC
2013-11-12 08:46 - 2013-11-12 08:28 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4
2013-11-12 08:28 - 2013-11-12 08:28 - 00118784 _____ (Microsoft Corporation) C:\Documents and Settings\banderson\Application Data\KB00518131.exe
2013-11-12 08:28 - 2013-11-12 08:28 - 00000000 ___HD C:\Documents and Settings\banderson\Application Data\F13CEDF4
2013-11-12 08:28 - 2008-08-18 07:43 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Google
2013-11-12 08:28 - 2008-08-18 07:15 - 00000000 ____D C:\Program Files\Google
2013-11-12 08:04 - 2008-08-11 13:30 - 00002515 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office Word 2007.lnk
2013-11-11 21:07 - 2008-08-11 05:58 - 00000000 ____D C:\Windows\security
2013-11-11 09:37 - 2008-08-11 13:29 - 00002483 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office PowerPoint 2007.lnk
2013-11-11 07:57 - 2008-08-11 13:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\FLEXnet
2013-11-10 09:26 - 2012-08-29 09:20 - 00037664 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys
2013-11-10 09:26 - 2012-08-29 09:20 - 00000000 ____D C:\Windows\System32\cache
2013-11-10 09:26 - 2012-07-03 10:08 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-11-06 13:52 - 2008-08-11 13:29 - 00002473 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office Excel 2007.lnk
2013-10-31 10:01 - 2013-09-13 09:05 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Citrix
2013-10-31 10:01 - 2008-12-26 07:23 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Deployment
2013-10-30 08:40 - 2011-11-12 14:52 - 00458144 _____ C:\Windows\setupapi.log
2013-10-29 09:05 - 2009-02-17 08:57 - 00255488 ___SH C:\Documents and Settings\banderson\Desktop\Thumbs.db
2013-10-29 06:03 - 2013-05-06 09:22 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\HTC MediaHub
2013-10-29 02:24 - 2013-08-20 10:07 - 00065536 _____ C:\Windows\System32\config\OAlerts.evt
2013-10-29 02:12 - 2008-12-03 10:11 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-29 02:08 - 2008-08-11 13:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-10-29 02:08 - 2004-08-04 05:00 - 00000582 _____ C:\Windows\win.ini
2013-10-28 06:16 - 2013-10-28 06:16 - 00816838 _____ C:\Documents and Settings\banderson\Desktop\Beer Lounge and Kitchen Ideas.pptx
2013-10-25 11:11 - 2013-10-25 11:11 - 00110592 _____ C:\Windows\Minidump\Mini102513-01.dmp
2013-10-25 11:11 - 2009-01-13 14:45 - 00000000 ____D C:\Windows\Minidump
2013-10-24 14:36 - 2012-11-02 08:40 - 01209951 _____ C:\Documents and Settings\banderson\Desktop\Final Routing Matrix 11-1-12 FINAL VERSION.xlsx
2013-10-16 12:55 - 2013-08-01 07:05 - 00002316 _____ C:\Documents and Settings\banderson\Desktop\Google Chrome.lnk

ZeroAccess:
C:\Windows\assembly\GAC\Desktop.ini

Files to move or delete:
====================
C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe
ZeroAccess:
C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install

Some content of TEMP:
====================
C:\Documents and Settings\administrator\Local Settings\Temp\sp_setpoint.exe
C:\Documents and Settings\banderson\Local Settings\Temp\7z.dll
C:\Documents and Settings\banderson\Local Settings\Temp\7z.exe
C:\Documents and Settings\banderson\Local Settings\Temp\avguidx.dll
C:\Documents and Settings\banderson\Local Settings\Temp\CommonInstaller.exe
C:\Documents and Settings\banderson\Local Settings\Temp\dtkill.exe
C:\Documents and Settings\banderson\Local Settings\Temp\Executor.exe
C:\Documents and Settings\banderson\Local Settings\Temp\G2MInstallerExtractor.exe
C:\Documents and Settings\banderson\Local Settings\Temp\ICReinstall_PDFCreatorSetup.exe
C:\Documents and Settings\banderson\Local Settings\Temp\iGearedHelper.dll
C:\Documents and Settings\banderson\Local Settings\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Documents and Settings\banderson\Local Settings\Temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\Temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\Temp\jre-7u25-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\Temp\jre-7u40-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\Temp\MachineIdCreator.exe
C:\Documents and Settings\banderson\Local Settings\Temp\oi_{3CBB1E8C-B01B-4192-A7AB-8B217A4BFAE5}.exe
C:\Documents and Settings\banderson\Local Settings\Temp\SSUPDATE.EXE
C:\Documents and Settings\banderson\Local Settings\Temp\ToolbarInstaller.exe
C:\Documents and Settings\banderson\Local Settings\Temp\vcredist_x86.exe
C:\Documents and Settings\banderson\Local Settings\Temp\~tmf645148103571096384.dll

==================== Known DLLs (Whitelisted) ============

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points (XP) =====================

RP: -> 2013-11-11 13:42 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1260

RP: -> 2013-11-10 12:41 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1259

RP: -> 2013-11-09 11:40 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1258

RP: -> 2013-11-08 10:43 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1257

RP: -> 2013-11-07 09:33 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1256

RP: -> 2013-11-06 08:52 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1255

RP: -> 2013-11-05 08:34 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1254

RP: -> 2013-11-04 06:41 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1253

RP: -> 2013-11-03 05:41 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1252

RP: -> 2013-11-02 04:41 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1251

RP: -> 2013-11-01 03:41 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1250

RP: -> 2013-10-31 03:30 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1249

RP: -> 2013-10-30 02:50 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1248

RP: -> 2013-10-29 02:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1247

RP: -> 2013-10-28 14:27 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1246

RP: -> 2013-10-27 13:27 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1245

RP: -> 2013-10-26 12:27 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1244

RP: -> 2013-10-25 11:43 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1243

RP: -> 2013-10-24 10:56 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1242

RP: -> 2013-10-23 10:49 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1241

RP: -> 2013-10-22 08:10 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1240

RP: -> 2013-10-21 07:15 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1239

RP: -> 2013-10-20 06:15 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1238

RP: -> 2013-10-19 05:15 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1237

RP: -> 2013-10-18 04:15 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1236

RP: -> 2013-10-17 03:15 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1235

RP: -> 2013-10-16 03:12 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1234

RP: -> 2013-10-15 03:04 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1233

RP: -> 2013-10-14 02:16 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1232

RP: -> 2013-10-13 02:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1231

RP: -> 2013-10-12 03:04 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1230

RP: -> 2013-10-11 02:58 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1229

RP: -> 2013-10-10 02:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1228

RP: -> 2013-10-09 14:29 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1227

RP: -> 2013-10-04 12:22 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1226

RP: -> 2013-10-03 08:02 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1225

RP: -> 2013-10-02 08:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1224

RP: -> 2013-10-01 07:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1223

RP: -> 2013-09-30 06:28 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1222

RP: -> 2013-09-29 10:03 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1221

RP: -> 2013-09-28 09:05 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1220

RP: -> 2013-09-27 08:17 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1219

RP: -> 2013-09-26 07:16 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1218

RP: -> 2013-09-25 11:57 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1217

RP: -> 2013-09-24 10:57 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1216

RP: -> 2013-09-23 09:47 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1215

RP: -> 2013-09-22 08:57 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1214

RP: -> 2013-09-21 07:57 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1213

RP: -> 2013-09-20 07:02 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1212

RP: -> 2013-09-19 05:59 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1211

RP: -> 2013-09-18 04:58 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1210

RP: -> 2013-09-17 04:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1209

RP: -> 2013-09-16 03:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1208

RP: -> 2013-09-15 02:48 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1207

RP: -> 2013-09-14 02:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1206

RP: -> 2013-09-13 02:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1205

RP: -> 2013-09-12 02:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1204

RP: -> 2013-09-11 11:31 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1203

RP: -> 2013-09-10 11:07 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1202

RP: -> 2013-09-09 10:45 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1201

RP: -> 2013-09-08 09:47 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1200

RP: -> 2013-09-07 09:41 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1199

RP: -> 2013-09-06 09:18 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1198

RP: -> 2013-09-05 07:47 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1197

RP: -> 2013-09-04 07:10 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1196

RP: -> 2013-09-03 06:59 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1195

RP: -> 2013-09-02 06:47 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1194

RP: -> 2013-09-01 05:47 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1193

RP: -> 2013-08-31 04:47 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1192

RP: -> 2013-08-30 03:47 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1191

RP: -> 2013-08-29 02:56 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1190

RP: -> 2013-08-28 02:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1189

RP: -> 2013-08-27 05:47 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1188

RP: -> 2013-08-26 04:47 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1187

RP: -> 2013-08-25 04:35 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1186

RP: -> 2013-08-24 03:35 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1185

RP: -> 2013-08-23 02:53 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1184

RP: -> 2013-08-22 02:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1183

RP: -> 2013-08-21 02:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1182

RP: -> 2013-08-20 10:01 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1181

RP: -> 2013-08-20 09:34 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1180

RP: -> 2013-08-20 05:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1179

RP: -> 2013-08-19 04:55 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1178

RP: -> 2013-08-18 04:07 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1177

RP: -> 2013-08-17 03:07 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1176

RP: -> 2013-08-16 02:50 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1175

RP: -> 2013-08-15 02:00 - 028672 _restore{5687C6A2-B8F5-45DC-BBCC-350B0B589390}\RP1174

==================== Memory info ===========================

Percentage of memory in use: 13%
Total physical RAM: 2004.54 MB
Available physical RAM: 1742.13 MB
Total Pagefile: 1835.45 MB
Available Pagefile: 1789.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1990.62 MB

==================== Drives ================================

Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) FAT
Drive c: () (Fixed) (Total:148.95 GB) (Free:13.87 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (LEINENKUGEL) (Removable) (Total:1.91 GB) (Free:1.91 GB) FAT
Drive x: (ReatogoPE) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 529F9E27)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)

==================== End Of Log ============================

Thanks in advance for your help.

#2
Machiavelli

Posted 12 November 2013 - 11:28 AM

GeekU Moderator

GeekU Moderator
4,722 posts

Welcome to GeeksToGo, beerman

My name is Machiavelli and I'll try to fix your PC problems. If you are in SafeMode then print my instructions! Removing Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do, just ask me! Please stay in contact with me until the problem is fixed.

Posted Image

!NOTE! Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.

I'll come with an answer later.

#3
Machiavelli

Posted 12 November 2013 - 02:01 PM

GeekU Moderator

GeekU Moderator
4,722 posts

Hello beerman!

- FIRST -

In your logs I see a Backdoor. That means that your machine is infected with some nasty files which can steal some information. It is difficult to tell whether or not any data has been stolen and finding out which is true instead of doing countermeasures is unproductive. In this light, for your safety, assume that your log-in details and other information have been accessed by another source.
Below are the steps that you should administer:

Please disconnect from the Internet! Also don't use it while we are cleaning the infected machine. This is especially true when you are using the computer in question for online banking and other sites that require sensitive and personal information.
It is strongly advised that you change your passwords on a clean PC and notify the bank immediately to watch out for suspicious transactions.

I can try to clean the infection but I have to say your computer is very likely compromised and that there is no way to be sure your computer can ever again be trusted.Experts in the security community believe that a reformat and re-installation of the operating system is the best solution. Please peruse the following if you would like to know more:

Now - you decide if you want to reformat the PC or to cleaning the PC. Think of it and choose the best solution for you! Let me know of your decision. If you decide to go through the proceed, please proceed with the following steps.

- NEXT -

First,

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it on the flash drive (where FRST is saved) as fixlist.txt

HKLM\...\Run: [MJ4bJ7o7.exe] - C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe [148176 2013-11-12] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] cmd.exe [x ] () <=== ATTENTION
HKLM\...\Command Processor: "C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe" <======= ATTENTION
HKU\banderson\...\Run: [KB00518131.exe] - C:\Documents and Settings\banderson\Application Data\KB00518131.exe [ 2013-11-12] (Microsoft Corporation)
HKU\banderson\...\Run: [MJ4bJ7o7.exe] - C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe [ 2013-11-12] (Microsoft Corporation)
HKU\banderson\...\Winlogon: [Shell] cmd.exe [ 2008-04-13] (Microsoft Corporation) <==== ATTENTION
HKU\banderson\...\Command Processor: "C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe" <===== ATTENTION!
AppInit_DLLs: zehigipu.dll [ 2013-06-03] ()
Lsa: [Notification Packages] scecli zehigipu.dll holiditu.dll
S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{9c506c62-ba34-9975-c908-07eb42692101}\ \ \???\{9c506c62-ba34-9975-c908-07eb42692101}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
S1 WS2IFSL;
C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4
C:\Documents and Settings\banderson\Local Settings\Application Data\Z4Fs4nvEN9
C:\Documents and Settings\banderson\Application Data\x0a7PlXv
C:\Documents and Settings\All Users\Application Data\IRxnNBDts
C:\Documents and Settings\banderson\Application Data\KB00518131.exe
C:\Documents and Settings\banderson\Application Data\F13CEDF4
C:\Windows\assembly\GAC\Desktop.ini
C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Desktop\Install
C:\Program Files\Google\Desktop\Install

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Then,

Start the infected computer using the boot CD you have created some time ago
When you see a message with Starting REATOGO-X-PE connect the USB Flash Drive
As the CD needs to detect your hardware and load the operating system, I'd recommend to take a break and relax for a short time
After fully load your system should now display a REATOGO-X-PE desktop.
Double click the My Computer Icon, next open the drive corresponding to your flash drive
Execute FRST by double clicking on the icon

Press the Fix button and Wait. After the fix the system needs to restart if the tool does not request it please Restart the computer manually.
Let the computer boot normally and tell me if it works or not
The tool will make a log (Fixlog.txt) on the flash drive please post it in your next reply

Please don't forget to include this in your next post:

fixlog
Can you boot again?

#4
beerman

Posted 12 November 2013 - 02:51 PM

Member

Topic Starter
Member
188 posts

Machiavelli:

Thanks for your help. In answer to your question, I want to do both. I need to get the computer up and running enough that I can get a complete backup of files and settings and then I will do a reformat and reinstall.

One additional issue may be that this user has an external hard drive that was not attached during the scan. My reason for concern is that Symantec was reporting viruses on the external if memory serves. Once we get the computer to the point that I can boot up, is there a way to re-run the scan so that the external drive is included?

I will post the fixlog.txt file within the next hour.

Thanks.

#5
Machiavelli

Posted 12 November 2013 - 03:07 PM

GeekU Moderator

GeekU Moderator
4,722 posts

Hey!

Once we get the computer to the point that I can boot up, is there a way to re-run the scan so that the external drive is included?

Yes, we can scan your external hard drive. For that I'm using probably other software - we will see.

My Plan is getting the computer boot again, then scanning again for Malware and use some other Scanners to make sure that there isn't anything hiding!

The last bit will be scanning for remnants and then we should be finished with that case (if you haven't any problems with the system).

I need to get the computer up and running enough that I can get a complete backup of files and settings and then I will do a reformat and reinstall.

Do you mean a full backup? You should only backup some important things (pictures, documents, etc.) because if you would do a full Backup Image (of your drive) with Acronis etc. the Malware can be still in the BackUp you made(if it wasn't completly removed!)

I will post the fixlog.txt file within the next hour.

No problem & thanks! I can only answer tomorrow again. In Germany it is very late and I have school until 1 PM tomorrow. If you like you can call me Gerrit.

Thanks.

You are welcome.

#6
beerman

Posted 12 November 2013 - 03:11 PM

Member

Topic Starter
Member
188 posts

Gerrit:

Thanks for your reply. I was only going to copy off files, not do an image backup. I understand your timing. I will send the log file tomorrow then so you should see it some time early afternoon your time.

Thanks again.

#7
Machiavelli

Posted 12 November 2013 - 03:14 PM

GeekU Moderator

GeekU Moderator
4,722 posts

I will send the log file tomorrow then so you should see it some time early afternoon your time.

OK, you can send the Log every time you want. :happy:

Bye!

#8
beerman

Posted 13 November 2013 - 09:58 AM

Member

Topic Starter
Member
188 posts

Gerrit:

Log is included below. Was able to boot up successfully. For fixes going forward am I going to need to be attached to the internet from that computer? In your first reply you said to disconnect from the internet. I had to boot up connected in order for the password change to take effect but it is now unplugged.

Thanks. Here is the log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-11-2013 01
Ran by SYSTEM at 2013-11-13 10:45:37 Run:1
Running from D:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [MJ4bJ7o7.exe] - C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe [148176 2013-11-12] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] cmd.exe [x ] () <=== ATTENTION
HKLM\...\Command Processor: "C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe" <======= ATTENTION
HKU\banderson\...\Run: [KB00518131.exe] - C:\Documents and Settings\banderson\Application Data\KB00518131.exe [ 2013-11-12] (Microsoft Corporation)
HKU\banderson\...\Run: [MJ4bJ7o7.exe] - C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe [ 2013-11-12] (Microsoft Corporation)
HKU\banderson\...\Winlogon: [Shell] cmd.exe [ 2008-04-13] (Microsoft Corporation) <==== ATTENTION
HKU\banderson\...\Command Processor: "C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4\MJ4bJ7o7.exe" <===== ATTENTION!
AppInit_DLLs: zehigipu.dll [ 2013-06-03] ()
Lsa: [Notification Packages] scecli zehigipu.dll holiditu.dll
S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{9c506c62-ba34-9975-c908-07eb42692101}\ \ \???\{9c506c62-ba34-9975-c908-07eb42692101}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
S1 WS2IFSL;
C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4
C:\Documents and Settings\banderson\Local Settings\Application Data\Z4Fs4nvEN9
C:\Documents and Settings\banderson\Application Data\x0a7PlXv
C:\Documents and Settings\All Users\Application Data\IRxnNBDts
C:\Documents and Settings\banderson\Application Data\KB00518131.exe
C:\Documents and Settings\banderson\Application Data\F13CEDF4
C:\Windows\assembly\GAC\Desktop.ini
C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Desktop\Install
C:\Program Files\Google\Desktop\Install
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MJ4bJ7o7.exe => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value was restored successfully.
HKLM\Software\Microsoft\Command Processor\\AutoRun => Value deleted successfully.
HKU\banderson\Software\Microsoft\Windows\CurrentVersion\Run\\KB00518131.exe => Value deleted successfully.
HKU\banderson\Software\Microsoft\Windows\CurrentVersion\Run\\MJ4bJ7o7.exe => Value deleted successfully.
HKU\banderson\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\banderson\Software\Microsoft\Command Processor\\AutoRun => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\System\ControlSet001\Control\Lsa\\Notification Packages => Value was restored successfully.
*etadpug => Unable to delete service
*etadpug => Service should be removed with FRST outside recovery mode.
WS2IFSL => Service deleted successfully.
C:\Documents and Settings\banderson\Local Settings\Application Data\CmHSxYDd4 => Moved successfully.
C:\Documents and Settings\banderson\Local Settings\Application Data\Z4Fs4nvEN9 => Moved successfully.
C:\Documents and Settings\banderson\Application Data\x0a7PlXv => Moved successfully.
C:\Documents and Settings\All Users\Application Data\IRxnNBDts => Moved successfully.
C:\Documents and Settings\banderson\Application Data\KB00518131.exe => Moved successfully.
C:\Documents and Settings\banderson\Application Data\F13CEDF4 => Moved successfully.
C:\Windows\assembly\GAC\Desktop.ini => Moved successfully.
C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Desktop\Install => Moved successfully.
C:\Program Files\Google\Desktop\Install => Moved successfully.

==== End of Fixlog ====

#9
Machiavelli

Posted 13 November 2013 - 10:50 AM

GeekU Moderator

GeekU Moderator
4,722 posts

Hello beerman!

Great to see that the computer can boot again! :thumbsup:

You should only connect to the internet while you are posting the logs. You should change the Passwords from another PC which isn't infected. While you are doing other stuff please disconnect from Internet!

The following steps you should do in normal mode please.

- FIRST -

Please move FRST from your FlashDrive to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Please don't forget to include this Logfile in your next answer:

FRST logs

#10
beerman

Posted 13 November 2013 - 11:15 AM

Member

Topic Starter
Member
188 posts

Thanks for your response. Here are the logs:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by banderson (administrator) on D94GBLF1 on 13-11-2013 12:09:19
Running from C:\Documents and Settings\banderson\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Could not list processes ===============

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [atchk] - C:\Program Files\Intel\AMT\atchk.exe [408344 2007-06-12] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1036288 2007-08-01] (Analog Devices, Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [623992 2008-10-14] (Adobe Systems Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\WINDOWS\KHALMNPR.Exe [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [REGSHAVE] - C:\Program Files\REGSHAVE\Regshave.exe [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47904 2010-10-08] (Apple Inc.)
HKLM\...\Run: [RoxWatchTray] - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [236016 2009-07-08] (Sonic Solutions)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115560 2011-03-19] (Symantec Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2420248 2013-11-10] ()
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKCU\...\Run: [RIMDeviceManager] - C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2062680 2011-05-19] (Research In Motion Limited)
HKCU\...\Run: [ISUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [206112 2008-10-24] (Macrovision Corporation)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [133104 2009-03-27] (Google Inc.)
HKCU\...\Run: [Uniblue RegistryBooster 2] - C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
HKCU\...\Run: [DW6] - "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-08-26] (Google Inc.)
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
MountPoints2: {39934f62-75e4-11e2-af32-001e4f9966bb} - E:\LaunchU3.exe -a
MountPoints2: {60d137ab-0047-11df-aeae-001e4f9966bb} - slacker.synclauncher.exe
MountPoints2: {8a45a27d-68d5-11dd-ae31-001e4f9966bb} - G:\LaunchU3.exe -a
MountPoints2: {cb85c8d5-b91d-11e0-aef1-001e4f9966bb} - E:\RunClubSanDisk.exe
HKU\administrator\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [ 2013-06-03] (AVG Secure Search)
HKU\Brock Anderson\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [ 2013-06-03] (AVG Secure Search)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk
ShortcutTarget: Exif Launcher.lnk -> C:\Program Files\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sonic CinePlayer Quick Launch.lnk
ShortcutTarget: Sonic CinePlayer Quick Launch.lnk -> C:\Program Files\Common Files\Sonic Shared\CineTray.exe (Sonic Solutions)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...17DHP&dt=050713
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox...aspx?tbid=80114
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80114
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...sa&d=2012-07-03 11:08:58&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.c...rms}&tbid=60195
SearchScopes: HKCU - {30AADD83-A59A-48CF-8B75-5D8D16F36603} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKCU - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} URL = http://search.alot.c...q={searchTerms}
SearchScopes: HKCU - {75595C56-CA05-49C7-B12C-9FEED484306C} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...sa&d=2012-07-03 11:08:58&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80114&lng=en
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 03 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Bing) - http://www.bing.com/...q={searchTerms}
CHR DefaultSuggestURL: (Bing) - http://api.bing.com/...uage={language}
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (OnLive Game Client Detector) - C:\Program Files\OnLive\Plugin\npolgdet.dll (OnLive)
CHR Plugin: (Photosynth) - C:\Program Files\Photosynth\npPhotosynthMozilla.dll ()
CHR Plugin: (BlackBerry AppWorld) - C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\DOCUME~1\BANDER~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\BANDER~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AVG Secure Search) - C:\DOCUME~1\BANDER~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.1.2.1_0
CHR Extension: (Google Wallet) - C:\DOCUME~1\BANDER~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\DOCUME~1\BANDER~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\ChromeExt\17.1.2.1\avg.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 ASFAgent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [133968 2007-01-23] (Intel Corporation)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-06-12] (Intel Corporation)
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2011-03-19] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2011-03-19] (Symantec Corporation)
S2 gupdate1c9904786cffc28; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-16] (Google Inc.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
S3 LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [3093880 2010-02-17] (Symantec Corporation)
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [109336 2007-06-12] (Intel)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S2 SharedAccess; C:\Windows\System32\svchost.exe [14336 2008-04-13] (Microsoft Corporation)
R2 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [1881368 2011-03-19] (Symantec Corporation)
S4 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [349512 2011-03-19] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1831024 2011-03-19] (Symantec Corporation)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2521880 2007-06-12] (Intel)
R2 vToolbarUpdater17.1.2; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [1734680 2013-11-10] (AVG Secure Search)
S3 IgniteService; "C:\Program Files\Miller Direct Connect\4072598\Program\IgniteService.exe" -Service [x]
R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{9c506c62-ba34-9975-c908-07eb42692101}\ \ \???\{9c506c62-ba34-9975-c908-07eb42692101}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
S3 COH_Mon; C:\WINDOWS\system32\Drivers\COH_Mon.sys [23888 2011-03-19] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-27] (Symantec Corporation)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R2 iPodDrv; C:\WINDOWS\system32\drivers\iPodDrv.sys [6656 2012-12-20] (Windows ® Codename Longhorn DDK provider)
R2 MASPINT; C:\Windows\System32\Drivers\MASPINT.sys [8096 2000-03-29] (MicroStaff Co.,Ltd.)
R3 NAVENG; C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131111.032\NAVENG.SYS [93272 2013-11-04] (Symantec Corporation)
R3 NAVEX15; C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131111.032\NAVEX15.SYS [1612376 2013-11-04] (Symantec Corporation)
S3 PalmUSBD; C:\Windows\System32\drivers\PalmUSBD.sys [16694 2008-08-11] (PalmSource, Inc.)
R3 SenFiltService; C:\Windows\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [421424 2011-03-19] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [283184 2011-03-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [320944 2011-03-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2011-03-19] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124976 2011-05-11] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26416 2011-03-19] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [188080 2011-03-19] (Symantec Corporation)
S3 catchme; \??\C:\combofix\catchme.sys [x]
S4 IntelIde; No ImagePath
S3 MRVW245; system32\DRIVERS\MRVW245.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

61884-139-31888 552:31889 - 2010-01-13 18:33 - 00006456 ____H C:\WINDOWS\system32\gagogife
2013-11-13 12:03 - 2013-11-13 12:04 - 00000178 ___SH C:\Documents and Settings\Administrator.D94GBLF1\ntuser.ini
2013-11-13 12:03 - 2013-11-13 12:03 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1
2013-11-13 12:03 - 2013-11-12 11:22 - 01090275 _____ (Farbar) C:\Documents and Settings\banderson\Desktop\FRST.exe
2013-11-13 12:03 - 2012-02-16 03:00 - 00000000 __SHD C:\Documents and Settings\Administrator.D94GBLF1\IETldCache
2013-11-13 12:03 - 2009-05-18 20:33 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1\Application Data\Macromedia
2013-11-13 12:03 - 2008-09-11 02:00 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1\Local Settings\Application Data\Microsoft Help
2013-11-13 12:03 - 2008-08-11 10:12 - 00001599 _____ C:\Documents and Settings\Administrator.D94GBLF1\Start Menu\Programs\Remote Assistance.lnk
2013-11-13 12:03 - 2008-08-11 10:12 - 00000792 _____ C:\Documents and Settings\Administrator.D94GBLF1\Start Menu\Programs\Windows Media Player.lnk
2013-11-13 12:03 - 2008-08-11 10:12 - 00000000 ___RD C:\Documents and Settings\Administrator.D94GBLF1\Start Menu\Programs\Accessories
2013-11-12 11:59 - 2013-11-12 11:59 - 00000000 ____D C:\FRST
2013-10-28 06:16 - 2013-10-28 06:16 - 00816838 _____ C:\Documents and Settings\banderson\Desktop\Beer Lounge and Kitchen Ideas.pptx
2013-10-25 11:11 - 2013-10-25 11:11 - 00110592 _____ C:\WINDOWS\Minidump\Mini102513-01.dmp

==================== One Month Modified Files and Folders =======

2013-11-13 12:05 - 2009-06-26 17:25 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-13 12:04 - 2013-11-13 12:03 - 00000178 ___SH C:\Documents and Settings\Administrator.D94GBLF1\ntuser.ini
2013-11-13 12:03 - 2013-11-13 12:03 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1
2013-11-13 11:49 - 2009-06-30 16:09 - 00000994 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-962395197-4016970835-1205081151-1145UA.job
2013-11-13 10:58 - 2008-08-11 10:12 - 01897334 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-13 10:57 - 2013-05-06 09:22 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\HTC MediaHub
2013-11-13 10:53 - 2013-06-03 11:32 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-11-13 10:53 - 2009-06-26 17:25 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-13 10:53 - 2008-08-11 10:15 - 00032290 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-13 10:53 - 2004-08-04 05:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-13 10:50 - 2008-08-11 11:21 - 00000000 __SHD C:\WINDOWS\CSC
2013-11-13 10:49 - 2008-08-11 06:05 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-13 10:49 - 2008-08-11 06:05 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-13 10:48 - 2008-08-11 11:19 - 00000120 _____ C:\WINDOWS\system32\config\netlogon.ftl
2013-11-13 10:48 - 2008-08-11 10:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-12 11:59 - 2013-11-12 11:59 - 00000000 ____D C:\FRST
2013-11-12 11:22 - 2013-11-13 12:03 - 01090275 _____ (Farbar) C:\Documents and Settings\banderson\Desktop\FRST.exe
2013-11-12 11:17 - 2008-08-11 11:26 - 00000178 ___SH C:\Documents and Settings\banderson\ntuser.ini
2013-11-12 08:28 - 2008-08-18 07:43 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Google
2013-11-12 08:28 - 2008-08-18 07:15 - 00000000 ____D C:\Program Files\Google
2013-11-12 08:04 - 2008-08-11 13:30 - 00002515 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office Word 2007.lnk
2013-11-12 05:49 - 2009-06-30 16:09 - 00000942 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-962395197-4016970835-1205081151-1145Core.job
2013-11-11 21:07 - 2008-08-11 05:58 - 00000000 ____D C:\WINDOWS\security
2013-11-11 13:01 - 2009-02-16 10:00 - 00000868 _____ C:\WINDOWS\Tasks\Google Software Updater.job
2013-11-11 09:37 - 2008-08-11 13:29 - 00002483 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office PowerPoint 2007.lnk
2013-11-11 07:57 - 2008-08-11 13:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\FLEXnet
2013-11-10 09:26 - 2012-08-29 09:20 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2013-11-10 09:26 - 2012-08-29 09:20 - 00000000 ____D C:\WINDOWS\system32\cache
2013-11-10 09:26 - 2012-07-03 10:08 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-11-06 13:52 - 2008-08-11 13:29 - 00002473 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office Excel 2007.lnk
2013-10-31 10:01 - 2013-09-13 09:05 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Citrix
2013-10-31 10:01 - 2008-12-26 07:23 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Deployment
2013-10-30 08:40 - 2011-11-12 14:52 - 00458144 _____ C:\WINDOWS\setupapi.log
2013-10-30 07:26 - 2008-08-11 13:42 - 00002335 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 8 Standard.lnk
2013-10-29 09:05 - 2009-02-17 08:57 - 00255488 ___SH C:\Documents and Settings\banderson\Desktop\Thumbs.db
2013-10-29 02:24 - 2013-08-20 10:07 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-10-29 02:24 - 2008-08-11 11:26 - 00000000 ____D C:\Documents and Settings\banderson
2013-10-29 02:12 - 2008-12-03 10:11 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-29 02:08 - 2008-08-11 13:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-10-29 02:08 - 2004-08-04 05:00 - 00000582 _____ C:\WINDOWS\win.ini
2013-10-28 06:16 - 2013-10-28 06:16 - 00816838 _____ C:\Documents and Settings\banderson\Desktop\Beer Lounge and Kitchen Ideas.pptx
2013-10-25 11:11 - 2013-10-25 11:11 - 00110592 _____ C:\WINDOWS\Minidump\Mini102513-01.dmp
2013-10-25 11:11 - 2009-01-13 14:45 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-24 14:36 - 2012-11-02 08:40 - 01209951 _____ C:\Documents and Settings\banderson\Desktop\Final Routing Matrix 11-1-12 FINAL VERSION.xlsx
2013-10-16 12:55 - 2013-08-01 07:05 - 00002316 _____ C:\Documents and Settings\banderson\Desktop\Google Chrome.lnk

Some content of TEMP:
====================
C:\Documents and Settings\administrator\Local Settings\temp\sp_setpoint.exe
C:\Documents and Settings\banderson\Local Settings\temp\7z.dll
C:\Documents and Settings\banderson\Local Settings\temp\7z.exe
C:\Documents and Settings\banderson\Local Settings\temp\avguidx.dll
C:\Documents and Settings\banderson\Local Settings\temp\CommonInstaller.exe
C:\Documents and Settings\banderson\Local Settings\temp\dtkill.exe
C:\Documents and Settings\banderson\Local Settings\temp\Executor.exe
C:\Documents and Settings\banderson\Local Settings\temp\G2MInstallerExtractor.exe
C:\Documents and Settings\banderson\Local Settings\temp\ICReinstall_PDFCreatorSetup.exe
C:\Documents and Settings\banderson\Local Settings\temp\iGearedHelper.dll
C:\Documents and Settings\banderson\Local Settings\temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u15-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u17-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u21-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u25-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u40-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\MachineIdCreator.exe
C:\Documents and Settings\banderson\Local Settings\temp\oi_{3CBB1E8C-B01B-4192-A7AB-8B217A4BFAE5}.exe
C:\Documents and Settings\banderson\Local Settings\temp\SSUPDATE.EXE
C:\Documents and Settings\banderson\Local Settings\temp\ToolbarInstaller.exe
C:\Documents and Settings\banderson\Local Settings\temp\vcredist_x86.exe
C:\Documents and Settings\banderson\Local Settings\temp\~tmf645148103571096384.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-11-2013 01
Ran by banderson at 2013-11-13 12:10:58
Running from C:\Documents and Settings\banderson\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

==================== Installed Programs ======================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe Acrobat 8 Standard - English, Français, Deutsch (Version: 8.1.4)
Adobe Acrobat 8.1.4 Standard (Version: 8.1.4)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.0.12.36)
Adobe Flash Player 11 Plugin (Version: 11.6.602.171)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
AVG Security Toolbar (Version: 17.1.2.1)
AviSynth 2.5
Beyond Contacts (Version: 3.08.3000.0292)
BlackBerry App World Browser Plugin (Version: 3.1.1.4)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
Bonjour (Version: 3.0.0.10)
Canon Camera Access Library (Version: 8.5.0.2)
Canon DIGITAL CAMERA Solution Disk Software Guide (Version: 1.3.0.1)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.0.1)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.8.0.1)
Canon Internet Library for ZoomBrowser EX (Version: 1.7.0.1)
Canon MOV Decoder (Version: 1.7.0.6)
Canon MOV Encoder (Version: 1.5.0.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.6.0.5)
Canon Personal Printing Guide (Version: 1.1.1.3)
Canon PowerShot S95 Camera User Guide (Version: 1.0.0.1)
Canon Utilities CameraWindow DC 8 (Version: 8.3.0.6)
Canon Utilities CameraWindow Launcher (Version: 7.5.0.2)
Canon Utilities Digital Photo Professional 3.9 (Version: 3.9.0.1)
Canon Utilities Movie Uploader for YouTube (Version: 1.1.0.4)
Canon Utilities MyCamera (Version: 7.4.0.2)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities ZoomBrowser EX (Version: 6.6.0.23)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.4.0.4)
CDDRV_Installer (Version: 4.60)
Cisco WebEx Meetings
Citrix Online Launcher (Version: 1.0.141)
Citrix Presentation Server Client - Web Only (Version: 10.200.2650)
Critical Update for Windows Media Player 11 (KB959772)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Resource CD (Version: 1.10.0000)
Documents To Go (Version: 10.002.453)
Documents To Go Desktop for iOS (Version: 4.0001.010)
doubleTwist (Version: 3.2.2.17028)
DVD Photo Slideshow Professional 8.05
DVDFab (Platinum/Gold/HD Decrypter) (Non-CSS Version) 5.2.2.2
DVDFab 8.1.6.8 (17/03/2012) Qt
FinePixViewer Ver.3.2 (Version: 3.2)
Free DVD Creator version 2.0 (Version: 2.0)
Free Mp3 Wma Converter V 1.8.0
FUJIFILM USB Driver
Garmin Communicator Plugin (Version: 4.0.4)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.4)
Google Chrome (HKCU Version: 30.0.1599.101)
Google Earth (Version: 7.1.1.1888)
Google SketchUp 8 (Version: 3.0.11752)
Google Update Helper (Version: 1.3.21.165)
Google Updater (Version: 2.4.2432.1652)
GoToMeeting 5.9.0.1207 (HKCU Version: 5.9.0.1207)
HandBrake 0.9.5 (Version: 0.9.5)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HTC Driver Installer (Version: 4.1.0.001)
HTC Sync Manager (Version: 2.0.58.0)
ImageMixer VCD for FinePix
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Intel® PRO Alerting Agent (Version: 12.0.2)
Intel® PRO Network Connections Drivers
Intel® Active Management Technology
Intel® Management Engine Interface
IPTInstaller (Version: 4.0.8)
iTunes (Version: 11.1.0.126)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
KhalInstallWrapper (Version: 4.60.122)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.96)
Logitech SetPoint (Version: 4.60)
Media Player Codec Pack 4.1.9 (Version: 4.1.9)
Micro Vane Workstation 5.4 (Version: 5.04.0000)
Micro Vane Workstation 5.5 (Version: 5.05.0000)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access database engine 2010 (English) (Version: 14.0.6029.1000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Easy Assist v2 (Version: 8.1.6401.0)
Microsoft English TTS Engine (Version: 2.0.1000.0)
Microsoft Image Composite Editor (Version: 1.4.4)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.91)
Microsoft Office Outlook 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Small Business 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Outlook 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.7015.1000)
Microsoft Streets & Trips 2013 (Version: 19.0.18.2600)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MicroStaff WINASPI
MobileMe Control Panel (Version: 3.1.5.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nidesoft BlackBerry Video Converter v2.3
Octoshape add-in for Adobe Flash Player
OnLive
Palm (Version: 4.1.0420)
PCFriendly
Photosynth 2.0110.0317.1042 (Version: 2.0110.0317.1042)
Picasa 3 (Version: 3.8)
QuickTime (Version: 7.69.80.9)
Safari (Version: 5.33.20.27)
SAPI Wrapper (Version: 1.0.0.0)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Sonic CinePlayer DVD Pack (Version: 2.3.1)
SoundMAX (Version: 5.10.01.5491)
Symantec Endpoint Protection (Version: 11.0.6005.562)
TTS Wrapper (Version: 1.0.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual C++ 8.0 ATL (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual C++ 8.0 CRT (x86) WinSXS MSM (Version: 8.0.50727.762)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.8.0031.9)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinZip 16.5 (Version: 16.5.10095)
YouSendIt Express (Version: 2.10.2)

==================== Restore Points =========================

Could not list Restore Points. Check WMI.

==================== Hosts content: ==========================

2004-08-04 05:00 - 2010-01-13 17:39 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{1544BCAC-1A23-4A09-9975-36B4D3BFF195}.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-962395197-4016970835-1205081151-1145Core.job => C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-962395197-4016970835-1205081151-1145UA.job => C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:A31FAD21

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""=""

==================== Faulty Device Manager Devices =============

Could not list Devices. Check WMI.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2013 00:04:11 PM) (Source: Application Error) (User: )
Description: Faulting application frst.exe, version 3.3.8.1, faulting module frst.exe, version 3.3.8.1, fault address 0x00010eb7.
Processing media-specific event for [frst.exe!ws!]

Error: (11/13/2013 10:53:07 AM) (Source: Userenv) (User: DAYTON)
Description: Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine.

Error: (11/13/2013 10:53:07 AM) (Source: Userenv) (User: DAYTON)
Description: Windows cannot perform filter check for Group Policy object CN={85D5B924-EBA5-492C-9A06-D5B406E444C5},CN=Policies,CN=System,DC=Dayton,DC=Local. Group Policy processing aborted.

Error: (11/13/2013 10:50:53 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine.

Error: (11/13/2013 10:50:53 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot perform filter check for Group Policy object CN={85D5B924-EBA5-492C-9A06-D5B406E444C5},CN=Policies,CN=System,DC=Dayton,DC=Local. Group Policy processing aborted.

Error: (11/13/2013 10:50:10 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (11/13/2013 10:49:20 AM) (Source: Intel® AMT) (User: )
Description: [UNS] Failed to subscribe to local Intel® AMT.

Error: (11/12/2013 11:01:12 AM) (Source: Userenv) (User: DAYTON)
Description: Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine.

Error: (11/12/2013 11:01:12 AM) (Source: Userenv) (User: DAYTON)
Description: Windows cannot bind to Dayton.Local domain. (Invalid Credentials). Group Policy processing aborted.

Error: (11/12/2013 11:00:01 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine.

System errors:
=============
Error: (11/13/2013 11:03:04 AM) (Source: NETLOGON) (User: )
Description: No Domain Controller is available for domain DAYTON due to the following:
%%1311.

Make sure that the computer is connected to the network and try
again. If the problem persists, please contact your domain administrator.

Error: (11/12/2013 11:17:43 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/12/2013 11:01:34 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/06/2013 11:20:09 AM) (Source: DCOM) (User: DAYTON)
Description: The server {2692A9D5-61DF-46D5-A5A1-A6CCA921D578} did not register with DCOM within the required timeout.

Error: (10/30/2013 06:52:24 AM) (Source: DCOM) (User: DAYTON)
Description: The server {2692A9D5-61DF-46D5-A5A1-A6CCA921D578} did not register with DCOM within the required timeout.

Error: (10/29/2013 02:27:02 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.

Error: (10/29/2013 02:07:46 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (10/29/2013 02:07:46 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/29/2013 02:07:46 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Windows Search service to connect.

Error: (10/25/2013 11:18:22 AM) (Source: System Error) (User: )
Description: Error code 100000be, parameter1 9e1e4d04, parameter2 21489121, parameter3 ba4fbb2c, parameter4 0000000a.

Microsoft Office Sessions:
=========================
Error: (06/26/2013 02:54:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6618 seconds with 1860 seconds of active time. This session ended with a crash.

Error: (07/03/2012 01:59:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2819 seconds with 1320 seconds of active time. This session ended with a crash.

Error: (07/03/2012 00:18:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash.

Error: (07/02/2012 01:48:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5835 seconds with 1680 seconds of active time. This session ended with a crash.

Error: (02/02/2012 07:54:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1112 seconds with 660 seconds of active time. This session ended with a crash.

Error: (12/29/2011 09:22:48 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 563 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/10/2011 10:17:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 64054 seconds with 1260 seconds of active time. This session ended with a crash.

Error: (08/09/2011 04:30:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14029 seconds with 1680 seconds of active time. This session ended with a crash.

Error: (07/05/2011 11:55:54 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 839 seconds with 360 seconds of active time. This session ended with a crash.

Error: (04/20/2011 01:13:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 324 seconds with 240 seconds of active time. This session ended with a crash.

==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 2004.54 MB
Available physical RAM: 1313.39 MB
Total Pagefile: 3896.85 MB
Available Pagefile: 3426.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:14.34 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: (LEINENKUGEL) (Removable) (Total:1.91 GB) (Free:1.91 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 529F9E27)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)

==================== End Of Log ============================

Thanks!

#11
Machiavelli

Posted 13 November 2013 - 12:28 PM

GeekU Moderator

GeekU Moderator
4,722 posts

Hello beerman!

- FIRST -

You have following Registry Cleaners installed: Uniblue RegistryBooster 2

These programs are called Registry Cleaners. This kind of programs aren't good for your PC! A registry cleaner will not increase your system's speed or performance and can damage your Registry, which lead to an unbootable PC. At Geeks to Go we strongly advise that users don't use this kind of sketchy programs.

Here is some reading stuff for you:

Registry Junk: A Windows Fact of Life by Mark Russinovich’s

It's your decision whether you want to uninstall it , but I recommend an uninstall of that program.

- NEXT -

I want you to uninstall following programs (XP: Start > Control Panel > Add/Remove Programs | Vista / Win7 / Win8: Start > Control Panel > uninstall a program):

AVG Security Toolbar

- NEXT -

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

- NEXT -

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

- NEXT -

Right click on FRST icon to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Please don't forget to include these Logs in your next answer:

Fixlog
Adwarecleaner Log
FRST Log

Attached Files

fixlist.txt 1.53KB 541 downloads

#12
beerman

Posted 13 November 2013 - 03:25 PM

Member

Topic Starter
Member
188 posts

Gerrit:

Thanks again. AVG was removed but I could not find Uniblue Registry Booster in the list of all programs or in the add/remove programs list.

Anyway, here are the logs:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-11-2013 01
Ran by banderson at 2013-11-13 14:17:25 Run:2
Running from C:\Documents and Settings\banderson\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
MountPoints2: {39934f62-75e4-11e2-af32-001e4f9966bb} - E:\LaunchU3.exe -a
MountPoints2: {60d137ab-0047-11df-aeae-001e4f9966bb} - slacker.synclauncher.exe
MountPoints2: {8a45a27d-68d5-11dd-ae31-001e4f9966bb} - G:\LaunchU3.exe -a
MountPoints2: {cb85c8d5-b91d-11e0-aef1-001e4f9966bb} - E:\RunClubSanDisk.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox...aspx?tbid=80114
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80114
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80114&lng=en
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 03 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{9c506c62-ba34-9975-c908-07eb42692101}\ \ \???\{9c506c62-ba34-9975-c908-07eb42692101}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:A31FAD21
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update* => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39934f62-75e4-11e2-af32-001e4f9966bb} => Key deleted successfully.
HKCR\CLSID\{39934f62-75e4-11e2-af32-001e4f9966bb} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d137ab-0047-11df-aeae-001e4f9966bb} => Key deleted successfully.
HKCR\CLSID\{60d137ab-0047-11df-aeae-001e4f9966bb} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a45a27d-68d5-11dd-ae31-001e4f9966bb} => Key deleted successfully.
HKCR\CLSID\{8a45a27d-68d5-11dd-ae31-001e4f9966bb} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb85c8d5-b91d-11e0-aef1-001e4f9966bb} => Key deleted successfully.
HKCR\CLSID\{cb85c8d5-b91d-11e0-aef1-001e4f9966bb} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\SearchAssistant => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\CustomizeSearch => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{C04B7D22-5AEC-4561-8F49-27F6269208F6} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} => Value deleted successfully.
HKCR\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully.
Winsock: Catalog5 entry 000000000001\\LibraryPath was set successfully to %SystemRoot%\System32\mswsock.dll
Winsock: Catalog5 entry 000000000003\\LibraryPath was set successfully to %SystemRoot%\System32\mswsock.dll
*etadpug => Service deleted successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":A31FAD21" ADS removed successfully.

==== End of Fixlog ====

# AdwCleaner v3.012 - Report created 13/11/2013 at 16:10:18
# Updated 11/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : banderson - D94GBLF1
# Running from : C:\Documents and Settings\banderson\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : CltMngSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Crawler
Folder Deleted : C:\Program Files\Red Kawa\Video Converter App\OpenCandy
Folder Deleted : C:\Program Files\Searchprotect
Folder Deleted : C:\Documents and Settings\banderson\Local Settings\Application Data\Searchprotect
Folder Deleted : C:\Documents and Settings\banderson\Application Data\OpenCandy
Folder Deleted : C:\Documents and Settings\administrator\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\administrator\Application Data\Inbox Toolbar
File Deleted : C:\DOCUME~1\BANDER~1\LOCALS~1\Temp\Uninstall.exe

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Updater]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Key Deleted : HKCU\Software\alot
Key Deleted : HKCU\Software\DynConIE
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\OpenCandy
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\alotToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Google Chrome v

[ File : C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url

*************************

AdwCleaner[R0].txt - [7374 octets] - [13/11/2013 14:25:33]
AdwCleaner[S0].txt - [6622 octets] - [13/11/2013 16:10:18]

########## EOF - H:\AdwCleaner\AdwCleaner[S0].txt - [6682 octets] ##########

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by banderson (administrator) on D94GBLF1 on 13-11-2013 16:20:26
Running from C:\Documents and Settings\banderson\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\ASF Agent\ASFAgent.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
() C:\WINDOWS\Installer\MSI90.tmp
(Intel) C:\Program Files\Intel\AMT\LMS.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchk.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Updater) C:\Documents and Settings\All Users\Application Data\Updater\Updater.exe
(FUJI PHOTO FILM CO., LTD.) C:\Program Files\FinePixViewer\QuickDCF.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Sonic Solutions) C:\Program Files\Common Files\Sonic Shared\CineTray.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WatchDog) C:\Documents and Settings\All Users\Application Data\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\Documents and Settings\All Users\Application Data\RHelpers\FireFoxHelper\FireFoxHelper.exe
(WatchDog) C:\Documents and Settings\All Users\Application Data\RHelpers\IEHelper\IeHelper.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [atchk] - C:\Program Files\Intel\AMT\atchk.exe [408344 2007-06-12] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1036288 2007-08-01] (Analog Devices, Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [623992 2008-10-14] (Adobe Systems Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\WINDOWS\KHALMNPR.Exe [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [REGSHAVE] - C:\Program Files\REGSHAVE\Regshave.exe [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47904 2010-10-08] (Apple Inc.)
HKLM\...\Run: [RoxWatchTray] - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [236016 2009-07-08] (Sonic Solutions)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115560 2011-03-19] (Symantec Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [dnsshield] - C:\Program Files\Social Privacy DNS\dnswatch.exe [147456 2013-10-27] ()
HKLM\...\Run: [Updater] - C:\Documents and Settings\All Users\Application Data\Updater\updater.exe [313208 2013-10-22] (Updater)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-08-26] (Google Inc.)
HKCU\...\Run: [Updater] - C:\Documents and Settings\All Users\Application Data\Updater\updater.exe [313208 2013-10-22] (Updater)
HKCU\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
HKCU\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\administrator\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\administrator\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
HKU\Administrator.D94GBLF1\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
HKU\Brock Anderson\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\Brock Anderson\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
AppInit_DLLs: [ ] ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk
ShortcutTarget: Exif Launcher.lnk -> C:\Program Files\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sonic CinePlayer Quick Launch.lnk
ShortcutTarget: Sonic CinePlayer Quick Launch.lnk -> C:\Program Files\Common Files\Sonic Shared\CineTray.exe (Sonic Solutions)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {30AADD83-A59A-48CF-8B75-5D8D16F36603} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKCU - {75595C56-CA05-49C7-B12C-9FEED484306C} URL = http://search.yahoo....p={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO: Social Privacy - {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files\Social Privacy\sp.dll ()
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 10.0.0.5

Chrome:
=======
CHR DefaultSearchURL: (Conduit Search) - http://search.condui...ms}&sspvC_sp_ch
CHR DefaultSuggestURL: (Conduit Search) - http://suggest.searc...x={searchTerms}
CHR Extension: (Google Wallet) - C:\DOCUME~1\BANDER~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 ASFAgent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [133968 2007-01-23] (Intel Corporation)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-06-12] (Intel Corporation)
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2011-03-19] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2011-03-19] (Symantec Corporation)
S2 gupdate1c9904786cffc28; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-16] (Google Inc.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 Level Quality Watcher; C:\WINDOWS\Installer\MSI90.tmp [414216 2013-11-13] ()
S3 LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [3093880 2010-02-17] (Symantec Corporation)
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [109336 2007-06-12] (Intel)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [1881368 2011-03-19] (Symantec Corporation)
S4 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [349512 2011-03-19] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1831024 2011-03-19] (Symantec Corporation)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2521880 2007-06-12] (Intel)
S3 IgniteService; "C:\Program Files\Miller Direct Connect\4072598\Program\IgniteService.exe" -Service [x]
R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 COH_Mon; C:\WINDOWS\system32\Drivers\COH_Mon.sys [23888 2011-03-19] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-27] (Symantec Corporation)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R2 iPodDrv; C:\WINDOWS\system32\drivers\iPodDrv.sys [6656 2012-12-20] (Windows ® Codename Longhorn DDK provider)
R2 MASPINT; C:\Windows\System32\Drivers\MASPINT.sys [8096 2000-03-29] (MicroStaff Co.,Ltd.)
R3 NAVENG; C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131112.033\NAVENG.SYS [93272 2013-11-13] (Symantec Corporation)
R3 NAVEX15; C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131112.033\NAVEX15.SYS [1612376 2013-11-13] (Symantec Corporation)
S3 PalmUSBD; C:\Windows\System32\drivers\PalmUSBD.sys [16694 2008-08-11] (PalmSource, Inc.)
R3 SenFiltService; C:\Windows\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [421424 2011-03-19] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [283184 2011-03-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [320944 2011-03-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2011-03-19] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124976 2011-05-11] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26416 2011-03-19] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [188080 2011-03-19] (Symantec Corporation)
S3 catchme; \??\C:\combofix\catchme.sys [x]
S4 IntelIde; No ImagePath
S3 MRVW245; system32\DRIVERS\MRVW245.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

61884-139-31888 552:31889 - 2010-01-13 18:33 - 00006456 ____H C:\WINDOWS\system32\gagogife
2013-11-13 16:17 - 2013-11-13 16:18 - 00003931 _____ C:\WINDOWS\KB2868626.log
2013-11-13 16:16 - 2013-11-13 16:18 - 00003923 _____ C:\WINDOWS\KB2862152.log
2013-11-13 16:16 - 2013-11-13 16:16 - 00000000 ____D C:\WINDOWS\LastGood
2013-11-13 16:11 - 2013-11-13 16:17 - 00008653 _____ C:\WINDOWS\KB2876331.log
2013-11-13 14:25 - 2013-11-13 14:25 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\BrowserSafeguard
2013-11-13 14:22 - 2013-11-13 14:22 - 01085542 _____ C:\Documents and Settings\banderson\Desktop\AdwCleaner.exe
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Program Files\Level Quality Watcher
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\banderson\Application Data\Mozilla
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Updater
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TubeDimmer
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RHelpers
2013-11-13 14:20 - 2013-11-13 14:20 - 00000000 ____D C:\Program Files\sp
2013-11-13 14:20 - 2013-11-13 14:20 - 00000000 ____D C:\Program Files\Social Privacy DNS
2013-11-13 14:20 - 2013-11-13 14:20 - 00000000 ____D C:\Program Files\Social Privacy
2013-11-13 14:19 - 2013-11-13 14:19 - 02252584 _____ (Premium Installer ) C:\Documents and Settings\banderson\Desktop\Setup.exe
2013-11-13 12:10 - 2013-11-13 12:11 - 00022961 _____ C:\Documents and Settings\banderson\Desktop\Addition.txt
2013-11-13 12:03 - 2013-11-13 12:04 - 00000178 ___SH C:\Documents and Settings\Administrator.D94GBLF1\ntuser.ini
2013-11-13 12:03 - 2013-11-13 12:03 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1
2013-11-13 12:03 - 2013-11-12 11:22 - 01090275 _____ (Farbar) C:\Documents and Settings\banderson\Desktop\FRST.exe
2013-11-13 12:03 - 2012-02-16 03:00 - 00000000 __SHD C:\Documents and Settings\Administrator.D94GBLF1\IETldCache
2013-11-13 12:03 - 2009-05-18 20:33 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1\Application Data\Macromedia
2013-11-13 12:03 - 2008-09-11 02:00 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1\Local Settings\Application Data\Microsoft Help
2013-11-13 12:03 - 2008-08-11 10:12 - 00001599 _____ C:\Documents and Settings\Administrator.D94GBLF1\Start Menu\Programs\Remote Assistance.lnk
2013-11-13 12:03 - 2008-08-11 10:12 - 00000792 _____ C:\Documents and Settings\Administrator.D94GBLF1\Start Menu\Programs\Windows Media Player.lnk
2013-11-13 12:03 - 2008-08-11 10:12 - 00000000 ___RD C:\Documents and Settings\Administrator.D94GBLF1\Start Menu\Programs\Accessories
2013-11-12 11:59 - 2013-11-12 11:59 - 00000000 ____D C:\FRST
2013-10-28 06:16 - 2013-10-28 06:16 - 00816838 _____ C:\Documents and Settings\banderson\Desktop\Beer Lounge and Kitchen Ideas.pptx
2013-10-25 11:11 - 2013-10-25 11:11 - 00110592 _____ C:\WINDOWS\Minidump\Mini102513-01.dmp

==================== One Month Modified Files and Folders =======

2013-11-13 16:18 - 2013-11-13 16:17 - 00003931 _____ C:\WINDOWS\KB2868626.log
2013-11-13 16:18 - 2013-11-13 16:16 - 00003923 _____ C:\WINDOWS\KB2862152.log
2013-11-13 16:18 - 2008-08-11 10:12 - 02022403 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-13 16:17 - 2013-11-13 16:11 - 00008653 _____ C:\WINDOWS\KB2876331.log
2013-11-13 16:17 - 2013-05-06 09:22 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\HTC MediaHub
2013-11-13 16:16 - 2013-11-13 16:16 - 00000000 ____D C:\WINDOWS\LastGood
2013-11-13 16:16 - 2013-06-03 11:32 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-11-13 16:16 - 2009-06-26 17:25 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-13 16:16 - 2008-08-11 06:04 - 00623944 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-13 16:16 - 2004-08-04 05:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-13 16:15 - 2008-08-11 05:58 - 00000000 ____D C:\WINDOWS\security
2013-11-13 16:13 - 2008-08-11 11:19 - 00000120 _____ C:\WINDOWS\system32\config\netlogon.ftl
2013-11-13 16:13 - 2008-08-11 06:05 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-13 16:13 - 2008-08-11 06:05 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-13 16:12 - 2008-08-11 10:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-13 16:11 - 2008-08-11 11:26 - 00000178 ___SH C:\Documents and Settings\banderson\ntuser.ini
2013-11-13 16:11 - 2008-08-11 11:26 - 00000000 ____D C:\Documents and Settings\banderson
2013-11-13 16:05 - 2009-06-26 17:25 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-13 15:49 - 2009-06-30 16:09 - 00000994 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-962395197-4016970835-1205081151-1145UA.job
2013-11-13 14:25 - 2013-11-13 14:25 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\BrowserSafeguard
2013-11-13 14:22 - 2013-11-13 14:22 - 01085542 _____ C:\Documents and Settings\banderson\Desktop\AdwCleaner.exe
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Program Files\Level Quality Watcher
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\banderson\Application Data\Mozilla
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Updater
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TubeDimmer
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RHelpers
2013-11-13 14:20 - 2013-11-13 14:20 - 00000000 ____D C:\Program Files\sp
2013-11-13 14:20 - 2013-11-13 14:20 - 00000000 ____D C:\Program Files\Social Privacy DNS
2013-11-13 14:20 - 2013-11-13 14:20 - 00000000 ____D C:\Program Files\Social Privacy
2013-11-13 14:19 - 2013-11-13 14:19 - 02252584 _____ (Premium Installer ) C:\Documents and Settings\banderson\Desktop\Setup.exe
2013-11-13 13:01 - 2009-02-16 10:00 - 00000868 _____ C:\WINDOWS\Tasks\Google Software Updater.job
2013-11-13 12:11 - 2013-11-13 12:10 - 00022961 _____ C:\Documents and Settings\banderson\Desktop\Addition.txt
2013-11-13 12:04 - 2013-11-13 12:03 - 00000178 ___SH C:\Documents and Settings\Administrator.D94GBLF1\ntuser.ini
2013-11-13 12:03 - 2013-11-13 12:03 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1
2013-11-13 10:53 - 2008-08-11 10:15 - 00032290 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-13 10:50 - 2008-08-11 11:21 - 00000000 __SHD C:\WINDOWS\CSC
2013-11-12 11:59 - 2013-11-12 11:59 - 00000000 ____D C:\FRST
2013-11-12 11:22 - 2013-11-13 12:03 - 01090275 _____ (Farbar) C:\Documents and Settings\banderson\Desktop\FRST.exe
2013-11-12 08:28 - 2008-08-18 07:43 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Google
2013-11-12 08:28 - 2008-08-18 07:15 - 00000000 ____D C:\Program Files\Google
2013-11-12 08:04 - 2008-08-11 13:30 - 00002515 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office Word 2007.lnk
2013-11-12 05:49 - 2009-06-30 16:09 - 00000942 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-962395197-4016970835-1205081151-1145Core.job
2013-11-11 09:37 - 2008-08-11 13:29 - 00002483 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office PowerPoint 2007.lnk
2013-11-11 07:57 - 2008-08-11 13:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\FLEXnet
2013-11-10 09:26 - 2012-08-29 09:20 - 00000000 ____D C:\WINDOWS\system32\cache
2013-11-06 13:52 - 2008-08-11 13:29 - 00002473 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office Excel 2007.lnk
2013-10-31 10:01 - 2013-09-13 09:05 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Citrix
2013-10-31 10:01 - 2008-12-26 07:23 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Deployment
2013-10-30 08:40 - 2011-11-12 14:52 - 00458144 _____ C:\WINDOWS\setupapi.log
2013-10-30 07:26 - 2008-08-11 13:42 - 00002335 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 8 Standard.lnk
2013-10-29 09:05 - 2009-02-17 08:57 - 00255488 ___SH C:\Documents and Settings\banderson\Desktop\Thumbs.db
2013-10-29 02:24 - 2013-08-20 10:07 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-10-29 02:12 - 2008-12-03 10:11 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-29 02:08 - 2008-08-11 13:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-10-29 02:08 - 2004-08-04 05:00 - 00000582 _____ C:\WINDOWS\win.ini
2013-10-28 06:16 - 2013-10-28 06:16 - 00816838 _____ C:\Documents and Settings\banderson\Desktop\Beer Lounge and Kitchen Ideas.pptx
2013-10-25 11:11 - 2013-10-25 11:11 - 00110592 _____ C:\WINDOWS\Minidump\Mini102513-01.dmp
2013-10-25 11:11 - 2009-01-13 14:45 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-24 14:36 - 2012-11-02 08:40 - 01209951 _____ C:\Documents and Settings\banderson\Desktop\Final Routing Matrix 11-1-12 FINAL VERSION.xlsx
2013-10-16 12:55 - 2013-08-01 07:05 - 00002316 _____ C:\Documents and Settings\banderson\Desktop\Google Chrome.lnk

Some content of TEMP:
====================
C:\Documents and Settings\administrator\Local Settings\temp\sp_setpoint.exe
C:\Documents and Settings\banderson\Local Settings\temp\7z.dll
C:\Documents and Settings\banderson\Local Settings\temp\7z.exe
C:\Documents and Settings\banderson\Local Settings\temp\avguidx.dll
C:\Documents and Settings\banderson\Local Settings\temp\CommonInstaller.exe
C:\Documents and Settings\banderson\Local Settings\temp\dtkill.exe
C:\Documents and Settings\banderson\Local Settings\temp\Executor.exe
C:\Documents and Settings\banderson\Local Settings\temp\G2MInstallerExtractor.exe
C:\Documents and Settings\banderson\Local Settings\temp\ICReinstall_PDFCreatorSetup.exe
C:\Documents and Settings\banderson\Local Settings\temp\iGearedHelper.dll
C:\Documents and Settings\banderson\Local Settings\temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u15-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u17-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u21-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u25-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u40-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\MachineIdCreator.exe
C:\Documents and Settings\banderson\Local Settings\temp\nsh83.exe
C:\Documents and Settings\banderson\Local Settings\temp\nsu86.exe
C:\Documents and Settings\banderson\Local Settings\temp\nsu89.exe
C:\Documents and Settings\banderson\Local Settings\temp\nsw80.exe
C:\Documents and Settings\banderson\Local Settings\temp\oi_{3CBB1E8C-B01B-4192-A7AB-8B217A4BFAE5}.exe
C:\Documents and Settings\banderson\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\banderson\Local Settings\temp\SSUPDATE.EXE
C:\Documents and Settings\banderson\Local Settings\temp\System.Data.SQLite.dll
C:\Documents and Settings\banderson\Local Settings\temp\ToolbarInstaller.exe
C:\Documents and Settings\banderson\Local Settings\temp\vcredist_x86.exe
C:\Documents and Settings\banderson\Local Settings\temp\~tmf645148103571096384.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Thanks again.

#13
Machiavelli

Posted 14 November 2013 - 10:17 AM

GeekU Moderator

GeekU Moderator
4,722 posts

Hello Beerman!

- FIRST -

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

- NEXT -

Using this link download aswMBR.exe to your desktop.
Right click aswMBR.exe and Run as Administrator select No for AVAST virus definitions.
Click the Scan button to start.
When the scan ends click Save Log and save it to your desktop
Post this log in your next reply

- NEXT -

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

- NEXT -

Please download Farbar Service Scanner and run it on the computer with the issue.

Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

- NEXT -

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click on the FRST Icon to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Please don't forget to include these Logfiles in your next answer:

Fixlog
ASWMBR Log
TDSS Killer Log
FSS Log
FRST Log

Attached Files

fixlist.txt 976bytes 536 downloads

#14
beerman

Posted 14 November 2013 - 01:52 PM

Member

Topic Starter
Member
188 posts

Gerrit:

Thanks again. Here are the logs:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-11-2013 01
Ran by banderson at 2013-11-14 11:24:11 Run:3
Running from C:\Documents and Settings\banderson\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [Updater] - C:\Documents and Settings\All Users\Application Data\Updater\updater.exe [313208 2013-10-22] (Updater)
HKCU\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
HKU\administrator\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
HKU\Administrator.D94GBLF1\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
HKU\Brock Anderson\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
BHO: Social Privacy - {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files\Social Privacy\sp.dll ()
CHR DefaultSearchURL: (Conduit Search) - http://search.condui...ms}&sspvC_sp_ch
CHR DefaultSuggestURL: (Conduit Search) - http://suggest.searc...x={searchTerms}
R2 Level Quality Watcher; C:\WINDOWS\Installer\MSI90.tmp [414216 2013-11-13] ()
C:\WINDOWS\system32\gagogife
C:\Program Files\sp
C:\Program Files\Social Privacy DNS
C:\Program Files\Social Privacy
C:\Documents and Settings\All Users\Application Data\Updater
C:\WINDOWS\Installer\MSI90.tmp

*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Updater => Value deleted successfully.
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\administrator\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\Administrator.D94GBLF1\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\Brock Anderson\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} => Key not found.
HKCR\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} => Key not found.
CHR DefaultSearchURL: (Conduit Search) - http://search.condui...ms}&sspvC_sp_ch ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (Conduit Search) - http://suggest.searc...x={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
Level Quality Watcher => Service deleted successfully.
C:\WINDOWS\system32\gagogife => Moved successfully.
C:\Program Files\sp => Moved successfully.
"C:\Program Files\Social Privacy DNS" => File/Directory not found.
"C:\Program Files\Social Privacy" => File/Directory not found.
C:\Documents and Settings\All Users\Application Data\Updater => Moved successfully.
C:\WINDOWS\Installer\MSI90.tmp => Moved successfully.

The system needs a manual reboot.

==== End of Fixlog ====

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-11-14 11:32:52
-----------------------------
11:32:52.850 OS Version: Windows 5.1.2600 Service Pack 3
11:32:52.850 Number of processors: 2 586 0xF0B
11:32:52.850 ComputerName: D94GBLF1 UserName:
11:32:53.288 Initialize success
11:33:07.713 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:33:07.713 Disk 0 Vendor: ST316081 3.AD Size: 152587MB BusType: 3
11:33:07.869 Disk 0 MBR read successfully
11:33:07.869 Disk 0 MBR scan
11:33:07.869 Disk 0 Windows XP default MBR code
11:33:07.869 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
11:33:07.885 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152523 MB offset 128520
11:33:07.885 Disk 0 scanning sectors +312496380
11:33:07.916 Disk 0 scanning C:\WINDOWS\system32\drivers
11:33:17.028 Service scanning
11:33:32.422 Modules scanning
11:33:38.189 Disk 0 trace - called modules:
11:33:38.205 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:33:38.205 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a6fe030]
11:33:38.205 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8a131030]
11:33:38.220 Scan finished successfully
11:33:50.317 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\banderson\Desktop\MBR.dat"
11:33:50.317 The log file has been saved successfully to "C:\Documents and Settings\banderson\Desktop\aswMBR.txt"

14:38:03.0376 0x08b4 TDSS rootkit removing tool 3.0.0.17 Nov 12 2013 19:54:52
14:38:03.0891 0x08b4 ============================================================
14:38:03.0891 0x08b4 Current date / time: 2013/11/14 14:38:03.0891
14:38:03.0891 0x08b4 SystemInfo:
14:38:03.0891 0x08b4
14:38:03.0891 0x08b4 OS Version: 5.1.2600 ServicePack: 3.0
14:38:03.0891 0x08b4 Product type: Workstation
14:38:03.0891 0x08b4 ComputerName: D94GBLF1
14:38:03.0891 0x08b4 UserName: banderson
14:38:03.0891 0x08b4 Windows directory: C:\WINDOWS
14:38:03.0891 0x08b4 System windows directory: C:\WINDOWS
14:38:03.0891 0x08b4 Processor architecture: Intel x86
14:38:03.0891 0x08b4 Number of processors: 2
14:38:03.0891 0x08b4 Page size: 0x1000
14:38:03.0891 0x08b4 Boot type: Normal boot
14:38:03.0891 0x08b4 ============================================================
14:38:04.0001 0x08b4 BG loaded
14:38:20.0733 0x08b4 System UUID: {4E0FDFEA-B642-8F39-B191-F7E08E876A9B}
14:38:41.0058 0x08b4 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:38:41.0277 0x08b4 Drive \Device\Harddisk1\DR3 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:38:41.0277 0x08b4 ============================================================
14:38:41.0277 0x08b4 \Device\Harddisk0\DR0:
14:38:41.0418 0x08b4 MBR partitions:
14:38:41.0418 0x08b4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F608, BlocksNum 0x129E5AF4
14:38:41.0418 0x08b4 \Device\Harddisk1\DR3:
14:38:41.0418 0x08b4 MBR partitions:
14:38:41.0418 0x08b4 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800
14:38:41.0418 0x08b4 ============================================================
14:38:41.0543 0x08b4 C: <-> \Device\Harddisk0\DR0\Partition1
14:38:41.0543 0x08b4 E: <-> \Device\Harddisk1\DR3\Partition1
14:38:41.0543 0x08b4 ============================================================
14:38:41.0543 0x08b4 Initialize success
14:38:41.0543 0x08b4 ============================================================
14:40:28.0921 0x0818 ============================================================
14:40:28.0921 0x0818 Scan started
14:40:28.0921 0x0818 Mode: Manual; SigCheck; TDLFS;
14:40:28.0921 0x0818 ============================================================
14:40:28.0921 0x0818 KSN ping started
14:40:29.0139 0x0818 KSN ping finished: true
14:40:29.0358 0x0818 ================ Scan system memory ========================
14:40:32.0717 0x0818 System memory - ok
14:40:32.0717 0x0818 ================ Scan services =============================
14:40:32.0780 0x0818 Abiosdsk - ok
14:40:32.0780 0x0818 abp480n5 - ok
14:40:32.0826 0x0818 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:40:33.0280 0x0818 ACPI - ok
14:40:33.0405 0x0818 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:40:33.0498 0x0818 ACPIEC - ok
14:40:33.0545 0x0818 [ 0F0A69496989912351284BB1BAA2CE57, 8F8657007E300BA529D09E8A5A17ADE0417DD246031C37E724B5078798B5C0A5 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
14:40:33.0592 0x0818 ADIHdAudAddService - ok
14:40:33.0608 0x0818 adpu160m - ok
14:40:33.0623 0x0818 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:40:33.0733 0x0818 aec - ok
14:40:33.0764 0x0818 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:40:33.0811 0x0818 AFD - ok
14:40:33.0811 0x0818 Aha154x - ok
14:40:33.0811 0x0818 aic78u2 - ok
14:40:33.0811 0x0818 aic78xx - ok
14:40:33.0842 0x0818 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:40:33.0936 0x0818 Alerter - ok
14:40:33.0967 0x0818 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
14:40:34.0092 0x0818 ALG - ok
14:40:34.0092 0x0818 AliIde - ok
14:40:34.0092 0x0818 amsint - ok
14:40:34.0217 0x0818 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:40:34.0233 0x0818 Apple Mobile Device - ok
14:40:34.0279 0x0818 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:40:34.0373 0x0818 AppMgmt - ok
14:40:34.0389 0x0818 asc - ok
14:40:34.0389 0x0818 asc3350p - ok
14:40:34.0389 0x0818 asc3550 - ok
14:40:34.0483 0x0818 [ A60BDB22CDCEA7818465D58BE76640FA, E51DE4A107398562643A3461F71B2A93E627D49279187091CA0948AE379A9F82 ] ASFAgent C:\Program Files\Intel\ASF Agent\ASFAgent.exe
14:40:34.0545 0x0818 ASFAgent - ok
14:40:34.0654 0x0818 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:40:34.0748 0x0818 aspnet_state - ok
14:40:34.0779 0x0818 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:40:34.0873 0x0818 AsyncMac - ok
14:40:34.0904 0x0818 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:40:35.0029 0x0818 atapi - ok
14:40:35.0108 0x0818 [ EECC1D40AA10F85126708796ABA1E7D5, 00E15C8C1D25AD6B80A4ABC0B9547FF179358F71A76317EEE56AD4CF56FBAA0C ] atchksrv C:\Program Files\Intel\AMT\atchksrv.exe
14:40:35.0139 0x0818 atchksrv - ok
14:40:35.0139 0x0818 Atdisk - ok
14:40:35.0201 0x0818 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:40:35.0279 0x0818 Atmarpc - ok
14:40:35.0326 0x0818 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:40:35.0420 0x0818 AudioSrv - ok
14:40:35.0451 0x0818 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:40:35.0545 0x0818 audstub - ok
14:40:35.0592 0x0818 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:40:35.0686 0x0818 Beep - ok
14:40:35.0733 0x0818 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
14:40:35.0842 0x0818 BITS - ok
14:40:35.0936 0x0818 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:40:35.0982 0x0818 Bonjour Service - ok
14:40:36.0029 0x0818 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
14:40:36.0076 0x0818 Browser - ok
14:40:36.0076 0x0818 catchme - ok
14:40:36.0123 0x0818 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:40:36.0232 0x0818 cbidf2k - ok
14:40:36.0279 0x0818 [ 359E5A91D26D0439933BEF1C29CEDEF7, 648563646BA023C7C0CB2A707062E5B93DC4C81D904726D5002FB316C8623D66 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe
14:40:36.0295 0x0818 CCALib8 - detected UnsignedFile.Multi.Generic ( 1 )
14:40:36.0717 0x0818 Detect skipped due to KSN trusted
14:40:36.0717 0x0818 CCALib8 - ok
14:40:36.0795 0x0818 [ 260A069F403DA226D18C058AD14FD3A3, 65649EA8FF712B237C9480DC4AC86680F9C47B32D3C84470267B6CBABD36565F ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
14:40:36.0811 0x0818 ccEvtMgr - ok
14:40:36.0826 0x0818 [ 260A069F403DA226D18C058AD14FD3A3, 65649EA8FF712B237C9480DC4AC86680F9C47B32D3C84470267B6CBABD36565F ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
14:40:36.0842 0x0818 ccSetMgr - ok
14:40:36.0857 0x0818 cd20xrnt - ok
14:40:36.0904 0x0818 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:40:36.0982 0x0818 Cdaudio - ok
14:40:36.0998 0x0818 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:40:37.0076 0x0818 Cdfs - ok
14:40:37.0123 0x0818 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:40:37.0217 0x0818 Cdrom - ok
14:40:37.0264 0x0818 [ 84853B3FD012251690570E9E7E43343F, 65CACFA643E52A0C0E6B2D901228A8A0AD4993CAFA3C287E65395F4B7C521089 ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
14:40:37.0264 0x0818 cercsr6 - detected UnsignedFile.Multi.Generic ( 1 )
14:40:37.0748 0x0818 Detect skipped due to KSN trusted
14:40:37.0748 0x0818 cercsr6 - ok
14:40:37.0764 0x0818 Changer - ok
14:40:37.0795 0x0818 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:40:37.0920 0x0818 CiSvc - ok
14:40:37.0935 0x0818 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:40:38.0029 0x0818 ClipSrv - ok
14:40:38.0123 0x0818 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:40:38.0295 0x0818 clr_optimization_v2.0.50727_32 - ok
14:40:38.0342 0x0818 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:40:38.0420 0x0818 clr_optimization_v4.0.30319_32 - ok
14:40:38.0420 0x0818 CmdIde - ok
14:40:38.0451 0x0818 [ DE88A385898F6D13026F94F749FBAED2, CDB2C8612591A3E0B0B2E87E4A5A19571833319CE30B8510499CA0B5E238D17F ] COH_Mon C:\WINDOWS\system32\Drivers\COH_Mon.sys
14:40:38.0467 0x0818 COH_Mon - ok
14:40:38.0467 0x0818 COMSysApp - ok
14:40:38.0467 0x0818 Cpqarray - ok
14:40:38.0514 0x0818 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:40:38.0592 0x0818 CryptSvc - ok
14:40:38.0607 0x0818 dac2w2k - ok
14:40:38.0607 0x0818 dac960nt - ok
14:40:38.0654 0x0818 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:40:38.0717 0x0818 DcomLaunch - ok
14:40:38.0764 0x0818 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:40:38.0857 0x0818 Dhcp - ok
14:40:38.0889 0x0818 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:40:38.0982 0x0818 Disk - ok
14:40:38.0998 0x0818 dmadmin - ok
14:40:39.0045 0x0818 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:40:39.0201 0x0818 dmboot - ok
14:40:39.0201 0x0818 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:40:39.0295 0x0818 dmio - ok
14:40:39.0310 0x0818 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:40:39.0420 0x0818 dmload - ok
14:40:39.0451 0x0818 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
14:40:39.0545 0x0818 dmserver - ok
14:40:39.0545 0x0818 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:40:39.0623 0x0818 DMusic - ok
14:40:39.0670 0x0818 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:40:39.0701 0x0818 Dnscache - ok
14:40:39.0748 0x0818 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:40:39.0857 0x0818 Dot3svc - ok
14:40:39.0857 0x0818 dpti2o - ok
14:40:39.0888 0x0818 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:40:39.0982 0x0818 drmkaud - ok
14:40:40.0029 0x0818 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
14:40:40.0060 0x0818 e1express - ok
14:40:40.0107 0x0818 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:40:40.0185 0x0818 EapHost - ok
14:40:40.0263 0x0818 [ E1E3804F7C59EA3E14637C2A763F65E2, DE230937450EA73819B207BA513D7C2830EC981B77B3AD2FADF2A2A828BAF412 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
14:40:40.0279 0x0818 eeCtrl - ok
14:40:40.0310 0x0818 [ 6D84DFC3B5C5052881BF50470D0C03D1, 5609B71BED7DC906EA163949980D98AEFE9E197EC9AA571B1A3CF960D95FC329 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:40:40.0342 0x0818 EraserUtilRebootDrv - ok
14:40:40.0373 0x0818 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:40:40.0467 0x0818 ERSvc - ok
14:40:40.0498 0x0818 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
14:40:40.0529 0x0818 Eventlog - ok
14:40:40.0576 0x0818 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
14:40:40.0607 0x0818 EventSystem - ok
14:40:40.0638 0x0818 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:40:40.0717 0x0818 Fastfat - ok
14:40:40.0763 0x0818 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:40:40.0810 0x0818 FastUserSwitchingCompatibility - ok
14:40:40.0841 0x0818 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:40:40.0935 0x0818 Fdc - ok
14:40:40.0966 0x0818 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:40:41.0060 0x0818 Fips - ok
14:40:41.0123 0x0818 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:40:41.0154 0x0818 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
14:40:41.0451 0x0818 Detect skipped due to KSN trusted
14:40:41.0451 0x0818 FLEXnet Licensing Service - ok
14:40:41.0466 0x0818 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:40:41.0545 0x0818 Flpydisk - ok
14:40:41.0591 0x0818 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:40:41.0670 0x0818 FltMgr - ok
14:40:41.0748 0x0818 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:40:41.0779 0x0818 FontCache3.0.0.0 - ok
14:40:41.0779 0x0818 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:40:41.0873 0x0818 Fs_Rec - ok
14:40:41.0888 0x0818 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:40:42.0013 0x0818 Ftdisk - ok
14:40:42.0060 0x0818 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
14:40:42.0076 0x0818 GEARAspiWDM - ok
14:40:42.0091 0x0818 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:40:42.0185 0x0818 Gpc - ok
14:40:42.0232 0x0818 [ 6003BC70F1A8307262BD3C941BDA0B7E, E820EB4B7099687831A67D37F6004A58968D3B89BF7F964848191455E4DA3AF0 ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
14:40:42.0263 0x0818 grmnusb - ok
14:40:42.0373 0x0818 [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate1c9904786cffc28 C:\Program Files\Google\Update\GoogleUpdate.exe
14:40:42.0404 0x0818 gupdate1c9904786cffc28 - ok
14:40:42.0404 0x0818 [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:40:42.0435 0x0818 gupdatem - ok
14:40:42.0498 0x0818 [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:40:42.0544 0x0818 gusvc - ok
14:40:42.0560 0x0818 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:40:42.0638 0x0818 HDAudBus - ok
14:40:42.0685 0x0818 [ C865D1F6D03595DF213DC3C67E4E4C58, A15028697383377D3E6DBC91F3729DEBEC135304DF27C057FFD9B1BF8861D509 ] HECI C:\WINDOWS\system32\DRIVERS\HECI.sys
14:40:42.0716 0x0818 HECI - ok
14:40:42.0841 0x0818 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:40:42.0935 0x0818 helpsvc - ok
14:40:42.0935 0x0818 HidServ - ok
14:40:42.0966 0x0818 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:40:43.0044 0x0818 hidusb - ok
14:40:43.0091 0x0818 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:40:43.0201 0x0818 hkmsvc - ok
14:40:43.0201 0x0818 hpn - ok
14:40:43.0216 0x0818 [ CBD09ED9CF6822177EE85AEA4D8816A2, 369897B4609B3FE55F9A82F19E38116E2E6527E349D48A956607EDED71F664D2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
14:40:43.0263 0x0818 HTCAND32 - ok
14:40:43.0326 0x0818 [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
14:40:43.0341 0x0818 HTCMonitorService - ok
14:40:43.0357 0x0818 [ 04E3B3554076B8192A668EFE88A682A1, 95EE46A1100178CC1989D61897239C09694647CA638E25CED10005730728E7A5 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
14:40:43.0388 0x0818 htcnprot - ok
14:40:43.0435 0x0818 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:40:43.0482 0x0818 HTTP - ok
14:40:43.0529 0x0818 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:40:43.0623 0x0818 HTTPFilter - ok
14:40:43.0623 0x0818 i2omgmt - ok
14:40:43.0623 0x0818 i2omp - ok
14:40:43.0638 0x0818 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
14:40:43.0732 0x0818 i8042prt - ok
14:40:43.0826 0x0818 [ 72B53E9C8924949DEC8F3799BCBA2251, FA49C575A9FB45729A9A54CE9A78BD93BAA7A514B1488A8A5BD71489CE033D69 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
14:40:43.0857 0x0818 IAANTMON - ok
14:40:44.0107 0x0818 [ BFFA387180121DF1E4646C4CED3E16CA, D94C94DB7F90FAB681E28F81C346CED009F1E6104F5BB1F3EB2F467A34D0221E ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:40:44.0513 0x0818 ialm - ok
14:40:44.0576 0x0818 [ E5A0034847537EAEE3C00349D5C34C5F, 3E0F99512CDFF0B628E2FF5B91BB371CDEF65201B03C53182C97DDE34E26E04C ] iastor C:\WINDOWS\system32\DRIVERS\iaStor.sys
14:40:44.0591 0x0818 iastor - ok
14:40:44.0654 0x0818 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:40:44.0685 0x0818 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
14:40:44.0935 0x0818 Detect skipped due to KSN trusted
14:40:44.0935 0x0818 IDriverT - ok
14:40:45.0029 0x0818 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:40:45.0091 0x0818 idsvc - ok
14:40:45.0122 0x0818 IgniteService - ok
14:40:45.0138 0x0818 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:40:45.0216 0x0818 Imapi - ok
14:40:45.0279 0x0818 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
14:40:45.0372 0x0818 ImapiService - ok
14:40:45.0372 0x0818 ini910u - ok
14:40:45.0372 0x0818 IntelIde - ok
14:40:45.0419 0x0818 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:40:45.0497 0x0818 intelppm - ok
14:40:45.0513 0x0818 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:40:45.0591 0x0818 Ip6Fw - ok
14:40:45.0638 0x0818 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:40:45.0716 0x0818 IpFilterDriver - ok
14:40:45.0763 0x0818 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:40:45.0841 0x0818 IpInIp - ok
14:40:45.0872 0x0818 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:40:45.0966 0x0818 IpNat - ok
14:40:46.0029 0x0818 [ C00149A7027081539A66DC5A46695EAD, 51F01CD6B37BA52B3D4DC9CAE3A9FBDDB2FA6FB6A9E779C9157BB056CEC3BEC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:40:46.0075 0x0818 iPod Service - ok
14:40:46.0107 0x0818 [ CF79FF3D10864F73660A34E006B6B8F8, 2F8DD1D9F9FC79436137A06249677554FB42136E7082908727B1AF27B14C71D2 ] iPodDrv C:\WINDOWS\system32\drivers\iPodDrv.sys
14:40:46.0107 0x0818 iPodDrv - detected UnsignedFile.Multi.Generic ( 1 )
14:40:46.0388 0x0818 Detect skipped due to KSN trusted
14:40:46.0388 0x0818 iPodDrv - ok
14:40:46.0404 0x0818 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:40:46.0497 0x0818 IPSec - ok
14:40:46.0513 0x0818 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:40:46.0575 0x0818 IRENUM - ok
14:40:46.0622 0x0818 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:40:46.0700 0x0818 isapnp - ok
14:40:46.0825 0x0818 [ 381B25DC8E958D905B33130D500BBF29, DD351662579CD575A9C4A78901D30FFE909432A204B98B8328A00B16769A6838 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
14:40:46.0857 0x0818 JavaQuickStarterService - ok
14:40:46.0872 0x0818 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:40:46.0950 0x0818 Kbdclass - ok
14:40:46.0950 0x0818 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:40:47.0029 0x0818 kbdhid - ok
14:40:47.0060 0x0818 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:40:47.0154 0x0818 kmixer - ok
14:40:47.0200 0x0818 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:40:47.0232 0x0818 KSecDD - ok
14:40:47.0278 0x0818 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:40:47.0294 0x0818 lanmanserver - ok
14:40:47.0341 0x0818 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:40:47.0388 0x0818 lanmanworkstation - ok
14:40:47.0388 0x0818 lbrtfdc - ok
14:40:47.0450 0x0818 [ A0F7DC0080E4F97DC97DE08B699E231B, 7220630BEFB4ADFEB19B07253953F5E09EF42E8AE0187566EFEE4F822DAC1F8A ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
14:40:47.0482 0x0818 LBTServ - ok
14:40:47.0528 0x0818 [ 24E0DDB99AECCF86BB37702611761459, 5827F83E84F0CC8C520F54AF71BB4382A98BFE379D68F6A593C2FFC28B3DB59B ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
14:40:47.0544 0x0818 LHidFilt - ok
14:40:47.0747 0x0818 [ 6105B28F5D03C4AFFA7197B228768849, 2CD17178816100DBAFEFCD940DF8D012CDADC78C278835DEADB8D5F6BC0FC11A ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
14:40:47.0888 0x0818 LiveUpdate - ok
14:40:47.0919 0x0818 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:40:48.0013 0x0818 LmHosts - ok
14:40:48.0060 0x0818 [ D58B330D318361A66A9FE60D7C9B4951, DCE08C7B3F2FE45204172564129292BB2BABED9226F368091DE2C2D315DA4D5C ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
14:40:48.0075 0x0818 LMouFilt - ok
14:40:48.0091 0x0818 [ C518D248041C259FCFA7175C866915C3, ACCDE9CF6B2E710CE771C87FB90886BDCB5D171E9712FE481E654AF6E0E035A9 ] LMS C:\Program Files\Intel\AMT\LMS.exe
14:40:48.0107 0x0818 LMS - ok
14:40:48.0138 0x0818 [ A2AE666CEE860BABE7FA6F1662B71737, 149F52A9510A645A4B3C2981CAD0CB20C6CF82982BE5E7A1180E18C6AB647901 ] MASPINT C:\WINDOWS\system32\drivers\MASPINT.sys
14:40:48.0169 0x0818 MASPINT - detected UnsignedFile.Multi.Generic ( 1 )
14:40:48.0435 0x0818 Detect skipped due to KSN trusted
14:40:48.0435 0x0818 MASPINT - ok
14:40:48.0482 0x0818 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:40:48.0560 0x0818 Messenger - ok
14:40:48.0607 0x0818 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:40:48.0700 0x0818 mnmdd - ok
14:40:48.0747 0x0818 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:40:48.0841 0x0818 mnmsrvc - ok
14:40:48.0919 0x0818 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:40:48.0997 0x0818 Modem - ok
14:40:49.0013 0x0818 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:40:49.0106 0x0818 Mouclass - ok
14:40:49.0122 0x0818 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:40:49.0216 0x0818 mouhid - ok
14:40:49.0263 0x0818 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:40:49.0341 0x0818 MountMgr - ok
14:40:49.0356 0x0818 mraid35x - ok
14:40:49.0356 0x0818 MRVW245 - ok
14:40:49.0356 0x0818 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:40:49.0450 0x0818 MRxDAV - ok
14:40:49.0466 0x0818 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:40:49.0513 0x0818 MRxSmb - ok
14:40:49.0560 0x0818 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:40:49.0653 0x0818 MSDTC - ok
14:40:49.0653 0x0818 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:40:49.0747 0x0818 Msfs - ok
14:40:49.0747 0x0818 MSIServer - ok
14:40:49.0747 0x0818 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:40:49.0841 0x0818 MSKSSRV - ok
14:40:49.0872 0x0818 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:40:49.0950 0x0818 MSPCLOCK - ok
14:40:49.0997 0x0818 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:40:50.0075 0x0818 MSPQM - ok
14:40:50.0106 0x0818 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:40:50.0185 0x0818 mssmbios - ok
14:40:50.0231 0x0818 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:40:50.0247 0x0818 Mup - ok
14:40:50.0294 0x0818 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:40:50.0419 0x0818 napagent - ok
14:40:50.0513 0x0818 [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVENG.SYS
14:40:50.0528 0x0818 NAVENG - ok
14:40:50.0606 0x0818 [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVEX15.SYS
14:40:50.0669 0x0818 NAVEX15 - ok
14:40:50.0700 0x0818 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:40:50.0794 0x0818 NDIS - ok
14:40:50.0825 0x0818 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:40:50.0856 0x0818 NdisTapi - ok
14:40:50.0903 0x0818 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:40:50.0997 0x0818 Ndisuio - ok
14:40:51.0013 0x0818 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:40:51.0106 0x0818 NdisWan - ok
14:40:51.0153 0x0818 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:40:51.0169 0x0818 NDProxy - ok
14:40:51.0184 0x0818 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:40:51.0278 0x0818 NetBIOS - ok
14:40:51.0325 0x0818 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:40:51.0419 0x0818 NetBT - ok
14:40:51.0450 0x0818 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
14:40:51.0575 0x0818 NetDDE - ok
14:40:51.0591 0x0818 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:40:51.0669 0x0818 NetDDEdsdm - ok
14:40:51.0716 0x0818 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:40:51.0794 0x0818 Netlogon - ok
14:40:51.0856 0x0818 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
14:40:51.0950 0x0818 Netman - ok
14:40:51.0997 0x0818 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:40:52.0075 0x0818 NetTcpPortSharing - ok
14:40:52.0106 0x0818 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
14:40:52.0169 0x0818 Nla - ok
14:40:52.0184 0x0818 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:40:52.0278 0x0818 Npfs - ok
14:40:52.0387 0x0818 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:40:52.0591 0x0818 Ntfs - ok
14:40:52.0622 0x0818 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:40:52.0700 0x0818 NtLmSsp - ok
14:40:52.0825 0x0818 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:40:53.0106 0x0818 NtmsSvc - ok
14:40:53.0122 0x0818 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
14:40:53.0200 0x0818 Null - ok
14:40:53.0247 0x0818 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:40:53.0341 0x0818 NwlnkFlt - ok
14:40:53.0372 0x0818 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:40:53.0450 0x0818 NwlnkFwd - ok
14:40:53.0762 0x0818 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:40:53.0825 0x0818 odserv - ok
14:40:53.0981 0x0818 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:40:54.0044 0x0818 ose - ok
14:40:54.0950 0x0818 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:40:56.0278 0x0818 osppsvc - ok
14:40:56.0325 0x0818 [ 240C0D4049A833B16B63B636ACF01672, B357CCC9DF8A85862B87975DF774705556B4FC3EB3AEC3E763E4BB86F55B15A9 ] PalmUSBD C:\WINDOWS\system32\drivers\PalmUSBD.sys
14:40:56.0403 0x0818 PalmUSBD - ok
14:40:56.0434 0x0818 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:40:56.0528 0x0818 Parport - ok
14:40:56.0575 0x0818 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:40:56.0653 0x0818 PartMgr - ok
14:40:56.0700 0x0818 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:40:56.0778 0x0818 ParVdm - ok
14:40:56.0825 0x0818 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
14:40:56.0840 0x0818 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
14:40:57.0106 0x0818 Detect skipped due to KSN trusted
14:40:57.0106 0x0818 PassThru Service - ok
14:40:57.0121 0x0818 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:40:57.0200 0x0818 PCI - ok
14:40:57.0215 0x0818 PCIDump - ok
14:40:57.0215 0x0818 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:40:57.0293 0x0818 PCIIde - ok
14:40:57.0309 0x0818 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:40:57.0387 0x0818 Pcmcia - ok
14:40:57.0418 0x0818 [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
14:40:57.0434 0x0818 pcouffin - detected UnsignedFile.Multi.Generic ( 1 )
14:40:57.0700 0x0818 Detect skipped due to KSN trusted
14:40:57.0700 0x0818 pcouffin - ok
14:40:57.0700 0x0818 PDCOMP - ok
14:40:57.0700 0x0818 PDFRAME - ok
14:40:57.0700 0x0818 PDRELI - ok
14:40:57.0700 0x0818 PDRFRAME - ok
14:40:57.0715 0x0818 perc2 - ok
14:40:57.0715 0x0818 perc2hib - ok
14:40:57.0731 0x0818 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
14:40:57.0746 0x0818 PlugPlay - ok
14:40:57.0793 0x0818 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:40:57.0871 0x0818 PptpMiniport - ok
14:40:57.0903 0x0818 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:40:57.0981 0x0818 ProtectedStorage - ok
14:40:57.0981 0x0818 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:40:58.0059 0x0818 PSched - ok
14:40:58.0075 0x0818 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:40:58.0153 0x0818 Ptilink - ok
14:40:58.0215 0x0818 [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:40:58.0215 0x0818 PxHelp20 - ok
14:40:58.0215 0x0818 ql1080 - ok
14:40:58.0215 0x0818 Ql10wnt - ok
14:40:58.0215 0x0818 ql12160 - ok
14:40:58.0215 0x0818 ql1240 - ok
14:40:58.0215 0x0818 ql1280 - ok
14:40:58.0262 0x0818 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:40:58.0340 0x0818 RasAcd - ok
14:40:58.0387 0x0818 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:40:58.0496 0x0818 RasAuto - ok
14:40:58.0512 0x0818 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:40:58.0590 0x0818 Rasl2tp - ok
14:40:58.0637 0x0818 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:40:58.0746 0x0818 RasMan - ok
14:40:58.0762 0x0818 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:40:58.0840 0x0818 RasPppoe - ok
14:40:58.0856 0x0818 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:40:58.0949 0x0818 Raspti - ok
14:40:58.0981 0x0818 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:40:59.0059 0x0818 Rdbss - ok
14:40:59.0090 0x0818 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:40:59.0199 0x0818 RDPCDD - ok
14:40:59.0215 0x0818 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:40:59.0324 0x0818 rdpdr - ok
14:40:59.0387 0x0818 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:40:59.0418 0x0818 RDPWD - ok
14:40:59.0465 0x0818 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:40:59.0606 0x0818 RDSessMgr - ok
14:40:59.0637 0x0818 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:40:59.0731 0x0818 redbook - ok
14:40:59.0793 0x0818 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:40:59.0871 0x0818 RemoteRegistry - ok
14:40:59.0903 0x0818 [ 616EAC1B0E48B236A5A9B8AE07FDB81C, B336AD485AE908DCEB50102C0E6295E1ED60E29F311EE69947AB80AADF2A62FD ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
14:40:59.0981 0x0818 RimUsb - ok
14:41:00.0012 0x0818 [ 2C4FB2E9F039287767C384E46EE91030, 5290E9457256C007A3FCAE246D0C536179C54D9F4B365E3143B9D0764FCBFCDB ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
14:41:00.0074 0x0818 RimVSerPort - ok
14:41:00.0121 0x0818 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
14:41:00.0199 0x0818 ROOTMODEM - ok
14:41:00.0246 0x0818 [ AFD61A7C48A3E15C86A6FADF0B69A2E4, D59AC1023E00D45505B3CD5AEDB461CB0A3106968D62876800E89CF9EF7EA4D3 ] Roxio UPnP Renderer 9 C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
14:41:00.0278 0x0818 Roxio UPnP Renderer 9 - ok
14:41:00.0340 0x0818 [ EFBB36E2BB02169D26E9980778FC20D3, 8CEFDEA2C7F7527CC2D5E44ED44AC544282723DC11B1D2EDE79245617914C019 ] Roxio Upnp Server 9 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
14:41:00.0371 0x0818 Roxio Upnp Server 9 - ok
14:41:00.0465 0x0818 [ 78E680A105F47B6AA0003BD23ED9FA51, 9D582B147EEC3D4B38BCFA931375242F138EBCD6181631D169C04125F4D03C0C ] RoxLiveShare9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
14:41:00.0496 0x0818 RoxLiveShare9 - ok
14:41:00.0746 0x0818 [ 9D5C024170C376D7CC66ED853FDA9068, AA0933372E9529C4A7ED3360655C96548092EB08FCA2D1402844754177480A9A ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
14:41:00.0871 0x0818 RoxMediaDB9 - ok
14:41:00.0934 0x0818 [ 87F175539DBBA297018AA7FCDD563FF7, 969862DCD5E62FA1B8F728DE970AE5CE9853E626DA65BDFCD0A816C6F76FD7B6 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
14:41:00.0965 0x0818 RoxWatch9 - ok
14:41:00.0996 0x0818 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:41:01.0106 0x0818 RpcLocator - ok
14:41:01.0152 0x0818 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
14:41:01.0184 0x0818 RpcSs - ok
14:41:01.0246 0x0818 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:41:01.0621 0x0818 RSVP - ok
14:41:01.0652 0x0818 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
14:41:01.0731 0x0818 SamSs - ok
14:41:01.0793 0x0818 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:41:01.0934 0x0818 SCardSvr - ok
14:41:02.0012 0x0818 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:41:02.0105 0x0818 Schedule - ok
14:41:02.0137 0x0818 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:41:02.0230 0x0818 Secdrv - ok
14:41:02.0262 0x0818 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:41:02.0340 0x0818 seclogon - ok
14:41:02.0402 0x0818 [ B6A6B409FDA9D9EBD3AADB838D3D7173, 0A9A4C15C83AACBA9FC87B674CB17375DE988B41448A65101647AE67BDD15377 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
14:41:02.0449 0x0818 SenFiltService - ok
14:41:02.0480 0x0818 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
14:41:02.0574 0x0818 SENS - ok
14:41:02.0574 0x0818 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:41:02.0652 0x0818 serenum - ok
14:41:02.0668 0x0818 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:41:02.0762 0x0818 Serial - ok
14:41:02.0809 0x0818 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:41:02.0902 0x0818 Sfloppy - ok
14:41:02.0934 0x0818 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:41:02.0949 0x0818 ShellHWDetection - ok
14:41:02.0949 0x0818 Simbad - ok
14:41:03.0105 0x0818 [ 0DC94380BE7D36AE241029C72807692E, 93A8281660D274AD4455714DBAA87B2528A8E4B54F5C9F24FDFCA53EE82F0202 ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
14:41:03.0184 0x0818 SmcService - ok
14:41:03.0277 0x0818 [ 65E1EBF379856B677979802C8D5BCD87, 84642C52B578248CE2EAF6C572CA081F11EA6B9A3630642A938639E50376AF77 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
14:41:03.0340 0x0818 SNAC - ok
14:41:03.0340 0x0818 Sparrow - ok
14:41:03.0418 0x0818 [ E87CF104F12C92401C4D33C50A3D5DC8, AFC0360F7588EBDD072465B1AD1F54C673DCF65BB1B8DBF40576AA47D7218C71 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
14:41:03.0449 0x0818 SPBBCDrv - ok
14:41:03.0480 0x0818 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:41:03.0574 0x0818 splitter - ok
14:41:03.0605 0x0818 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:41:03.0621 0x0818 Spooler - ok
14:41:03.0637 0x0818 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:41:03.0715 0x0818 sr - ok
14:41:03.0777 0x0818 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
14:41:03.0855 0x0818 srservice - ok
14:41:03.0918 0x0818 [ 5A293729E1F9FCE3A2106D1F5DC5E98A, 446B05CE89C1BA510EB324F672BF80A02AA1942C031214A99CCEA2071021DE57 ] SRTSP C:\WINDOWS\system32\Drivers\SRTSP.SYS
14:41:03.0933 0x0818 SRTSP - ok
14:41:03.0996 0x0818 [ 0DDB7FBA32BE09D8057063C0CEE24137, C364998A9AE0E0C2064FB7E92F84F8870BB6B370DA7B89E9EA91DF19C600A3AA ] SRTSPL C:\WINDOWS\system32\Drivers\SRTSPL.SYS
14:41:04.0027 0x0818 SRTSPL - ok
14:41:04.0043 0x0818 [ A99719DFB61B61AA5026341BBB733C0A, CE43604D945C795C769B7C2354DF5E467DF383AAE7BD1325167CFFEF053DCC9E ] SRTSPX C:\WINDOWS\system32\Drivers\SRTSPX.SYS
14:41:04.0058 0x0818 SRTSPX - ok
14:41:04.0105 0x0818 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:41:04.0168 0x0818 Srv - ok
14:41:04.0230 0x0818 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:41:04.0324 0x0818 SSDPSRV - ok
14:41:04.0340 0x0818 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:41:04.0433 0x0818 stisvc - ok
14:41:04.0480 0x0818 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:41:04.0574 0x0818 swenum - ok
14:41:04.0605 0x0818 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:41:04.0699 0x0818 swmidi - ok
14:41:04.0699 0x0818 SwPrv - ok
14:41:04.0793 0x0818 [ F3A4EAD0B3946E439F0397F7A4D09952, 4C58A5BF9F4756F95357E80C20A016E6040323F7A49AC7FAFC73CC783396B7FD ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
14:41:04.0871 0x0818 Symantec AntiVirus - ok
14:41:04.0887 0x0818 symc810 - ok
14:41:04.0887 0x0818 symc8xx - ok
14:41:04.0902 0x0818 [ A54FF04BD6E75DC4D8CB6F3E352635E0, D9577628E1DC70AFFEA237B0F885C266A36BDACB67F34B525111A7A941CA7BE3 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
14:41:04.0933 0x0818 SymEvent - ok
14:41:04.0965 0x0818 [ 394B2368212114D538316812AF60FDDD, 74DAC801C692DD858EF2A410D99D9E0DE565599436A8F80D7B39818F062B943F ] SYMREDRV C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
14:41:04.0996 0x0818 SYMREDRV - ok
14:41:05.0043 0x0818 [ D46676BB414C7531BDFFE637A33F5033, BDF9792FB05455B7B5600063CFC783802F7948ABF614AD74D20CDB0BAAC86D11 ] SYMTDI C:\WINDOWS\System32\Drivers\SYMTDI.SYS
14:41:05.0058 0x0818 SYMTDI - ok
14:41:05.0058 0x0818 sym_hi - ok
14:41:05.0058 0x0818 sym_u3 - ok
14:41:05.0121 0x0818 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:41:05.0199 0x0818 sysaudio - ok
14:41:05.0246 0x0818 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:41:05.0340 0x0818 SysmonLog - ok
14:41:05.0371 0x0818 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:41:05.0449 0x0818 TapiSrv - ok
14:41:05.0511 0x0818 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:41:05.0543 0x0818 Tcpip - ok
14:41:05.0590 0x0818 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:41:05.0683 0x0818 TDPIPE - ok
14:41:05.0715 0x0818 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:41:05.0808 0x0818 TDTCP - ok
14:41:05.0855 0x0818 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:41:05.0933 0x0818 TermDD - ok
14:41:06.0027 0x0818 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
14:41:06.0136 0x0818 TermService - ok
14:41:06.0168 0x0818 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
14:41:06.0183 0x0818 Themes - ok
14:41:06.0230 0x0818 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:41:06.0371 0x0818 TlntSvr - ok
14:41:06.0386 0x0818 TosIde - ok
14:41:06.0418 0x0818 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:41:06.0496 0x0818 TrkWks - ok
14:41:06.0543 0x0818 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:41:06.0621 0x0818 Udfs - ok
14:41:06.0621 0x0818 ultra - ok
14:41:06.0761 0x0818 [ 0558985BD646203DF5F36BF0FBD241A3, 231A553A031314002D9E64D5159911FF66028D580FE606CED02DAF99289E31CE ] UNS C:\Program Files\Intel\AMT\UNS.exe
14:41:06.0855 0x0818 UNS - ok
14:41:06.0918 0x0818 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:41:07.0011 0x0818 Update - ok
14:41:07.0058 0x0818 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
14:41:07.0168 0x0818 upnphost - ok
14:41:07.0214 0x0818 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
14:41:07.0293 0x0818 UPS - ok
14:41:07.0339 0x0818 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
14:41:07.0386 0x0818 USBAAPL - ok
14:41:07.0433 0x0818 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:41:07.0449 0x0818 usbccgp - ok
14:41:07.0464 0x0818 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:41:07.0496 0x0818 usbehci - ok
14:41:07.0543 0x0818 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:41:07.0636 0x0818 usbhub - ok
14:41:07.0668 0x0818 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:41:07.0730 0x0818 usbscan - ok
14:41:07.0746 0x0818 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:41:07.0839 0x0818 USBSTOR - ok
14:41:07.0871 0x0818 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:41:07.0949 0x0818 usbuhci - ok
14:41:07.0964 0x0818 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:41:08.0058 0x0818 VgaSave - ok
14:41:08.0058 0x0818 ViaIde - ok
14:41:08.0089 0x0818 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:41:08.0183 0x0818 VolSnap - ok
14:41:08.0230 0x0818 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
14:41:08.0339 0x0818 VSS - ok
14:41:08.0355 0x0818 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll
14:41:08.0449 0x0818 W32Time - ok
14:41:08.0449 0x0818 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:41:08.0542 0x0818 Wanarp - ok
14:41:08.0589 0x0818 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:41:08.0621 0x0818 Wdf01000 - ok
14:41:08.0636 0x0818 WDICA - ok
14:41:08.0652 0x0818 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:41:08.0746 0x0818 wdmaud - ok
14:41:08.0792 0x0818 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
14:41:08.0886 0x0818 WebClient - ok
14:41:08.0980 0x0818 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:41:09.0058 0x0818 winmgmt - ok
14:41:09.0105 0x0818 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:41:09.0199 0x0818 WmdmPmSN - ok
14:41:09.0261 0x0818 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:41:09.0355 0x0818 Wmi - ok
14:41:09.0402 0x0818 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:41:09.0496 0x0818 WmiApSrv - ok
14:41:09.0605 0x0818 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:41:09.0699 0x0818 WMPNetworkSvc - ok
14:41:09.0746 0x0818 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:41:09.0777 0x0818 WpdUsb - ok
14:41:09.0917 0x0818 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:41:10.0042 0x0818 WPFFontCache_v0400 - ok
14:41:10.0042 0x0818 WSearch - ok
14:41:10.0074 0x0818 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:41:10.0167 0x0818 wuauserv - ok
14:41:10.0199 0x0818 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:41:10.0277 0x0818 WudfPf - ok
14:41:10.0292 0x0818 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:41:10.0308 0x0818 WudfRd - ok
14:41:10.0324 0x0818 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:41:10.0355 0x0818 WudfSvc - ok
14:41:10.0417 0x0818 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:41:10.0511 0x0818 WZCSVC - ok
14:41:10.0527 0x0818 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:41:10.0620 0x0818 xmlprov - ok
14:41:10.0620 0x0818 ================ Scan global ===============================
14:41:10.0652 0x0818 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
14:41:10.0699 0x0818 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
14:41:10.0730 0x0818 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
14:41:10.0745 0x0818 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
14:41:10.0745 0x0818 [ Global ] - ok
14:41:10.0745 0x0818 ================ Scan MBR ==================================
14:41:10.0761 0x0818 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:41:11.0011 0x0818 \Device\Harddisk0\DR0 - ok
14:41:11.0027 0x0818 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
14:41:11.0152 0x0818 \Device\Harddisk1\DR3 - ok
14:41:11.0152 0x0818 ================ Scan VBR ==================================
14:41:11.0183 0x0818 [ AD45617FA7002613162E766EB60D3000 ] \Device\Harddisk0\DR0\Partition1
14:41:11.0183 0x0818 \Device\Harddisk0\DR0\Partition1 - ok
14:41:11.0214 0x0818 [ 8F7537400676D2AA224D937B213DF769 ] \Device\Harddisk1\DR3\Partition1
14:41:11.0214 0x0818 \Device\Harddisk1\DR3\Partition1 - ok
14:41:11.0214 0x0818 ================ Scan active images ========================
14:41:11.0214 0x0818 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] C:\WINDOWS\system32\drivers\intelppm.sys
14:41:11.0214 0x0818 C:\WINDOWS\system32\drivers\intelppm.sys - ok
14:41:11.0214 0x0818 [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
14:41:11.0214 0x0818 C:\WINDOWS\system32\drivers\videoprt.sys - ok
14:41:11.0230 0x0818 [ BFFA387180121DF1E4646C4CED3E16CA, D94C94DB7F90FAB681E28F81C346CED009F1E6104F5BB1F3EB2F467A34D0221E ] C:\WINDOWS\system32\drivers\igxpmp32.sys
14:41:11.0230 0x0818 C:\WINDOWS\system32\drivers\igxpmp32.sys - ok
14:41:11.0230 0x0818 [ C865D1F6D03595DF213DC3C67E4E4C58, A15028697383377D3E6DBC91F3729DEBEC135304DF27C057FFD9B1BF8861D509 ] C:\WINDOWS\system32\drivers\HECI.sys
14:41:11.0230 0x0818 C:\WINDOWS\system32\drivers\HECI.sys - ok
14:41:11.0230 0x0818 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] C:\WINDOWS\system32\drivers\serial.sys
14:41:11.0230 0x0818 C:\WINDOWS\system32\drivers\serial.sys - ok
14:41:11.0230 0x0818 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] C:\WINDOWS\system32\drivers\serenum.sys
14:41:11.0230 0x0818 C:\WINDOWS\system32\drivers\serenum.sys - ok
14:41:11.0230 0x0818 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] C:\WINDOWS\system32\drivers\e1e5132.sys
14:41:11.0230 0x0818 C:\WINDOWS\system32\drivers\e1e5132.sys - ok
14:41:11.0230 0x0818 [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys
14:41:11.0230 0x0818 C:\WINDOWS\system32\drivers\usbport.sys - ok
14:41:11.0230 0x0818 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
14:41:11.0230 0x0818 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
14:41:11.0230 0x0818 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys
14:41:11.0230 0x0818 C:\WINDOWS\system32\drivers\usbehci.sys - ok
14:41:11.0245 0x0818 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
14:41:11.0245 0x0818 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
14:41:11.0245 0x0818 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] C:\WINDOWS\system32\drivers\parport.sys
14:41:11.0245 0x0818 C:\WINDOWS\system32\drivers\parport.sys - ok
14:41:11.0245 0x0818 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
14:41:11.0245 0x0818 C:\WINDOWS\system32\drivers\imapi.sys - ok
14:41:11.0245 0x0818 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
14:41:11.0245 0x0818 C:\WINDOWS\system32\drivers\cdrom.sys - ok
14:41:11.0245 0x0818 [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
14:41:11.0245 0x0818 C:\WINDOWS\system32\drivers\ks.sys - ok
14:41:11.0245 0x0818 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
14:41:11.0245 0x0818 C:\WINDOWS\system32\drivers\redbook.sys - ok
14:41:11.0245 0x0818 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys
14:41:11.0245 0x0818 C:\WINDOWS\system32\drivers\audstub.sys - ok
14:41:11.0245 0x0818 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
14:41:11.0245 0x0818 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
14:41:11.0261 0x0818 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] C:\WINDOWS\system32\drivers\rootmdm.sys
14:41:11.0261 0x0818 C:\WINDOWS\system32\drivers\rootmdm.sys - ok
14:41:11.0261 0x0818 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] C:\WINDOWS\system32\drivers\modem.sys
14:41:11.0261 0x0818 C:\WINDOWS\system32\drivers\modem.sys - ok
14:41:11.0261 0x0818 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
14:41:11.0261 0x0818 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
14:41:11.0261 0x0818 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
14:41:11.0261 0x0818 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
14:41:11.0261 0x0818 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
14:41:11.0261 0x0818 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
14:41:11.0261 0x0818 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
14:41:11.0261 0x0818 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
14:41:11.0261 0x0818 [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
14:41:11.0261 0x0818 C:\WINDOWS\system32\drivers\tdi.sys - ok
14:41:11.0261 0x0818 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
14:41:11.0261 0x0818 C:\WINDOWS\system32\drivers\raspptp.sys - ok
14:41:11.0261 0x0818 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
14:41:11.0261 0x0818 C:\WINDOWS\system32\drivers\psched.sys - ok
14:41:11.0277 0x0818 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
14:41:11.0277 0x0818 C:\WINDOWS\system32\drivers\msgpc.sys - ok
14:41:11.0277 0x0818 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
14:41:11.0277 0x0818 C:\WINDOWS\system32\drivers\ptilink.sys - ok
14:41:11.0277 0x0818 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
14:41:11.0277 0x0818 C:\WINDOWS\system32\drivers\raspti.sys - ok
14:41:11.0277 0x0818 [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] C:\WINDOWS\system32\drivers\pcouffin.sys
14:41:11.0277 0x0818 C:\WINDOWS\system32\drivers\pcouffin.sys - ok
14:41:11.0277 0x0818 [ 2C4FB2E9F039287767C384E46EE91030, 5290E9457256C007A3FCAE246D0C536179C54D9F4B365E3143B9D0764FCBFCDB ] C:\WINDOWS\system32\drivers\RimSerial.sys
14:41:11.0277 0x0818 C:\WINDOWS\system32\drivers\RimSerial.sys - ok
14:41:11.0277 0x0818 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] C:\WINDOWS\system32\drivers\rdpdr.sys
14:41:11.0277 0x0818 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
14:41:11.0277 0x0818 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
14:41:11.0277 0x0818 C:\WINDOWS\system32\drivers\termdd.sys - ok
14:41:11.0277 0x0818 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
14:41:11.0277 0x0818 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
14:41:11.0292 0x0818 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
14:41:11.0292 0x0818 C:\WINDOWS\system32\drivers\mouclass.sys - ok
14:41:11.0292 0x0818 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
14:41:11.0292 0x0818 C:\WINDOWS\system32\drivers\swenum.sys - ok
14:41:11.0292 0x0818 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
14:41:11.0292 0x0818 C:\WINDOWS\system32\drivers\update.sys - ok
14:41:11.0292 0x0818 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
14:41:11.0292 0x0818 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
14:41:11.0292 0x0818 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] C:\WINDOWS\system32\drivers\ndproxy.sys
14:41:11.0292 0x0818 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
14:41:11.0292 0x0818 [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys
14:41:11.0292 0x0818 C:\WINDOWS\system32\drivers\usbd.sys - ok
14:41:11.0292 0x0818 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
14:41:11.0292 0x0818 C:\WINDOWS\system32\drivers\usbhub.sys - ok
14:41:11.0292 0x0818 [ 6CB08593487F5701D2D2254E693EAFCE, 0518A1FC540C036E6864DA8C01CADE043D4F897D7FCF8C61352865131DEB7414 ] C:\WINDOWS\system32\drivers\drmk.sys
14:41:11.0292 0x0818 C:\WINDOWS\system32\drivers\drmk.sys - ok
14:41:11.0308 0x0818 [ E82A496C3961EFC6828B508C310CE98F, E142A0809525B34A376B3063B07B8822930056BBCB886B7CF1D7585BCEC371A0 ] C:\WINDOWS\system32\drivers\portcls.sys
14:41:11.0308 0x0818 C:\WINDOWS\system32\drivers\portcls.sys - ok
14:41:11.0308 0x0818 [ 0F0A69496989912351284BB1BAA2CE57, 8F8657007E300BA529D09E8A5A17ADE0417DD246031C37E724B5078798B5C0A5 ] C:\WINDOWS\system32\drivers\ADIHdAud.sys
14:41:11.0308 0x0818 C:\WINDOWS\system32\drivers\ADIHdAud.sys - ok
14:41:11.0308 0x0818 [ B6A6B409FDA9D9EBD3AADB838D3D7173, 0A9A4C15C83AACBA9FC87B674CB17375DE988B41448A65101647AE67BDD15377 ] C:\WINDOWS\system32\drivers\senfilt.sys
14:41:11.0308 0x0818 C:\WINDOWS\system32\drivers\senfilt.sys - ok
14:41:11.0308 0x0818 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
14:41:11.0308 0x0818 C:\WINDOWS\system32\drivers\fdc.sys - ok
14:41:11.0308 0x0818 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] C:\WINDOWS\system32\drivers\flpydisk.sys
14:41:11.0308 0x0818 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
14:41:11.0308 0x0818 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
14:41:11.0308 0x0818 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
14:41:11.0308 0x0818 [ 5A293729E1F9FCE3A2106D1F5DC5E98A, 446B05CE89C1BA510EB324F672BF80A02AA1942C031214A99CCEA2071021DE57 ] C:\WINDOWS\system32\drivers\srtsp.sys
14:41:11.0308 0x0818 C:\WINDOWS\system32\drivers\srtsp.sys - ok
14:41:11.0308 0x0818 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] C:\WINDOWS\system32\drivers\USBSTOR.SYS
14:41:11.0308 0x0818 C:\WINDOWS\system32\drivers\USBSTOR.SYS - ok
14:41:11.0324 0x0818 [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys
14:41:11.0324 0x0818 C:\WINDOWS\system32\drivers\hidparse.sys - ok
14:41:11.0324 0x0818 [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
14:41:11.0324 0x0818 C:\WINDOWS\system32\drivers\hidclass.sys - ok
14:41:11.0324 0x0818 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
14:41:11.0324 0x0818 C:\WINDOWS\system32\drivers\hidusb.sys - ok
14:41:11.0324 0x0818 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
14:41:11.0324 0x0818 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
14:41:11.0324 0x0818 [ 24E0DDB99AECCF86BB37702611761459, 5827F83E84F0CC8C520F54AF71BB4382A98BFE379D68F6A593C2FFC28B3DB59B ] C:\WINDOWS\system32\drivers\LHidFilt.Sys
14:41:11.0324 0x0818 C:\WINDOWS\system32\drivers\LHidFilt.Sys - ok
14:41:11.0324 0x0818 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
14:41:11.0324 0x0818 C:\WINDOWS\system32\drivers\mouhid.sys - ok
14:41:11.0324 0x0818 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
14:41:11.0324 0x0818 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
14:41:11.0324 0x0818 [ 399C974DDA25FD3E59F22BAB787F662B, D2D9B91438D5CC4915D1E24AE2727C9210153F48CC09339351744E465FD491FD ] C:\WINDOWS\system32\drivers\wdfldr.sys
14:41:11.0324 0x0818 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
14:41:11.0339 0x0818 [ D58B330D318361A66A9FE60D7C9B4951, DCE08C7B3F2FE45204172564129292BB2BABED9226F368091DE2C2D315DA4D5C ] C:\WINDOWS\system32\drivers\LMouFilt.Sys
14:41:11.0339 0x0818 C:\WINDOWS\system32\drivers\LMouFilt.Sys - ok
14:41:11.0339 0x0818 [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131113.023\NAVEX15.SYS
14:41:11.0339 0x0818 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131113.023\NAVEX15.SYS - ok
14:41:11.0339 0x0818 [ A54FF04BD6E75DC4D8CB6F3E352635E0, D9577628E1DC70AFFEA237B0F885C266A36BDACB67F34B525111A7A941CA7BE3 ] C:\WINDOWS\system32\drivers\SYMEVENT.SYS
14:41:11.0339 0x0818 C:\WINDOWS\system32\drivers\SYMEVENT.SYS - ok
14:41:11.0339 0x0818 [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131113.023\NAVENG.SYS
14:41:11.0339 0x0818 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131113.023\NAVENG.SYS - ok
14:41:11.0339 0x0818 [ A99719DFB61B61AA5026341BBB733C0A, CE43604D945C795C769B7C2354DF5E467DF383AAE7BD1325167CFFEF053DCC9E ] C:\WINDOWS\system32\drivers\srtspx.sys
14:41:11.0339 0x0818 C:\WINDOWS\system32\drivers\srtspx.sys - ok
14:41:11.0339 0x0818 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
14:41:11.0339 0x0818 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
14:41:11.0339 0x0818 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
14:41:11.0339 0x0818 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
14:41:11.0339 0x0818 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
14:41:11.0339 0x0818 C:\WINDOWS\system32\drivers\null.sys - ok
14:41:11.0355 0x0818 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
14:41:11.0355 0x0818 C:\WINDOWS\system32\drivers\beep.sys - ok
14:41:11.0355 0x0818 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] C:\WINDOWS\system32\drivers\i8042prt.sys
14:41:11.0355 0x0818 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
14:41:11.0355 0x0818 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys
14:41:11.0355 0x0818 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
14:41:11.0355 0x0818 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
14:41:11.0355 0x0818 C:\WINDOWS\system32\drivers\vga.sys - ok
14:41:11.0355 0x0818 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
14:41:11.0355 0x0818 C:\WINDOWS\system32\drivers\msfs.sys - ok
14:41:11.0355 0x0818 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
14:41:11.0355 0x0818 C:\WINDOWS\system32\drivers\npfs.sys - ok
14:41:11.0355 0x0818 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
14:41:11.0355 0x0818 C:\WINDOWS\system32\drivers\rasacd.sys - ok
14:41:11.0355 0x0818 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
14:41:11.0355 0x0818 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
14:41:11.0370 0x0818 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
14:41:11.0370 0x0818 C:\WINDOWS\system32\drivers\ipsec.sys - ok
14:41:11.0370 0x0818 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
14:41:11.0370 0x0818 C:\WINDOWS\system32\drivers\tcpip.sys - ok
14:41:11.0370 0x0818 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
14:41:11.0370 0x0818 C:\WINDOWS\system32\drivers\netbt.sys - ok
14:41:11.0370 0x0818 [ D46676BB414C7531BDFFE637A33F5033, BDF9792FB05455B7B5600063CFC783802F7948ABF614AD74D20CDB0BAAC86D11 ] C:\WINDOWS\system32\drivers\symtdi.sys
14:41:11.0370 0x0818 C:\WINDOWS\system32\drivers\symtdi.sys - ok
14:41:11.0370 0x0818 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
14:41:11.0370 0x0818 C:\WINDOWS\system32\drivers\afd.sys - ok
14:41:11.0370 0x0818 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] C:\WINDOWS\system32\drivers\wanarp.sys
14:41:11.0370 0x0818 C:\WINDOWS\system32\drivers\wanarp.sys - ok
14:41:11.0370 0x0818 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
14:41:11.0370 0x0818 C:\WINDOWS\system32\drivers\netbios.sys - ok
14:41:11.0370 0x0818 [ E87CF104F12C92401C4D33C50A3D5DC8, AFC0360F7588EBDD072465B1AD1F54C673DCF65BB1B8DBF40576AA47D7218C71 ] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
14:41:11.0370 0x0818 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys - ok
14:41:11.0386 0x0818 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
14:41:11.0386 0x0818 C:\WINDOWS\system32\drivers\rdbss.sys - ok
14:41:11.0386 0x0818 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
14:41:11.0386 0x0818 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
14:41:11.0386 0x0818 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] C:\WINDOWS\system32\drivers\fips.sys
14:41:11.0386 0x0818 C:\WINDOWS\system32\drivers\fips.sys - ok
14:41:11.0386 0x0818 [ E1E3804F7C59EA3E14637C2A763F65E2, DE230937450EA73819B207BA513D7C2830EC981B77B3AD2FADF2A2A828BAF412 ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
14:41:11.0386 0x0818 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
14:41:11.0386 0x0818 [ 6D84DFC3B5C5052881BF50470D0C03D1, 5609B71BED7DC906EA163949980D98AEFE9E197EC9AA571B1A3CF960D95FC329 ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:41:11.0386 0x0818 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
14:41:11.0386 0x0818 [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
14:41:11.0386 0x0818 C:\WINDOWS\system32\ntdll.dll - ok
14:41:11.0386 0x0818 [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
14:41:11.0386 0x0818 C:\WINDOWS\system32\smss.exe - ok
14:41:11.0386 0x0818 [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
14:41:11.0386 0x0818 C:\WINDOWS\system32\autochk.exe - ok
14:41:11.0402 0x0818 [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
14:41:11.0402 0x0818 C:\WINDOWS\system32\sfcfiles.dll - ok
14:41:11.0402 0x0818 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
14:41:11.0402 0x0818 C:\WINDOWS\system32\drivers\cdfs.sys - ok
14:41:11.0402 0x0818 [ E5A0034847537EAEE3C00349D5C34C5F, 3E0F99512CDFF0B628E2FF5B91BB371CDEF65201B03C53182C97DDE34E26E04C ] C:\WINDOWS\system32\drivers\iaStor.sys
14:41:11.0402 0x0818 C:\WINDOWS\system32\drivers\iaStor.sys - ok
14:41:11.0402 0x0818 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
14:41:11.0402 0x0818 C:\WINDOWS\system32\drivers\dxapi.sys - ok
14:41:11.0402 0x0818 [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
14:41:11.0402 0x0818 C:\WINDOWS\system32\watchdog.sys - ok
14:41:11.0402 0x0818 [ B9FE0B45F3D4A281B56CC84713824E0C, B37D569D09801FB9CF1306FF1295CE6EE4B6AAD11DCA7EBCBC155D186FD895CD ] C:\WINDOWS\system32\win32k.sys
14:41:11.0402 0x0818 C:\WINDOWS\system32\win32k.sys - ok
14:41:11.0402 0x0818 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
14:41:11.0402 0x0818 C:\WINDOWS\system32\basesrv.dll - ok
14:41:11.0402 0x0818 [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
14:41:11.0402 0x0818 C:\WINDOWS\system32\csrsrv.dll - ok
14:41:11.0417 0x0818 [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
14:41:11.0417 0x0818 C:\WINDOWS\system32\csrss.exe - ok
14:41:11.0417 0x0818 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
14:41:11.0417 0x0818 C:\WINDOWS\system32\winsrv.dll - ok
14:41:11.0417 0x0818 [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll
14:41:11.0417 0x0818 C:\WINDOWS\system32\gdi32.dll - ok
14:41:11.0417 0x0818 [ 6FE42512AB1B89F32A7407F261B1D2D0, 30DCC1044BCC7108087462E173707DC8D947C4F37281686A79D3D40273901878 ] C:\WINDOWS\system32\kernel32.dll
14:41:11.0417 0x0818 C:\WINDOWS\system32\kernel32.dll - ok
14:41:11.0417 0x0818 [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
14:41:11.0417 0x0818 C:\WINDOWS\system32\user32.dll - ok
14:41:11.0417 0x0818 [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
14:41:11.0417 0x0818 C:\WINDOWS\system32\drivers\dxg.sys - ok
14:41:11.0417 0x0818 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
14:41:11.0417 0x0818 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
14:41:11.0417 0x0818 [ DDF63B49DDF6116D0A5A066684ADC5CD, 8B723412301E18FEBAA8EB1B8EF551F38552C4261FC259B9E6A0E6792CB42175 ] C:\WINDOWS\system32\igxprd32.dll
14:41:11.0417 0x0818 C:\WINDOWS\system32\igxprd32.dll - ok
14:41:11.0417 0x0818 [ 80A33FB42AA778184DCE02D40E191F1E, 87AFA5425D7DA0AA1F61C0D55C05A553CFB248CF966E484E0A2ADFD27C696B9B ] C:\WINDOWS\system32\igxpgd32.dll
14:41:11.0417 0x0818 C:\WINDOWS\system32\igxpgd32.dll - ok
14:41:11.0433 0x0818 [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
14:41:11.0433 0x0818 C:\WINDOWS\system32\vga.dll - ok
14:41:11.0433 0x0818 [ B0E690AAD95B52812394889432BF43CF, F9B4C413394416171A56F15C2283CC7A90D4E4482B5ACDE967B3B5A8EB19ABC1 ] C:\WINDOWS\system32\igxpdv32.dll
14:41:11.0433 0x0818 C:\WINDOWS\system32\igxpdv32.dll - ok
14:41:11.0433 0x0818 [ D8F51918D985AEAC22F46E994B56E639, 281D9E6228203B072D75E84A5D9383299DD0CD02ED19444F7B7AFBE11005A17E ] C:\WINDOWS\system32\igxpdx32.dll
14:41:11.0433 0x0818 C:\WINDOWS\system32\igxpdx32.dll - ok
14:41:11.0433 0x0818 [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
14:41:11.0433 0x0818 C:\WINDOWS\system32\winlogon.exe - ok
14:41:11.0433 0x0818 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
14:41:11.0433 0x0818 C:\WINDOWS\system32\advapi32.dll - ok
14:41:11.0433 0x0818 [ B0E27554F0B16BAEF4D51D7260E62CFB, 3DE9F4817965F1DBB93CAAE541EB8EC19396ACE7CB74D69C52D1D7DF15FB14CF ] C:\WINDOWS\system32\rpcrt4.dll
14:41:11.0433 0x0818 C:\WINDOWS\system32\rpcrt4.dll - ok
14:41:11.0433 0x0818 [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
14:41:11.0433 0x0818 C:\WINDOWS\system32\secur32.dll - ok
14:41:11.0433 0x0818 [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
14:41:11.0433 0x0818 C:\WINDOWS\system32\authz.dll - ok
14:41:11.0449 0x0818 [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
14:41:11.0449 0x0818 C:\WINDOWS\system32\msvcrt.dll - ok
14:41:11.0449 0x0818 [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll
14:41:11.0449 0x0818 C:\WINDOWS\system32\crypt32.dll - ok
14:41:11.0449 0x0818 [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
14:41:11.0449 0x0818 C:\WINDOWS\system32\msasn1.dll - ok
14:41:11.0449 0x0818 [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
14:41:11.0449 0x0818 C:\WINDOWS\system32\nddeapi.dll - ok
14:41:11.0449 0x0818 [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
14:41:11.0449 0x0818 C:\WINDOWS\system32\profmap.dll - ok
14:41:11.0449 0x0818 [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
14:41:11.0449 0x0818 C:\WINDOWS\system32\netapi32.dll - ok
14:41:11.0449 0x0818 [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
14:41:11.0449 0x0818 C:\WINDOWS\system32\userenv.dll - ok
14:41:11.0449 0x0818 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
14:41:11.0449 0x0818 C:\WINDOWS\system32\psapi.dll - ok
14:41:11.0464 0x0818 [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
14:41:11.0464 0x0818 C:\WINDOWS\system32\regapi.dll - ok
14:41:11.0464 0x0818 [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
14:41:11.0464 0x0818 C:\WINDOWS\system32\setupapi.dll - ok
14:41:11.0464 0x0818 [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
14:41:11.0464 0x0818 C:\WINDOWS\system32\version.dll - ok
14:41:11.0464 0x0818 [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
14:41:11.0464 0x0818 C:\WINDOWS\system32\winsta.dll - ok
14:41:11.0464 0x0818 [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
14:41:11.0464 0x0818 C:\WINDOWS\system32\wintrust.dll - ok
14:41:11.0464 0x0818 [ FFC01A72D1C25CCB39F61B202CE60819, 31A5C01E30B064BDBD378AF691DB99F6AA33A639C086ADC6C8408C3CB171C990 ] C:\WINDOWS\system32\imagehlp.dll
14:41:11.0464 0x0818 C:\WINDOWS\system32\imagehlp.dll - ok
14:41:11.0464 0x0818 [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
14:41:11.0464 0x0818 C:\WINDOWS\system32\ws2_32.dll - ok
14:41:11.0464 0x0818 [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
14:41:11.0464 0x0818 C:\WINDOWS\system32\ws2help.dll - ok
14:41:11.0480 0x0818 [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
14:41:11.0480 0x0818 C:\WINDOWS\system32\imm32.dll - ok
14:41:11.0480 0x0818 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
14:41:11.0480 0x0818 C:\WINDOWS\system32\kbdus.dll - ok
14:41:11.0480 0x0818 [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
14:41:11.0480 0x0818 C:\WINDOWS\system32\msgina.dll - ok
14:41:11.0480 0x0818 [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
14:41:11.0480 0x0818 C:\WINDOWS\system32\comctl32.dll - ok
14:41:11.0480 0x0818 [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
14:41:11.0480 0x0818 C:\WINDOWS\system32\odbc32.dll - ok
14:41:11.0480 0x0818 [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
14:41:11.0480 0x0818 C:\WINDOWS\system32\comdlg32.dll - ok
14:41:11.0480 0x0818 [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
14:41:11.0480 0x0818 C:\WINDOWS\system32\shell32.dll - ok
14:41:11.0480 0x0818 [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
14:41:11.0480 0x0818 C:\WINDOWS\system32\shlwapi.dll - ok
14:41:11.0495 0x0818 [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
14:41:11.0495 0x0818 C:\WINDOWS\system32\sxs.dll - ok
14:41:11.0495 0x0818 [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
14:41:11.0495 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
14:41:11.0495 0x0818 [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
14:41:11.0495 0x0818 C:\WINDOWS\system32\odbcint.dll - ok
14:41:11.0495 0x0818 [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
14:41:11.0495 0x0818 C:\WINDOWS\system32\sfc.dll - ok
14:41:11.0495 0x0818 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
14:41:11.0495 0x0818 C:\WINDOWS\system32\shsvcs.dll - ok
14:41:11.0495 0x0818 [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
14:41:11.0495 0x0818 C:\WINDOWS\system32\sfc_os.dll - ok
14:41:11.0495 0x0818 [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
14:41:11.0495 0x0818 C:\WINDOWS\system32\ole32.dll - ok
14:41:11.0495 0x0818 [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
14:41:11.0495 0x0818 C:\WINDOWS\system32\apphelp.dll - ok
14:41:11.0511 0x0818 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
14:41:11.0511 0x0818 C:\WINDOWS\system32\services.exe - ok
14:41:11.0511 0x0818 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
14:41:11.0511 0x0818 C:\WINDOWS\system32\lsass.exe - ok
14:41:11.0511 0x0818 [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
14:41:11.0511 0x0818 C:\WINDOWS\system32\lsasrv.dll - ok
14:41:11.0511 0x0818 [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
14:41:11.0511 0x0818 C:\WINDOWS\system32\ncobjapi.dll - ok
14:41:11.0511 0x0818 [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
14:41:11.0511 0x0818 C:\WINDOWS\system32\msvcp60.dll - ok
14:41:11.0511 0x0818 [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
14:41:11.0511 0x0818 C:\WINDOWS\system32\scesrv.dll - ok
14:41:11.0511 0x0818 [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
14:41:11.0511 0x0818 C:\WINDOWS\system32\mpr.dll - ok
14:41:11.0511 0x0818 [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
14:41:11.0511 0x0818 C:\WINDOWS\system32\ntdsapi.dll - ok
14:41:11.0527 0x0818 [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
14:41:11.0527 0x0818 C:\WINDOWS\system32\dnsapi.dll - ok
14:41:11.0527 0x0818 [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
14:41:11.0527 0x0818 C:\WINDOWS\system32\umpnpmgr.dll - ok
14:41:11.0527 0x0818 [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
14:41:11.0527 0x0818 C:\WINDOWS\system32\shimeng.dll - ok
14:41:11.0527 0x0818 [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
14:41:11.0527 0x0818 C:\WINDOWS\AppPatch\acadproc.dll - ok
14:41:11.0527 0x0818 [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
14:41:11.0527 0x0818 C:\WINDOWS\system32\wldap32.dll - ok
14:41:11.0527 0x0818 [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
14:41:11.0527 0x0818 C:\WINDOWS\system32\samlib.dll - ok
14:41:11.0527 0x0818 [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
14:41:11.0527 0x0818 C:\WINDOWS\system32\samsrv.dll - ok
14:41:11.0527 0x0818 [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
14:41:11.0527 0x0818 C:\WINDOWS\system32\cryptdll.dll - ok
14:41:11.0542 0x0818 [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
14:41:11.0542 0x0818 C:\WINDOWS\AppPatch\acgenral.dll - ok
14:41:11.0542 0x0818 [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
14:41:11.0542 0x0818 C:\WINDOWS\system32\winmm.dll - ok
14:41:11.0542 0x0818 [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
14:41:11.0542 0x0818 C:\WINDOWS\system32\oleaut32.dll - ok
14:41:11.0542 0x0818 [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
14:41:11.0542 0x0818 C:\WINDOWS\system32\msacm32.dll - ok
14:41:11.0542 0x0818 [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
14:41:11.0542 0x0818 C:\WINDOWS\system32\uxtheme.dll - ok
14:41:11.0542 0x0818 [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
14:41:11.0542 0x0818 C:\WINDOWS\system32\msapsspc.dll - ok
14:41:11.0542 0x0818 [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
14:41:11.0542 0x0818 C:\WINDOWS\system32\msvcrt40.dll - ok
14:41:11.0542 0x0818 [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
14:41:11.0542 0x0818 C:\WINDOWS\system32\schannel.dll - ok
14:41:11.0558 0x0818 [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
14:41:11.0558 0x0818 C:\WINDOWS\system32\digest.dll - ok
14:41:11.0558 0x0818 [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
14:41:11.0558 0x0818 C:\WINDOWS\system32\msnsspc.dll - ok
14:41:11.0558 0x0818 [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\msctfime.ime
14:41:11.0558 0x0818 C:\WINDOWS\system32\msctfime.ime - ok
14:41:11.0558 0x0818 [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
14:41:11.0558 0x0818 C:\WINDOWS\system32\msprivs.dll - ok
14:41:11.0558 0x0818 [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
14:41:11.0558 0x0818 C:\WINDOWS\system32\kerberos.dll - ok
14:41:11.0558 0x0818 [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
14:41:11.0558 0x0818 C:\WINDOWS\system32\msv1_0.dll - ok
14:41:11.0558 0x0818 [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll
14:41:11.0558 0x0818 C:\WINDOWS\system32\atmfd.dll - ok
14:41:11.0558 0x0818 [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
14:41:11.0558 0x0818 C:\WINDOWS\system32\iphlpapi.dll - ok
14:41:11.0558 0x0818 [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
14:41:11.0558 0x0818 C:\WINDOWS\system32\netlogon.dll - ok
14:41:11.0574 0x0818 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
14:41:11.0574 0x0818 C:\WINDOWS\system32\w32time.dll - ok
14:41:11.0574 0x0818 [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
14:41:11.0574 0x0818 C:\WINDOWS\system32\wdigest.dll - ok
14:41:11.0574 0x0818 [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
14:41:11.0574 0x0818 C:\WINDOWS\system32\rsaenh.dll - ok
14:41:11.0574 0x0818 [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
14:41:11.0574 0x0818 C:\WINDOWS\system32\winscard.dll - ok
14:41:11.0574 0x0818 [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
14:41:11.0574 0x0818 C:\WINDOWS\system32\wtsapi32.dll - ok
14:41:11.0574 0x0818 [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
14:41:11.0574 0x0818 C:\WINDOWS\system32\scecli.dll - ok
14:41:11.0574 0x0818 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
14:41:11.0574 0x0818 C:\WINDOWS\system32\svchost.exe - ok
14:41:11.0574 0x0818 [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
14:41:11.0574 0x0818 C:\WINDOWS\system32\ntmarta.dll - ok
14:41:11.0589 0x0818 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
14:41:11.0589 0x0818 C:\WINDOWS\system32\rpcss.dll - ok
14:41:11.0589 0x0818 [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
14:41:11.0589 0x0818 C:\WINDOWS\system32\xpsp2res.dll - ok
14:41:11.0589 0x0818 [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
14:41:11.0589 0x0818 C:\WINDOWS\system32\eventlog.dll - ok
14:41:11.0589 0x0818 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
14:41:11.0589 0x0818 C:\WINDOWS\system32\mswsock.dll - ok
14:41:11.0589 0x0818 [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
14:41:11.0589 0x0818 C:\WINDOWS\system32\hnetcfg.dll - ok
14:41:11.0589 0x0818 [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
14:41:11.0589 0x0818 C:\WINDOWS\system32\wshtcpip.dll - ok
14:41:11.0589 0x0818 [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files\Bonjour\mdnsNSP.dll
14:41:11.0589 0x0818 C:\Program Files\Bonjour\mdnsNSP.dll - ok
14:41:11.0589 0x0818 [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
14:41:11.0589 0x0818 C:\WINDOWS\system32\winrnr.dll - ok
14:41:11.0605 0x0818 [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
14:41:11.0605 0x0818 C:\WINDOWS\system32\rasadhlp.dll - ok
14:41:11.0605 0x0818 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] C:\WINDOWS\system32\WudfSvc.dll
14:41:11.0605 0x0818 C:\WINDOWS\system32\WudfSvc.dll - ok
14:41:11.0605 0x0818 [ 5CAF91E865FE0C85048A233E594544D2, 23B16D6CB30E124D37949EFCF261BCD9D9872FE2F3852FC345F32283E3D04178 ] C:\WINDOWS\system32\WudfPlatform.dll
14:41:11.0605 0x0818 C:\WINDOWS\system32\WudfPlatform.dll - ok
14:41:11.0605 0x0818 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
14:41:11.0605 0x0818 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
14:41:11.0605 0x0818 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
14:41:11.0605 0x0818 C:\WINDOWS\system32\es.dll - ok
14:41:11.0605 0x0818 [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
14:41:11.0605 0x0818 C:\WINDOWS\system32\comres.dll - ok
14:41:11.0605 0x0818 [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
14:41:11.0605 0x0818 C:\WINDOWS\system32\clbcatq.dll - ok
14:41:11.0605 0x0818 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
14:41:11.0605 0x0818 C:\WINDOWS\system32\sens.dll - ok
14:41:11.0620 0x0818 [ 0DC94380BE7D36AE241029C72807692E, 93A8281660D274AD4455714DBAA87B2528A8E4B54F5C9F24FDFCA53EE82F0202 ] C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
14:41:11.0620 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe - ok
14:41:11.0620 0x0818 [ 71CA480F63B0962B7756D34AEBCABEEC, 11BF1B58DCD5E5F13FF02A68ABDAF8855A28C9351ADD6A1A43BDB66BB03C4D4F ] C:\Program Files\Symantec\Symantec Endpoint Protection\trident.dll
14:41:11.0620 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\trident.dll - ok
14:41:11.0620 0x0818 [ AE53935F636BF34238913CEE892C8034, C770798892DF6F9ACAE01F362FAB2DEEF533E02E836D6649044026AF9A587778 ] C:\Program Files\Symantec\Symantec Endpoint Protection\deuParser.dll
14:41:11.0620 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\deuParser.dll - ok
14:41:11.0620 0x0818 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
14:41:11.0620 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
14:41:11.0620 0x0818 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
14:41:11.0620 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
14:41:11.0620 0x0818 [ 32CEE52C4FA7DC61FD9210C6209272EC, 4BDD6C1B95F91FE236E61F4F6924F75709BC523BAD8DCEBF073A285BCFFCC20A ] C:\Program Files\Symantec\Symantec Endpoint Protection\tseConfig.dll
14:41:11.0620 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\tseConfig.dll - ok
14:41:11.0620 0x0818 [ 43D4BABDEC28B332166EAC5EAA59F0B2, AC4DFED57CB47B88B179B59C0F0E2BE2BAB5DCD3A51C86D11B05D247D93EEACF ] C:\Program Files\Symantec\Symantec Endpoint Protection\SpNet.dll
14:41:11.0620 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SpNet.dll - ok
14:41:11.0620 0x0818 [ 4DA4693DEA4457D104BE8616F3CF12B2, 05CBEB528D1BD8D994D0AB2CFB0AB63389B6FE4D76E3B81E2ABA2A6138CF5873 ] C:\Program Files\Symantec\Symantec Endpoint Protection\NacManager.plg
14:41:11.0620 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\NacManager.plg - ok
14:41:11.0636 0x0818 [ 6A64636F9606A0D63F8594A7062164C3, 59DDE18BE60D75FBC947BB0D197003B71D5304900F08B49E633300715EAA78B5 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SyLog.dll
14:41:11.0636 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SyLog.dll - ok
14:41:11.0636 0x0818 [ 1F5AFD468EB5E09E9ED75A087529EAB5, 8204DBCC054C1E54B6065BACB78C55716681AD91759E25111B4E4797E51D0AA3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
14:41:11.0636 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll - ok
14:41:11.0636 0x0818 [ 8AC0C1F6E9AAE3BEBA198099689CB0FF, F2D2323E6CE4BC0DDBFD39742C8F19E2CB6F23B3CB0717030686670E433AB007 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SyLink.dll
14:41:11.0636 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SyLink.dll - ok
14:41:11.0636 0x0818 [ 24D019CBFF8260AC6C92E75C6C4EA053, 5FA2B8ECE2FE020B8BA0C13E4616CB9C70E848C139119B0F1B32EEDF95E48D6D ] C:\Program Files\Symantec\Symantec Endpoint Protection\DataMan.dll
14:41:11.0636 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\DataMan.dll - ok
14:41:11.0636 0x0818 [ C5ACAB147F9697F40ECEBB4BC0247EBF, 872C21861DDD24E2A95A2E87CC1D06EBF80D5A1D2C78CA792E2325001519E9D4 ] C:\WINDOWS\system32\wininet.dll
14:41:11.0636 0x0818 C:\WINDOWS\system32\wininet.dll - ok
14:41:11.0636 0x0818 [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
14:41:11.0636 0x0818 C:\WINDOWS\system32\wsock32.dll - ok
14:41:11.0636 0x0818 [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
14:41:11.0636 0x0818 C:\WINDOWS\system32\normaliz.dll - ok
14:41:11.0636 0x0818 [ 743A679E9EBFBF63AF22199B5F8A451F, A8C42A9DAFC4DEECE5CF895BBCEA8D884DADA1B58142AA4CB91CB97BB968AEBF ] C:\WINDOWS\system32\urlmon.dll
14:41:11.0636 0x0818 C:\WINDOWS\system32\urlmon.dll - ok
14:41:11.0652 0x0818 [ 49BDB041049367849C621D9D381E4823, D3659FFFB56E4D595AE55F9D17A394E11C5A30C3D5838B2719E75C9120FD2CDA ] C:\WINDOWS\system32\iertutil.dll
14:41:11.0652 0x0818 C:\WINDOWS\system32\iertutil.dll - ok
14:41:11.0652 0x0818 [ 698EF8956D98A709C78BC211FDB5F502, 45C674BD62D04180C92E499002A5038E429F966701F7B7097DF865971BBD42C5 ] C:\Program Files\Symantec\Symantec Endpoint Protection\tse.dll
14:41:11.0652 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\tse.dll - ok
14:41:11.0652 0x0818 [ DBA94132A6878DC4FBBAC44902CE6395, 2F051E6261A72AC4237F9399DAEEF415BED29AB52A87D3E6798C56F60819AFF6 ] C:\Program Files\Symantec\Symantec Endpoint Protection\PSSensor.dll
14:41:11.0652 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\PSSensor.dll - ok
14:41:11.0652 0x0818 [ 0253A24870BFDE3479B38420D641012D, 62A9CF0B898CCCD97570527FCDDD5607AFD84BE941ED55AB34670EAF8727033D ] C:\Program Files\Symantec\Symantec Endpoint Protection\SSSensor.dll
14:41:11.0652 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SSSensor.dll - ok
14:41:11.0652 0x0818 [ F33D8EB4F269FAE41AEEF5E4DABED31B, 6F42FC65EFE1126CBF65FC1D460DE05B914DE9E6CF670D7C0E1C0F52983D678A ] C:\Program Files\Symantec\Symantec Endpoint Protection\idstrafficpipe.dll
14:41:11.0652 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\idstrafficpipe.dll - ok
14:41:11.0652 0x0818 [ 70061C9E52FA9E9EF216B63130DC97CA, 5605FDC90FEC4E3123E89765CA654B2333648544F8B3DE407C8D0AF2CB9B89B1 ] C:\Program Files\Symantec\Symantec Endpoint Protection\TFMAN.DLL
14:41:11.0652 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\TFMAN.DLL - ok
14:41:11.0652 0x0818 [ 77C24ADA7841EAF6831D4DF547F0B98C, A9772926FB7D5CD49EE8D434296610DE1EB0648B74BE06C5F7DF2DE7E296638C ] C:\Program Files\Symantec\Symantec Endpoint Protection\wpsman.dll
14:41:11.0652 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\wpsman.dll - ok
14:41:11.0652 0x0818 [ D1899CB50A81F4C43C8C771E5C85A082, BB184E1D90554FC7F97CFAE3D12B01C2C0F702CA18498DBE76A247BDF72B7A54 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SgHI.dll
14:41:11.0652 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SgHI.dll - ok
14:41:11.0667 0x0818 [ 2B06F7C77CC7DA10C7C5947993D1190C, AE5D8638848D434854A249EF460F2B7481695E6FB552E630136BC0AD75C2FB49 ] C:\Program Files\Symantec\Symantec Endpoint Protection\sfConfig.dll
14:41:11.0667 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\sfConfig.dll - ok
14:41:11.0667 0x0818 [ 4DC545EAF4C479FF4717821D68B585D8, D49643BB9B51998FE74AFDC47840F44F0D9E11DF88462FEF7EA068A4EE80B272 ] C:\Program Files\Symantec\Symantec Endpoint Protection\sgConfig.dll
14:41:11.0667 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\sgConfig.dll - ok
14:41:11.0667 0x0818 [ 5C1F0537E61F87B435F56E00B4F20EE8, AA4BAD8612F45125421C13536D6E7FB4C85BA6DE7D61BDE19949286FB1910B3D ] C:\WINDOWS\system32\snmpapi.dll
14:41:11.0667 0x0818 C:\WINDOWS\system32\snmpapi.dll - ok
14:41:11.0667 0x0818 [ 02C37D5D1D9528B5BC228DB339AE92F2, EE5AB2FAD9B0C26BA12F3181B43CB6B7E7B701CDA886033D6D8F71F76684AB0F ] C:\Program Files\Symantec\Symantec Endpoint Protection\Netport.dll
14:41:11.0667 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\Netport.dll - ok
14:41:11.0667 0x0818 [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll
14:41:11.0667 0x0818 C:\WINDOWS\system32\msi.dll - ok
14:41:11.0667 0x0818 [ 28A09777D2D952122567A8A82F1A2C7B, 772260DF36AE85A0619C51402DE416E0C329976B724C8E9C4F8C013CBB7C7289 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
14:41:11.0667 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
14:41:11.0667 0x0818 [ 0BFB800C093B7751C8C32EF503A4CBE6, EEB274865A804520DB7090BEC4F883F23038E836F212B00EFF40566BDE701218 ] C:\Program Files\Common Files\Symantec Shared\ccL608.dll
14:41:11.0667 0x0818 C:\Program Files\Common Files\Symantec Shared\ccL608.dll - ok
14:41:11.0667 0x0818 [ 66D2DEA2C6D252D14F8443012C21585A, 5800E9096FED28AE4DD6AAA2DFA1EA546E99F228688BC359ED94617381A00C3B ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SmcRes.dll
14:41:11.0667 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SmcRes.dll - ok
14:41:11.0683 0x0818 [ ACFEE2392503DD5E457363A0510B8BCB, 60CFB4C077409ABA90F7C0B0D5B1A0F0D10DFA2DA3338AAA174C051724039517 ] C:\WINDOWS\system32\msxml3.dll
14:41:11.0683 0x0818 C:\WINDOWS\system32\msxml3.dll - ok
14:41:11.0683 0x0818 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
14:41:11.0683 0x0818 C:\WINDOWS\system32\dhcpcsvc.dll - ok
14:41:11.0683 0x0818 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
14:41:11.0683 0x0818 C:\WINDOWS\system32\dnsrslvr.dll - ok
14:41:11.0683 0x0818 [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
14:41:11.0683 0x0818 C:\WINDOWS\system32\mprapi.dll - ok
14:41:11.0683 0x0818 [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
14:41:11.0683 0x0818 C:\WINDOWS\system32\activeds.dll - ok
14:41:11.0683 0x0818 [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
14:41:11.0683 0x0818 C:\WINDOWS\system32\adsldpc.dll - ok
14:41:11.0683 0x0818 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
14:41:11.0683 0x0818 C:\WINDOWS\system32\lmhsvc.dll - ok
14:41:11.0683 0x0818 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
14:41:11.0683 0x0818 C:\WINDOWS\system32\wzcsvc.dll - ok
14:41:11.0698 0x0818 [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
14:41:11.0698 0x0818 C:\WINDOWS\system32\atl.dll - ok
14:41:11.0698 0x0818 [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
14:41:11.0698 0x0818 C:\WINDOWS\system32\rtutils.dll - ok
14:41:11.0698 0x0818 [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
14:41:11.0698 0x0818 C:\WINDOWS\system32\wmi.dll - ok
14:41:11.0698 0x0818 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
14:41:11.0698 0x0818 C:\WINDOWS\system32\eapolqec.dll - ok
14:41:11.0698 0x0818 [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
14:41:11.0698 0x0818 C:\WINDOWS\system32\rasapi32.dll - ok
14:41:11.0698 0x0818 [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
14:41:11.0698 0x0818 C:\WINDOWS\system32\qutil.dll - ok
14:41:11.0698 0x0818 [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
14:41:11.0698 0x0818 C:\WINDOWS\system32\dot3api.dll - ok
14:41:11.0698 0x0818 [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
14:41:11.0698 0x0818 C:\WINDOWS\system32\esent.dll - ok
14:41:11.0714 0x0818 [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
14:41:11.0714 0x0818 C:\WINDOWS\system32\rasman.dll - ok
14:41:11.0714 0x0818 [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
14:41:11.0714 0x0818 C:\WINDOWS\system32\tapi32.dll - ok
14:41:11.0714 0x0818 [ DF6B453FBB169D343517E24642E43843, 7F2085E42A67F50C9FCAA7BCAE7213B3ED2E46FDAD3EB4350692AAA0F18D9E2E ] C:\Program Files\Symantec\Symantec Endpoint Protection\AVMan.plg
14:41:11.0714 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\AVMan.plg - ok
14:41:11.0714 0x0818 [ FFE0FF9E55E01DD173EF955A9FA6C266, FEC7FA301622B1C8AF5EC8EC56B570225B9F073CCC8C6BE7F131EBF5E80739EB ] C:\Program Files\Symantec\Symantec Endpoint Protection\GUProxy.plg
14:41:11.0714 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\GUProxy.plg - ok
14:41:11.0714 0x0818 [ 59EADCA276C55135B83FBE91237E4322, 3F0FCB24BECD1BCBC3CE186E6EECA6703D52BC770C1321540E911ED828F62146 ] C:\Program Files\Symantec\Symantec Endpoint Protection\LuMan.plg
14:41:11.0714 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\LuMan.plg - ok
14:41:11.0714 0x0818 [ 780F18D8ABEA0E1EF86FD094A22EB65E, 9A0E3566B65C60F2D0F525E3836EA7E698D80ADE98760CC86F00BB9315D6655B ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\AVManRes.dll
14:41:11.0714 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\AVManRes.dll - ok
14:41:11.0714 0x0818 [ 677C033AF728DD4AC85EECA8414599AE, 6171FF27930C3549A780E59C8BC760E40D555C584852E7E22135CA057E2D42AE ] C:\Program Files\Symantec\Symantec Endpoint Protection\AvPluginImpl.dll
14:41:11.0714 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\AvPluginImpl.dll - ok
14:41:11.0714 0x0818 [ D5E459BED3DB9CF7FC6CC1455F177D2D, FCAB2130FAB57B6728C50D5B9E9924F001C43538DE4F675DE03537FF0D9B84BD ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
14:41:11.0714 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok
14:41:11.0730 0x0818 [ DD2D194C440F5E2D87AC1743717BA76A, 864AA1A9963D25116A5CFE15E5B897F3695E0C96923BC01A4CF880963C9000CE ] C:\Program Files\Symantec\Symantec Endpoint Protection\SymRasMan.dll
14:41:11.0730 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SymRasMan.dll - ok
14:41:11.0730 0x0818 [ 260A069F403DA226D18C058AD14FD3A3, 65649EA8FF712B237C9480DC4AC86680F9C47B32D3C84470267B6CBABD36565F ] C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
14:41:11.0730 0x0818 C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe - ok
14:41:11.0730 0x0818 [ A94DC60A90EFD7A35C36D971E3EE7470, 6C483CBE349863C7DCF6F8CB7334E7D28C299E7D5AA063297EA2F62352F6BDD9 ] C:\WINDOWS\system32\MSVCP71.DLL
14:41:11.0730 0x0818 C:\WINDOWS\system32\MSVCP71.DLL - ok
14:41:11.0730 0x0818 [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
14:41:11.0730 0x0818 C:\WINDOWS\system32\rastls.dll - ok
14:41:11.0730 0x0818 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
14:41:11.0730 0x0818 C:\WINDOWS\system32\cryptui.dll - ok
14:41:11.0730 0x0818 [ CA2F560921B7B8BE1CF555A5A18D54C3, C4D4339DF314A27FF75A38967B7569D9962337B8D4CD4B0DB3ABA5FF72B2BFBB ] C:\WINDOWS\system32\MSVCR71.DLL
14:41:11.0730 0x0818 C:\WINDOWS\system32\MSVCR71.DLL - ok
14:41:11.0730 0x0818 [ 9C653BB189FAE9C5ED0A81F7A16CA15E, 5EC7C9A3A83A962D5B047198AF9214E878E74A7951460946B73B20E15FDB4EA9 ] C:\Program Files\Common Files\Symantec Shared\ccL60U.dll
14:41:11.0730 0x0818 C:\Program Files\Common Files\Symantec Shared\ccL60U.dll - ok
14:41:11.0730 0x0818 [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
14:41:11.0730 0x0818 C:\WINDOWS\system32\riched20.dll - ok
14:41:11.0730 0x0818 [ 46C49E3AD7F1AF448E3CD7F129090454, B1FDA15343DF9321264504E5FF35C17CF865AE85531BDE31DAF1E3BF0357D091 ] C:\Program Files\Symantec\Symantec Endpoint Protection\RasSymEap.dll
14:41:11.0730 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\RasSymEap.dll - ok
14:41:11.0745 0x0818 [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
14:41:11.0745 0x0818 C:\WINDOWS\system32\dbghelp.dll - ok
14:41:11.0745 0x0818 [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
14:41:11.0745 0x0818 C:\WINDOWS\system32\raschap.dll - ok
14:41:11.0745 0x0818 [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
14:41:11.0745 0x0818 C:\WINDOWS\system32\shfolder.dll - ok
14:41:11.0745 0x0818 [ 3BCAC25C3547E5AEAC02A0D00283EECF, 406ED2B6664A7983668F46CA006D8BA723D98503C7CC4324000F013DBEFEE066 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\GUProxyRes.dll
14:41:11.0745 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\GUProxyRes.dll - ok
14:41:11.0745 0x0818 [ 96571AA332026E659592DBA76A71CF94, 8EEC41AA093F69F9899CC632A2CF83ED76F9056756E550E3A6BAEE335A402032 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\LUManRes.dll
14:41:11.0745 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\LUManRes.dll - ok
14:41:11.0745 0x0818 [ C88A3EC406E25C65FB85B5375B42DF2E, D9B504789F2F80D8EC9DE879DF419C2A0699C7EE829347E3B9530590B9D86644 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SescLU.exe
14:41:11.0745 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SescLU.exe - ok
14:41:11.0745 0x0818 [ EEF2AC3990BB04850E5F2382E388B674, F8CB59BC3ADB36868A052E8768D28CD8766E2B6F7A1DFF0AAC6EFD8811BBB4E2 ] C:\WINDOWS\system32\SymNeti.dll
14:41:11.0745 0x0818 C:\WINDOWS\system32\SymNeti.dll - ok
14:41:11.0745 0x0818 [ 20D91DF412574F2F6B1C061C5DC3E8E5, DA73B7378463A53E89260B74097C8E8F8C8E9E490EA66E1FABD60C9EE1D99647 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SescLUPS.dll
14:41:11.0745 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SescLUPS.dll - ok
14:41:11.0761 0x0818 [ D1361B0A87587AC540BB0A629F099B9E, 25B4E0F2CB6EB57E73D3983B1A30F72469AAE4945BA4D824CD5F1586FF29A692 ] C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
14:41:11.0761 0x0818 C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll - ok
14:41:11.0761 0x0818 [ F2559BF80B73B92C39CDEBB5617E4257, B2BBC7596ABA44DB5F631AFDEFDDDBCBDFF67D9416039248F3AC296D7EC4934C ] C:\Program Files\Common Files\Symantec Shared\ccSvc.dll
14:41:11.0761 0x0818 C:\Program Files\Common Files\Symantec Shared\ccSvc.dll - ok
14:41:11.0761 0x0818 [ EB63AA16C75DEEA9E0384160BA8F73F7, D0D805E58F32ADA4BFCC30D0A5BE4E1925894A2C113927B99B93CA35C9DB15E9 ] C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll
14:41:11.0761 0x0818 C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll - ok
14:41:11.0761 0x0818 [ 0E174526B6E94B8672DABAA1863C5D69, D3F3F7F3ED86BAE64180511DF077E1C758972852602A0E85B123B3154BABE628 ] C:\Program Files\Common Files\Symantec Shared\ccSet.dll
14:41:11.0761 0x0818 C:\Program Files\Common Files\Symantec Shared\ccSet.dll - ok
14:41:11.0761 0x0818 [ 4AEA74AC3D57C0E8D2028518E4780048, 3043C7AC51BEE4E662D62C65BAE0BFBE58610E261872C1F2732BCFE66D5DFEEE ] C:\Program Files\Common Files\Symantec Shared\ccSetPlg.dll
14:41:11.0761 0x0818 C:\Program Files\Common Files\Symantec Shared\ccSetPlg.dll - ok
14:41:11.0761 0x0818 [ 71AFA08152D88F206F337F1895C31D3F, A30D61A3497FAB84E4B98BEB94A7585F3C5F85108B95CD542BEBD103D4EF9978 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131113.023\CCERASER.DLL
14:41:11.0761 0x0818 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131113.023\CCERASER.DLL - ok
14:41:11.0761 0x0818 [ 11A346F549E6447FC820A74CB0832604, 91404C82CD5EAE3486D04374D5D169786598FDA153F31966DDBD6B11219FA7F3 ] C:\Program Files\Common Files\Symantec Shared\SAVSubmissionEngine\SUBENG.dll
14:41:11.0761 0x0818 C:\Program Files\Common Files\Symantec Shared\SAVSubmissionEngine\SUBENG.dll - ok
14:41:11.0761 0x0818 [ 65F03D4BFFC74C4D5AEFAAF0CD8B9A39, 3F9CE667C4C475B8237580DF8B8BBA5D89E4D02F6B75BAC222AFF0DACF59F46F ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SUBRES.loc
14:41:11.0761 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SUBRES.loc - ok
14:41:11.0777 0x0818 [ 56BB1A98E1B71D913439AC1ABBA87E5D, 8BA533CA7D4A0B98566BB475EA33C73C30A20BE6CAD44B4FC9FF7E874C308A5D ] C:\Program Files\Common Files\Symantec Shared\SNDSvc.dll
14:41:11.0777 0x0818 C:\Program Files\Common Files\Symantec Shared\SNDSvc.dll - ok
14:41:11.0777 0x0818 [ 6E2E9985C9032FF51810485F889B9385, 53A31915B96039F6F99A13BBE811805D2643075FB5D40CB836B6B378E13ECA99 ] C:\Program Files\Common Files\Symantec Shared\ccL60.dll
14:41:11.0777 0x0818 C:\Program Files\Common Files\Symantec Shared\ccL60.dll - ok
14:41:11.0777 0x0818 [ A1DA1D2F12FC9752C00AEEBCAD35AB94, 256E8B42ACACA441DA3457C4DB06F95C65AA8E2D38E7DDFCF78B48E0EF83A148 ] C:\Program Files\Common Files\Symantec Shared\ccEvtPlg.dll
14:41:11.0777 0x0818 C:\Program Files\Common Files\Symantec Shared\ccEvtPlg.dll - ok
14:41:11.0777 0x0818 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] C:\WINDOWS\system32\schedsvc.dll
14:41:11.0777 0x0818 C:\WINDOWS\system32\schedsvc.dll - ok
14:41:11.0777 0x0818 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
14:41:11.0777 0x0818 C:\WINDOWS\system32\netman.dll - ok
14:41:11.0777 0x0818 [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
14:41:11.0777 0x0818 C:\WINDOWS\system32\netshell.dll - ok
14:41:11.0777 0x0818 [ E47E364C96467FD54FA44D59F927C3AB, D48C377A7ACF805C413D4618A099A50BE6724E8996C151B00DEAFD27CA935183 ] C:\WINDOWS\system32\msidle.dll
14:41:11.0777 0x0818 C:\WINDOWS\system32\msidle.dll - ok
14:41:11.0777 0x0818 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] C:\WINDOWS\system32\spoolsv.exe
14:41:11.0777 0x0818 C:\WINDOWS\system32\spoolsv.exe - ok
14:41:11.0792 0x0818 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] C:\WINDOWS\system32\audiosrv.dll
14:41:11.0792 0x0818 C:\WINDOWS\system32\audiosrv.dll - ok
14:41:11.0792 0x0818 [ 23CF6620A9C815052B74B199BA27FD17, 63E03C73DAE4CF7503D43CB20DCA6E48FA2E891D54E7A149CA2E0154EAB4382F ] C:\Documents and Settings\All Users\Application Data\Symantec\SyKnAppS\SyKnAppS.dll
14:41:11.0792 0x0818 C:\Documents and Settings\All Users\Application Data\Symantec\SyKnAppS\SyKnAppS.dll - ok
14:41:11.0792 0x0818 [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
14:41:11.0792 0x0818 C:\WINDOWS\system32\credui.dll - ok
14:41:11.0792 0x0818 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
14:41:11.0792 0x0818 C:\WINDOWS\system32\dot3dlg.dll - ok
14:41:11.0792 0x0818 [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
14:41:11.0792 0x0818 C:\WINDOWS\system32\onex.dll - ok
14:41:11.0792 0x0818 [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
14:41:11.0792 0x0818 C:\WINDOWS\system32\eappcfg.dll - ok
14:41:11.0792 0x0818 [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
14:41:11.0792 0x0818 C:\WINDOWS\system32\eappprxy.dll - ok
14:41:11.0792 0x0818 [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
14:41:11.0792 0x0818 C:\WINDOWS\system32\wzcsapi.dll - ok
14:41:11.0808 0x0818 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
14:41:11.0808 0x0818 C:\WINDOWS\system32\wkssvc.dll - ok
14:41:11.0808 0x0818 [ 7F3BA221DB3A3D96655D24A496381B07, 1542329594D88293973B549810109CE3CADE792D091142F90939558BEF85F873 ] C:\Program Files\Common Files\Symantec Shared\COH\AHS.dll
14:41:11.0808 0x0818 C:\Program Files\Common Files\Symantec Shared\COH\AHS.dll - ok
14:41:11.0808 0x0818 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] C:\WINDOWS\system32\drivers\mrxdav.sys
14:41:11.0808 0x0818 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
14:41:11.0808 0x0818 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] C:\WINDOWS\system32\webclnt.dll
14:41:11.0808 0x0818 C:\WINDOWS\system32\webclnt.dll - ok
14:41:11.0808 0x0818 [ 364D782EC62FA49684237BDBBA72DC82, C3D99A62796C0B811AFF60AEE643C7D33A919F0561FC24FE2A0F17F5B58743ED ] C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll
14:41:11.0808 0x0818 C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll - ok
14:41:11.0808 0x0818 [ ABF355FF90416C601076B8F5AD9968CA, 189FDD4F6F0ECCD2B9E84A9375D6E8B8ABE606220B008C488ECDD0844EF2315B ] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll
14:41:11.0808 0x0818 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll - ok
14:41:11.0808 0x0818 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] C:\WINDOWS\system32\drivers\parvdm.sys
14:41:11.0808 0x0818 C:\WINDOWS\system32\drivers\parvdm.sys - ok
14:41:11.0808 0x0818 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:41:11.0808 0x0818 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
14:41:11.0823 0x0818 [ 6C63DC384A15E2AFD4A860031EF40267, 4BD4566620C7E44B594F89F80A1AA84C5B7BD5D9F87962BDEFF39FFB3C9A60CF ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
14:41:11.0823 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
14:41:11.0823 0x0818 [ CFC5D726FE9651704AFACFB2204C9538, CE38A33A68E457AB83B0E035DCAA76D29605D2E0164B141D656FD7A1942D50D4 ] C:\Program Files\Common Files\Symantec Shared\SAVSubmissionEngine\SUBCONN.dll
14:41:11.0823 0x0818 C:\Program Files\Common Files\Symantec Shared\SAVSubmissionEngine\SUBCONN.dll - ok
14:41:11.0823 0x0818 [ 63E8D944AFBEEBB243F25C4ED07E74C5, 848AEE9975218939F7EB2C3548EA6AE235C54B1B2E2AF6835A034976A0CFDD28 ] C:\WINDOWS\system32\inetmib1.dll
14:41:11.0823 0x0818 C:\WINDOWS\system32\inetmib1.dll - ok
14:41:11.0823 0x0818 [ 6D41F6AA35220E7A54543075B27E8F83, 3350373F3443954B4DABE39955FD9B3C7FC223B73CC1429793A920ED17FB8A06 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
14:41:11.0823 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
14:41:11.0823 0x0818 [ 6953E980ADCA0BE816C7FF463695499A, 86FF463C3997B790BC6CFE8D5605FE858BF0FF841A61481C8890C7EFCEE28351 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
14:41:11.0823 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
14:41:11.0823 0x0818 [ D146FBAAF16677BD49624C970557D4E7, 766256735E620819457CF995D4CFABC985846F51D336360BCF5633FF2308FFCD ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SgHIRes.dll
14:41:11.0823 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SgHIRes.dll - ok
14:41:11.0823 0x0818 [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
14:41:11.0823 0x0818 C:\WINDOWS\system32\netcfgx.dll - ok
14:41:11.0823 0x0818 [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
14:41:11.0823 0x0818 C:\WINDOWS\system32\clusapi.dll - ok
14:41:11.0839 0x0818 [ 02C2C95291BB131CF99AC7989736EAC2, 77A47DF51BE25EA6C2F6A42A44D3BD26C689AB88FA11C8B0B0C903E8FDA58AFD ] C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSubmitter.dll
14:41:11.0839 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSubmitter.dll - ok
14:41:11.0839 0x0818 [ C9680F06E51DB8B9A0772C20F3E10DB6, F279BA57FC12E7F031300A79BF35C7BA77BBB8B836768864E6D76E219BF95096 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
14:41:11.0839 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
14:41:11.0839 0x0818 [ 0DFA4D5E8205614EDA53394E637812E4, EEFF82683D2818E505556DCDC220FC246DBE61612BD272CA844FC3FC8BADC0B1 ] C:\WINDOWS\system32\vdmdbg.dll
14:41:11.0839 0x0818 C:\WINDOWS\system32\vdmdbg.dll - ok
14:41:11.0839 0x0818 [ 78865ABC5F5D13190F8B35BD9044714A, A16E0158129AE76AE459D9424D246C01ECECCC87A27C40D8DB0232330D2F5458 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
14:41:11.0839 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
14:41:11.0839 0x0818 [ 6A76FB5804AA4AC9557274E9F91B80E8, 68332BC61427DBCE16C4CDD607B78EC49CF0BF3133351732E965F42325B529DE ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SpNetRes.dll
14:41:11.0839 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SpNetRes.dll - ok
14:41:11.0839 0x0818 [ FF9831030678C7B6D70BAC00F68F8976, BFA9DA98F93910B8FE09EA06F917AB1F5435FCE9F786EABDF1970E19B2C63FDC ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
14:41:11.0839 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
14:41:11.0839 0x0818 [ 9ABB7CDAC0914579C86990048771B1B4, D2BDF9B4F3AB295CA9FA684B7AE120DD4CC468E4F690C6A15845188A3611BD2F ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
14:41:11.0839 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
14:41:11.0839 0x0818 [ D311797A7D094BD84E19C45C048958BD, CAC644E0B3B37FF1CA91DF430615ABA7AA59531C0A1A20C42C6405235A8572AF ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\tseRes.dll
14:41:11.0839 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\tseRes.dll - ok
14:41:11.0855 0x0818 [ B37D3401053C62B3CF08D358B4EC1BD1, FC096FF79EC99134DF663C822B369526115FA221BDDF40B3E80F0FBBEC5858BB ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SAVSubmitterRes.dll
14:41:11.0855 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SAVSubmitterRes.dll - ok
14:41:11.0855 0x0818 [ 0E6DACCCB9001053E1041BD943ED00F0, B8A6624EB31CCB2F0438C4DA02D5FA298D2729AAD8CC430A8ADC315553F1AF3D ] C:\Program Files\Common Files\Symantec Shared\SRTSP\Srtsp32.dll
14:41:11.0855 0x0818 C:\Program Files\Common Files\Symantec Shared\SRTSP\Srtsp32.dll - ok
14:41:11.0855 0x0818 [ F412B069CB5D337110F65169CC425A2B, 876998E9D4786D4819E36F89B0F99B6F47FA59274AF56249C02158F8978BB505 ] C:\Program Files\Symantec\LiveUpdate\ProductRegCom_3_3.DLL
14:41:11.0855 0x0818 C:\Program Files\Symantec\LiveUpdate\ProductRegCom_3_3.DLL - ok
14:41:11.0855 0x0818 [ A7F361875622AA5829AA39BA248F68E9, BCAC4FD9D7FD02EB010DCB5301CF3459A0F0BBAA62162D510E962FF33FFC7ED4 ] C:\WINDOWS\system32\adsldp.dll
14:41:11.0855 0x0818 C:\WINDOWS\system32\adsldp.dll - ok
14:41:11.0855 0x0818 [ BCD78C066F114A409613325C27B0F95A, 20F7FEE775579BF76EE73DD698AEAD016B4CDE17DB36C35AE26C6E986432BA51 ] C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
14:41:11.0855 0x0818 C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll - ok
14:41:11.0855 0x0818 [ 1F1D608ABCC34CA2A5369C95B47605F0, 3D116A14CFC3723257521EA309EF1FB3C950691756A89A839DF3F8DBFBAE56BE ] C:\WINDOWS\system32\atl71.dll
14:41:11.0855 0x0818 C:\WINDOWS\system32\atl71.dll - ok
14:41:11.0855 0x0818 [ FB9D14F015A7989069F1247C6D0350D7, 778E357F00500584DE714EE9E2810B926FB698F2BF16A578C0587457ECC45C45 ] C:\Program Files\Symantec\LiveUpdate\NetDetectController_3_3.DLL
14:41:11.0855 0x0818 C:\Program Files\Symantec\LiveUpdate\NetDetectController_3_3.DLL - ok
14:41:11.0855 0x0818 [ D47913F993A0E3A0C9F1E88FD02E98C6, 292AC2E38E76E74BCC92E583546C6E7571E68078E30BAB2042A29DD1E18D4D11 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
14:41:11.0855 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
14:41:11.0870 0x0818 [ 8696526D5B903A98545670AD5819D8FC, 2FE5F10EBB7998FC344A81E4BE8B1DB65265D99C23618FCC211B62940E76CDE3 ] C:\Program Files\Common Files\Symantec Shared\ccProSub.dll
14:41:11.0870 0x0818 C:\Program Files\Common Files\Symantec Shared\ccProSub.dll - ok
14:41:11.0870 0x0818 [ 4B1BC262B76232056F3B247C37F26940, A08AB5280687D699CCD307196E72847B23D0A475744EF7C73654DEFEE0FB2CF2 ] C:\Program Files\Symantec\LiveUpdate\MFC71.DLL
14:41:11.0870 0x0818 C:\Program Files\Symantec\LiveUpdate\MFC71.DLL - ok
14:41:11.0870 0x0818 [ 43A0A24CD12B110DC93462D6B035C961, C92EB4BD0714A542EC18B2D08320DF1C8C5E0A14F4F6653F65AAF0465EBB7ECE ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
14:41:11.0870 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
14:41:11.0870 0x0818 [ BAF751E7061FF626AA60F56D1D5D1FDC, 177B0BAC987E7882449BD7C5900406F61A997F97EA1797614C8D86F40F03648B ] C:\WINDOWS\system32\MFC71ENU.DLL
14:41:11.0870 0x0818 C:\WINDOWS\system32\MFC71ENU.DLL - ok
14:41:11.0870 0x0818 [ F6FD367C9EAAEDF90CD7A7952AE0B336, 65DF0688F18EC3DEC27E725DC3A2F0D656F321832BDFA45253C0933620214AAF ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
14:41:11.0870 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
14:41:11.0870 0x0818 [ 4D9B3DFBAB2EA93B594B74D47E0B4E5D, 01DD03D27E27BC7E8B454543C36F83D9F71BD7A17D39D72B815DA5F5AFF115BF ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
14:41:11.0870 0x0818 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
14:41:11.0870 0x0818 [ 062373995EAE5F0EAC9EAA9192136BFB, 0392D5656BD677C4C5CB74C96E7B85B0867F2535A37950AEC7F5C4A1A70D19AE ] C:\WINDOWS\system32\dnssd.dll
14:41:11.0870 0x0818 C:\WINDOWS\system32\dnssd.dll - ok
14:41:11.0870 0x0818 [ FBDC1D23E595C22805BFE35D677732DA, C2D17DB780F45D408AC14296B4CE2F4C32CDC479599DCB176CA7708A57CDA5A2 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
14:41:11.0870 0x0818 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
14:41:11.0886 0x0818 [ A60BDB22CDCEA7818465D58BE76640FA, E51DE4A107398562643A3461F71B2A93E627D49279187091CA0948AE379A9F82 ] C:\Program Files\Intel\ASF Agent\ASFAgent.exe
14:41:11.0886 0x0818 C:\Program Files\Intel\ASF Agent\ASFAgent.exe - ok
14:41:11.0886 0x0818 [ EECC1D40AA10F85126708796ABA1E7D5, 00E15C8C1D25AD6B80A4ABC0B9547FF179358F71A76317EEE56AD4CF56FBAA0C ] C:\Program Files\Intel\AMT\atchksrv.exe
14:41:11.0886 0x0818 C:\Program Files\Intel\AMT\atchksrv.exe - ok
14:41:11.0886 0x0818 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] C:\Program Files\Bonjour\mDNSResponder.exe
14:41:11.0886 0x0818 C:\Program Files\Bonjour\mDNSResponder.exe - ok
14:41:11.0886 0x0818 [ 58B61578D5704E9FC8B8A9861A85069D, 2BFD70F75DD3085E4A1FF2611A4712E2BC89034614B127AB90CE6DCF7C281739 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
14:41:11.0886 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
14:41:11.0886 0x0818 [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
14:41:11.0886 0x0818 C:\WINDOWS\system32\powrprof.dll - ok
14:41:11.0886 0x0818 [ A7DDDDE163F16AB49DF3DE9EEC715495, 00F83712F55C4B54F5B54595CDA2BCCDFCB72F0B31EED8274F87232106995EA6 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
14:41:11.0886 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
14:41:11.0886 0x0818 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:41:11.0886 0x0818 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
14:41:11.0886 0x0818 [ E5F7C30EDF0892667933BE879F067D67, E4BA45F4C6C74A0CDE9B12A00C91E2F5EF83536C89C9053DEC507CBB4F130A12 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
14:41:11.0886 0x0818 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
14:41:11.0902 0x0818 [ 08A73B0E7EE6E32983B5F9E540A8E380, D9FC89B19C9131C2246D82942D5E6A09F20CB488C26EF007695F1CABB53C8F91 ] C:\WINDOWS\system32\mscoree.dll
14:41:11.0902 0x0818 C:\WINDOWS\system32\mscoree.dll - ok
14:41:11.0902 0x0818 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
14:41:11.0902 0x0818 C:\WINDOWS\system32\cryptsvc.dll - ok
14:41:11.0902 0x0818 [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
14:41:11.0902 0x0818 C:\WINDOWS\system32\certcli.dll - ok
14:41:11.0902 0x0818 [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] C:\Program Files\Google\Update\GoogleUpdate.exe
14:41:11.0902 0x0818 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
14:41:11.0902 0x0818 [ 6D6B5D52BB81F82F5D0103E6175D1F4F, 14DE1E4C28FC5F8CFFA7D925561DC1F237D55DD663836E20AA4D7485B01C261D ] C:\Program Files\Google\Update\1.3.21.165\goopdate.dll
14:41:11.0902 0x0818 C:\Program Files\Google\Update\1.3.21.165\goopdate.dll - ok
14:41:11.0902 0x0818 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
14:41:11.0902 0x0818 C:\WINDOWS\system32\dmserver.dll - ok
14:41:11.0902 0x0818 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] C:\WINDOWS\system32\ersvc.dll
14:41:11.0902 0x0818 C:\WINDOWS\system32\ersvc.dll - ok
14:41:11.0902 0x0818 [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
14:41:11.0902 0x0818 C:\WINDOWS\system32\msimg32.dll - ok
14:41:11.0917 0x0818 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267, E08A376FA5D43C19651D3186B7732B627EBFE7C3D8B982D24937A39C5F61299A ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
14:41:11.0917 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
14:41:11.0917 0x0818 [ 580DB14E2FB3881717C95EE926D39A96, D5443B309F5573FCF6B166E13D9C1CB9FAE7045C1E65405834A720C497BC18FA ] C:\Program Files\Intel\ASF Agent\ASFCfgsv.dll
14:41:11.0917 0x0818 C:\Program Files\Intel\ASF Agent\ASFCfgsv.dll - ok
14:41:11.0917 0x0818 [ C3C8D359D1FCB72941F75F8A302BFBDE, E09690FEA221A9FC7446963CA016DA45317939A8C286B0BECD1A1DBBF25CCBDC ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
14:41:11.0917 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
14:41:11.0917 0x0818 [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
14:41:11.0917 0x0818 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
14:41:11.0917 0x0818 [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:41:11.0917 0x0818 C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - ok
14:41:11.0917 0x0818 [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
14:41:11.0917 0x0818 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
14:41:11.0917 0x0818 [ 994AD0D8550B8B26990A6E3AA0791502, 816CC3E7C272AEAD4623415F69150709549586CCCD348EE2D9E18D7AB43455F6 ] C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll
14:41:11.0917 0x0818 C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll - ok
14:41:11.0917 0x0818 [ 9A8509D60997783A54AAEFE853E4BE14, 1C760326A1149968E588726446112A4A745BD13205E82C8B174024DD93F94009 ] C:\WINDOWS\system32\AsfBios.dll
14:41:11.0917 0x0818 C:\WINDOWS\system32\AsfBios.dll - ok
14:41:11.0933 0x0818 [ 4EA92135C436D18975C2EBEC242B71DA, DD2B489667D9A196D120A9AE73E5DA9CECD92E876A59C9C0645DA4C641E8F4B4 ] C:\WINDOWS\system32\icmp.dll
14:41:11.0933 0x0818 C:\WINDOWS\system32\icmp.dll - ok
14:41:11.0933 0x0818 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
14:41:11.0933 0x0818 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
14:41:11.0933 0x0818 [ 4044E880593FE1AC9942190FCE414BE7, 1EBD42F10592D57A2C8562C641461DE5288D9E900FE91A4A1800C9AB9034F2CD ] C:\WINDOWS\system32\mstask.dll
14:41:11.0933 0x0818 C:\WINDOWS\system32\mstask.dll - ok
14:41:11.0933 0x0818 [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
14:41:11.0933 0x0818 C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe - ok
14:41:11.0933 0x0818 [ A12A15E7DA56B5FA3A7D96E73F7457F5, 8B068C30DE0D8156BB459B1A1BA773A2862B9E3DC77D014FE8B9AC8203B47EAD ] C:\Program Files\HTC\HTC Sync Manager\NFileMonitorInServices.dll
14:41:11.0933 0x0818 C:\Program Files\HTC\HTC Sync Manager\NFileMonitorInServices.dll - ok
14:41:11.0933 0x0818 [ 72B53E9C8924949DEC8F3799BCBA2251, FA49C575A9FB45729A9A54CE9A78BD93BAA7A514B1488A8A5BD71489CE033D69 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
14:41:11.0933 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
14:41:11.0933 0x0818 [ D845774E6CBB11C68AE45A1E58C4971A, 5FA9353131CF1EFD76F8487F5A6C925E0DEAE12B86D6E746025EE632FA7C9B82 ] C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
14:41:11.0933 0x0818 C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll - ok
14:41:11.0933 0x0818 [ CF7B0E597C1F34E528285495721DEEE9, 59D8590D487F31DF38E389DF41D96951D14FC759E14F683465C17C0CAABD568F ] C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
14:41:11.0933 0x0818 C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe - ok
14:41:11.0948 0x0818 [ 29682FBD45B99A96657E6B58E80F9ABC, 0281E9A396E9DE84529A70EB35A59B07F8BF3AEBDCCEE9D97F046DACF82B4534 ] C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
14:41:11.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll - ok
14:41:11.0948 0x0818 [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
14:41:11.0948 0x0818 C:\WINDOWS\system32\winspool.drv - ok
14:41:11.0948 0x0818 [ 3A1E66A261DEA3187EF5DCC746CDE971, 349D65A9100127111B8A5315F75A66DFFC733F178FF3B1FC9080DB2B31FC22E3 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
14:41:11.0948 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
14:41:11.0948 0x0818 [ C885024786FED9E72E4960781A3D10F2, A86006A0D97166810748685B816142D57CD4B00E768B3EC924629F2F7FBAD5B8 ] C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
14:41:11.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll - ok
14:41:11.0948 0x0818 [ DCAE33D3509282EF8FC4FDCF923B98D0, E5323C85372A48AFDCAA4681FEF297B406F6A1BCA193B82AAED408AB009B2A29 ] C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
14:41:11.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll - ok
14:41:11.0948 0x0818 [ 4278079BAD7EC9F1ABDD16E11AFC3AE7, DD7209D1714C29186A55B8E920323C661C5F3CB20EA562581AD1C94285A0EFEF ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
14:41:11.0948 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
14:41:11.0948 0x0818 [ BECD19345E2364846093F67A4A01A594, 47EC22EFA6FC2F88595B5AA353DCFF47DDEB922C2217BDEC8EDF865FC0FD8905 ] C:\Program Files\HTC\HTC Sync Manager\NInstallerHelper.dll
14:41:11.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\NInstallerHelper.dll - ok
14:41:11.0948 0x0818 [ CF79FF3D10864F73660A34E006B6B8F8, 2F8DD1D9F9FC79436137A06249677554FB42136E7082908727B1AF27B14C71D2 ] C:\WINDOWS\system32\drivers\iPodDrv.sys
14:41:11.0948 0x0818 C:\WINDOWS\system32\drivers\iPodDrv.sys - ok
14:41:11.0964 0x0818 [ 5C89608DE772C37414C8EBC3D7A49575, 65F2C2A32184492DA80014386437246EB505DFF02088494542D44B71F61AF652 ] C:\Program Files\HTC\HTC Sync Manager\NDeviceMonitor.dll
14:41:11.0964 0x0818 C:\Program Files\HTC\HTC Sync Manager\NDeviceMonitor.dll - ok
14:41:11.0964 0x0818 [ 381B25DC8E958D905B33130D500BBF29, DD351662579CD575A9C4A78901D30FFE909432A204B98B8328A00B16769A6838 ] C:\Program Files\Java\jre6\bin\jqs.exe
14:41:11.0964 0x0818 C:\Program Files\Java\jre6\bin\jqs.exe - ok
14:41:11.0964 0x0818 [ 74BF954B50FAB11651CF043B6855FA89, 8C8A6F86D6463092837FEFBD1E65DFBAC97C7D066AFAAFCD1BDB1AF033119035 ] C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
14:41:11.0964 0x0818 C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll - ok
14:41:11.0964 0x0818 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files\Java\jre6\bin\msvcr71.dll
14:41:11.0964 0x0818 C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
14:41:11.0964 0x0818 [ 62CF83A6989312A0DD39BBFFB3D1C166, 05FB7F06444B4958BE3EFC6909614D516BE5FE3929E0F58D2C13C2A211C1F86A ] C:\WINDOWS\system32\pdh.dll
14:41:11.0964 0x0818 C:\WINDOWS\system32\pdh.dll - ok
14:41:11.0964 0x0818 [ 369F7B1A4F358B976176556A1A331F36, 65A60C4C5D816D53DDAA208FEEDD4F8C185A77BACB8736EADCAE2F454C8FFC08 ] C:\WINDOWS\system32\odbcbcp.dll
14:41:11.0964 0x0818 C:\WINDOWS\system32\odbcbcp.dll - ok
14:41:11.0964 0x0818 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll
14:41:11.0964 0x0818 C:\WINDOWS\system32\srvsvc.dll - ok
14:41:11.0964 0x0818 [ C518D248041C259FCFA7175C866915C3, ACCDE9CF6B2E710CE771C87FB90886BDCB5D171E9712FE481E654AF6E0E035A9 ] C:\Program Files\Intel\AMT\LMS.exe
14:41:11.0964 0x0818 C:\Program Files\Intel\AMT\LMS.exe - ok
14:41:11.0980 0x0818 [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
14:41:11.0980 0x0818 C:\WINDOWS\system32\netmsg.dll - ok
14:41:11.0980 0x0818 [ A2AE666CEE860BABE7FA6F1662B71737, 149F52A9510A645A4B3C2981CAD0CB20C6CF82982BE5E7A1180E18C6AB647901 ] C:\WINDOWS\system32\drivers\MASPINT.SYS
14:41:11.0980 0x0818 C:\WINDOWS\system32\drivers\MASPINT.SYS - ok
14:41:11.0980 0x0818 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys
14:41:11.0980 0x0818 C:\WINDOWS\system32\drivers\srv.sys - ok
14:41:11.0980 0x0818 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
14:41:11.0980 0x0818 C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe - ok
14:41:11.0980 0x0818 [ 853D0D0C6F02D7BFDF1CF99DD7553732, AC761B4CA518B787CB2C18101606E5F64245049D140C72B6B1112556DEC86B2E ] C:\WINDOWS\system32\pstorsvc.dll
14:41:11.0980 0x0818 C:\WINDOWS\system32\pstorsvc.dll - ok
14:41:11.0980 0x0818 [ 22D89D84E8E081CDA529DBF8C0255A38, 26863A2D27BE257D99EF28A612FC1B514558B27002EF10B0F682BC15C6D1CD74 ] C:\WINDOWS\system32\psbase.dll
14:41:11.0980 0x0818 C:\WINDOWS\system32\psbase.dll - ok
14:41:11.0980 0x0818 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] C:\WINDOWS\system32\regsvc.dll
14:41:11.0980 0x0818 C:\WINDOWS\system32\regsvc.dll - ok
14:41:11.0980 0x0818 [ EFBB36E2BB02169D26E9980778FC20D3, 8CEFDEA2C7F7527CC2D5E44ED44AC544282723DC11B1D2EDE79245617914C019 ] C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
14:41:11.0980 0x0818 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe - ok
14:41:11.0980 0x0818 [ 22E2F73A15B70D1A5103661B380B91BA, 84A4DA59B567C1A8179C82A3F1A5102F39BFD95336C38CB390C01F638106464C ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll
14:41:11.0980 0x0818 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll - ok
14:41:11.0995 0x0818 [ 415E8B6274CBF1AF3373C321595359D1, 442C04C5508571F617662E2C0A059661EE8691B1A411831B81672725F01C0B5B ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
14:41:11.0995 0x0818 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll - ok
14:41:11.0995 0x0818 [ ACDAFCD14EC0ECE89198503746A5C147, F90876961B6966915C4A1847F91F45282FFA48140D01503EF9013E774661C4E8 ] C:\WINDOWS\system32\perfos.dll
14:41:11.0995 0x0818 C:\WINDOWS\system32\perfos.dll - ok
14:41:11.0995 0x0818 [ ABFB673B24A9B3287761D497529FB5B9, FD0DEC392BE1632C33E90981D799DD5C11C9D257F0B1D3190FA32658EB706F0A ] C:\WINDOWS\system32\perfdisk.dll
14:41:11.0995 0x0818 C:\WINDOWS\system32\perfdisk.dll - ok
14:41:11.0995 0x0818 [ 78E680A105F47B6AA0003BD23ED9FA51, 9D582B147EEC3D4B38BCFA931375242F138EBCD6181631D169C04125F4D03C0C ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
14:41:11.0995 0x0818 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe - ok
14:41:11.0995 0x0818 [ D2B33D3ED16DE3EB0B02B4068C24B1FB, 4B99477849627E66C805597BBB446FE8A98B7AD150204205C6271EA4F86E09FA ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll
14:41:11.0995 0x0818 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll - ok
14:41:11.0995 0x0818 [ EA033137F0ABFF915D3DF13F1F1BC6D4, 896650E73E00210A02C522D844C82B9315F42DAECD577A6C82F7570C6AAAC154 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll
14:41:11.0995 0x0818 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll - ok
14:41:11.0995 0x0818 [ 4BAC44D729331A8FD39179F2DEB10051, F33F00946668775D56DE1241EB853886F72939CBF93D7BF0411CFE54A7D3F399 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll
14:41:11.0995 0x0818 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll - ok
14:41:12.0011 0x0818 [ DE29A16A182A6B87EF2BEA510AC9D62E, 65A2C6F7165AF7F0F08559CB4A8EEED72A577E1F360BFB7999D782A0CA12C180 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll
14:41:12.0011 0x0818 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll - ok
14:41:12.0011 0x0818 [ 87F175539DBBA297018AA7FCDD563FF7, 969862DCD5E62FA1B8F728DE970AE5CE9853E626DA65BDFCD0A816C6F76FD7B6 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
14:41:12.0011 0x0818 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe - ok
14:41:12.0011 0x0818 [ 09DEF3ABB6A196749299359AC5578DD8, 056D88D5A6E7C3D0C5EB1CB0C3EF3B03AB5E34D48E53121B674040804620A6FB ] C:\WINDOWS\system32\msxml4.dll
14:41:12.0011 0x0818 C:\WINDOWS\system32\msxml4.dll - ok
14:41:12.0011 0x0818 [ B923319FCF8134B25E4385BCCF71555B, CA5102FE35EF7CE9373C6402ABDE62A9EBD1D37AEEDB567BC38E2651794D2205 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll
14:41:12.0011 0x0818 C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll - ok
14:41:12.0011 0x0818 [ 1ECBAD1557396E51903413BCD963AF33, F49917999E38CF018AD0CF3EE5D5EA4A29C25E70C781BDB7D19D2B9F6BBD62D6 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll
14:41:12.0011 0x0818 C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll - ok
14:41:12.0011 0x0818 [ 4B1BC262B76232056F3B247C37F26940, A08AB5280687D699CCD307196E72847B23D0A475744EF7C73654DEFEE0FB2CF2 ] C:\WINDOWS\system32\MFC71.DLL
14:41:12.0011 0x0818 C:\WINDOWS\system32\MFC71.DLL - ok
14:41:12.0011 0x0818 [ FF8302AB8F2EC73DE5F230CCEF2FD96E, 0E950391EC2C92E87E7FBD4E0AF048DFA0513B7B4188CBED2A03D36D7C8ABF61 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll
14:41:12.0011 0x0818 C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll - ok
14:41:12.0011 0x0818 [ 1072452CBC7108FEE14529069A150646, E2BB0C185B019AC70256475231DEA00E02CB8417E32F07D92991DB3CAD8F001F ] C:\Program Files\Java\jre6\bin\awt.dll
14:41:12.0011 0x0818 C:\Program Files\Java\jre6\bin\awt.dll - ok
14:41:12.0011 0x0818 [ 01DFD17D4911287193A2F9800BB92637, 6F7DAFCA8953EDECA07957FDB8729AF906AE77A1118D7D655A5B421D304DBE77 ] C:\Program Files\Java\jre6\bin\client\jvm.dll
14:41:12.0011 0x0818 C:\Program Files\Java\jre6\bin\client\jvm.dll - ok
14:41:12.0027 0x0818 [ C6E3798B2324BA6084CCA514BC2E17E0, 01D949528ADB73F09CCD14741416D02C941B94F7B790A69791CE84BAA3AD5F82 ] C:\Program Files\Java\jre6\bin\dcpr.dll
14:41:12.0027 0x0818 C:\Program Files\Java\jre6\bin\dcpr.dll - ok
14:41:12.0027 0x0818 [ 48AD60D7DB76F0C9E511DC9A3F5A5C04, E647A8B5112A60FF86AD42A9A5985064B18E78B76969C68E70F86008E2980FCC ] C:\Program Files\Java\jre6\bin\deploy.dll
14:41:12.0027 0x0818 C:\Program Files\Java\jre6\bin\deploy.dll - ok
14:41:12.0027 0x0818 [ 990987446144409E9BE6BBBA2C8D3F24, 6E2287ED69402C1B467458B9C7BD4D53E5813DE834B8D4AA82A3CC74E8A1C56B ] C:\Program Files\Java\jre6\bin\fontmanager.dll
14:41:12.0027 0x0818 C:\Program Files\Java\jre6\bin\fontmanager.dll - ok
14:41:12.0027 0x0818 [ 165D71AD88A5CF0600302782B4889449, F4E9317FCB3A2FCB5852AF3177B0D3DE992C6F47DFB3FB0FE13B4EDF9060FF48 ] C:\Program Files\Java\jre6\bin\hpi.dll
14:41:12.0027 0x0818 C:\Program Files\Java\jre6\bin\hpi.dll - ok
14:41:12.0027 0x0818 [ CC93EF6C7E4606037AA0DFC3030FB1AF, 47A556B3D6474DD4749C7B24322F85B6A1F6ED1DBB7FA1C1589F98D82AB124AA ] C:\Program Files\Java\jre6\bin\java.dll
14:41:12.0027 0x0818 C:\Program Files\Java\jre6\bin\java.dll - ok
14:41:12.0027 0x0818 [ 9225A1067BC2858575B9787BB3ECC4FD, 728EDF2F9A3D2C81F8A515D4957F88DB9E92C19C0B0DD3DC495F863255DB62F8 ] C:\Program Files\Java\jre6\bin\javaw.exe
14:41:12.0027 0x0818 C:\Program Files\Java\jre6\bin\javaw.exe - ok
14:41:12.0027 0x0818 [ 401E7822BF609BA026DA016A7D6A1510, B91A24937A62B245D17E43D2BE62266394D68C25B6BEE02DB5CE1778E433AE62 ] C:\Program Files\Java\jre6\bin\jp2native.dll
14:41:12.0027 0x0818 C:\Program Files\Java\jre6\bin\jp2native.dll - ok
14:41:12.0027 0x0818 [ 1391D167A90FAB82EDF9BAB7A5197CA9, FD211C595914CA43142F73D6950043BB7830B3A088F4E75AE73206870972A8A8 ] C:\Program Files\Java\jre6\bin\jpeg.dll
14:41:12.0027 0x0818 C:\Program Files\Java\jre6\bin\jpeg.dll - ok
14:41:12.0042 0x0818 [ 42D8FCD4E7C3A38AD65C3361AE82AEB8, ADD9524B03BEBF329BB519E9163B47A0A16E0704A4CF458F8A029FB1D41E5306 ] C:\Program Files\Java\jre6\bin\net.dll
14:41:12.0042 0x0818 C:\Program Files\Java\jre6\bin\net.dll - ok
14:41:12.0042 0x0818 [ AC819C27921D88235C721677A9038DB9, 7AF37D04926547F802B8B5FA013FCD99234E043ACAD0C1E81FB0B0FEB9B708F2 ] C:\Program Files\Java\jre6\bin\nio.dll
14:41:12.0042 0x0818 C:\Program Files\Java\jre6\bin\nio.dll - ok
14:41:12.0042 0x0818 [ 30DA1E051CE4CD91067FB7C205268796, E1699B8B9ABAAB21B1FCAE85345D5FA55B65DEF303402051C5862BA439DCED70 ] C:\Program Files\Java\jre6\bin\regutils.dll
14:41:12.0042 0x0818 C:\Program Files\Java\jre6\bin\regutils.dll - ok
14:41:12.0042 0x0818 [ AB7E93506072ABCC232D2AE4E8773E3E, 5F222D82AAA22802D749BC58C7D0C82E9E99734F773E6C6A2E5B37B10BDDF4D4 ] C:\Program Files\Java\jre6\bin\verify.dll
14:41:12.0042 0x0818 C:\Program Files\Java\jre6\bin\verify.dll - ok
14:41:12.0042 0x0818 [ ABC6254BD961CD29F5F3AE90B4BB96BA, 82CFB9D90EACA05A92D0437731A223E7F3D243460942EA9D716A11E50B25D4DA ] C:\Program Files\Java\jre6\bin\zip.dll
14:41:12.0042 0x0818 C:\Program Files\Java\jre6\bin\zip.dll - ok
14:41:12.0042 0x0818 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] C:\WINDOWS\system32\seclogon.dll
14:41:12.0042 0x0818 C:\WINDOWS\system32\seclogon.dll - ok
14:41:12.0042 0x0818 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
14:41:12.0042 0x0818 C:\WINDOWS\system32\srsvc.dll - ok
14:41:12.0042 0x0818 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] C:\WINDOWS\system32\wiaservc.dll
14:41:12.0042 0x0818 C:\WINDOWS\system32\wiaservc.dll - ok
14:41:12.0058 0x0818 [ F3A4EAD0B3946E439F0397F7A4D09952, 4C58A5BF9F4756F95357E80C20A016E6040323F7A49AC7FAFC73CC783396B7FD ] C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
14:41:12.0058 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe - ok
14:41:12.0058 0x0818 [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
14:41:12.0058 0x0818 C:\WINDOWS\system32\cfgmgr32.dll - ok
14:41:12.0058 0x0818 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1, 502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ] C:\WINDOWS\system32\mscms.dll
14:41:12.0058 0x0818 C:\WINDOWS\system32\mscms.dll - ok
14:41:12.0058 0x0818 [ 900AD71EF01A33486572602FCF04307C, 6A2054A6A1AA66ACE0280BE7EB41296012A176DC881DBFD3B083ED883F21410A ] C:\Program Files\Symantec\Symantec Endpoint Protection\I2ldvp3.dll
14:41:12.0058 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\I2ldvp3.dll - ok
14:41:12.0058 0x0818 [ 464D1F6EE43AE7694207B93BB23C92FD, 37891684FA61314479CF55D58A2F1B4B206F2CA334F7264E72E360AD3F902B69 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\ActaRes.dll
14:41:12.0058 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\ActaRes.dll - ok
14:41:12.0058 0x0818 [ CC8DDED9CA9E2574A814A6F1BBD8A917, A2B1680B81BD9C60A13D27139CD1200C46DF256999B03CECCC4984C65AF6153F ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\PScanRes.dll
14:41:12.0058 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\PScanRes.dll - ok
14:41:12.0058 0x0818 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
14:41:12.0058 0x0818 C:\WINDOWS\system32\termsrv.dll - ok
14:41:12.0058 0x0818 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] C:\WINDOWS\system32\trkwks.dll
14:41:12.0058 0x0818 C:\WINDOWS\system32\trkwks.dll - ok
14:41:12.0073 0x0818 [ 0558985BD646203DF5F36BF0FBD241A3, 231A553A031314002D9E64D5159911FF66028D580FE606CED02DAF99289E31CE ] C:\Program Files\Intel\AMT\UNS.exe
14:41:12.0073 0x0818 C:\Program Files\Intel\AMT\UNS.exe - ok
14:41:12.0073 0x0818 [ 94A14047151E61DDCE6113B3F4661160, 20CF2E5887B1DAE710F71AD0C65AD418DC3E99F96D149043B13185439CB986EE ] C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL
14:41:12.0073 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL - ok
14:41:12.0073 0x0818 [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
14:41:12.0073 0x0818 C:\WINDOWS\system32\icaapi.dll - ok
14:41:12.0073 0x0818 [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
14:41:12.0073 0x0818 C:\WINDOWS\system32\mstlsapi.dll - ok
14:41:12.0073 0x0818 [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
14:41:12.0073 0x0818 C:\WINDOWS\system32\winhttp.dll - ok
14:41:12.0073 0x0818 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
14:41:12.0073 0x0818 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
14:41:12.0073 0x0818 [ 7778BDFA3F6F6FBA0E75B9594098F737, 50992333A9D31CF69C13573C24455422791199BD7C63C3FC7C3F0E4CC1BC6FA4 ] C:\WINDOWS\system32\searchindexer.exe
14:41:12.0073 0x0818 C:\WINDOWS\system32\searchindexer.exe - ok
14:41:12.0073 0x0818 [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
14:41:12.0073 0x0818 C:\WINDOWS\system32\vssapi.dll - ok
14:41:12.0089 0x0818 [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
14:41:12.0089 0x0818 C:\WINDOWS\system32\dssenh.dll - ok
14:41:12.0089 0x0818 [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll
14:41:12.0089 0x0818 C:\WINDOWS\system32\actxprxy.dll - ok
14:41:12.0089 0x0818 [ ED0C0DF222209E43AD9AFBF3FE87DDE0, 927329F9244DA9F0074FA0D4C101EE793AFCF433155E58714C33444C5EF35014 ] C:\WINDOWS\system32\comsvcs.dll
14:41:12.0089 0x0818 C:\WINDOWS\system32\comsvcs.dll - ok
14:41:12.0089 0x0818 [ 690D97864735E8ECD87F55777E266690, 2098D2AADEF82C3EDD82FD6182C14568CDE1EF02205ED1EA4CB19252B74BB807 ] C:\WINDOWS\system32\colbact.dll
14:41:12.0089 0x0818 C:\WINDOWS\system32\colbact.dll - ok
14:41:12.0089 0x0818 [ 36795A645EAA47FE31D2A8F136A2C69B, D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ] C:\WINDOWS\system32\mtxclu.dll
14:41:12.0089 0x0818 C:\WINDOWS\system32\mtxclu.dll - ok
14:41:12.0089 0x0818 [ F51EBB6FC536A6B2D588FD668D3A8249, 6C22B5FBE3F721025879447B006EC5A343D482A87E23674B5A3BB43983AB328E ] C:\WINDOWS\system32\resutils.dll
14:41:12.0089 0x0818 C:\WINDOWS\system32\resutils.dll - ok
14:41:12.0089 0x0818 [ 0CBD1906F74BEB539FCEF6493095B933, 0ED57053DB07F2C0892F785AA65FE634FC9EC8187D45193D6899EA26B7C9B274 ] C:\WINDOWS\system32\tquery.dll
14:41:12.0089 0x0818 C:\WINDOWS\system32\tquery.dll - ok
14:41:12.0089 0x0818 [ 89D74683C859B7982056D15938BACA3E, 57914A49A65A8FD7C7706BE78FB0F87B4C7EEB352836E28086078D07B79848AF ] C:\WINDOWS\system32\propsys.dll
14:41:12.0089 0x0818 C:\WINDOWS\system32\propsys.dll - ok
14:41:12.0105 0x0818 [ E65C5F612400B39D7AA83E7057D798C2, EB6A3DB47C3973D686A0F0C8DD4291A484D3CCC0C1F21EF6D1E47C5181CACFC8 ] C:\WINDOWS\system32\mssrch.dll
14:41:12.0105 0x0818 C:\WINDOWS\system32\mssrch.dll - ok
14:41:12.0105 0x0818 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] C:\WINDOWS\system32\wuauserv.dll
14:41:12.0105 0x0818 C:\WINDOWS\system32\wuauserv.dll - ok
14:41:12.0105 0x0818 [ 359E5A91D26D0439933BEF1C29CEDEF7, 648563646BA023C7C0CB2A707062E5B93DC4C81D904726D5002FB316C8623D66 ] C:\Program Files\Canon\CAL\CALMAIN.exe
14:41:12.0105 0x0818 C:\Program Files\Canon\CAL\CALMAIN.exe - ok
14:41:12.0105 0x0818 [ 43E4758953F454090CAD65C303796ED5, 27AF5EE63BB5434098F32315EF038F6787970E5C8E551A2980006A3827254701 ] C:\WINDOWS\system32\query.dll
14:41:12.0105 0x0818 C:\WINDOWS\system32\query.dll - ok
14:41:12.0105 0x0818 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\WINDOWS\system32\wuaueng.dll
14:41:12.0105 0x0818 C:\WINDOWS\system32\wuaueng.dll - ok
14:41:12.0105 0x0818 [ 3CAEAE7608F1BD7BA873A3B02895B106, DE36C4371FC88EE006C9F6914EB98654491D9ED90A1CEFC3D5D0C40D51FB6A6F ] C:\WINDOWS\system32\sti.dll
14:41:12.0105 0x0818 C:\WINDOWS\system32\sti.dll - ok
14:41:12.0105 0x0818 [ 6325125AA526F1F233468E8EAD98C34B, A67A50F8B6360DEFEBFB45737142FC8F9945AD85008D38BDFD2998E77CC86216 ] C:\WINDOWS\system32\xmllite.dll
14:41:12.0105 0x0818 C:\WINDOWS\system32\xmllite.dll - ok
14:41:12.0105 0x0818 [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
14:41:12.0105 0x0818 C:\WINDOWS\system32\cabinet.dll - ok
14:41:12.0120 0x0818 [ B85E95679B5ADC12311BCD3F5385D623, 378D304CF408AE1928EF6290A5A9F2388920B55FD69382759B356B6A3FF94F3A ] C:\WINDOWS\system32\mspatcha.dll
14:41:12.0120 0x0818 C:\WINDOWS\system32\mspatcha.dll - ok
14:41:12.0120 0x0818 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll
14:41:12.0120 0x0818 C:\WINDOWS\system32\browser.dll - ok
14:41:12.0120 0x0818 [ FFB3115AA757ABEFBA7FBA90BAD5DD0A, 8CBEDA612ADC463243C623A4B2E76ECB9ADFFC44CDCF9D091C49DC606CCE5B3F ] C:\WINDOWS\system32\en-us\tquery.dll.mui
14:41:12.0120 0x0818 C:\WINDOWS\system32\en-us\tquery.dll.mui - ok
14:41:12.0120 0x0818 [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\WINDOWS\system32\wups.dll
14:41:12.0120 0x0818 C:\WINDOWS\system32\wups.dll - ok
14:41:12.0120 0x0818 [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\WINDOWS\system32\wups2.dll
14:41:12.0120 0x0818 C:\WINDOWS\system32\wups2.dll - ok
14:41:12.0120 0x0818 [ 2E0B0A051FFAA86E358465BB0880D453, 493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ] C:\WINDOWS\system32\wuauclt.exe
14:41:12.0120 0x0818 C:\WINDOWS\system32\wuauclt.exe - ok
14:41:12.0120 0x0818 [ 8F580BCC5296ECC9DC8A649D75BE6BA5, 3F4DF0340FE3EF425FA2D88D07FC1CA7D3BF1CF0D044A1C4B0937E687FD29488 ] C:\WINDOWS\system32\msscb.dll
14:41:12.0120 0x0818 C:\WINDOWS\system32\msscb.dll - ok
14:41:12.0120 0x0818 [ 1793CC660605F63B14FB96C7707F75BA, 3B371FCB5C1D2EBB54ED579183D9AF60ABB738148F88E0DD7B3B863E304B3A37 ] C:\WINDOWS\system32\perfproc.dll
14:41:12.0120 0x0818 C:\WINDOWS\system32\perfproc.dll - ok
14:41:12.0136 0x0818 [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll
14:41:12.0136 0x0818 C:\WINDOWS\system32\security.dll - ok
14:41:12.0136 0x0818 [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
14:41:12.0136 0x0818 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
14:41:12.0136 0x0818 [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
14:41:12.0136 0x0818 C:\WINDOWS\system32\wbem\esscli.dll - ok
14:41:12.0136 0x0818 [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
14:41:12.0136 0x0818 C:\WINDOWS\system32\wbem\fastprox.dll - ok
14:41:12.0136 0x0818 [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
14:41:12.0136 0x0818 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
14:41:12.0136 0x0818 [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
14:41:12.0136 0x0818 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
14:41:12.0136 0x0818 [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
14:41:12.0136 0x0818 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
14:41:12.0136 0x0818 [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
14:41:12.0136 0x0818 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
14:41:12.0152 0x0818 [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
14:41:12.0152 0x0818 C:\WINDOWS\system32\wbem\wbemess.dll - ok
14:41:12.0152 0x0818 [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
14:41:12.0152 0x0818 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
14:41:12.0152 0x0818 [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
14:41:12.0152 0x0818 C:\WINDOWS\system32\wbem\ncprov.dll - ok
14:41:12.0152 0x0818 [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
14:41:12.0152 0x0818 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
14:41:12.0152 0x0818 [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
14:41:12.0152 0x0818 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
14:41:12.0152 0x0818 [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
14:41:12.0152 0x0818 C:\WINDOWS\system32\wbem\framedyn.dll - ok
14:41:12.0152 0x0818 [ C730F70351D950DDA7388C9A9763CF54, 7A9D265E4D2F76EF131D01C2EE1CDC19A8E5FDCAF97649CC562E8114B92D411F ] C:\WINDOWS\system32\wbem\wmipcima.dll
14:41:12.0152 0x0818 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
14:41:12.0152 0x0818 [ 18473F44D6DE85C8CB4E70F503C5EA64, 88390534FEF770DE916EC3713C1908F44335A68DC057E2C9C901F2E467A28933 ] C:\WINDOWS\system32\xactsrv.dll
14:41:12.0152 0x0818 C:\WINDOWS\system32\xactsrv.dll - ok
14:41:12.0167 0x0818 [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
14:41:12.0167 0x0818 C:\WINDOWS\system32\netrap.dll - ok
14:41:12.0167 0x0818 [ 79E3A8C328E7E569C32B0998377D9742, F5854956E452AD663004679BBDF8B006695B69C8962534CD243193F04F294DF3 ] C:\WINDOWS\system32\spoolss.dll
14:41:12.0167 0x0818 C:\WINDOWS\system32\spoolss.dll - ok
14:41:12.0167 0x0818 [ 5677DFE438EC1F009273FC84FEED6B10, 44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ] C:\WINDOWS\system32\localspl.dll
14:41:12.0167 0x0818 C:\WINDOWS\system32\localspl.dll - ok
14:41:12.0167 0x0818 [ 2FD3E73D3E00C3B00A236FF3ADF9E401, D1906D9A95364B2F230C99D94232459F59DA29F4DFE393D8F5F7FA8E276F859A ] C:\WINDOWS\system32\AdobePDF.dll
14:41:12.0167 0x0818 C:\WINDOWS\system32\AdobePDF.dll - ok
14:41:12.0167 0x0818 [ 39FE705FE7FAB4B9F7642B324B1F382E, 91E2D5F7D81AEE011884F1759E5A5E8BDC2E2FD0FFE41CC7893619E39BB562C6 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll
14:41:12.0167 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll - ok
14:41:12.0167 0x0818 [ 5D3D1AB0EF4EA55B731863050482C111, 8713DAA48DBC5FDF95BE993863BEE669BBB4026347DC575D72F520F423EE21BA ] C:\WINDOWS\system32\cnbjmon.dll
14:41:12.0167 0x0818 C:\WINDOWS\system32\cnbjmon.dll - ok
14:41:12.0167 0x0818 [ B662CC720B4348B86EB3A66F4CC4652A, 89DDBA961DE9891942970A7A9FBF55A0C1B90160425307FCF18B313E66011E32 ] C:\WINDOWS\system32\lmdimon8.dll
14:41:12.0167 0x0818 C:\WINDOWS\system32\lmdimon8.dll - ok
14:41:12.0167 0x0818 [ 222DE7F5EDB9DDBE628384A1A8BE59CE, 063AF8C6C251961ABC93A8E8A07DB9B9582CD1812CA3BB297FAFDF0AD3E5B4CC ] C:\WINDOWS\system32\pjlmon.dll
14:41:12.0167 0x0818 C:\WINDOWS\system32\pjlmon.dll - ok
14:41:12.0183 0x0818 [ 9F17FF83D13C84C1E6E370D66CD2A75A, 9DDAE34A2C270DA08319B2E3FB7C5B6D9F8E7DB358057BE0C3F8E2370A7BAB35 ] C:\WINDOWS\system32\rc4mon.DLL
14:41:12.0183 0x0818 C:\WINDOWS\system32\rc4mon.DLL - ok
14:41:12.0183 0x0818 [ AE0382AD9C73D343D85E1A50C80B7C20, 7477A5A33C0ACF80BE73F0169893A7D53AF8ABC514FCE190A6ACC677092E5A55 ] C:\WINDOWS\system32\tcpmon.dll
14:41:12.0183 0x0818 C:\WINDOWS\system32\tcpmon.dll - ok
14:41:12.0183 0x0818 [ 1E744353BD534405187A404667DA3DC3, ACE581FBF36BD511C64E37760526F1BB7172FD5045708BA836933D8FACC4FAFA ] C:\WINDOWS\system32\mgmtapi.dll
14:41:12.0183 0x0818 C:\WINDOWS\system32\mgmtapi.dll - ok
14:41:12.0183 0x0818 [ 8357809E111E09393633039769D96281, F30DA86C2303B906C0BF752794F8A890F954FB9D860BDA688B72D3D1E214BECE ] C:\WINDOWS\system32\tcpmib.dll
14:41:12.0183 0x0818 C:\WINDOWS\system32\tcpmib.dll - ok
14:41:12.0183 0x0818 [ F26385E8BA4549B5186B774EC0E45D86, 0BA8CA4C06918690EA68678CA5887F1B7E2B0976C99BDFAF99CC1C99F3E300A0 ] C:\WINDOWS\system32\usbmon.dll
14:41:12.0183 0x0818 C:\WINDOWS\system32\usbmon.dll - ok
14:41:12.0183 0x0818 [ 277F3E3333F1D10CA428568197FCCE70, 1AC24A8817396FA4172DC6216FBF82A1F6F8F9A1A1F87D6884FF17DCCB15C3FF ] C:\WINDOWS\system32\wsnmp32.dll
14:41:12.0183 0x0818 C:\WINDOWS\system32\wsnmp32.dll - ok
14:41:12.0183 0x0818 [ 1A3F5189138D2196744652057EDEB020, 5A636BF4066749A1EE681006224A551A2A83215E5C6DCA9298CC84CB090E284F ] C:\WINDOWS\system32\spool\prtprocs\w32x86\lmdippr8.dll
14:41:12.0183 0x0818 C:\WINDOWS\system32\spool\prtprocs\w32x86\lmdippr8.dll - ok
14:41:12.0183 0x0818 [ EEE7F12D9FF46F68FBC0DA059A359E9E, 1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
14:41:12.0183 0x0818 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
14:41:12.0198 0x0818 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C, 7123FC923BA4C3DD3EDFE9F8936442C4CCE7757D370AB799B0B5668223B965EE ] C:\WINDOWS\system32\win32spl.dll
14:41:12.0198 0x0818 C:\WINDOWS\system32\win32spl.dll - ok
14:41:12.0198 0x0818 [ EE4C651A217B01D636B5364AC77DA892, E40C7DD39234673A3BA8FD87C189653C391E326ECB3E8011B5020BB9D78F56D0 ] C:\WINDOWS\system32\inetpp.dll
14:41:12.0198 0x0818 C:\WINDOWS\system32\inetpp.dll - ok
14:41:12.0198 0x0818 [ DD3BD78C0D883C0ACDA42802C508F7D4, 11977875C7EFC6703A01FA9BEEF98969DACE1523FD02A3D04DB8F9E8A54CCE28 ] C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll
14:41:12.0198 0x0818 C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll - ok
14:41:12.0198 0x0818 [ 8BEAF2B4BCDE405AF7EC46A9E03B2D65, 2A7785E6B6DBFF8D9313555DB0018F508B1B053A726DB67DB6D2A2EBA66CFBCD ] C:\WINDOWS\system32\mssprxy.dll
14:41:12.0198 0x0818 C:\WINDOWS\system32\mssprxy.dll - ok
14:41:12.0198 0x0818 [ C139FA963DBB9BD6560F404F509D1196, 33BE2B5C568C2162F77343997DC6CFBEFEEAAB575726A0A2F3FC24DA33FD39E2 ] C:\WINDOWS\system32\drivers\Asfalrt.sys
14:41:12.0198 0x0818 C:\WINDOWS\system32\drivers\Asfalrt.sys - ok
14:41:12.0198 0x0818 [ 6105B28F5D03C4AFFA7197B228768849, 2CD17178816100DBAFEFCD940DF8D012CDADC78C278835DEADB8D5F6BC0FC11A ] C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
14:41:12.0198 0x0818 C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE - ok
14:41:12.0198 0x0818 [ A1F734BDE374EDE1AE4A16EB8F0E254F, D0E09D19653C8EB67D7C1190C03909EE4EE049D27B48B23A1D526043CE64264B ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
14:41:12.0198 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
14:41:12.0214 0x0818 [ 4C3C30FA8DC2F16DD89759882935477E, 4B6FF4D7A5FEE466326C5A97BADD9539B7CA0DD8087F1928A2E4E70D19987265 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
14:41:12.0214 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
14:41:12.0214 0x0818 [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
14:41:12.0214 0x0818 C:\WINDOWS\system32\cryptnet.dll - ok
14:41:12.0214 0x0818 [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
14:41:12.0214 0x0818 C:\WINDOWS\system32\sensapi.dll - ok
14:41:12.0214 0x0818 [ F2764F73240C4EE4843122EB5D022D59, 91B4B04001AA72174D81E95087A6F73C693BD1F93B86AFBA8212E88B8F344907 ] C:\PROGRA~1\Symantec\LIVEUP~1\UNRAR.DLL
14:41:12.0214 0x0818 C:\PROGRA~1\Symantec\LIVEUP~1\UNRAR.DLL - ok
14:41:12.0214 0x0818 [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
14:41:12.0214 0x0818 C:\WINDOWS\system32\oleacc.dll - ok
14:41:12.0214 0x0818 [ BBEF24630F702413D54AE0D8F0039760, AC9FD03A75F85012458A38DFA92BEACEC0E87C463654C25778422B64468AFDCF ] C:\WINDOWS\system32\wbem\policman.dll
14:41:12.0214 0x0818 C:\WINDOWS\system32\wbem\policman.dll - ok
14:41:12.0214 0x0818 [ A94DC60A90EFD7A35C36D971E3EE7470, 6C483CBE349863C7DCF6F8CB7334E7D28C299E7D5AA063297EA2F62352F6BDD9 ] C:\Program Files\Symantec\LiveUpdate\MSVCP71.DLL
14:41:12.0214 0x0818 C:\Program Files\Symantec\LiveUpdate\MSVCP71.DLL - ok
14:41:12.0214 0x0818 [ FBF1C00F54579BB7A66EE497427E9885, 16D51CF4E6CD829165E4BC76E60D7B744E5067828BA3E57FC5E495991F2FA497 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
14:41:12.0214 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
14:41:12.0230 0x0818 [ CA2F560921B7B8BE1CF555A5A18D54C3, C4D4339DF314A27FF75A38967B7569D9962337B8D4CD4B0DB3ABA5FF72B2BFBB ] C:\Program Files\Symantec\LiveUpdate\MSVCR71.DLL
14:41:12.0230 0x0818 C:\Program Files\Symantec\LiveUpdate\MSVCR71.DLL - ok
14:41:12.0230 0x0818 [ A3B6CBB71BD7C54B8E7DC4EB2C4B7E21, 8472ECB06F97773C184941EB91701D2A7E345A93AFB10ECF0E53AE4839A79E81 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
14:41:12.0230 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
14:41:12.0230 0x0818 [ 42FDAFA05CC53A1822BAA79957A49FAB, 9A166F52E2634123B0C224DF745582319C86C48F19AF183C42C3BD63133DDC0B ] C:\Program Files\Common Files\Symantec Shared\Global Exceptions\GEDataStore.dll
14:41:12.0230 0x0818 C:\Program Files\Common Files\Symantec Shared\Global Exceptions\GEDataStore.dll - ok
14:41:12.0230 0x0818 [ 7BCAA7FB2E60214FA3C935D2E1A3C49F, 94F9881786534BF5AEED69AADC9D66A1D698785CFA5DB0153069F37BF6C5F51F ] C:\Program Files\Symantec\LiveUpdate\ResLuComServer_3_3.DLL
14:41:12.0230 0x0818 C:\Program Files\Symantec\LiveUpdate\ResLuComServer_3_3.DLL - ok
14:41:12.0230 0x0818 [ 3D525A7AB3C01793A94DC89E9FFCF8C0, 09CE2149A72BBD39DE1AB7161B9037ACFF41364AFC3F87FF4C047970C79F0E62 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
14:41:12.0230 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
14:41:12.0230 0x0818 [ DA615B4741F960A887E61DA1ED7F6742, 41A97127261A3142A6D0C65C9831CB006040DDBBA656034AC8D4BD8821410CA3 ] C:\Program Files\Symantec\LiveUpdate\PSLuComServer_3_3.DLL
14:41:12.0230 0x0818 C:\Program Files\Symantec\LiveUpdate\PSLuComServer_3_3.DLL - ok
14:41:12.0230 0x0818 [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
14:41:12.0230 0x0818 C:\WINDOWS\system32\upnp.dll - ok
14:41:12.0230 0x0818 [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
14:41:12.0230 0x0818 C:\WINDOWS\system32\ssdpapi.dll - ok
14:41:12.0245 0x0818 [ A8590E33BCF59D4D75FCB940F95E7BBB, 15477C2A121FC45D32B16C38750BCD72B134D0895784789349BA5BAEF76D62AB ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
14:41:12.0245 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
14:41:12.0245 0x0818 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] C:\WINDOWS\system32\drivers\http.sys
14:41:12.0245 0x0818 C:\WINDOWS\system32\drivers\http.sys - ok
14:41:12.0245 0x0818 [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
14:41:12.0245 0x0818 C:\WINDOWS\system32\cscdll.dll - ok
14:41:12.0245 0x0818 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] C:\WINDOWS\system32\ssdpsrv.dll
14:41:12.0245 0x0818 C:\WINDOWS\system32\ssdpsrv.dll - ok
14:41:12.0245 0x0818 [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
14:41:12.0245 0x0818 C:\WINDOWS\system32\dimsntfy.dll - ok
14:41:12.0245 0x0818 [ 0837F5D8956F532CA9D38A41A7F11108, 98E055DFC818FAE4D4D4FB1ECCA2E109782E80F39A000C7153C99CC84B6B8868 ] C:\Program Files\Common Files\Symantec Shared\dec_abi.dll
14:41:12.0245 0x0818 C:\Program Files\Common Files\Symantec Shared\dec_abi.dll - ok
14:41:12.0245 0x0818 [ 2ACBFEF9984F0FE9849DA857206CCECC, ADDDAE628E19785549F0DD4CD0DAE93C6CE5DFA6679D2932B1A79DEAAFB3FAAF ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
14:41:12.0245 0x0818 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll - ok
14:41:12.0245 0x0818 [ 623ECC167CE924D4B13D4791157446F1, 6882588447174C739E6D5CB0C291BC70F8159574C2E74D978EEF6862B8C80574 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
14:41:12.0245 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
14:41:12.0261 0x0818 [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
14:41:12.0261 0x0818 C:\WINDOWS\system32\wlnotify.dll - ok
14:41:12.0261 0x0818 [ CF480A158502332BE8AFA589963BB0E1, 0FD831F1FF32367C07320951CE3FDC01BAF8938CE2CC4757849782722CEB35F6 ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll
14:41:12.0261 0x0818 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll - ok
14:41:12.0261 0x0818 [ 8E7DDDCC5A262480E7A8342956732BD9, B302D538B18B995B6639FEBF7A731834E6EDB6BCC2E42BE7D602B585FC36CA1D ] C:\WINDOWS\system32\WgaLogon.dll
14:41:12.0261 0x0818 C:\WINDOWS\system32\WgaLogon.dll - ok
14:41:12.0261 0x0818 [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
14:41:12.0261 0x0818 C:\WINDOWS\system32\userinit.exe - ok
14:41:12.0261 0x0818 [ E2CCE2F25C2DA2589258D9459CE79C95, 0CECB92B5AC90ED7FB08B1664E865CFC053BEEFA1A1A04DB066E7A26259F3491 ] C:\Program Files\Common Files\Symantec Shared\ccScanW.dll
14:41:12.0261 0x0818 C:\Program Files\Common Files\Symantec Shared\ccScanW.dll - ok
14:41:12.0261 0x0818 [ 25D7A040A493AB91052F9170D4DB80D4, 89E96CB39080675209F51B46A3E0FDDF8088202CC42E141F60A98561DB6B9DB2 ] C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL
14:41:12.0261 0x0818 C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL - ok
14:41:12.0261 0x0818 [ 1CAD39337202BA05BA929A44CA585A6A, 7FC581C63A80BA980A859F301FE8C17C6834375B7D28FF36111E555090134845 ] C:\WINDOWS\system32\pautoenr.dll
14:41:12.0261 0x0818 C:\WINDOWS\system32\pautoenr.dll - ok
14:41:12.0261 0x0818 [ F654F856243D07992641E93C00DDAA0C, E9AC49A40C22DA7D4C7BECCA4D46224BA6FB11E0EB64DF87461D592B86B16CE0 ] C:\Program Files\Symantec\Symantec Endpoint Protection\IMail.dll
14:41:12.0261 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\IMail.dll - ok
14:41:12.0277 0x0818 [ 737F74FED9DB00A42F6EB5B1ACE2D43C, A88EF8F4BE74EFB547999AA68DC1AFB1C813204CDD27D45D5072CD6A5A7E1C2B ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\IMailRes.dll
14:41:12.0277 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\IMailRes.dll - ok
14:41:12.0277 0x0818 [ D54F6B6A839AA7AA4B22EC00C2A521D7, 5587A9D0BD7C56DA6D4EBF5D04DFD198DB4AA53DD5E03D620C93D724BD5D0B43 ] C:\Program Files\Common Files\Symantec Shared\vpmsece.dll
14:41:12.0277 0x0818 C:\Program Files\Common Files\Symantec Shared\vpmsece.dll - ok
14:41:12.0277 0x0818 [ 05F634D69997F27C395022A483FEDD09, 43BD9D042349DA379B70B516288A4EA8C9B8DB8AB4ED09B57861FF89EA7B41C9 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\vpmseceRes.dll
14:41:12.0277 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\vpmseceRes.dll - ok
14:41:12.0277 0x0818 [ FE7980C8FF468CE069CD5E2BC1B062CB, 7357A1F819B0047E84B6A2D3335DE493EE1050D002F9A4192EDBA134E5817503 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SymProtectStorage.dll
14:41:12.0277 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SymProtectStorage.dll - ok
14:41:12.0277 0x0818 [ D202B523385C14F58193A81327E9C82C, 87491545A99C9C9E315B9FD25D5C92B18D0CCA52880718345EB749BE56703E5E ] C:\Program Files\Symantec\Symantec Endpoint Protection\ManagedUnloader.dll
14:41:12.0277 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\ManagedUnloader.dll - ok
14:41:12.0277 0x0818 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] C:\WINDOWS\system32\tapisrv.dll
14:41:12.0277 0x0818 C:\WINDOWS\system32\tapisrv.dll - ok
14:41:12.0277 0x0818 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
14:41:12.0277 0x0818 C:\WINDOWS\system32\rasmans.dll - ok
14:41:12.0277 0x0818 [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
14:41:12.0277 0x0818 C:\WINDOWS\system32\winipsec.dll - ok
14:41:12.0292 0x0818 [ 5F7692CEC90E2E9AA32CD58321E234B8, 0F76BD005B6FC51EE8B2D167C5E792947F8A8FF1A4FBC7F9CB3572BEAFC12639 ] C:\WINDOWS\system32\rastapi.dll
14:41:12.0292 0x0818 C:\WINDOWS\system32\rastapi.dll - ok
14:41:12.0292 0x0818 [ AACE07FE34FADDDF973CE068A6424957, A14DC612762F56EE3CF9FBDF58E9476400F2CD9513319AD90E3818B2DB9F4580 ] C:\WINDOWS\system32\unimdm.tsp
14:41:12.0292 0x0818 C:\WINDOWS\system32\unimdm.tsp - ok
14:41:12.0292 0x0818 [ 995252FCC4692B5B97EE17D596C9386E, E0EC754ADC0976BCF88C4777E788A67844428DF0B828D8EE7B8A039C763DFFDD ] C:\WINDOWS\system32\uniplat.dll
14:41:12.0292 0x0818 C:\WINDOWS\system32\uniplat.dll - ok
14:41:12.0292 0x0818 [ 19AE6CBA05B9005698A6DEDCC88F202E, 047016D4989FB1460BE11C0C22E10858E3D6598EBA31C98B8489413C1A350A9C ] C:\WINDOWS\system32\unimdmat.dll
14:41:12.0292 0x0818 C:\WINDOWS\system32\unimdmat.dll - ok
14:41:12.0292 0x0818 [ FE4A73CDBC882A19D070F1C01586E81A, EAF450BA7E168EA41EAA7556E14CBDFCF1B96D7E57A17EC20C3BECFDA9FDFD9A ] C:\WINDOWS\system32\modemui.dll
14:41:12.0292 0x0818 C:\WINDOWS\system32\modemui.dll - ok
14:41:12.0292 0x0818 [ 76EC97C5068D3D9FAA7774B0F659D31A, 4E2EF0DC0B05187A6154D4D672B7530E14103D7D1EDF1BDE960F9B988B5EC41F ] C:\WINDOWS\system32\kmddsp.tsp
14:41:12.0292 0x0818 C:\WINDOWS\system32\kmddsp.tsp - ok
14:41:12.0292 0x0818 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8, 7E3A0204FCDD5DFFB3B352451232DD86F8298F83918533D874C122A2EF29081B ] C:\WINDOWS\system32\ipconf.tsp
14:41:12.0292 0x0818 C:\WINDOWS\system32\ipconf.tsp - ok
14:41:12.0292 0x0818 [ 4589963D84F2984FA5949A72162BA4F4, BC927EC7D0EBDBD2B4780D892D41739840DD31B0FF8C79013014925F52860808 ] C:\WINDOWS\system32\ndptsp.tsp
14:41:12.0292 0x0818 C:\WINDOWS\system32\ndptsp.tsp - ok
14:41:12.0308 0x0818 [ 8BC2B02DC11C98D14CEE43B8E8393FF3, 1314C33E2E5F11B361CF1E88884B2A9862F8BAB1C498F48DC4C49ACDB28D4732 ] C:\WINDOWS\system32\h323.tsp
14:41:12.0308 0x0818 C:\WINDOWS\system32\h323.tsp - ok
14:41:12.0308 0x0818 [ 6B552ED3BEE5AA3C4560478FF779BA98, 1778F0B7200F93EB255E1F215BB5FBEAA0DBF63BC60B286D76120F8A787995C4 ] C:\WINDOWS\system32\hidphone.tsp
14:41:12.0308 0x0818 C:\WINDOWS\system32\hidphone.tsp - ok
14:41:12.0308 0x0818 [ 8973122796E3B5D6B5900FC186E55FEA, 350120A20F8591C27E68A5903E3175DD3F4F85BA2FF1F8B6E1D3B3758B5B509D ] C:\WINDOWS\system32\hid.dll
14:41:12.0308 0x0818 C:\WINDOWS\system32\hid.dll - ok
14:41:12.0308 0x0818 [ D0545A010ED2259A740C8414899A938F, 5E6FD116C6F65241A075E4469C5AD1967B8D66DE11E223F7A3F00139FB0160C3 ] C:\WINDOWS\system32\rasppp.dll
14:41:12.0308 0x0818 C:\WINDOWS\system32\rasppp.dll - ok
14:41:12.0308 0x0818 [ B464BD425D5D09ABE4192234D1577B22, DF7333CAF299A18DEA43ACEF0A6D8C3F79918D1B3FCE437FDED6B54F95C106B9 ] C:\WINDOWS\system32\ntlsapi.dll
14:41:12.0308 0x0818 C:\WINDOWS\system32\ntlsapi.dll - ok
14:41:12.0308 0x0818 [ A655C88AA555BB8EF8957BD29408827F, 6CD48D32D1DFF68FEED5CC20D0DE12729101381EB8A6774408566C14E0B18FFB ] C:\WINDOWS\system32\rasqec.dll
14:41:12.0308 0x0818 C:\WINDOWS\system32\rasqec.dll - ok
14:41:12.0308 0x0818 [ C605A3DDFDD357F5CECF56288F3367F5, F0A90482158ED1B424B54A9E97BEDCE87F8D68435F2E311EE7999A34DE3A2910 ] C:\Program Files\Symantec\Symantec Endpoint Protection\RTVScanPS.dll
14:41:12.0308 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\RTVScanPS.dll - ok
14:41:12.0308 0x0818 [ 9FAD7DFF67555FF1E06BC4A3893024A7, 029896C1949C60FBB58E21194B3B141DAC5117D641BC59671C1B623D8041401C ] C:\WINDOWS\system32\logon.scr
14:41:12.0308 0x0818 C:\WINDOWS\system32\logon.scr - ok
14:41:12.0323 0x0818 [ 29D41E4ED94B2048F96583D18BC1950F, 0948A45D035B0B066B9A4A9239DEA890BD28DE517AC145CEDFA093B0DE810796 ] C:\WINDOWS\system32\defrag.exe
14:41:12.0323 0x0818 C:\WINDOWS\system32\defrag.exe - ok
14:41:12.0323 0x0818 [ 7DAC4089BCA671C305BB61242CDE29F8, 983168DA6A7450B1F21F2F7D4A3C46A1093F27A22BDFDBCBAD633F1F72917002 ] C:\WINDOWS\system32\dfrgres.dll
14:41:12.0323 0x0818 C:\WINDOWS\system32\dfrgres.dll - ok
14:41:12.0323 0x0818 [ 609ADB6AAC0ACD162B051CCE9106F07E, 35C075B3765BF6F47F63DC12EB8041ED097538DCDD5DB5DFEF816BE98A3791AB ] C:\WINDOWS\system32\dfrgntfs.exe
14:41:12.0323 0x0818 C:\WINDOWS\system32\dfrgntfs.exe - ok
14:41:12.0323 0x0818 [ 92D5AFA15A9C1265C59AE4E62459AC93, 784C7AB5B391AAA93E10BA1C9A618B1A025BA0F9402E4484DA2097B9B5159517 ] C:\Program Files\Common Files\Symantec Shared\COH\COH32.exe
14:41:12.0323 0x0818 C:\Program Files\Common Files\Symantec Shared\COH\COH32.exe - ok
14:41:12.0323 0x0818 [ DE88A385898F6D13026F94F749FBAED2, CDB2C8612591A3E0B0B2E87E4A5A19571833319CE30B8510499CA0B5E238D17F ] C:\WINDOWS\system32\drivers\COH_Mon.sys
14:41:12.0323 0x0818 C:\WINDOWS\system32\drivers\COH_Mon.sys - ok
14:41:12.0323 0x0818 [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
14:41:12.0323 0x0818 C:\WINDOWS\system32\linkinfo.dll - ok
14:41:12.0323 0x0818 [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
14:41:12.0323 0x0818 C:\WINDOWS\system32\ntshrui.dll - ok
14:41:12.0323 0x0818 [ AF8BD8F255204068C7983E2BDF8B06C1, DF57015DEFCED666D8506C720F5F5BFA21D9EB2614935694D0279826C5126379 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SymDelta.exe
14:41:12.0323 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SymDelta.exe - ok
14:41:12.0339 0x0818 [ 049214060FB078E651BCBD4D1B59B896, EE43394E0527745114BC2505C967699B4C9ADA62ED25532139F44F266394F577 ] C:\Program Files\Symantec\Symantec Endpoint Protection\XDelta\xdelta3.exe
14:41:12.0339 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\XDelta\xdelta3.exe - ok
14:41:12.0339 0x0818 [ 71AFA08152D88F206F337F1895C31D3F, A30D61A3497FAB84E4B98BEB94A7585F3C5F85108B95CD542BEBD103D4EF9978 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\CCERASER.DLL
14:41:12.0339 0x0818 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\CCERASER.DLL - ok
14:41:12.0339 0x0818 [ 923684C0CB0AFBD9EDA4FD1D63125D3F, B01C5DB86998FB407E58B6F2ECB9DB3EC67525976E16E6D42BE069E83342C78D ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\ECMSVR32.DLL
14:41:12.0339 0x0818 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\ECMSVR32.DLL - ok
14:41:12.0339 0x0818 [ 4050B6A101DEC9DCCD54232C532B4025, A4A6DFE38DD159035D28A0B0D792F038CA66385B6B15FE68C10268483AE146FF ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVEX32A.DLL
14:41:12.0339 0x0818 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVEX32A.DLL - ok
14:41:12.0339 0x0818 [ 8C22601379AA425E7A7E4B947EC87F8C, 65ECE0DA8C135A640D942802440BD65EBED44863E400660A925B51D4FD362034 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVENG32.DLL
14:41:12.0339 0x0818 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVENG32.DLL - ok
14:41:12.0339 0x0818 [ EB8CEEEDA56388C909C35414C8831ADC, D12E1E9E70D4D847FA5747D93B263EC3C324A4B6FFAA089A6D52087373E487C8 ] C:\PROGRA~1\Symantec\SYMANT~1\DWLDPN~1.DLL
14:41:12.0339 0x0818 C:\PROGRA~1\Symantec\SYMANT~1\DWLDPN~1.DLL - ok
14:41:12.0339 0x0818 [ 01ECF2544BC9223C04829729CDFBC9E6, 37D61C4F9E581EC40D85411B50EF82BBD5CC10B7437C9D194490BA20582C9BB2 ] C:\Program Files\Symantec\Symantec Endpoint Protection\nnewdefs.dll
14:41:12.0339 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\nnewdefs.dll - ok
14:41:12.0339 0x0818 [ 8F94718846582920D90A15C76B38EBF9, 0307FFAC94D1BE43D77B07892CE66B2457C024596A8B8A51312479FDFE560604 ] C:\Program Files\Symantec\Symantec Endpoint Protection\DWHWizrd.exe
14:41:12.0339 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\DWHWizrd.exe - ok
14:41:12.0355 0x0818 [ 83E6FD33F7DFE30A706FB41899C90058, F2B5AC833259AA35A7E153B08178D3A2770E93F9DCBD13040FD020FCBBBD7E13 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\DWHWizrdRes.dll
14:41:12.0355 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\DWHWizrdRes.dll - ok
14:41:12.0355 0x0818 [ 2BA0E6E7CB3206AF09278C6445EEEBC1, 3AC02CDAAA0C4AFF49B052A72379A015E03EFE6AE761D1D01634511B70A86E0E ] C:\Program Files\Symantec\Symantec Endpoint Protection\Cliproxy.dll
14:41:12.0355 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\Cliproxy.dll - ok
14:41:12.0355 0x0818 [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVEX15.SYS
14:41:12.0355 0x0818 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVEX15.SYS - ok
14:41:12.0355 0x0818 [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVENG.SYS
14:41:12.0355 0x0818 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVENG.SYS - ok
14:41:12.0355 0x0818 [ 3D3A29B7DEAC66E7889D67CE88DD335C, D216E8DA8CCA29DA0F7C8F3D2D287F715FB1FAAA6E99C5B12E4E33C02688788F ] C:\Program Files\Symantec\LiveUpdate\LUALL.EXE
14:41:12.0355 0x0818 C:\Program Files\Symantec\LiveUpdate\LUALL.EXE - ok
14:41:12.0355 0x0818 [ E8E1A53F4DAF189A3B5E99228E8C896B, A367846CA7526A58317D87232FBA32213B036B23A1ACECF51D0AEBDB83F1A5BE ] C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll
14:41:12.0355 0x0818 C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll - ok
14:41:12.0355 0x0818 [ 9B23AE9E157E5281BCC4ACC564C785D9, C923205C1BC4CEAF9F34751D2F29D68E7BF8E7D1A884F894D63DE5FEB7EE0E48 ] C:\Program Files\Symantec\LiveUpdate\LUALLRES.DLL
14:41:12.0355 0x0818 C:\Program Files\Symantec\LiveUpdate\LUALLRES.DLL - ok
14:41:12.0355 0x0818 [ 7DC8F53D1B62284DA477CC6C8460A42C, 64ED407DD21610E316977589B0449618CDCA1A9D0A3BA30352B7C4BE443F5708 ] C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
14:41:12.0355 0x0818 C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe - ok
14:41:12.0370 0x0818 [ B94B44E876F6625D49B7968DCC5AF1A9, 83FF7AA65B2C08279188DA7A2065F4DF7EFCF3550765F406F8AFF5EFE65A4415 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SepLuCallback.dll
14:41:12.0370 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SepLuCallback.dll - ok
14:41:12.0370 0x0818 [ C841A8D8736BF3B4120A6B357F1794E9, A0B58C60FF10396FC77441560576A410DA72587219FCD94A780620EC2B7BAA99 ] C:\PROGRA~1\Symantec\LIVEUP~1\S32LUWI1.DLL
14:41:12.0370 0x0818 C:\PROGRA~1\Symantec\LIVEUP~1\S32LUWI1.DLL - ok
14:41:12.0370 0x0818 [ 037B1E7798960E0420003D05BB577EE6, DEE53D6D332DADD40C0CE34A425A6C0781F611765DCD4299D869F2B1EE80AE66 ] C:\WINDOWS\system32\rundll32.exe
14:41:12.0370 0x0818 C:\WINDOWS\system32\rundll32.exe - ok
14:41:12.0370 0x0818 [ 5A868A07FD086421BC103C8087023B31, 9B05BEEA30E393A71F27E19658B6FB6EC55B198CB8CBF1B48E5591CBDD960CA6 ] C:\Program Files\Google\Update\1.3.21.165\psmachine.dll
14:41:12.0370 0x0818 C:\Program Files\Google\Update\1.3.21.165\psmachine.dll - ok
14:41:12.0370 0x0818 [ A7E06854EA2A20AEE8EC32BD8C754298, C23ACA5939C29C59B0BD6DF247650F0B640E675A759D6C6484D9710BC923515A ] C:\WINDOWS\system32\mpnotify.exe
14:41:12.0370 0x0818 C:\WINDOWS\system32\mpnotify.exe - ok
14:41:12.0370 0x0818 [ 88F48EAC1818CF75322B12F081020133, B23C9411FE74BA1BB2A60DC68EE4D2555C7F8FD512B2F37D60C5C3818BCDB40B ] C:\Program Files\Symantec\Symantec Endpoint Protection\SnacNp.dll
14:41:12.0370 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SnacNp.dll - ok
14:41:12.0370 0x0818 [ C4894B3B448B647BEDC9E916D181BDBE, 03736539FEDC2367E00BF1CCC46C1EDCF9506AC2F34D2B007903F7C8CD298099 ] C:\WINDOWS\system32\searchprotocolhost.exe
14:41:12.0370 0x0818 C:\WINDOWS\system32\searchprotocolhost.exe - ok
14:41:12.0370 0x0818 [ 4774D83BE60B7F47C612E25D6FE0F010, 1071E5859B1D452A3BCEE3DC1413BDCD125796B7479E69D1154ED76A7A7E00CB ] C:\WINDOWS\system32\msshooks.dll
14:41:12.0370 0x0818 C:\WINDOWS\system32\msshooks.dll - ok
14:41:12.0386 0x0818 [ 6E914EEDD145C5ACCE56F4D5F3D606FC, 0CFB5DEFA916CAFBF9B404DF8FF73AC0CD96B7C8F8A318001F854245F056C302 ] C:\WINDOWS\system32\mssph.dll
14:41:12.0386 0x0818 C:\WINDOWS\system32\mssph.dll - ok
14:41:12.0386 0x0818 [ E81BBE78A8EF85ACD490B3E64EF63A7C, 8370CFA3FEBC8F74772538C17C1F153DD9D6A9DBBBCA61BA2148880D713FC90D ] C:\WINDOWS\system32\mapi32.dll
14:41:12.0386 0x0818 C:\WINDOWS\system32\mapi32.dll - ok
14:41:12.0386 0x0818 [ 21F82D80FC4551A502123C4B2CA1C9C1, DAA94692D5EC230842DA32039DFB3E46BD1778B9ED7F0DC8A44338D3471FF3C7 ] C:\Program Files\Microsoft Office\Office14\MAPIPH.DLL
14:41:12.0386 0x0818 C:\Program Files\Microsoft Office\Office14\MAPIPH.DLL - ok
14:41:12.0386 0x0818 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
14:41:12.0386 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
14:41:12.0386 0x0818 [ 824190696229FBE9B3FED8570D610C3A, F9D749D814F716AEC52FC8BA0584E58AF8B314944A18429E19E4622D60AE3CC4 ] C:\Program Files\Microsoft Office\Office14\OLMAPI32.DLL
14:41:12.0386 0x0818 C:\Program Files\Microsoft Office\Office14\OLMAPI32.DLL - ok
14:41:12.0386 0x0818 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
14:41:12.0386 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
14:41:12.0386 0x0818 [ 3B10A516D8FBA8C6A227374861BAF29E, ED07D2ADCF54D60149FE9538125DD4030E7C2A0BA8EDA424C5A8FFAC6DD04DA8 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
14:41:12.0386 0x0818 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL - ok
14:41:12.0386 0x0818 [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
14:41:12.0386 0x0818 C:\WINDOWS\system32\cscui.dll - ok
14:41:12.0402 0x0818 [ 6C26DCF01E2A92F183B97D434017268A, 0863B9AE37002CA3E1034A7FBDE80C3D0E4469A4561140EDE42EDD947E61DBD3 ] C:\WINDOWS\system32\dpcdll.dll
14:41:12.0402 0x0818 C:\WINDOWS\system32\dpcdll.dll - ok
14:41:12.0402 0x0818 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4, C095D8A3A1CEAD1D78B0EE17B982718CDF4B3FE1F86D9D273875B8C1893C981B ] C:\WINDOWS\system32\wdmaud.drv
14:41:12.0402 0x0818 C:\WINDOWS\system32\wdmaud.drv - ok
14:41:12.0402 0x0818 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] C:\WINDOWS\system32\drivers\wdmaud.sys
14:41:12.0402 0x0818 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
14:41:12.0402 0x0818 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] C:\WINDOWS\system32\drivers\sysaudio.sys
14:41:12.0402 0x0818 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
14:41:12.0402 0x0818 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] C:\WINDOWS\system32\drivers\splitter.sys
14:41:12.0402 0x0818 C:\WINDOWS\system32\drivers\splitter.sys - ok
14:41:12.0402 0x0818 [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
14:41:12.0402 0x0818 C:\WINDOWS\system32\drprov.dll - ok
14:41:12.0402 0x0818 [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
14:41:12.0402 0x0818 C:\WINDOWS\system32\ntlanman.dll - ok
14:41:12.0402 0x0818 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] C:\WINDOWS\system32\drivers\aec.sys
14:41:12.0402 0x0818 C:\WINDOWS\system32\drivers\aec.sys - ok
14:41:12.0417 0x0818 [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
14:41:12.0417 0x0818 C:\WINDOWS\system32\netui0.dll - ok
14:41:12.0417 0x0818 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] C:\WINDOWS\system32\drivers\swmidi.sys
14:41:12.0417 0x0818 C:\WINDOWS\system32\drivers\swmidi.sys - ok
14:41:12.0417 0x0818 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] C:\WINDOWS\system32\drivers\dmusic.sys
14:41:12.0417 0x0818 C:\WINDOWS\system32\drivers\dmusic.sys - ok
14:41:12.0417 0x0818 [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
14:41:12.0417 0x0818 C:\WINDOWS\system32\netui1.dll - ok
14:41:12.0417 0x0818 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] C:\WINDOWS\system32\drivers\drmkaud.sys
14:41:12.0417 0x0818 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
14:41:12.0417 0x0818 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] C:\WINDOWS\system32\drivers\kmixer.sys
14:41:12.0417 0x0818 C:\WINDOWS\system32\drivers\kmixer.sys - ok
14:41:12.0417 0x0818 [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
14:41:12.0417 0x0818 C:\WINDOWS\system32\davclnt.dll - ok
14:41:12.0417 0x0818 [ 9A3BD5F55AADFF859539142F6328A66E, B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ] C:\WINDOWS\system32\msacm32.drv
14:41:12.0417 0x0818 C:\WINDOWS\system32\msacm32.drv - ok
14:41:12.0417 0x0818 [ 5C12660A97822F6E61576943B49AAAD6, 621BE8E009DC95A8901F701F529ED98BD8E6D62D272AE0E1FAF69889A4D5633B ] C:\WINDOWS\system32\midimap.dll
14:41:12.0417 0x0818 C:\WINDOWS\system32\midimap.dll - ok
14:41:12.0433 0x0818 [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
14:41:12.0433 0x0818 C:\WINDOWS\explorer.exe - ok
14:41:12.0433 0x0818 [ 6A8E1ED7790C55106B6C2BD6DB0E0F1D, 4BC9EBD8171F1701DA5118CFEF522BBD62BFD7FE322DE64C47D1C0B0C72D5FAC ] C:\WINDOWS\system32\WgaTray.exe
14:41:12.0433 0x0818 C:\WINDOWS\system32\WgaTray.exe - ok
14:41:12.0433 0x0818 [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
14:41:12.0433 0x0818 C:\WINDOWS\system32\browseui.dll - ok
14:41:12.0433 0x0818 [ D59A7119054D70FC745A1BF9C06DCC65, D264A118BA2C039FE33BDC7126C2457535E629C126584322C8F6CEDC13EDCE43 ] C:\WINDOWS\system32\oeph.dll
14:41:12.0433 0x0818 C:\WINDOWS\system32\oeph.dll - ok
14:41:12.0433 0x0818 [ 79ED352549EB6D5B1A454916C37D2E85, 1BCAB9EAAFC8E362B38A4070E68B7D472C00E6914947138114865FDD97FDC577 ] C:\WINDOWS\system32\UncPH.dll
14:41:12.0433 0x0818 C:\WINDOWS\system32\UncPH.dll - ok
14:41:12.0433 0x0818 [ 6AFF6AAC545E16B84972A9B402F632E2, 8A2EEB2E7E72149DD42778C6FD5352C33149D679CF3478F9C81DE91048891CFD ] C:\WINDOWS\system32\ieframe.dll
14:41:12.0433 0x0818 C:\WINDOWS\system32\ieframe.dll - ok
14:41:12.0433 0x0818 [ 45DA355F0F5B0D0CB26D1091412609E4, 2D4F1F6936B4CAF83D6E9A5A2E7AD99355203382E25C957E2A32BDD46730DA6F ] C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
14:41:12.0433 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe - ok
14:41:12.0433 0x0818 [ FC1D23593F6208E492C821FA257428F8, F3327FA15A2E980AEA369D0FDF575C9167A8836BA0321C68083CADDB78609733 ] C:\Program Files\HTC\HTC Sync Manager\HTC Sync\AdbWinApi.dll
14:41:12.0433 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTC Sync\AdbWinApi.dll - ok
14:41:12.0448 0x0818 [ FB9DFE1D04DFA81ABBD8493A52A23773, 0DDE55E33E8073B67390387D96C43A016AE09588DE6F97C414CE52EC4081A705 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
14:41:12.0448 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe - ok
14:41:12.0448 0x0818 [ 88BEEF09C654252F3E46B6167B7F4ECB, 94A78D2D709AEED74BA1C29D00CFD55EF68A95764C067B470E1C19C376F32478 ] C:\WINDOWS\system32\msisip.dll
14:41:12.0448 0x0818 C:\WINDOWS\system32\msisip.dll - ok
14:41:12.0448 0x0818 [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll
14:41:12.0448 0x0818 C:\WINDOWS\system32\shdocvw.dll - ok
14:41:12.0448 0x0818 [ 3A6D465F379E5C815F4AD565391E654C, EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ] C:\WINDOWS\system32\wshext.dll
14:41:12.0448 0x0818 C:\WINDOWS\system32\wshext.dll - ok
14:41:12.0448 0x0818 [ 29ECDA17BA5E6D98430F698587569ACC, 9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
14:41:12.0448 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok
14:41:12.0448 0x0818 [ 897CBB14ECD56948CF6A2564229C9126, 37E49379ED94994A08659C79B79415700D2A8AB617591F47E8A15B22A5EC2682 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
14:41:12.0448 0x0818 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
14:41:12.0448 0x0818 [ 6D778E0F95447E6546553EEEA709D03C, 62ABED7D45040381BBCED97EA7B6C697B418448FD3322FD4BFB2BBFDB6155EB4 ] C:\WINDOWS\system32\cmd.exe
14:41:12.0448 0x0818 C:\WINDOWS\system32\cmd.exe - ok
14:41:12.0448 0x0818 [ FD3DA8425624B98903407DF608CF2C11, C656FFDA07EA6540F028ABBD3C8ADEC871602412C4AED267137CA7B776E02591 ] C:\WINDOWS\system32\net.exe
14:41:12.0448 0x0818 C:\WINDOWS\system32\net.exe - ok
14:41:12.0464 0x0818 [ D0E44C9C8BD85350828458EAD715BD30, A559A8205756C37229C8B946E6E8E4C136BFD978F184E4A1BE52131478CA8418 ] C:\WINDOWS\system32\LegitCheckControl.dll
14:41:12.0464 0x0818 C:\WINDOWS\system32\LegitCheckControl.dll - ok
14:41:12.0464 0x0818 [ 68625438E44E7D61E656800D14AA0CA5, D2D127B64D5820BC863B3143ED2B0EE8303ABE9B0CA93E8597975A9D4700B95E ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\smcGuiRes.dll
14:41:12.0464 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\smcGuiRes.dll - ok
14:41:12.0464 0x0818 [ D4931277DF5393E84A48B27DF40914E3, 35B175E750B0EFE45ECBBB692561F8D56368ADF36FC7A61A2E9EB78FF8D649B9 ] C:\WINDOWS\system32\riched32.dll
14:41:12.0464 0x0818 C:\WINDOWS\system32\riched32.dll - ok
14:41:12.0464 0x0818 [ 6895427873D6C37A6D6DA7C3DB37DA14, 199E55B171752B32E172913BDD79D86E7298C7C6B838F871E937B5E1DF8C59F4 ] C:\WINDOWS\system32\licwmi.dll
14:41:12.0464 0x0818 C:\WINDOWS\system32\licwmi.dll - ok
14:41:12.0464 0x0818 [ C8944DD4071D6ED426E6DFBEBDC45489, 5B624E441F166CA89EFB64FD344B8CBBDE315DBD0E8BDCA8A7C0386BAF052AA9 ] \Device\LanmanRedirector\w2003fs1\Clients\Setup\setup.exe
14:41:12.0464 0x0818 \Device\LanmanRedirector\w2003fs1\Clients\Setup\setup.exe - ok
14:41:12.0464 0x0818 [ A693A49A67673F2C8D76797EA9A628D0, 479B6AE531EACC2A8C1B6BDE2AC1F6938753105790B0F04F81477F4CCD1C276E ] C:\WINDOWS\system32\licdll.dll
14:41:12.0464 0x0818 C:\WINDOWS\system32\licdll.dll - ok
14:41:12.0464 0x0818 [ 050147AF41934EE664DD5EF9B2793B30, 003173498F3F8A306F4D643E4AC9837DE9D4EFE2944B8572892464FE9902F1CB ] \Device\LanmanRedirector\w2003fs1\Clients\Setup\applnch.exe
14:41:12.0464 0x0818 \Device\LanmanRedirector\w2003fs1\Clients\Setup\applnch.exe - ok
14:41:12.0464 0x0818 [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
14:41:12.0464 0x0818 C:\WINDOWS\system32\desk.cpl - ok
14:41:12.0480 0x0818 [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
14:41:12.0480 0x0818 C:\WINDOWS\system32\themeui.dll - ok
14:41:12.0480 0x0818 [ A2693F331EF074273FBF46A90ED6C883, 1DA15436513989A2B63859DFC5A39CD46B319613D6B4373B636D9D9BB8C5E2E3 ] C:\WINDOWS\system32\msfeeds.dll
14:41:12.0480 0x0818 C:\WINDOWS\system32\msfeeds.dll - ok
14:41:12.0480 0x0818 [ B0E65920B69D4E651AC6DEC30874EC90, 363C1D601784581049C991BCB0D942C2AA057426FC28A17DC14B32E7130C2BEB ] C:\Program Files\Common Files\Symantec Shared\ccAlert.dll
14:41:12.0480 0x0818 C:\Program Files\Common Files\Symantec Shared\ccAlert.dll - ok
14:41:12.0480 0x0818 [ 3C649A488F2E27164CE664E67D586B7C, 06189380FD9E58920BFBE6B9742177237A8D9901D00DC7140C8BB9B58656B7F3 ] C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionUtil.dll
14:41:12.0480 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionUtil.dll - ok
14:41:12.0480 0x0818 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A, 52D1A8AA992AF2F727DA4B16522D604648D700997B1620CCB67D05838C127674 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
14:41:12.0480 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll - ok
14:41:12.0480 0x0818 [ 87889A983C015080FA813D7E32910D1E, 7CDB618AB145CB0E2B2AB3C87542E56624C6FB075C7806494936BF52A9467AAB ] C:\WINDOWS\system32\searchfilterhost.exe
14:41:12.0480 0x0818 C:\WINDOWS\system32\searchfilterhost.exe - ok
14:41:12.0480 0x0818 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9, 8CF9C8882C1DF59E51E2D65425C595E1C37005E6F94C47EBCDEBFF991788C162 ] C:\WINDOWS\system32\msxml6.dll
14:41:12.0480 0x0818 C:\WINDOWS\system32\msxml6.dll - ok
14:41:12.0480 0x0818 [ 81057F40533A4EEE43BA7036225D5A0F, 7941A923ABDCF0F8FA12BF464554D594C21C37E7FFF4FB9AFFDBD335496DF2C5 ] C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe
14:41:12.0480 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe - ok
14:41:12.0495 0x0818 [ F38714579D15B794E1AB827F7D80CBBC, 8B4E508294D7A2C923A26BEAF8D45EC4CDD2920F0C0441370066E30D7AA78434 ] C:\Program Files\HTC\HTC Sync Manager\CrashRpt.dll
14:41:12.0495 0x0818 C:\Program Files\HTC\HTC Sync Manager\CrashRpt.dll - ok
14:41:12.0495 0x0818 [ A10107A8DF6D90F73CF173DAF59122F1, 73507AAFACFABB7B8394CA9C9A2C74B4FA91B040EACC44AE034AC5BB9DB81B4D ] C:\Program Files\HTC\HTC Sync Manager\ResourceMgt.dll
14:41:12.0495 0x0818 C:\Program Files\HTC\HTC Sync Manager\ResourceMgt.dll - ok
14:41:12.0495 0x0818 [ E9B4F91F7791F8EC9A857045C2056BDC, B09045C039F27458C712342193A2D0577D52053CBF127A851743BBE6ECDD6FEC ] C:\Program Files\HTC\HTC Sync Manager\HTCSyncManagerLib.dll
14:41:12.0495 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTCSyncManagerLib.dll - ok
14:41:12.0495 0x0818 [ 53307F0C16F9B145F45798BD8C8DFED9, 9B4A70E7BFB77EAB09ADBE6D8B8DA3C34D36D609CDDB36EF3F067A4AF4A700EA ] C:\Program Files\HTC\HTC Sync Manager\WebKitBrowser.dll
14:41:12.0495 0x0818 C:\Program Files\HTC\HTC Sync Manager\WebKitBrowser.dll - ok
14:41:12.0495 0x0818 [ 0FD24C06F7AC933C6D01F6FA461A01C1, 76C1F7E7FECEEA6F580DC4460BB8B9B96713C9757C066A19FE64257E89FDB0DA ] C:\Program Files\HTC\HTC Sync Manager\ECore.dll
14:41:12.0495 0x0818 C:\Program Files\HTC\HTC Sync Manager\ECore.dll - ok
14:41:12.0495 0x0818 [ 723F12FAE02FEAB8EE69272E966ACCDE, EA6A8EFC6BB8D915676B7F568F79B93FDE0724884A53EC149ED0BE1EB45E4DC0 ] C:\Program Files\Common Files\Symantec Shared\ccL60U8.dll
14:41:12.0495 0x0818 C:\Program Files\Common Files\Symantec Shared\ccL60U8.dll - ok
14:41:12.0495 0x0818 [ 821672B517A975770D2FCB7ACC93D4DE, 8EE75EDB12F9CE7103A3F50E2A0D115584E4E6CFE5264AD8020B03AF442CAF67 ] C:\Program Files\HTC\HTC Sync Manager\WebKit.dll
14:41:12.0495 0x0818 C:\Program Files\HTC\HTC Sync Manager\WebKit.dll - ok
14:41:12.0495 0x0818 [ 065FD1D997165AC607EB80436BECF3A7, 6EB76A0EB9542C0C1C43C40C069DCEB6F4E0EAC2AC83A1F8388B8974684D258A ] C:\Program Files\Common Files\Symantec Shared\rcAlert.dll
14:41:12.0495 0x0818 C:\Program Files\Common Files\Symantec Shared\rcAlert.dll - ok
14:41:12.0511 0x0818 [ B12637E7F97735A7C067669265E7C7D8, 6110874EA1AB2A685CFDCB2C71A7C75CBBF2A193E513775C6EBDFA92ED3D9B8B ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\ProtectionUtilRes.dll
14:41:12.0511 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\ProtectionUtilRes.dll - ok
14:41:12.0511 0x0818 [ F0D76AA4D33027F603D3EF2F6E09DF76, D3879727E782CDBC1F633549F84D31412A231F1C8EBBD05F8D8F7F78818AD29C ] C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionProviderPS.dll
14:41:12.0511 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionProviderPS.dll - ok
14:41:12.0511 0x0818 [ FF63C43EEB818A5011C63A81D8A47816, 6ADF9EDA4F241E7B6B125CF6A78AFD51F23538FE7C505BB0766C852BB3928330 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SavMainUI.dll
14:41:12.0511 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SavMainUI.dll - ok
14:41:12.0511 0x0818 [ CF01210E6381219E213A115F280D7953, 79413F9FD5125FB4BE7E5D7C13B5CD5E58E8ED024178AD87C292BEA4CB08D0E5 ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5C339956-A905-45CB-9108-2A54B57E8BD9}.exe
14:41:12.0511 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5C339956-A905-45CB-9108-2A54B57E8BD9}.exe - ok
14:41:12.0511 0x0818 [ 4F1F722862693EE3459B8EA8C3109ECE, 74E69C72A490D42D85F2F0A8F02251C719A4ABAF2C5172F480A849B6C8D6F259 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SavMainUIRes.dll
14:41:12.0511 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SavMainUIRes.dll - ok
14:41:12.0511 0x0818 [ E8A3670314B3DDFE6DD18C4B501A9476, 316EB1847FB3B2FA23ACE327D81B6A73BFB6963A3B309294F52647B08089F378 ] C:\Program Files\Windows Desktop Search\deskbar.dll
14:41:12.0511 0x0818 C:\Program Files\Windows Desktop Search\deskbar.dll - ok
14:41:12.0511 0x0818 [ 8E3FFEAA73E40A8AC0B84DF682A1B181, 18BEB9F643BB713BAE4A53E4D4D807E1E311AB2010D7E130A8F579530444B0F8 ] C:\Program Files\Symantec\Symantec Endpoint Protection\HPPProtectionProviderUI.dll
14:41:12.0511 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\HPPProtectionProviderUI.dll - ok
14:41:12.0511 0x0818 [ 474B4412135687073A6AB13822FC4315, 4EBEA09EF73314D47EACB123DB47E5F187D9858234FE5797A2C62BF42FE9B0D9 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\HPPProtectionProviderUIRes.dll
14:41:12.0511 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\HPPProtectionProviderUIRes.dll - ok
14:41:12.0527 0x0818 [ 2A0B76FCC5138AC0321A01766C980387, 00E27AE82C61EB2AF3FD886A6A93461F736CBEA4DF1862FD0143E3EB4D9F2839 ] C:\Program Files\Windows Desktop Search\en-US\dbres.dll.mui
14:41:12.0527 0x0818 C:\Program Files\Windows Desktop Search\en-US\dbres.dll.mui - ok
14:41:12.0527 0x0818 [ F2ECE68ACF2C051EFFB305708C3AEFA9, 6532C691D2A6B72E82D0245C93971AEC3527D7FCFF40EDF0C01CD87D06890DFB ] C:\Program Files\Windows Desktop Search\dbres.dll
14:41:12.0527 0x0818 C:\Program Files\Windows Desktop Search\dbres.dll - ok
14:41:12.0527 0x0818 [ B5B27B057B97A947C31B41F0EF3B4D44, 06F7A0132B8F337D2A0E1C17AB883FFB0C761E42BA5697E007AD8DE10F735712 ] C:\Program Files\Windows Desktop Search\wordwheel.dll
14:41:12.0527 0x0818 C:\Program Files\Windows Desktop Search\wordwheel.dll - ok
14:41:12.0527 0x0818 [ 0E28E671281EBF1F1F8FE093D2BD4A7B, 26D5211455A69BC5D0BF4FA36C7E0EE3E271183BA7EC8E0BD7482A3EAC61B8AA ] C:\Program Files\Windows Desktop Search\en-US\MSNLExtRes.dll.mui
14:41:12.0527 0x0818 C:\Program Files\Windows Desktop Search\en-US\MSNLExtRes.dll.mui - ok
14:41:12.0527 0x0818 [ 2996FAECA864EE4938AA247B2386A69B, 2007243B9054FBBDD24603B523BF492A627350B81B0C6173A54EE2B3943D5E88 ] C:\Program Files\Windows Desktop Search\MSNLExtRes.dll
14:41:12.0527 0x0818 C:\Program Files\Windows Desktop Search\MSNLExtRes.dll - ok
14:41:12.0527 0x0818 [ F0EB7079603CAE2C91CE22991871A910, 54A0088D7EF855CFBC9B16196BC4DEB9BAAEAFB9C7F7ACC24E9D8E4AA7BD2243 ] C:\Program Files\HTC\HTC Sync Manager\cairo.dll
14:41:12.0527 0x0818 C:\Program Files\HTC\HTC Sync Manager\cairo.dll - ok
14:41:12.0527 0x0818 [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
14:41:12.0527 0x0818 C:\WINDOWS\system32\verclsid.exe - ok
14:41:12.0527 0x0818 [ 4BC0F890BB0BC6BBA21E750789027FA3, E73B4023B3B94E3055131A7CA68B36DAE2259FBDD82C8343C8B719420A2149A7 ] C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
14:41:12.0527 0x0818 C:\Program Files\HTC\HTC Sync Manager\zlib1.dll - ok
14:41:12.0542 0x0818 [ 2BFC68B231B45AA1F11B226FB7764229, 997246A1B9348679C05B46E1CABA91CEC37544D30997AD44790731B86072C0A5 ] C:\Program Files\HTC\HTC Sync Manager\libpng.dll
14:41:12.0542 0x0818 C:\Program Files\HTC\HTC Sync Manager\libpng.dll - ok
14:41:12.0542 0x0818 [ CC8915DB4E33E8FB29CA0D2DBF75306E, 6319C0580FFDA989A2726814667C330F6A5C864D34B8C87645DD5A98E7A2C7FB ] C:\WINDOWS\system32\webcheck.dll
14:41:12.0542 0x0818 C:\WINDOWS\system32\webcheck.dll - ok
14:41:12.0542 0x0818 [ DB6FF27683A1D8A29C57F55EC128532D, 58C8BF0A80CC91F8BD1A50857D78D9EF32966DB9F8C6E88D6ED5EAD035A3E7B0 ] C:\Program Files\Intel\AMT\atchk.exe
14:41:12.0542 0x0818 C:\Program Files\Intel\AMT\atchk.exe - ok
14:41:12.0542 0x0818 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] C:\WINDOWS\system32\imapi.exe
14:41:12.0542 0x0818 C:\WINDOWS\system32\imapi.exe - ok
14:41:12.0542 0x0818 [ 1E9C618C728219855B2575B54327977A, 6561CA058378F5744DFC4397CE107E94399F75A0E01CA742F466C6D344EB2009 ] C:\Program Files\HTC\HTC Sync Manager\JavaScriptCore.dll
14:41:12.0542 0x0818 C:\Program Files\HTC\HTC Sync Manager\JavaScriptCore.dll - ok
14:41:12.0542 0x0818 [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
14:41:12.0542 0x0818 C:\WINDOWS\system32\mlang.dll - ok
14:41:12.0542 0x0818 [ 0B467F470CC9918FDCEEDCFD7DC4D697, 87C8BCC4DFF318FC393A8C0FB0B82CCC9DA83EC0F5811CF303F3AC265A575578 ] C:\WINDOWS\system32\oledlg.dll
14:41:12.0542 0x0818 C:\WINDOWS\system32\oledlg.dll - ok
14:41:12.0542 0x0818 [ 50512FC9B7878E3C2C147BC17326A7DB, 670006280CA98213C3A23B442615FD729C83953795619360F9D2988E56A602D7 ] C:\WINDOWS\system32\stobject.dll
14:41:12.0542 0x0818 C:\WINDOWS\system32\stobject.dll - ok
14:41:12.0558 0x0818 [ 231A0B0E3BA7ABFE469A8262FAA1FD71, 76F8AE2680438B279081EDFC2728E3785736E82A5C6396AA705BFFFF5C361294 ] C:\WINDOWS\system32\batmeter.dll
14:41:12.0558 0x0818 C:\WINDOWS\system32\batmeter.dll - ok
14:41:12.0558 0x0818 [ 045E228F71C31901084B64BE59093499, BA463D9EC2C2D266A34DBAC542CFA0403BFB03DDF3037FBD043BB691A8E493FA ] C:\WINDOWS\system32\WPDShServiceObj.dll
14:41:12.0558 0x0818 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
14:41:12.0558 0x0818 [ 538A270F35A713C360B7ED4168BB7521, 47D8784C811FCADD1E78A907AF56D3D0FA5ABE9AC7DA7CB41AF60D304CAA06BA ] C:\WINDOWS\system32\mydocs.dll
14:41:12.0558 0x0818 C:\WINDOWS\system32\mydocs.dll - ok
14:41:12.0558 0x0818 [ 45E42D794532C6ABFE7AE0698532BD50, 354B6375AA6461C5D9583A1F29ED7C4C838D1FE8799A29F70509ED8D0B4714DE ] C:\WINDOWS\system32\igfxtray.exe
14:41:12.0558 0x0818 C:\WINDOWS\system32\igfxtray.exe - ok
14:41:12.0558 0x0818 [ 401A8C0BE0BAA7D7A470F0942244152D, EC21ED13E526617697CD8E6D79FC706CBDA0AF36C02C05B39E8603B217E406BC ] C:\WINDOWS\system32\rasdlg.dll
14:41:12.0558 0x0818 C:\WINDOWS\system32\rasdlg.dll - ok
14:41:12.0558 0x0818 [ 22358578CB321F3325496A3723029409, 44535E0EFC20714CEF8FFAE51294CFC6AC53F12E464E048ECD92CDC2CA54A312 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
14:41:12.0558 0x0818 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
14:41:12.0558 0x0818 [ B9D8C6CDBE011328FBD5A3559F6618A7, 0B4152787CA400F08AB81317D7AA300B9EC8687A7727504B28463D53410FEACB ] C:\WINDOWS\system32\hkcmd.exe
14:41:12.0558 0x0818 C:\WINDOWS\system32\hkcmd.exe - ok
14:41:12.0558 0x0818 [ 79D8A229FA677BFB9C653146CADD6F5A, 66607613C35C566395B55988B14CCE33602280781B80458874CF8A75F4274B73 ] C:\WINDOWS\system32\hccutils.dll
14:41:12.0558 0x0818 C:\WINDOWS\system32\hccutils.dll - ok
14:41:12.0558 0x0818 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{4DCC13B4-4C60-47F1-BE81-62487571F18F}.tmp
14:41:12.0558 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{4DCC13B4-4C60-47F1-BE81-62487571F18F}.tmp - ok
14:41:12.0573 0x0818 [ 9D45B2201D0ECF9F42136C7B99DEB8B2, 0251BE4C23EAACE2A9725243936C5E5AC4C0BCEE10EDE85017D91936FEE8CB31 ] C:\WINDOWS\system32\PortableDeviceApi.dll
14:41:12.0573 0x0818 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
14:41:12.0573 0x0818 [ 547D392E939D091F12A1EE99A9BF6CA3, A11293406C28A19FBD725CA9BF226EBB9A289351938E7B26D38D7B8B5DB94710 ] C:\WINDOWS\system32\igfxsrvc.exe
14:41:12.0573 0x0818 C:\WINDOWS\system32\igfxsrvc.exe - ok
14:41:12.0573 0x0818 [ 5DCDFF7DE525AB73889CB1EC6CA048AD, 642EB3A349DF0D847E5E9D89FA86F80D91A09EE3AC7BBCD056735469838BA068 ] C:\WINDOWS\system32\igfxpers.exe
14:41:12.0573 0x0818 C:\WINDOWS\system32\igfxpers.exe - ok
14:41:12.0573 0x0818 [ AA93267F394211ED13137ADC983A5F02, 719AC844D1447AB104973CDC61EFB240CA540C7FE4C9C206CC4E5CE5E4C9D6BF ] C:\WINDOWS\system32\igfxdev.dll
14:41:12.0573 0x0818 C:\WINDOWS\system32\igfxdev.dll - ok
14:41:12.0573 0x0818 [ 2D40BFD0E72BC5206BA4F22197907256, 0868FD3F547CCBB7BBA338D29D3614F0230633CB233663675B49ADF2F86A066A ] C:\WINDOWS\system32\igfxsrvc.dll
14:41:12.0573 0x0818 C:\WINDOWS\system32\igfxsrvc.dll - ok
14:41:12.0573 0x0818 [ 0C5F9D4D8EA3F2ABC0FE916FE43CE2BB, 44E7AAD2430424959DAFEB912DEEAD3B1EE11FC461C7019B4E60FF6C1A7AFC26 ] C:\Program Files\Analog Devices\Core\smax4pnp.exe
14:41:12.0573 0x0818 C:\Program Files\Analog Devices\Core\smax4pnp.exe - ok
14:41:12.0573 0x0818 [ B6050E962827E937AA98211495F13C0A, 36E9D8273E892798A46974AA0E634C6E2C7A42F1C25BDD8D29CC706F520DF66D ] C:\WINDOWS\system32\igfxres.dll
14:41:12.0573 0x0818 C:\WINDOWS\system32\igfxres.dll - ok
14:41:12.0573 0x0818 [ EC9B27B37D8E9D361C38E8D364F09611, A2405EEB4599FB7C225A334B83B09A049DD0D665A07BEC5CFD87AE2320AABD0B ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
14:41:12.0573 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
14:41:12.0589 0x0818 [ 4A0BBDF88636F2EF08420BDCD343D286, 0762578CB10E97986FACD93D7A1105D4EE6C8148B31398F0C54C2B6392F8B782 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
14:41:12.0589 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe - ok
14:41:12.0589 0x0818 [ 47373897D92B005F6EA8BE6D5ADF5F29, 4F90CE01186F9EE825A7311C6EDE41BA6B99F438E3FCA2F795C8809F22EE24F5 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll
14:41:12.0589 0x0818 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok
14:41:12.0589 0x0818 [ E6A9F68D26A094FB78B98180A40A29FC, 37B4F3622ED092B3FBCFEEFD24300AC24A3782D5D327499B98E59CDCFA211A5D ] C:\WINDOWS\KHALMNPR.Exe
14:41:12.0589 0x0818 C:\WINDOWS\KHALMNPR.Exe - ok
14:41:12.0589 0x0818 [ 552E9CA7B91120FB7D49CD5C10018DC3, 106EB5C456EED3752932DE881448B83530DFF8C9D2C827E25D6CDC13BAB60184 ] C:\Program Files\REGSHAVE\Regshave.exe
14:41:12.0589 0x0818 C:\Program Files\REGSHAVE\Regshave.exe - ok
14:41:12.0589 0x0818 [ 30C85F911A81602B5C0AA8F2E5325C19, FF724CDA0887144C378F5D4C8BFDFF0C14A84DDE5568EA6B1664C0BAF322D002 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.dll
14:41:12.0589 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.dll - ok
14:41:12.0589 0x0818 [ 4B88BD98983A2CD9BE90F368B4F59F0A, B1BDD73FFB46B905F12923A4110FDA77F1474FE0171204F91DF59C939338DF40 ] C:\Program Files\Adobe\Acrobat 8.0\Esl\asneu.dll
14:41:12.0589 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Esl\asneu.dll - ok
14:41:12.0589 0x0818 [ 76848CB1AA5818DB47D5F5986E0A7485, 03BAB6981C6F447E41B78A96187FA619E4755C2101FF1A0B2ABF111BE53D9F92 ] C:\WINDOWS\system32\mfc42.dll
14:41:12.0589 0x0818 C:\WINDOWS\system32\mfc42.dll - ok
14:41:12.0589 0x0818 [ 310638EBDD87B49DF3D12EDB853D5166, 560A5A78738DCEC49475F2581BF62E9093078873658BEF50A98E31262AAB7F68 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
14:41:12.0589 0x0818 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok
14:41:12.0605 0x0818 [ BC9884D6D1D66993733B802E3F24B6B3, 491CC813DF3018122A2198BD210E696FD1DFD7E54F9694AFA43FA5600193975D ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
14:41:12.0605 0x0818 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe - ok
14:41:12.0605 0x0818 [ 8AC802766A18E8EA5C19EDABB4DB364A, BB8E2362A8D9FC644CD44AD558D3685F118DE560AD8F81B9764175FB13EF6A8A ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll
14:41:12.0605 0x0818 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok
14:41:12.0605 0x0818 [ 0AEE5668EB59912F32FF245BFA72465F, 653978E365B0E72D34E8B3ED1BFCF0237B70B41396BD70EBBBEDB31AFD77857B ] C:\Program Files\QuickTime\QTTask.exe
14:41:12.0605 0x0818 C:\Program Files\QuickTime\QTTask.exe - ok
14:41:12.0605 0x0818 [ 843060F316A24338EE5B18F0AE9DD1E8, BABD3C622EBB263E231672A5982BA95B178D5804E815D593D595658D655DF5D3 ] C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll
14:41:12.0605 0x0818 C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll - ok
14:41:12.0605 0x0818 [ BE07466066705791000E2FC8419A264F, 9B0A9D4E1B4C43763C31A76ACA39C8875418F89670FA9EB629625701763FBBF6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll
14:41:12.0605 0x0818 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok
14:41:12.0605 0x0818 [ 694D1AE2DB40C77671A308B3CB311F06, 0C2587FB1B26B736BB71346B217CDCCA77B89EDE995C12697DF64C8C5B052A4D ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
14:41:12.0605 0x0818 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll - ok
14:41:12.0605 0x0818 [ BF1FF06F5434AFAEAB6C3279E3BD2250, E61A551DDCE9EA7AC1DFD0C318BBCC92E35C5B2D4DA8655F70EFC9D99994CC48 ] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
14:41:12.0605 0x0818 C:\Program Files\Common Files\Symantec Shared\ccApp.exe - ok
14:41:12.0605 0x0818 [ 6E3245DF783E58375B3465F03274743E, E253CE5B347470CC7D2623F2B16D19C3EAC22637BAAF9B18AD50F0FA7BBBA4A1 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
14:41:12.0620 0x0818 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
14:41:12.0620 0x0818 [ 52D28AE9E168BA60F2DFA00EDD101B14, 641D10FB34721F955684459C764083A9E499BC48A58BCFB8BA65401E4424BB76 ] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
14:41:12.0620 0x0818 C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe - ok
14:41:12.0620 0x0818 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
14:41:12.0620 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
14:41:12.0620 0x0818 [ 2BFF31508A58EA3F82CA8D6620AE6E13, B9E119F579902556A49F770731D069E0B79B56AFDCE471BC5995D71B9BD58CEF ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
14:41:12.0620 0x0818 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
14:41:12.0620 0x0818 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
14:41:12.0620 0x0818 C:\Program Files\Microsoft Office\Office14\BCSSync.exe - ok
14:41:12.0620 0x0818 [ 66244E87C8971EE0A7BF48C376805971, B73F69FE4ED3267E811679563E2A70CD57C68977AB21449004076F74491846B1 ] C:\Program Files\Analog Devices\Core\smwdmif.dll
14:41:12.0620 0x0818 C:\Program Files\Analog Devices\Core\smwdmif.dll - ok
14:41:12.0620 0x0818 [ B2387FD351A3D4780A917E4C00A83310, D23AADD424B1FC3D2C3A388252EEDA05F9B05922472A74E0CF4EEE7E005EADE1 ] C:\Program Files\iTunes\iTunesHelper.exe
14:41:12.0620 0x0818 C:\Program Files\iTunes\iTunesHelper.exe - ok
14:41:12.0620 0x0818 [ 83BA5E873164A3711B44052F58C8FE9F, 7271ADE7A615E6F33375D23DACC32A8A652AF18CAAF8439F018E32E32E222F5A ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
14:41:12.0620 0x0818 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
14:41:12.0620 0x0818 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3, 4687B8DD40CA9B83AA5CE1268F62476EBA886C10CC8B7B5AB716E4C56AF1EEAF ] C:\WINDOWS\system32\dsound.dll
14:41:12.0620 0x0818 C:\WINDOWS\system32\dsound.dll - ok
14:41:12.0636 0x0818 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9, F64DEF5213CC6E96DD62125A3D44522200F66FF6A2CBA198096484F61D1C088B ] C:\WINDOWS\system32\ksuser.dll
14:41:12.0636 0x0818 C:\WINDOWS\system32\ksuser.dll - ok
14:41:12.0636 0x0818 [ A03C933F94D952723293CD5092289BC3, 6BEAE7AA43679F8A619335097A3E4F51FE99932290E490A979DA893BFF067110 ] C:\Program Files\iTunes\iTunesHelper.dll
14:41:12.0636 0x0818 C:\Program Files\iTunes\iTunesHelper.dll - ok
14:41:12.0636 0x0818 [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
14:41:12.0636 0x0818 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
14:41:12.0636 0x0818 [ F13572D2A69EE7686C8BF69A3198B0B1, 8281F7B6FCE82D524ACDA06A9CB52FE682F04BA7DA92781E360421CA856EB770 ] C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\gtn.dll
14:41:12.0636 0x0818 C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\gtn.dll - ok
14:41:12.0636 0x0818 [ 13820B972D74B3DE4F6552A57AC799A7, B85C6840A98E93BE928A61E46F8C712874B10D942BB9A8377045623AC877F8E4 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
14:41:12.0636 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
14:41:12.0636 0x0818 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
14:41:12.0636 0x0818 C:\WINDOWS\system32\ctfmon.exe - ok
14:41:12.0636 0x0818 [ 897D719D3B4E514505985AB74D029EEF, E226FAA23E18AB0A8419D9D87311EAF0958CBA417D2E4219499339435B40612E ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
14:41:12.0636 0x0818 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
14:41:12.0636 0x0818 [ 337461F2DDD051EFE30B3FEB5854059E, 9B4834CD42E3267C98502B240DA55AB7F0E4991C140635C5E20DD7C50C0933BB ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
14:41:12.0636 0x0818 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
14:41:12.0652 0x0818 [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\msctf.dll
14:41:12.0652 0x0818 C:\WINDOWS\system32\msctf.dll - ok
14:41:12.0652 0x0818 [ BF0E0B83E4B2E1BBF5A77359728C92BC, 7C03EECB2506331703C02ACCC4D990B5918647566A695ECB32550D052A3EA337 ] C:\Program Files\FinePixViewer\QuickDCF.exe
14:41:12.0652 0x0818 C:\Program Files\FinePixViewer\QuickDCF.exe - ok
14:41:12.0652 0x0818 [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll
14:41:12.0652 0x0818 C:\WINDOWS\system32\msutb.dll - ok
14:41:12.0652 0x0818 [ 2B6D566B536E695D9F40F5C19AE758B6, B0197D20B998DC8D4168852176CC80EA7F022FA61EF4655386434C71C6ECDC52 ] C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
14:41:12.0652 0x0818 C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll - ok
14:41:12.0652 0x0818 [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\sptip.dll
14:41:12.0652 0x0818 C:\WINDOWS\ime\sptip.dll - ok
14:41:12.0652 0x0818 [ D0948BE9B3547B9669195D7F84FC09F7, F5290358A22F94A06F43B174D6FBAB0D574A8CD2F4994AE8300CDB7C1AA64C9E ] C:\Program Files\Logitech\SetPoint\SetPoint.exe
14:41:12.0652 0x0818 C:\Program Files\Logitech\SetPoint\SetPoint.exe - ok
14:41:12.0652 0x0818 [ BA0B29A846FC42ABAE57945F7BA76901, 57B51221D821840777302EBE09F0D6B92FE805135910D78A53C8D0D614C1F463 ] C:\Program Files\Common Files\Sonic Shared\CineTray.exe
14:41:12.0652 0x0818 C:\Program Files\Common Files\Sonic Shared\CineTray.exe - ok
14:41:12.0667 0x0818 [ 3B4D03E447768E9A9020E9AE27D1910C, 8C2F9E19E2D4CD87DB21419DD3FC8580A8EEFB23E67F36F8A0181C11E78FA2D0 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AGM.dll
14:41:12.0667 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AGM.dll - ok
14:41:12.0667 0x0818 [ 09AEF167EB1531E965053D0DCF6CC573, A133F981269D550812AC443F8171013767EDF75FD5E8F45F28E10D87132DF5C7 ] C:\WINDOWS\system32\mfc70.dll
14:41:12.0667 0x0818 C:\WINDOWS\system32\mfc70.dll - ok
14:41:12.0667 0x0818 [ 1318C19CCC2E74F55137268C41CCF86F, FE034FF832EF2585671A602296E9B96F0182EE60A309F3DCC280CE9B41A0DAD1 ] C:\Program Files\Logitech\SetPoint\lgscroll.dll
14:41:12.0667 0x0818 C:\Program Files\Logitech\SetPoint\lgscroll.dll - ok
14:41:12.0667 0x0818 [ 2607F1D062FCC0D474993B6E2FE9A4CF, AF706F1F30A68979B72D650031D4EE54A167FA3E6647CD96C910E5E624A04A1D ] C:\WINDOWS\system32\KemXML.dll
14:41:12.0667 0x0818 C:\WINDOWS\system32\KemXML.dll - ok
14:41:12.0667 0x0818 [ A7DB3812B8B4A2990120F59365F697D3, 4EF1F9F745321ACD30226677D09092A3B3EB085072200518DB477FE38DC37D6D ] C:\WINDOWS\system32\kemutb.dll
14:41:12.0667 0x0818 C:\WINDOWS\system32\kemutb.dll - ok
14:41:12.0667 0x0818 [ A8CC23EEC3EEADE85B9CBE11CE7E7036, 111D092AA7AD81FA8E94697AC85515EE4125F2E3504820146B0CDC1998D66A92 ] C:\WINDOWS\system32\KemUtil.dll
14:41:12.0667 0x0818 C:\WINDOWS\system32\KemUtil.dll - ok
14:41:12.0667 0x0818 [ 9261CE6E86E7CAF12BE049055BE7B8FC, FF55520D9AD371C7715F3F534DE70E14415717C7B18070B9BD2B63AB00C1A41B ] C:\Program Files\Logitech\SetPoint\SetPointCOM.dll
14:41:12.0667 0x0818 C:\Program Files\Logitech\SetPoint\SetPointCOM.dll - ok
14:41:12.0667 0x0818 [ 9C6030F6A16CB0B834695AA9D767F8F7, 604D9E9D9786964B6A144E34C764A0BF88556B3BCDE2FAEF57DA3AF8DCD792B0 ] C:\WINDOWS\system32\KemWnd.dll
14:41:12.0667 0x0818 C:\WINDOWS\system32\KemWnd.dll - ok
14:41:12.0667 0x0818 [ 325E48C07245F0A92CCB85E1F10EE1B7, E1B074DDF70D1702D9325A71B21AA011469D185144BE030211332DEAE5AA3F5B ] C:\Program Files\WinZip\WZQKPICK32.EXE
14:41:12.0667 0x0818 C:\Program Files\WinZip\WZQKPICK32.EXE - ok
14:41:12.0683 0x0818 [ 0C56004A95702B35E99BAFE09F92AE87, 415EA46EA9AA66603B4D6FE061DCB76BCFB3F2EAD6547E271CA3C82D53E58699 ] C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll
14:41:12.0683 0x0818 C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll - ok
14:41:12.0683 0x0818 [ 9972A6ED4F2388DBFA8E0A96F6F3FDF1, F68E4CDBC879423EA47D763A6768567F5F8063924F13A74239750C13FA8D168A ] C:\WINDOWS\system32\msvcr70.dll
14:41:12.0683 0x0818 C:\WINDOWS\system32\msvcr70.dll - ok
14:41:12.0683 0x0818 [ D04F7AACA2319A3BCDB2C5D5DD6F6026, 9255C60B194CF849F3DB54587627E1B8FCE10C88875748642B58EE8E27E22536 ] C:\WINDOWS\system32\msvcp70.dll
14:41:12.0683 0x0818 C:\WINDOWS\system32\msvcp70.dll - ok
14:41:12.0683 0x0818 [ 2EE693BE96C0D9E885CBC0FAC177D379, 893E602670925E1FDD3849FE944F48CDD04505D82F8190FF25E3C91187496C9A ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
14:41:12.0683 0x0818 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
14:41:12.0683 0x0818 [ 87472D82361ABD39CD42554E29CCB944, 14F4BF982F6A644CAEEBE17724D56D1080929E4209737CB73C39A9C195E17081 ] C:\Program Files\Common Files\Symantec Shared\ccProd.dll
14:41:12.0683 0x0818 C:\Program Files\Common Files\Symantec Shared\ccProd.dll - ok
14:41:12.0683 0x0818 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{7D28955D-55B5-475F-AD80-CB88F3AD2ABC}.tmp
14:41:12.0683 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{7D28955D-55B5-475F-AD80-CB88F3AD2ABC}.tmp - ok
14:41:12.0683 0x0818 [ 23A50FABEB7D41F22B561CE54ABA95FC, 2F121D09765BBB8275CB4CAEFE3AEFB3E0D4A32E85D3A8EBEA2F89350BD37B11 ] C:\Program Files\Common Files\Symantec Shared\ccEmlPxy.dll
14:41:12.0683 0x0818 C:\Program Files\Common Files\Symantec Shared\ccEmlPxy.dll - ok
14:41:12.0683 0x0818 [ 033183E0D2BED2047826E1B374EEEED0, 577083323369D5A415E71F1137ADC1990859C9A6C63A64E99B50D85AC410B4C0 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SAVCProd.dll
14:41:12.0683 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SAVCProd.dll - ok
14:41:12.0698 0x0818 [ C72B2DBD518E188CFA8112184ADAAE84, 09B7C8D0450E74D6E24E9BE742EE1821C4DEE9201CD8953C15ECF965143E1114 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSesHlp.dll
14:41:12.0698 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSesHlp.dll - ok
14:41:12.0698 0x0818 [ 34FE2765D5B3118DB4C7D92F1D61D79D, 5E3D8A27CE7326ED5927715C3DBA4E99B49461E37BDD3820FC050BD469FD3B3A ] C:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll
14:41:12.0698 0x0818 C:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll - ok
14:41:12.0698 0x0818 [ 875D72C76DE40A8ADA13BF494704EE09, C49010316D9A4460563B67469C1DEC53ACA184DF5601BF865CAFE19AE159BB71 ] C:\Program Files\Common Files\Symantec Shared\COH\sh0008.dll
14:41:12.0698 0x0818 C:\Program Files\Common Files\Symantec Shared\COH\sh0008.dll - ok
14:41:12.0698 0x0818 [ C31F0D824EBAA58026EFB2EBAB672B3B, 3F51F7F2F4A6DF36E0D5F89C9DDDC9412B7DF2B0D6A8F289263CA93F46544F73 ] C:\Program Files\Common Files\Symantec Shared\rcEmlPxy.dll
14:41:12.0698 0x0818 C:\Program Files\Common Files\Symantec Shared\rcEmlPxy.dll - ok
14:41:12.0698 0x0818 [ B9C08ACBC93F92D0F94BD34C5EF40FCD, B62D97DF643B211D70B4E30B2720550B587363358EB3497DCB80A70201B62695 ] C:\WINDOWS\system32\SymRedir.dll
14:41:12.0698 0x0818 C:\WINDOWS\system32\SymRedir.dll - ok
14:41:12.0698 0x0818 [ 394B2368212114D538316812AF60FDDD, 74DAC801C692DD858EF2A410D99D9E0DE565599436A8F80D7B39818F062B943F ] C:\WINDOWS\system32\drivers\symredrv.sys
14:41:12.0698 0x0818 C:\WINDOWS\system32\drivers\symredrv.sys - ok
14:41:12.0698 0x0818 [ CCD657957275EDEEB1EBBA043AB40D6D, 2EA5FED5BE712112A04AC7CF72E4FDC6F331724A1C1B64EEA2838B46C72B8073 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SavEmail.dll
14:41:12.0698 0x0818 C:\Program Files\Symantec\Symantec Endpoint Protection\SavEmail.dll - ok
14:41:12.0698 0x0818 [ B1EFB8AFE95483B29C96CF85E81E0A36, C3BBC3755659D3CF54AAA834FD7870ECAE014D2F7AFF5262C77E8972D5203EDF ] C:\Program Files\Logitech\SetPoint\IMHook.dll
14:41:12.0698 0x0818 C:\Program Files\Logitech\SetPoint\IMHook.dll - ok
14:41:12.0714 0x0818 [ 38F2C84DB3B6F94D12336DF0A03C1595, DC71ADF2A5050C39142658D9963278E17177FF582683235F39576C6B09BD03C5 ] C:\Program Files\Logitech\SetPoint\WebBrowserSupport.dll
14:41:12.0714 0x0818 C:\Program Files\Logitech\SetPoint\WebBrowserSupport.dll - ok
14:41:12.0714 0x0818 [ 8A244848BA55750733FEC7C2FCF39ABD, 0E17B89BBAE8CF24381D3158E7695E264BB8BAFE4B0161BC33AE77897DF0F32C ] C:\Program Files\Common Files\Logishrd\KHAL2\KHALAPI.dll
14:41:12.0714 0x0818 C:\Program Files\Common Files\Logishrd\KHAL2\KHALAPI.dll - ok
14:41:12.0714 0x0818 [ 8EB7717BAC088A69646F1D5474E8B50E, 373F22611435175526F40901651C92F22FEF1AC113995A1C45677EDDBFE388AF ] C:\Program Files\Logitech\SetPoint\KGame.dll
14:41:12.0714 0x0818 C:\Program Files\Logitech\SetPoint\KGame.dll - ok
14:41:12.0714 0x0818 [ 01E9B4DE8290767BD05F1EFF4EECA521, 966D6D9D37A8D76AB647EE1E4FB0A08CFCBB1075C6F19290A8A5D3C75E95E3A6 ] C:\Program Files\Logitech\SetPoint\GameHook.dll
14:41:12.0714 0x0818 C:\Program Files\Logitech\SetPoint\GameHook.dll - ok
14:41:12.0714 0x0818 [ 19E0D28FE38F55CA4C63F77D3657959A, 0D898D89681BFC0A9DC4CE7D486C6FB35106E436E39A33077D9A26DECE9033B7 ] C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
14:41:12.0714 0x0818 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe - ok
14:41:12.0714 0x0818 [ 148A9F671CF5F55A4089AF2CEA74DF79, ECFF752ADA1474101B20DA74CF9BD27891216EBDD2ABC29D0C38E53A780980E3 ] C:\Program Files\Common Files\Logishrd\KHAL2\KHALITCH.dll
14:41:12.0714 0x0818 C:\Program Files\Common Files\Logishrd\KHAL2\KHALITCH.dll - ok
14:41:12.0714 0x0818 [ E80BD1AF0EC504090654B747059A42E5, A2243CDA6D90D5C028C51BC76AB9B75AA9B114892C38AA7CBD4C5F5EE11FE673 ] C:\Program Files\Common Files\Logishrd\KHAL2\KHALHPP.dll
14:41:12.0714 0x0818 C:\Program Files\Common Files\Logishrd\KHAL2\KHALHPP.dll - ok
14:41:12.0714 0x0818 [ C47F66C47A1D2F5F6CC95184CF0375BE, CA2E68CBB8C7FCA537E71302DC73162F7AA9188376E01C33B91583A9E6D5BB63 ] C:\Program Files\Common Files\Logishrd\KHAL2\KHALMW.dll
14:41:12.0714 0x0818 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMW.dll - ok
14:41:12.0730 0x0818 [ F207E687EECACE26A80BFA7766C19184, 3D639B2ED863651CD1320C6695D37180B39C9505F74E7EF6A9D625557EF8FC88 ] C:\Program Files\HTC\HTC Sync Manager\CFLite.dll
14:41:12.0730 0x0818 C:\Program Files\HTC\HTC Sync Manager\CFLite.dll - ok
14:41:12.0730 0x0818 [ 29D15E2A9C8D8D72C1689B12599C8F63, 7CD781DE6758072E85F892202A8ECF88496AF90DB4DB6D0A640D85C2793BB70E ] C:\Program Files\Common Files\Logishrd\KHAL2\KHALMOU.dll
14:41:12.0730 0x0818 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMOU.dll - ok
14:41:12.0730 0x0818 [ 9BF26A5838C393B251B635A4ABAB1EEC, 9E898E1D502AACD3C9571FA5C5AFC5F7F416BBEB1C8D51D0F577E3AA7A842AB5 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\CoolType.dll
14:41:12.0730 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\CoolType.dll - ok
14:41:12.0730 0x0818 [ 2027FE3AEAB821A35DF6A6394E7BC07B, 62C889B04398022BC895018FA2DD0DE15E9EE4DFC6155F6EFF8C128C5DF80199 ] C:\Program Files\Common Files\Logishrd\KHAL2\KHALHID.dll
14:41:12.0730 0x0818 C:\Program Files\Common Files\Logishrd\KHAL2\KHALHID.dll - ok
14:41:12.0730 0x0818 [ 97CF0BC350D365D9C098F86D712BD297, F8D413D5A0A68F7C33D1685857D960BAEED55A0C51168A9BC8C6324EC5053448 ] C:\Program Files\Common Files\Logishrd\KHAL2\KHALUSB.dll
14:41:12.0730 0x0818 C:\Program Files\Common Files\Logishrd\KHAL2\KHALUSB.dll - ok
14:41:12.0730 0x0818 [ 1D78B451BA75B500DF75CDCA18BA1431, 6C41590829099014C8987687943333C097CC8B1A86508C01B45F1282290249AB ] C:\Program Files\HTC\HTC Sync Manager\icuuc.dll
14:41:12.0730 0x0818 C:\Program Files\HTC\HTC Sync Manager\icuuc.dll - ok
14:41:12.0730 0x0818 [ FBDB9D0935B9907B809B381FDDF1627F, 3DD8FE2C7EA108C22979968F5694BD56C35BEA0B63A55965BB16AE3E5C5348EB ] C:\WINDOWS\system32\regsvr32.exe
14:41:12.0730 0x0818 C:\WINDOWS\system32\regsvr32.exe - ok
14:41:12.0730 0x0818 [ 4AAF447C168F8545652DFCBE57B30DEF, 6D74D0EF95217701A0D5CB738E677B093AE6981D8DBEC5AB9C253F608A9B4115 ] C:\Program Files\Logitech\SetPoint\SetPointCOMWMP9.dll
14:41:12.0730 0x0818 C:\Program Files\Logitech\SetPoint\SetPointCOMWMP9.dll - ok
14:41:12.0745 0x0818 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{85C5D310-8397-4204-9660-F1717F13D0E0}.tmp
14:41:12.0745 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{85C5D310-8397-4204-9660-F1717F13D0E0}.tmp - ok
14:41:12.0745 0x0818 [ BDE6F805A6BC016FFA0FD388270D848C, 2D4C81C13B9816F51879903D9D8D59BBA4089CDB148C6690FE8C6CA63A56936D ] C:\Program Files\Logitech\SetPoint\SetPointCOMMM9.dll
14:41:12.0745 0x0818 C:\Program Files\Logitech\SetPoint\SetPointCOMMM9.dll - ok
14:41:12.0745 0x0818 [ 329701BA5C5FE54619F38CB88D92702E, 98B47D61E762946DAAA8B6E6C01C2EB27C0CDD77E3CCB6624798F53CE9AAD1B8 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\BIB.dll
14:41:12.0745 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\BIB.dll - ok
14:41:12.0745 0x0818 [ 980918B5A4E21CD3D9313A9FE8DCC697, EDBE95319F6D8800299473FCAD842D2C5C50CA5EF627025AD55027EA170EB53C ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\ace.dll
14:41:12.0745 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\ace.dll - ok
14:41:12.0745 0x0818 [ 8FE1F0DECABAEC25CA50DF2A0901A761, DC1DCDB77A0BCCCBD93D4D19FDFE2BA9E6800071A2D48813C273662649E9CE7C ] C:\Program Files\Logitech\SetPoint\LCabHandler.dll
14:41:12.0745 0x0818 C:\Program Files\Logitech\SetPoint\LCabHandler.dll - ok
14:41:12.0745 0x0818 [ D9452899C62B80F1B00ACC5DAA41EF67, DFF79F8AC856E66CC440C9EB0BB702DF9D35672E622B31648B6C0C4446C4CD82 ] C:\Program Files\HTC\HTC Sync Manager\icudt48.dll
14:41:12.0745 0x0818 C:\Program Files\HTC\HTC Sync Manager\icudt48.dll - ok
14:41:12.0745 0x0818 [ 87DBC13CFC34E41662E15EFE46BA6073, 2B9539A338FBA33023CBB2651C09945E2116F35EE69D792F0A30401067C1F8BA ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Adobelm.dll
14:41:12.0745 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Adobelm.dll - ok
14:41:12.0745 0x0818 [ C00149A7027081539A66DC5A46695EAD, 51F01CD6B37BA52B3D4DC9CAE3A9FBDDB2FA6FB6A9E779C9157BB056CEC3BEC9 ] C:\Program Files\iPod\bin\iPodService.exe
14:41:12.0745 0x0818 C:\Program Files\iPod\bin\iPodService.exe - ok
14:41:12.0761 0x0818 [ BD2B4C1303EE66A664C24ABE390BA80B, C85F05BF8F220D3F6978F645475BDBDFB69FD50974480CA9356F3A68EB12C238 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
14:41:12.0761 0x0818 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
14:41:12.0761 0x0818 [ 5E2699DCF0BDBB083049A730D3FE2497, 2E481B0EC7D64F2D099999C51ACD81EE6CEAFFBE336E6D29913E5319DB561ACD ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
14:41:12.0761 0x0818 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
14:41:12.0761 0x0818 [ 6F2E09108202E5EB008C69488FAFD27C, DE7DB4CD60AD3604F17825CF72059A18A0AF87E649AB61E4A70E66100340CA56 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\FNP_Act_Installer.dll
14:41:12.0761 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\FNP_Act_Installer.dll - ok
14:41:12.0761 0x0818 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{9E754879-2889-4DEC-B08B-A14489AE1FA0}.tmp
14:41:12.0761 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{9E754879-2889-4DEC-B08B-A14489AE1FA0}.tmp - ok
14:41:12.0761 0x0818 [ 4B88BD98983A2CD9BE90F368B4F59F0A, B1BDD73FFB46B905F12923A4110FDA77F1474FE0171204F91DF59C939338DF40 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\asneu.dll
14:41:12.0761 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\asneu.dll - ok
14:41:12.0761 0x0818 [ 3FB0F47B4C0C048EE97B0E2B4FF9C67D, 48B4A39A98231337050EBEB7B7A49574B467C831253DCE5548BA21BC7CE17D79 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_personalization.dll
14:41:12.0761 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_personalization.dll - ok
14:41:12.0761 0x0818 [ DE519C164F3300D83F4EFB4A23DAD2AC, 60C454E109E4FBCBA1E349E993732221F564B0A7CCD0201278156DAEF6FF4BFF ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_epic.dll
14:41:12.0761 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_epic.dll - ok
14:41:12.0761 0x0818 [ 4481D139C4E4F34CDC95C005B36311F6, 2B390BE222AC429671883B60A50AB4C2E6BBB8F70FDE885D66679656ED78D407 ] C:\Program Files\HTC\HTC Sync Manager\icui18n.dll
14:41:12.0761 0x0818 C:\Program Files\HTC\HTC Sync Manager\icui18n.dll - ok
14:41:12.0777 0x0818 [ 4970CDA5FC955A8A0B6EAEE92BBD22AB, B80CA40D2C92A8A721D01F4581C54BA796342A5F5844627B106FFB298AC46496 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_pcd.dll
14:41:12.0777 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_pcd.dll - ok
14:41:12.0777 0x0818 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{FC90CC29-E75A-467C-BD9B-731623CD2ACF}.tmp
14:41:12.0777 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{FC90CC29-E75A-467C-BD9B-731623CD2ACF}.tmp - ok
14:41:12.0777 0x0818 [ 47C48A83AFFE682EFA8386CEA08414AD, B0B5F25219905B95B7BB93EE6EE1C415C7EA7E65781001AF2B856535D05D9CB7 ] C:\Program Files\HTC\HTC Sync Manager\pthreadVC2.dll
14:41:12.0777 0x0818 C:\Program Files\HTC\HTC Sync Manager\pthreadVC2.dll - ok
14:41:12.0777 0x0818 [ 1C65E795F0A75021433676A4FE1B25D8, F58FD6ED6FF576353B3665CCC30AC02F6EC4557306B29DD57BD3053FAC5C9D35 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcrobatFNP.dll
14:41:12.0777 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcrobatFNP.dll - ok
14:41:12.0777 0x0818 [ 22EE270114686991859E39595743A8FE, 4AD9F2DBFCB75779A5D81D9E2CC9354BA2FFFF21DDF87EF51593D4BBDCA9FB4F ] C:\Program Files\HTC\HTC Sync Manager\libcurl.dll
14:41:12.0777 0x0818 C:\Program Files\HTC\HTC Sync Manager\libcurl.dll - ok
14:41:12.0777 0x0818 [ A7A9CE6DEFB807208025A49BA544C64E, B46EB91AEC5BB4E1EFA83A41DD3B637A0F548610AB85260C14A2231BD1D03186 ] C:\Program Files\HTC\HTC Sync Manager\ssleay32.dll
14:41:12.0777 0x0818 C:\Program Files\HTC\HTC Sync Manager\ssleay32.dll - ok
14:41:12.0777 0x0818 [ CFD18F5C14BA286F3C36C9430DA3E669, 0F651AA625E5C2060B8BDA2D5DA756F02E879BE8DADE4B3BC61FAFF1E40C93A1 ] C:\Program Files\HTC\HTC Sync Manager\libeay32.dll
14:41:12.0777 0x0818 C:\Program Files\HTC\HTC Sync Manager\libeay32.dll - ok
14:41:12.0777 0x0818 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{A60BCE2E-CA13-4F71-B5F5-78585919FFB6}.tmp
14:41:12.0777 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{A60BCE2E-CA13-4F71-B5F5-78585919FFB6}.tmp - ok
14:41:12.0792 0x0818 [ 4E34CCA474609C6D0770807DB5F7FF32, BAB1BE1DCC57F63A7FB392C880411B4572751DBA2C323DB45EB44E925468BADB ] C:\Program Files\HTC\HTC Sync Manager\libxml2.dll
14:41:12.0792 0x0818 C:\Program Files\HTC\HTC Sync Manager\libxml2.dll - ok
14:41:12.0792 0x0818 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{E788A574-3DD8-4739-83FC-BCF6D4B99149}.tmp
14:41:12.0792 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{E788A574-3DD8-4739-83FC-BCF6D4B99149}.tmp - ok
14:41:12.0792 0x0818 [ 1D845821F5ADB076831DE4C2818F858B, 5F1F18042E6B16BC149F2B0F22ECE3D3668E846C843F016D33C9E6C60E2D64C6 ] C:\WINDOWS\system32\usp10.dll
14:41:12.0792 0x0818 C:\WINDOWS\system32\usp10.dll - ok
14:41:12.0792 0x0818 [ 03796DE0C9EA1BC9656E65DDB51B55C3, 4D651916790829422E9402EBB99DD9586155EEBDA8ABD08A06CFAC37FABC1364 ] C:\Program Files\HTC\HTC Sync Manager\MediaClientFrame.dll
14:41:12.0792 0x0818 C:\Program Files\HTC\HTC Sync Manager\MediaClientFrame.dll - ok
14:41:12.0792 0x0818 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{5C9D6D7B-0061-469D-8E6F-5D41CFE94E11}.tmp
14:41:12.0792 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{5C9D6D7B-0061-469D-8E6F-5D41CFE94E11}.tmp - ok
14:41:12.0792 0x0818 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{94972F70-9D7A-4ECB-8DB5-7AF4A0216A76}.tmp
14:41:12.0792 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{94972F70-9D7A-4ECB-8DB5-7AF4A0216A76}.tmp - ok
14:41:12.0792 0x0818 [ FF16CBB16A6DC268B43F25E3668DA0D9, 296BAC48A2994AC3D2B2A6EA18A573FB55882C83B4802DCC9DCAF8E0FEF6621D ] C:\Program Files\HTC\HTC Sync Manager\ProfileMgt.dll
14:41:12.0792 0x0818 C:\Program Files\HTC\HTC Sync Manager\ProfileMgt.dll - ok
14:41:12.0792 0x0818 [ 5DC03740EC4DEE3640C383361ECC30F6, 8CFED41F8B292A7EAC51201EEC1059AA3EB06ED9D3F29D20D93FC4EAA331E2FB ] C:\Program Files\HTC\HTC Sync Manager\DesktopClient\DesktopClientLiteDll.dll
14:41:12.0792 0x0818 C:\Program Files\HTC\HTC Sync Manager\DesktopClient\DesktopClientLiteDll.dll - ok
14:41:12.0808 0x0818 [ 2C28213F2FF9666C743875A93D3D879C, 8E8FB4AF89AE101E8C7820B6EDF7C0B401D2C9647E338E116B5043FB13678C09 ] C:\Program Files\HTC\HTC Sync Manager\DesktopClient\LtXmlLib9U_vc80.dll
14:41:12.0808 0x0818 C:\Program Files\HTC\HTC Sync Manager\DesktopClient\LtXmlLib9U_vc80.dll - ok
14:41:12.0808 0x0818 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{2410F258-6DA3-4F57-9731-BBCC1BAEBEEB}.tmp
14:41:12.0808 0x0818 C:\DOCUME~1\BANDER~1\LOCALS~1\temp\{5076A6A3-B167-46C1-8A4F-6BC7102AB7BF}\{2410F258-6DA3-4F57-9731-BBCC1BAEBEEB}.tmp - ok
14:41:12.0808 0x0818 [ F598BEBBA06C6911EB797CAD4320705F, 4258D9F2721A1208FE9248E1C5D03B37A919051EAC27297D3923BBB72D2390C4 ] C:\Program Files\HTC\HTC Sync Manager\DesktopClient\DesktopClientCppLib_vc80.dll
14:41:12.0808 0x0818 C:\Program Files\HTC\HTC Sync Manager\DesktopClient\DesktopClientCppLib_vc80.dll - ok
14:41:12.0808 0x0818 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:41:12.0808 0x0818 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - ok
14:41:12.0808 0x0818 [ 761DA04492C935EE31FB848B7505FA6C, 229E753FE22C4BC7CBFC01E1ADEEE8B9C33FAFEACA36B56CF78CF731E96441A5 ] C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe
14:41:12.0808 0x0818 C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe - ok
14:41:12.0808 0x0818 [ EA7D1523A20F774FCFB32F92953651C6, BF5EE7EA542A8D9CF1EEE701575370B88D28AB1AE27153F0FACF6064B0A3EA99 ] C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe
14:41:12.0808 0x0818 C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe - ok
14:41:12.0808 0x0818 [ 3C98C49C98F861E6867DE489D08D05FF, 4A783BEE4DB77ADD64726B294849BA76E6EF64A2C217DA6BA085CA445A4C36A5 ] C:\Program Files\HTC\HTC Sync Manager\gnsdk_dsp.dll
14:41:12.0808 0x0818 C:\Program Files\HTC\HTC Sync Manager\gnsdk_dsp.dll - ok
14:41:12.0808 0x0818 [ 7CF6A3C83FAC5882126013A4D23B97F0, 3477AF290663316F981F16502EF4DB0970DEB81357E1B5E0474283E3E23FDBD5 ] C:\Program Files\HTC\HTC Sync Manager\gnsdk_manager.dll
14:41:12.0808 0x0818 C:\Program Files\HTC\HTC Sync Manager\gnsdk_manager.dll - ok
14:41:12.0823 0x0818 [ 574B3D9397C42164E8AE5CDE1E75EEB0, 6FD2B660208D73822B863CC37214DF7EB965E3532E24CCAA315DF015A525D25B ] C:\Program Files\HTC\HTC Sync Manager\gnsdk_link.dll
14:41:12.0823 0x0818 C:\Program Files\HTC\HTC Sync Manager\gnsdk_link.dll - ok
14:41:12.0823 0x0818 [ F2CFC3C0166C820FA1F1F708D58BAC92, 8BD563D690315578594F6344DE2A3FBF654253A255DFD08392ADD5B0AAE4C8C4 ] C:\Program Files\HTC\HTC Sync Manager\gnsdk_musicid.dll
14:41:12.0823 0x0818 C:\Program Files\HTC\HTC Sync Manager\gnsdk_musicid.dll - ok
14:41:12.0823 0x0818 [ 1B64C9D8712041085CBEC3D0F9516264, 7CB693737960BB21AD731275C1BCB1ADB916056D1127A3AA6F925F42BE532249 ] C:\Program Files\HTC\HTC Sync Manager\gnsdk_musicid_file.dll
14:41:12.0823 0x0818 C:\Program Files\HTC\HTC Sync Manager\gnsdk_musicid_file.dll - ok
14:41:12.0823 0x0818 [ C525E2F66A94A8E4C4A7EE2AE20DF7E3, 594B5A5D6D8AC2E71C2C9FDE7EB104994EA3E56BFCFC6F754E48530D0163F85F ] C:\Program Files\HTC\HTC Sync Manager\iBackupMgt.dll
14:41:12.0823 0x0818 C:\Program Files\HTC\HTC Sync Manager\iBackupMgt.dll - ok
14:41:12.0823 0x0818 [ 1D856E6E7490447FCFAA46E09A2BF9C9, 0C6FCA8370D4996FC9592962750041529C0D8D6BD6DB19EA76604820AA8F6EEB ] C:\Program Files\QuickTime\QTSystem\QuickTime.qts
14:41:12.0823 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTime.qts - ok
14:41:12.0823 0x0818 [ 2CA81BEE71573E5534BA8BE515BAD404, 8310467B9BC5DA413080FC6B08B0BBD516510CF49C7730EBE9AFB239452336ED ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroTray.DEU
14:41:12.0823 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroTray.DEU - ok
14:41:12.0823 0x0818 [ FD0AD7ECC485D10F66824A92F16D46C0, 1406DAFDB3E70E34A484818905E3EB44D24063C04F018F57A01A9ED77836AB71 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroTray.FRA
14:41:12.0823 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroTray.FRA - ok
14:41:12.0823 0x0818 [ CCC4FF2FC32FDAAB2B9A78420B043E4A, 0E090A5AE3EFD708038A71339E6D3C9F051147835C88EEB725DE39BF74EBB68C ] C:\Program Files\Adobe\Acrobat 8.0\Esl\Aiod.dll
14:41:12.0823 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Esl\Aiod.dll - ok
14:41:12.0839 0x0818 [ 0B4D87D46E4E1AC66CD6ACBC3A64B56D, 95D5E01F33BCE980883B16DDFB0073B7F17392A29B6C8A278ED4F66F137CE04F ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrodist.exe
14:41:12.0839 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrodist.exe - ok
14:41:12.0839 0x0818 [ 21FB57E3C17827BDC7273D28CD6DB44B, 5CB0E6A4DD57503C41E3203827CB475343C74945D6B3A12176F6E4F068FC3425 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrodistdll.dll
14:41:12.0839 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrodistdll.dll - ok
14:41:12.0839 0x0818 [ 5095222B96196CCDB5993A831178F3EB, 6526DB1536240927ADFF27E6814588B1F7977BF9778FAD89050040B57A2C01C1 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeXMP.dll
14:41:12.0839 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeXMP.dll - ok
14:41:12.0839 0x0818 [ 219922BB9410531D4C4B9EA79975E875, 49EF8B57FE2ACFAF5773F9829F846791FA1AD632CD47FB20A7DBB4D3D129220A ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\ahclient.dll
14:41:12.0839 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\ahclient.dll - ok
14:41:12.0839 0x0818 [ 920104DBE9973EF91665A33200CBFF76, 5B830BE55EA9B5C8C28E0581C6D76C8626E5FBFB6D5D47A27F79B8B8C67B1466 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobePDFL.dll
14:41:12.0839 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobePDFL.dll - ok
14:41:12.0839 0x0818 [ 64082F2382062CF8656E683107F1C1BF, E65B5A89773031E2989E830462551F86AEC6C3A1217A3E6E9659066980678507 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\JP2KLib.dll
14:41:12.0839 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\JP2KLib.dll - ok
14:41:12.0839 0x0818 [ AFDAE59FE562A7CDB44F9D4ABEDAC316, 1EEF26F414A9F51740F6BE370E005A34996DF53F0CE24D436B897D1F525C5691 ] C:\Program Files\QuickTime\QTSystem\QTCF.dll
14:41:12.0839 0x0818 C:\Program Files\QuickTime\QTSystem\QTCF.dll - ok
14:41:12.0855 0x0818 [ 3E48A87C2E024F05754CBBE47A17295A, F999AEC9332326C3316E0853111C75EC3A1A6B0CD3AF4BFF64598ACD197FF26C ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\ARE.dll
14:41:12.0855 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\ARE.dll - ok
14:41:12.0855 0x0818 [ 2111BDF986BB250582AE194541673F34, DDCC65AF975F07ADD0FE86EA338DD4182D21F6D787534DD7E13A3BD7171903AC ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\BibUtils.dll
14:41:12.0855 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\BibUtils.dll - ok
14:41:12.0855 0x0818 [ 370A20CBF2DC3FB0732DD39A4EBA5C62, 0009062E8A2C0E887F12591773B6F0BF38020ECBC95BA39F11B0A897D675A2D8 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AXE8SharedExpat.dll
14:41:12.0855 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AXE8SharedExpat.dll - ok
14:41:12.0855 0x0818 [ 0E88B20ED80AEADB3A3CA8B259325D8F, BAAFD0846AA1728C04F584D8C198C22578E5251FC9062B229BBFBC90FCFD88A5 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Adist.dll
14:41:12.0855 0x0818 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Adist.dll - ok
14:41:12.0855 0x0818 [ A340CD71EB535A3DD751B5F28723E50C, AC19738C9255B6B48D20DDCF384BDDAEE0B3EF50F2297512E1750901DA9CC72A ] C:\WINDOWS\system32\ddraw.dll
14:41:12.0855 0x0818 C:\WINDOWS\system32\ddraw.dll - ok
14:41:12.0855 0x0818 [ D8B91D94ECB123862B390FDE3250D3BB, DB2959E80684627ADD72CD895F8B4CBA56CFEBF60BFD60719E400181DD2CE979 ] C:\WINDOWS\system32\dciman32.dll
14:41:12.0855 0x0818 C:\WINDOWS\system32\dciman32.dll - ok
14:41:12.0855 0x0818 [ 198EB8C08BC87CD8A0996883A2884742, 809D8B45DB1FA254C31251E0F85372670282E6914D357533619B91207EB1E39F ] C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx
14:41:12.0855 0x0818 C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx - ok
14:41:12.0855 0x0818 [ D8E6FBA30C4EBCD0B454827B833BCA8D, B464ACF74D8860F83D1FEF45B382D39D26E897AB8CAA271149D44BD59C78A1D1 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreVideo.dll
14:41:12.0855 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\CoreVideo.dll - ok
14:41:12.0855 0x0818 [ AE2523EB48B0401262BEC0A59C1C19C2, D9ADF8FB8EE3997B4045E4C44F1003573B2874D14257BD47B4FFAD4B1DC4156D ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreGraphics.dll
14:41:12.0855 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\CoreGraphics.dll - ok
14:41:12.0870 0x0818 [ 5F692164AFA0AE006844B2C1E2B6B1B2, C37AE581B6CB7D1F2A117EB5B9E9E151C75A4CDA9613FBE32A453DA5B38B9720 ] C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx
14:41:12.0870 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx - ok
14:41:12.0870 0x0818 [ 2DDCB8C83CFD9BE00706D91EA0263619, A79F8935F22307FD9101978C4E49BF60E8C62813FFD5AA37D7D7B671AD3C1992 ] C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx
14:41:12.0870 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx - ok
14:41:12.0870 0x0818 [ 5378DF00A458B3E1189B419E4B29990C, 5081BA38D1F3EC85C21DBCBDD80507BB576E2B2BA391022344B873C443B5A32A ] C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx
14:41:12.0870 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx - ok
14:41:12.0870 0x0818 [ BBAEAFBB8AF6DF963CD6E385B8B90E52, 27002E34D0803960D3ADA24F5694819E0A50244F14676A6228E2F9C6E58CE546 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreAudioToolbox.dll
14:41:12.0870 0x0818 C:\Program Files\Common Files\Apple\Apple Application Support\CoreAudioToolbox.dll - ok
14:41:12.0870 0x0818 [ 366C3385032A92E2B1F38FD083074C45, 2C252FB626A9FB386D0F05736E77BC232639D3E89121427D84D9738A40B81A40 ] C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx
14:41:12.0870 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx - ok
14:41:12.0870 0x0818 [ 6BC0F686121454054122E1BAA865EFD2, E47EFF3686EA4077FE73439D0AB29C2AA91A1CC1FE9CC04E47AA096312757D00 ] C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx
14:41:12.0870 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx - ok
14:41:12.0870 0x0818 [ 08BDEDF5B34203C49BC455EF8E763B9E, 1794DA9FE90D15664AD9EC202D08437CC2174355ADEEC369A2A3FD39E5155131 ] C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx
14:41:12.0870 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx - ok
14:41:12.0870 0x0818 [ 9028ACDA592CF58ABE350E55FD2E6E5C, 7BDC78A12320EA6040CAC8E67BD85289BFB9AE750270C46D7F729EB76B7DF80D ] C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx
14:41:12.0870 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx - ok
14:41:12.0886 0x0818 [ BE1C5DA550ED842EB3394DCED9A19A6B, D12D831ABD182507E3BFFA4BDBBB39E798373FB0C7CA5DD0F833973B972D3112 ] C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx
14:41:12.0886 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx - ok
14:41:12.0886 0x0818 [ 299077E590EEA79E2A241AC3C0942AEB, 0C915CBE4CDDADFDE4DF921E2086D7E5AF58ADEB70E3DCD51A745FA307F1A6D6 ] C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx
14:41:12.0886 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx - ok
14:41:12.0886 0x0818 [ CFDFEA66F36C30B404AB83AEC3015150, 22F6AF7B6887E4F1ACE7FF9C9C2D27CD6E260CF33225AF95C5741D97F4624D38 ] C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx
14:41:12.0886 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx - ok
14:41:12.0886 0x0818 [ 4089C7D54BC87A1CF9661634E985F9A0, C1BC1A5912C02A65FE3DEB4DC086EE141B67427B49F13646B57BFF88007FB979 ] C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx
14:41:12.0886 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx - ok
14:41:12.0886 0x0818 [ C460D8CC023A69CDE786F5FCC2089BEA, DCD373D7B73605139AE7B829A5ED010609FA0B07A5DE17AB434FFE923A29DA72 ] C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx
14:41:12.0886 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx - ok
14:41:12.0886 0x0818 [ 3485C7385CFFE5E01EA0B420CAEF2B52, AD441BC43994D414A8F76C383A3E439D0AAFDB00ABEC171E03728CDFAE02254F ] C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx
14:41:12.0886 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx - ok
14:41:12.0886 0x0818 [ C87B8C125DFB912B2BA9FDA11C938BC6, 09CC61D61DB565282EEB4280C93317FD3099FB976C0F678CEB94D02571D38291 ] C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx
14:41:12.0886 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx - ok
14:41:12.0886 0x0818 [ 4257A39B9B08190B9D2DCD15706403F9, 26FCD932D90D94FEFF7F5AC68370F27847F4E1240BDD83EC693CAE0745A934C4 ] C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx
14:41:12.0886 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx - ok
14:41:12.0902 0x0818 [ 5DBF2EACA2EFFF9047F1181BD22EC587, 62B85D02720D885CEDFE2203163C70361A70554C6C6640115AA89566AFA1075F ] C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx
14:41:12.0902 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx - ok
14:41:12.0902 0x0818 [ 50B852E53133E6582BE4D8C897197455, 85A2381F9626A1A367593E210E97D277E74073305FB1F3E7D78BBB8743A2AACC ] C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx
14:41:12.0902 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx - ok
14:41:12.0902 0x0818 [ 111821AD332C87C54192BBC05618A831, CA6D82B43978F6B6DC32FF41168DFEF234E4CF3E37BA4E97C9FBEEE4F2CF0B86 ] C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx
14:41:12.0902 0x0818 C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx - ok
14:41:12.0902 0x0818 [ AE1C3822F7234B146726E285FE54B4AA, E8639AB4C5CBDBA11C1E27D34076D31C5F95983606CDFD322BB7BF179E4303DA ] C:\Program Files\HTC\HTC Sync Manager\DeviceMgt.dll
14:41:12.0902 0x0818 C:\Program Files\HTC\HTC Sync Manager\DeviceMgt.dll - ok
14:41:12.0902 0x0818 [ F166C696409D3CEC23E031D0A724B23A, BE97784AA4AC9C7F31178F5E75A7A2112049A98C43EC18798A2596A46F134827 ] C:\Program Files\HTC\HTC Sync Manager\WPDEnc.dll
14:41:12.0902 0x0818 C:\Program Files\HTC\HTC Sync Manager\WPDEnc.dll - ok
14:41:12.0902 0x0818 [ 197926A61B897E4F14A5173C06E767DC, 527674395147877E630C61FA94BF27CAB0BD14BBF9138E520E5472E175747058 ] C:\Program Files\HTC\HTC Sync Manager\WifiDeviceMgt.dll
14:41:12.0902 0x0818 C:\Program Files\HTC\HTC Sync Manager\WifiDeviceMgt.dll - ok
14:41:12.0902 0x0818 [ 39A5B626DB1A592D0AE5B58CDEEDB7C5, 1745AF254F403BCE41E494EDF8769FE570881EA66688DEF928D63FF5230EEB42 ] C:\Program Files\HTC\HTC Sync Manager\HTC Sync\DeviceDetect.dll
14:41:12.0902 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTC Sync\DeviceDetect.dll - ok
14:41:12.0902 0x0818 [ F5E58BEB16304B96BCD756C475FF6CA4, 250C9CF4572A9A38138D33427F9999738C338EAF10D4FC51BB5A12434FFF022D ] C:\WINDOWS\system32\xenroll.dll
14:41:12.0902 0x0818 C:\WINDOWS\system32\xenroll.dll - ok
14:41:12.0917 0x0818 [ CA6ADE4F7761BB15B3325356DC3B82BB, 0EA4CD410DA764916EA201C0C1E16752E0D3DC9D8571510782AF4AAE62509AF7 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
14:41:12.0917 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll - ok
14:41:12.0917 0x0818 [ 10D15C4C00C831969A82199402C498AC, FD67A09A9FC6DF43DE3EEE7EF2FE71BBE6B825F651B4D5B411330316C2F124A5 ] C:\Program Files\HTC\HTC Sync Manager\HTC Sync\OutputLog.dll
14:41:12.0917 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTC Sync\OutputLog.dll - ok
14:41:12.0917 0x0818 [ FBFCA1A574D47EE575448B719CBBF2E4, B7CAB2D0D95679B05EFC8E1303BAA65C9B3B80527C3FD3AECDC0D2E59919D36E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
14:41:12.0917 0x0818 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll - ok
14:41:12.0917 0x0818 [ 5351C1A1D1AAF0816642201011227B22, AF99960701014CDF8CFA374C2A16F5B1CCEF8F13DAC3DB441187511DB3D65C6C ] C:\Program Files\HTC\HTC Sync Manager\HTC Sync\DeviceController.dll
14:41:12.0917 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTC Sync\DeviceController.dll - ok
14:41:12.0917 0x0818 [ F1260D3F561F534F116848C01F438246, 0C3C67A10956148DB1F4FC13A0B0A242CC670C83331157BAA0CF9BBD03E2C7BB ] C:\Program Files\HTC\HTC Sync Manager\HTC Sync\FDSyncEngine.dll
14:41:12.0917 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTC Sync\FDSyncEngine.dll - ok
14:41:12.0917 0x0818 [ F21C08843CD8E508893328A19D37A34E, 97AEA4696B6C7B9D85BE1A1731C1B28A54682092A41B9AB9BFF21027FE2A5FB1 ] C:\Program Files\HTC\HTC Sync Manager\HTC Sync\SyncSource.dll
14:41:12.0917 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTC Sync\SyncSource.dll - ok
14:41:12.0917 0x0818 [ 48C188AE98A8CBC20F139C12A78FF7B7, 5A5A5AF98DCA07D76E42D2CD4A6BF0DAC422E3977854287BC021E84DBB64EDA6 ] C:\Program Files\HTC\HTC Sync Manager\HTC Sync\PIMAccess.dll
14:41:12.0917 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTC Sync\PIMAccess.dll - ok
14:41:12.0917 0x0818 [ 73C84A79C90FB06FE2EFBDC5DE6F4484, AE52645E1EB3FD683CD987613958453DFEA0AC183CCB2B81D2C2C8C8B87CA239 ] C:\Program Files\HTC\HTC Sync Manager\HTC Sync\Utility.dll
14:41:12.0917 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTC Sync\Utility.dll - ok
14:41:12.0933 0x0818 [ FBF30179EDF2078A6B9F153906C13D2B, AB080AC36A8E7D6A8FEA7AB7BA1251708F3AEF6E331AC856937C6E4C3E40F215 ] C:\Program Files\HTC\HTC Sync Manager\HTC Sync\sqlite3.7.13.dll
14:41:12.0933 0x0818 C:\Program Files\HTC\HTC Sync Manager\HTC Sync\sqlite3.7.13.dll - ok
14:41:12.0933 0x0818 [ DFFEC6479C5E00A103A44AC33A1058AA, 518C660B2F7FE29E21241780BA9C5DF2615A8F84B04D5FE500CD6BE6C1DE99A6 ] C:\WINDOWS\system32\WMVCore.dll
14:41:12.0933 0x0818 C:\WINDOWS\system32\WMVCore.dll - ok
14:41:12.0933 0x0818 [ 7365B5CA9747C84178D42CCA72486277, C056EA9FCDA15964409DAAEB7B6FB2C21A306AA2744B1F1A19E6277A4351BD97 ] C:\WINDOWS\system32\wmasf.dll
14:41:12.0933 0x0818 C:\WINDOWS\system32\wmasf.dll - ok
14:41:12.0933 0x0818 [ B7CFC23507402BA373EE4FC607882242, 132A6D08ED541BE585078674553E5A04B3D41935D4E57D7E93BCFED9AA625DCB ] C:\Program Files\HTC\HTC Sync Manager\MediaMgt.dll
14:41:12.0933 0x0818 C:\Program Files\HTC\HTC Sync Manager\MediaMgt.dll - ok
14:41:12.0933 0x0818 [ EE736E1626AA593025CDABB3C4F426A8, 4900FBA9FD30A8525B20F1C00F19264AFA70D0314ACD441C5AD58D5BC32B2CA3 ] C:\Program Files\HTC\HTC Sync Manager\ThumbMgt.dll
14:41:12.0933 0x0818 C:\Program Files\HTC\HTC Sync Manager\ThumbMgt.dll - ok
14:41:12.0933 0x0818 [ 5441E317AAAF2913C8E9449D5CCD081D, C7814335ADB3B24CB00C3ECCBF3192EBF5471683E9CAD6BF362610FA40AC8C91 ] C:\Program Files\HTC\HTC Sync Manager\MetaDataMgt.dll
14:41:12.0933 0x0818 C:\Program Files\HTC\HTC Sync Manager\MetaDataMgt.dll - ok
14:41:12.0933 0x0818 [ 8F85A212327A6A7D48E3C1E07EF0119C, 98784F346ADDA97E12A26C627E1CDB335DEFBA706DA130FA8A9680C9958A6B4B ] C:\Program Files\HTC\HTC Sync Manager\smc\AReadyLB_Nero.dll
14:41:12.0933 0x0818 C:\Program Files\HTC\HTC Sync Manager\smc\AReadyLB_Nero.dll - ok
14:41:12.0933 0x0818 [ C011E725CD1EDD6FF93D3B16646429A4, 4F5E80750BA9F1186DBD40D5849F36904B0E022F0DD6BC11065123D99A7DB24B ] C:\Program Files\HTC\HTC Sync Manager\FilePlugin_Cnt.dll
14:41:12.0933 0x0818 C:\Program Files\HTC\HTC Sync Manager\FilePlugin_Cnt.dll - ok
14:41:12.0948 0x0818 [ 0631E614CEE9C7E0F63F253902E08003, C7451B310D6C8A5B4FFBCAAE3B86DCB48F3CEF6BE5DAA34F7AB3DCC723FBAA98 ] C:\Program Files\HTC\HTC Sync Manager\FilePlugin_Win.dll
14:41:12.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\FilePlugin_Win.dll - ok
14:41:12.0948 0x0818 [ 19A9F01BB85C9FAAD07D8287FBF5E8B3, 381416CA45122CF563EE7F5493B081191BD4D7F1B041DE6545A1F37AF829FF69 ] C:\Program Files\HTC\HTC Sync Manager\PhotoEditor.dll
14:41:12.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\PhotoEditor.dll - ok
14:41:12.0948 0x0818 [ 29715A4D9CBAEECBACF01FD6A3CC0EA0, 83CACB676E5F4CD0A237DAC0C339A9D3BA49733FE76EB706A348D137ED09D71D ] C:\Program Files\HTC\HTC Sync Manager\smc\NeMetadata.dll
14:41:12.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\smc\NeMetadata.dll - ok
14:41:12.0948 0x0818 [ 71BB014429AF4ADB17CF7C0EF130AFF5, B917663F2015AF268197A324B2575E8C928DF0BD9E7EFCFEDFF0018C3E3EBBFE ] C:\Program Files\HTC\HTC Sync Manager\FilePlugin_WPD.dll
14:41:12.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\FilePlugin_WPD.dll - ok
14:41:12.0948 0x0818 [ D4E18C4CD41EA40C2075CF23EEBB117C, 5AD3C8EA5F10D3151A412F908E1992EF607114CC639F4C2C5ED530E72E23020D ] C:\Program Files\HTC\HTC Sync Manager\GroupMgt.dll
14:41:12.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\GroupMgt.dll - ok
14:41:12.0948 0x0818 [ 86662A5286516C1DC1F0094FC2042318, 9B3A1EDA4BF2786914E4D1E520018C5189C6CEF447ABFE167386407E8F775041 ] C:\Program Files\HTC\HTC Sync Manager\ThreadMgt.dll
14:41:12.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\ThreadMgt.dll - ok
14:41:12.0948 0x0818 [ 62130EE93801AEB3E0D43B487AF1871D, 35885926A5F1335820564740E227FF2485A9998A077C7F64351E776FA82D58A3 ] C:\Program Files\HTC\HTC Sync Manager\mmsync.dll
14:41:12.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\mmsync.dll - ok
14:41:12.0948 0x0818 [ 31E2BADD6D9870E262050D9B2F485975, 2F6CDCCD8C0546E9D9337B73FA2D84A48C6488BADFAE4DC417B6A58CDAADEC0E ] C:\Program Files\HTC\HTC Sync Manager\dautil.dll
14:41:12.0948 0x0818 C:\Program Files\HTC\HTC Sync Manager\dautil.dll - ok
14:41:12.0964 0x0818 [ B2372ED287BA9AC79DDC50F53A8F80E1, 1159700E0B72D7CF175ECFF3D83BCE24EFC1B651B6241CA16038479EAD48B1D8 ] C:\Program Files\HTC\HTC Sync Manager\DBAdapter.dll
14:41:12.0964 0x0818 C:\Program Files\HTC\HTC Sync Manager\DBAdapter.dll - ok
14:41:12.0964 0x0818 [ A178B64FF485DB1957236052D54A4A1A, DEFC81DFF4E0C7FDEF32A70497CE660FF2B5BC3D57610D35312E95A4D7EC6263 ] C:\Program Files\HTC\HTC Sync Manager\TransferTranscoding.dll
14:41:12.0964 0x0818 C:\Program Files\HTC\HTC Sync Manager\TransferTranscoding.dll - ok
14:41:12.0964 0x0818 [ AF44242801F611255BE48BDA3D162961, FA5DB2E797903F05C9E1EFC76E862C5F00E24620779FBAA197598E997BAA9FC2 ] C:\Program Files\HTC\HTC Sync Manager\NScCoreComponents\NMDataServices.dll
14:41:12.0964 0x0818 C:\Program Files\HTC\HTC Sync Manager\NScCoreComponents\NMDataServices.dll - ok
14:41:12.0964 0x0818 [ A69AB74E5A9D9EEB929C67BEA504D1E5, 6FF20B178D18BE78F29EF7D755A18F884F451424764CDAC1BD159F0A30F0C755 ] C:\Program Files\HTC\HTC Sync Manager\SlideshowSession.dll
14:41:12.0964 0x0818 C:\Program Files\HTC\HTC Sync Manager\SlideshowSession.dll - ok
14:41:12.0964 0x0818 [ 1CC37CA26728A761831E3BA569D3F625, 36FF938586228E9C6A728F8091D47097CCBABCCD9B1D58009796CC404807D0F9 ] C:\Program Files\HTC\HTC Sync Manager\NScCoreComponents\NMCoFoundation.dll
14:41:12.0964 0x0818 C:\Program Files\HTC\HTC Sync Manager\NScCoreComponents\NMCoFoundation.dll - ok
14:41:12.0964 0x0818 [ 3C3611FFDC2EF32B71F01E769066AE80, CD2A28980B6526C9256B96AB7C8DC782E00C6B08117933413B203AAA6F8ED052 ] C:\Program Files\HTC\HTC Sync Manager\ADBDeviceStub.dll
14:41:12.0964 0x0818 C:\Program Files\HTC\HTC Sync Manager\ADBDeviceStub.dll - ok
14:41:12.0964 0x0818 [ 1AE1AACBACA43A631B1EF20972B0DDD8, 412E1CF6C1189AB84CF3774E0217BAB243EE799B875A293E4D368ACF78E9D3FF ] C:\Program Files\HTC\HTC Sync Manager\NScCoreComponents\NMPluginBase.dll
14:41:12.0964 0x0818 C:\Program Files\HTC\HTC Sync Manager\NScCoreComponents\NMPluginBase.dll - ok
14:41:12.0964 0x0818 [ AE5DAB2E8E3659D45F0CDA66F325AFFA, 9D10221A4C3AD1E0CC14ED6DE7963FBFB4D1B3D3B3DBD753E662447B6C942F54 ] C:\Program Files\HTC\HTC Sync Manager\ErrorHandling.dll
14:41:12.0964 0x0818 C:\Program Files\HTC\HTC Sync Manager\ErrorHandling.dll - ok
14:41:12.0980 0x0818 [ E35E140AD01F29B2732620A1C292E198, 41DD170FAE914E454AEB8C830AC8B2C76C92D4F1800CF8116A0DC0D03632371A ] C:\Program Files\HTC\HTC Sync Manager\gnsdk_playlist.dll
14:41:12.0980 0x0818 C:\Program Files\HTC\HTC Sync Manager\gnsdk_playlist.dll - ok
14:41:12.0980 0x0818 [ 5572F9287AC36200AA955A40CF41FBB3, A67DB9BD06EBEDE87BB32D7FA864C0125100A7B92BF263361669057162D6C8E5 ] C:\Program Files\HTC\HTC Sync Manager\gnsdk_sqlite.dll
14:41:12.0980 0x0818 C:\Program Files\HTC\HTC Sync Manager\gnsdk_sqlite.dll - ok
14:41:12.0980 0x0818 [ A52CB14914A85F50E155AD0045D2A109, 8D4D076EE605620570A10C376C27E6F538C6AAE76BA17E42EDA6680CEDBAAF30 ] C:\Program Files\HTC\HTC Sync Manager\gnsdk_submit.dll
14:41:12.0980 0x0818 C:\Program Files\HTC\HTC Sync Manager\gnsdk_submit.dll - ok
14:41:12.0980 0x0818 [ 7F46606621B4E8C66184AA3A9336502B, 247D6F0C186A5A29C8A907A3680B54D52895BF29A08E4E025502A4D9F37271FC ] C:\Program Files\HTC\HTC Sync Manager\gnsdk_video.dll
14:41:12.0980 0x0818 C:\Program Files\HTC\HTC Sync Manager\gnsdk_video.dll - ok
14:41:12.0980 0x0818 [ 5699BCE68F9935AEDA3C4669BF64F1A3, 3911EA987D6CD8778B800023B3987F1B197A527D5C8D5F93941E8BEC4CB236BC ] C:\Program Files\HTC\HTC Sync Manager\ptt\NMThumbnailIconsGen.dll
14:41:12.0980 0x0818 C:\Program Files\HTC\HTC Sync Manager\ptt\NMThumbnailIconsGen.dll - ok
14:41:12.0980 0x0818 [ A378D3EBC5FE49FA3E0A067723270F52, 0FB3DA76A453A72C8F652E3D6143E02E160E6B3DCF02B6F33754BE25561BE886 ] C:\Program Files\HTC\HTC Sync Manager\ItunePlaylist.dll
14:41:12.0980 0x0818 C:\Program Files\HTC\HTC Sync Manager\ItunePlaylist.dll - ok
14:41:12.0980 0x0818 [ EC87BD1DFA38EA8574429BB51483314A, F983A64953DF624D1868FA97D641554320E0A1AEC4AAEE520FB5433D5B28A7FE ] C:\Program Files\HTC\HTC Sync Manager\liveupdate.dll
14:41:12.0980 0x0818 C:\Program Files\HTC\HTC Sync Manager\liveupdate.dll - ok
14:41:12.0980 0x0818 [ 36AB03C565AB79DA28FE120DCEEF90EB, EBF213CE92ED5C8B4727CE1566D8C8F9426056642631ED7F0EFE72443A714DFF ] C:\Program Files\HTC\HTC Sync Manager\NCTransferMgt.dll
14:41:12.0980 0x0818 C:\Program Files\HTC\HTC Sync Manager\NCTransferMgt.dll - ok
14:41:12.0995 0x0818 [ A5C375FC9B46402E9D509A3997DA5EDD, 10F42AB5047D1DC12C5647E1B3C4548343EFC8328371FACFBAA489D00BC30B28 ] C:\Program Files\HTC\HTC Sync Manager\NITuneMonitor.dll
14:41:12.0995 0x0818 C:\Program Files\HTC\HTC Sync Manager\NITuneMonitor.dll - ok
14:41:12.0995 0x0818 [ AA804E502A8411B9699ED2904CF1CEF0, DC07ED99AABD242466DCCFEE1A9C182F09BAEC60064ED05EDB0E15A9701249E3 ] C:\Program Files\HTC\HTC Sync Manager\NLicenseMgt.dll
14:41:12.0995 0x0818 C:\Program Files\HTC\HTC Sync Manager\NLicenseMgt.dll - ok
14:41:12.0995 0x0818 [ 39C385EF2B83D1BF52BADCE1453D7762, C6A5A1B26682F5F967EFA031FA20EFE6277568F5326D41EED42EC12D6563F254 ] C:\Program Files\HTC\HTC Sync Manager\NLiveUpdateService.dll
14:41:12.0995 0x0818 C:\Program Files\HTC\HTC Sync Manager\NLiveUpdateService.dll - ok
14:41:12.0995 0x0818 [ 8DE01380C186AD22DD340E45C4E4F7B1, 9BF8737C5BBAB7B29531C3D57E9AFAFBF657B6B233EA5FE09FFBBC1EB1EF238A ] C:\Program Files\HTC\HTC Sync Manager\NLog.dll
14:41:12.0995 0x0818 C:\Program Files\HTC\HTC Sync Manager\NLog.dll - ok
14:41:12.0995 0x0818 [ 5D1021245F2021B721D6566440D85AC8, 57FE7D6A66D3F08722FCA3624FDCFD62932D00C37CEFCA5BA6125BA24B538E08 ] C:\Program Files\HTC\HTC Sync Manager\NPrerequisitesURL.dll
14:41:12.0995 0x0818 C:\Program Files\HTC\HTC Sync Manager\NPrerequisitesURL.dll - ok
14:41:12.0995 0x0818 [ 696C2C69321F9A52B923EDA0F72EFB6C, 43445BAED7925A85235329083056A4A68852AD76DB19B0AD080876AFA7E320F6 ] C:\Program Files\HTC\HTC Sync Manager\NWMPlaylist.dll
14:41:12.0995 0x0818 C:\Program Files\HTC\HTC Sync Manager\NWMPlaylist.dll - ok
14:41:12.0995 0x0818 [ D8162362A04FB0489B69FD3500EBFD31, 89A0C95B7E6032C46209B161C15605BE819D530E7B9669E88E5315284722ED4B ] C:\Program Files\HTC\HTC Sync Manager\PCTransferMgt.dll
14:41:12.0995 0x0818 C:\Program Files\HTC\HTC Sync Manager\PCTransferMgt.dll - ok
14:41:12.0995 0x0818 [ D02EDD4EC2E85B08B7B9283799FD9D9C, 839B8DAB473C763E68F5CB12259BD9517CF65C246F3A9943192727CAF7EDB0CD ] C:\Program Files\HTC\HTC Sync Manager\TranscoderMgt.dll
14:41:12.0995 0x0818 C:\Program Files\HTC\HTC Sync Manager\TranscoderMgt.dll - ok
14:41:13.0011 0x0818 [ A0FB1A6BC105F7F00285B73D746829E7, 7CDF1D0D02543409F2064F75B7A3329B6A2737A2921A4A3A12D38B7E2FB08095 ] C:\Program Files\HTC\HTC Sync Manager\UsbScsi.dll
14:41:13.0011 0x0818 C:\Program Files\HTC\HTC Sync Manager\UsbScsi.dll - ok
14:41:13.0011 0x0818 [ A0941B81AE43F6DD6EAF2D5308493BFC, A26B8B08A0D2E28FD81D3F1224009BE764F058C6B7876CDBB55AA802C8F264D6 ] C:\Program Files\HTC\HTC Sync Manager\WebAccess.dll
14:41:13.0011 0x0818 C:\Program Files\HTC\HTC Sync Manager\WebAccess.dll - ok
14:41:13.0011 0x0818 [ A981CA9246DE3FD53E8185C0014F8C7D, 9681974DD4E95F67BD0D9591E5084DEAB2BFD5F0910502055E58EB71E831B523 ] C:\Program Files\HTC\HTC Sync Manager\WinMediaLibrariesProxy.dll
14:41:13.0011 0x0818 C:\Program Files\HTC\HTC Sync Manager\WinMediaLibrariesProxy.dll - ok
14:41:13.0011 0x0818 [ B7FED250388D11BDDEEA99A4317F676A, E32686DB69B710F04C788A24F604E1D2F1DA06BFC19C84C67130F4F6318A63C0 ] C:\Program Files\Common Files\Nero\AdvrCntr5\AdvrCntr5.dll
14:41:13.0011 0x0818 C:\Program Files\Common Files\Nero\AdvrCntr5\AdvrCntr5.dll - ok
14:41:13.0011 0x0818 [ 0099D24356585743B0B35C222092FD8F, 9EBC6DF134F0A2984E6385FD9CAD25961D2D789B94A0F8AD9F255947A790655F ] C:\WINDOWS\system32\faultrep.dll
14:41:13.0011 0x0818 C:\WINDOWS\system32\faultrep.dll - ok
14:41:13.0011 0x0818 Waiting for KSN requests completion. In queue: 258
14:41:14.0058 0x0818 AV detected via SS1: Symantec Endpoint Protection, 11.0.6070.422, enabled, updated
14:41:14.0292 0x0818 ============================================================
14:41:14.0292 0x0818 Scan finished
14:41:14.0292 0x0818 ============================================================
14:41:14.0308 0x0f4c Detected object count: 0
14:41:14.0308 0x0f4c Actual detected object count: 0
14:41:45.0899 0x0ec0 Deinitialize success

Farbar Service Scanner Version: 10-11-2013
Ran by banderson (administrator) on 14-11-2013 at 14:44:13
Running from "C:\Documents and Settings\banderson\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.

Firewall Disabled Policy:
==================
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" registry key does not exist.

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist.
Checking ImagePath of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist.
Checking Start type of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist.
Checking ImagePath of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist.
Checking ServiceDll of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist.

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by banderson (administrator) on D94GBLF1 on 14-11-2013 14:44:50
Running from C:\Documents and Settings\banderson\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\ASF Agent\ASFAgent.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchk.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(FUJI PHOTO FILM CO., LTD.) C:\Program Files\FinePixViewer\QuickDCF.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Sonic Solutions) C:\Program Files\Common Files\Sonic Shared\CineTray.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Google Inc.) C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [atchk] - C:\Program Files\Intel\AMT\atchk.exe [408344 2007-06-12] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1036288 2007-08-01] (Analog Devices, Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [623992 2008-10-14] (Adobe Systems Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\WINDOWS\KHALMNPR.Exe [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [REGSHAVE] - C:\Program Files\REGSHAVE\Regshave.exe [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47904 2010-10-08] (Apple Inc.)
HKLM\...\Run: [RoxWatchTray] - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [236016 2009-07-08] (Sonic Solutions)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115560 2011-03-19] (Symantec Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [dnsshield] - C:\Program Files\Social Privacy DNS\dnswatch.exe [147456 2013-10-27] ()
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-08-26] (Google Inc.)
HKCU\...\Run: [Updater] - C:\Documents and Settings\All Users\Application Data\Updater\Updater.exe
HKCU\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\administrator\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\Brock Anderson\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
AppInit_DLLs: [ ] ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk
ShortcutTarget: Exif Launcher.lnk -> C:\Program Files\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sonic CinePlayer Quick Launch.lnk
ShortcutTarget: Sonic CinePlayer Quick Launch.lnk -> C:\Program Files\Common Files\Sonic Shared\CineTray.exe (Sonic Solutions)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {30AADD83-A59A-48CF-8B75-5D8D16F36603} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKCU - {75595C56-CA05-49C7-B12C-9FEED484306C} URL = http://search.yahoo....p={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 10.0.0.5

Chrome:
=======
CHR DefaultSearchURL: (Conduit Search) - http://search.condui...ms}&sspvC_sp_ch
CHR DefaultSuggestURL: (Conduit Search) - http://suggest.searc...x={searchTerms}
CHR Extension: (Google Wallet) - C:\DOCUME~1\BANDER~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\banderson\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 ASFAgent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [133968 2007-01-23] (Intel Corporation)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-06-12] (Intel Corporation)
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2011-03-19] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2011-03-19] (Symantec Corporation)
S2 gupdate1c9904786cffc28; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-16] (Google Inc.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
S3 LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [3093880 2010-02-17] (Symantec Corporation)
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [109336 2007-06-12] (Intel)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [1881368 2011-03-19] (Symantec Corporation)
S4 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [349512 2011-03-19] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1831024 2011-03-19] (Symantec Corporation)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2521880 2007-06-12] (Intel)
S3 IgniteService; "C:\Program Files\Miller Direct Connect\4072598\Program\IgniteService.exe" -Service [x]
R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 COH_Mon; C:\WINDOWS\system32\Drivers\COH_Mon.sys [23888 2011-03-19] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-27] (Symantec Corporation)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R2 iPodDrv; C:\WINDOWS\system32\drivers\iPodDrv.sys [6656 2012-12-20] (Windows ® Codename Longhorn DDK provider)
R2 MASPINT; C:\Windows\System32\Drivers\MASPINT.sys [8096 2000-03-29] (MicroStaff Co.,Ltd.)
R3 NAVENG; C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVENG.SYS [93272 2013-11-14] (Symantec Corporation)
R3 NAVEX15; C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20131114.002\NAVEX15.SYS [1612376 2013-11-14] (Symantec Corporation)
S3 PalmUSBD; C:\Windows\System32\drivers\PalmUSBD.sys [16694 2008-08-11] (PalmSource, Inc.)
R3 SenFiltService; C:\Windows\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [421424 2011-03-19] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [283184 2011-03-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [320944 2011-03-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2011-03-19] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124976 2011-05-11] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26416 2011-03-19] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [188080 2011-03-19] (Symantec Corporation)
S3 catchme; \??\C:\combofix\catchme.sys [x]
S4 IntelIde; No ImagePath
S3 MRVW245; system32\DRIVERS\MRVW245.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-14 11:34 - 2013-11-14 11:35 - 04100773 _____ C:\Documents and Settings\banderson\Desktop\tdsskiller.zip
2013-11-14 11:33 - 2013-11-14 11:33 - 00001556 _____ C:\Documents and Settings\banderson\Desktop\aswMBR.txt
2013-11-14 11:33 - 2013-11-14 11:33 - 00000512 _____ C:\Documents and Settings\banderson\Desktop\MBR.dat
2013-11-14 11:31 - 2013-11-14 11:32 - 04745728 _____ (AVAST Software) C:\Documents and Settings\banderson\Desktop\aswmbr.exe
2013-11-14 03:07 - 2013-11-14 03:07 - 00009410 _____ C:\WINDOWS\KB2900986.log
2013-11-14 03:07 - 2013-11-14 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 03:07 - 2013-11-14 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 03:06 - 2013-11-14 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 03:06 - 2013-11-14 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 03:04 - 2013-11-14 03:05 - 00012159 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-13 16:17 - 2013-11-14 03:07 - 00015347 _____ C:\WINDOWS\KB2868626.log
2013-11-13 16:16 - 2013-11-14 03:06 - 00014019 _____ C:\WINDOWS\KB2862152.log
2013-11-13 16:11 - 2013-11-14 03:06 - 00019055 _____ C:\WINDOWS\KB2876331.log
2013-11-13 14:25 - 2013-11-13 14:25 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\BrowserSafeguard
2013-11-13 14:22 - 2013-11-13 14:22 - 01085542 _____ C:\Documents and Settings\banderson\Desktop\AdwCleaner.exe
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Program Files\Level Quality Watcher
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\banderson\Application Data\Mozilla
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TubeDimmer
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RHelpers
2013-11-13 14:20 - 2013-11-13 14:20 - 00000000 ____D C:\Program Files\Social Privacy DNS
2013-11-13 12:10 - 2013-11-13 12:11 - 00022961 _____ C:\Documents and Settings\banderson\Desktop\Addition.txt
2013-11-13 12:03 - 2013-11-13 12:04 - 00000178 ___SH C:\Documents and Settings\Administrator.D94GBLF1\ntuser.ini
2013-11-13 12:03 - 2013-11-13 12:03 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1
2013-11-13 12:03 - 2013-11-12 11:22 - 01090275 _____ (Farbar) C:\Documents and Settings\banderson\Desktop\FRST.exe
2013-11-13 12:03 - 2012-02-16 03:00 - 00000000 __SHD C:\Documents and Settings\Administrator.D94GBLF1\IETldCache
2013-11-13 12:03 - 2009-05-18 20:33 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1\Application Data\Macromedia
2013-11-13 12:03 - 2008-09-11 02:00 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1\Local Settings\Application Data\Microsoft Help
2013-11-13 12:03 - 2008-08-11 10:12 - 00001599 _____ C:\Documents and Settings\Administrator.D94GBLF1\Start Menu\Programs\Remote Assistance.lnk
2013-11-13 12:03 - 2008-08-11 10:12 - 00000792 _____ C:\Documents and Settings\Administrator.D94GBLF1\Start Menu\Programs\Windows Media Player.lnk
2013-11-13 12:03 - 2008-08-11 10:12 - 00000000 ___RD C:\Documents and Settings\Administrator.D94GBLF1\Start Menu\Programs\Accessories
2013-11-13 00:32 - 2013-11-12 10:57 - 04121440 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\banderson\Desktop\TDSSKiller.exe
2013-11-12 11:59 - 2013-11-14 11:24 - 00000000 ____D C:\FRST
2013-10-28 06:16 - 2013-10-28 06:16 - 00816838 _____ C:\Documents and Settings\banderson\Desktop\Beer Lounge and Kitchen Ideas.pptx
2013-10-25 11:11 - 2013-10-25 11:11 - 00110592 _____ C:\WINDOWS\Minidump\Mini102513-01.dmp

==================== One Month Modified Files and Folders =======

2013-11-14 14:38 - 2013-05-06 09:22 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\HTC MediaHub
2013-11-14 14:37 - 2013-06-03 11:32 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-11-14 14:37 - 2009-06-26 17:25 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-14 14:37 - 2008-08-11 11:19 - 00000120 _____ C:\WINDOWS\system32\config\netlogon.ftl
2013-11-14 14:37 - 2004-08-04 05:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-14 14:05 - 2009-06-26 17:25 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-14 13:49 - 2009-06-30 16:09 - 00000994 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-962395197-4016970835-1205081151-1145UA.job
2013-11-14 13:01 - 2009-02-16 10:00 - 00000868 _____ C:\WINDOWS\Tasks\Google Software Updater.job
2013-11-14 12:05 - 2008-08-11 10:15 - 00032534 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-14 11:39 - 2008-08-11 10:12 - 02095606 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-14 11:39 - 2008-08-11 06:05 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-14 11:38 - 2008-08-11 10:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-14 11:38 - 2008-08-11 06:05 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-14 11:36 - 2008-08-11 11:26 - 00000178 ___SH C:\Documents and Settings\banderson\ntuser.ini
2013-11-14 11:35 - 2013-11-14 11:34 - 04100773 _____ C:\Documents and Settings\banderson\Desktop\tdsskiller.zip
2013-11-14 11:33 - 2013-11-14 11:33 - 00001556 _____ C:\Documents and Settings\banderson\Desktop\aswMBR.txt
2013-11-14 11:33 - 2013-11-14 11:33 - 00000512 _____ C:\Documents and Settings\banderson\Desktop\MBR.dat
2013-11-14 11:32 - 2013-11-14 11:31 - 04745728 _____ (AVAST Software) C:\Documents and Settings\banderson\Desktop\aswmbr.exe
2013-11-14 11:24 - 2013-11-12 11:59 - 00000000 ____D C:\FRST
2013-11-14 08:53 - 2008-08-11 05:58 - 00000000 ____D C:\WINDOWS\security
2013-11-14 05:49 - 2009-06-30 16:09 - 00000942 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-962395197-4016970835-1205081151-1145Core.job
2013-11-14 03:07 - 2013-11-14 03:07 - 00009410 _____ C:\WINDOWS\KB2900986.log
2013-11-14 03:07 - 2013-11-14 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 03:07 - 2013-11-14 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 03:07 - 2013-11-13 16:17 - 00015347 _____ C:\WINDOWS\KB2868626.log
2013-11-14 03:07 - 2008-08-11 13:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-11-14 03:07 - 2008-08-11 11:20 - 00293821 _____ C:\WINDOWS\updspapi.log
2013-11-14 03:07 - 2008-08-11 06:04 - 01856454 _____ C:\WINDOWS\FaxSetup.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00906569 _____ C:\WINDOWS\ocgen.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00856986 _____ C:\WINDOWS\tsoc.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00612079 _____ C:\WINDOWS\comsetup.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00567622 _____ C:\WINDOWS\msmqinst.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00370444 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00327234 _____ C:\WINDOWS\netfxocm.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00129270 _____ C:\WINDOWS\MedCtrOC.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00101418 _____ C:\WINDOWS\ocmsn.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00094128 _____ C:\WINDOWS\tabletoc.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00093477 _____ C:\WINDOWS\msgsocm.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00013278 _____ C:\WINDOWS\iis6.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-14 03:07 - 2008-08-11 06:04 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-14 03:06 - 2013-11-14 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 03:06 - 2013-11-14 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 03:06 - 2013-11-13 16:16 - 00014019 _____ C:\WINDOWS\KB2862152.log
2013-11-14 03:06 - 2013-11-13 16:11 - 00019055 _____ C:\WINDOWS\KB2876331.log
2013-11-14 03:06 - 2008-08-11 06:04 - 02002379 _____ C:\WINDOWS\iis6.BAK
2013-11-14 03:05 - 2013-11-14 03:04 - 00012159 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 03:04 - 2011-11-12 14:59 - 00000000 ____D C:\WINDOWS\ie8updates
2013-11-14 03:01 - 2013-08-15 02:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 03:01 - 2011-11-12 14:55 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-13 16:16 - 2008-08-11 06:04 - 00623944 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-13 16:11 - 2008-08-11 11:26 - 00000000 ____D C:\Documents and Settings\banderson
2013-11-13 14:25 - 2013-11-13 14:25 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\BrowserSafeguard
2013-11-13 14:22 - 2013-11-13 14:22 - 01085542 _____ C:\Documents and Settings\banderson\Desktop\AdwCleaner.exe
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Program Files\Level Quality Watcher
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\banderson\Application Data\Mozilla
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TubeDimmer
2013-11-13 14:21 - 2013-11-13 14:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RHelpers
2013-11-13 14:20 - 2013-11-13 14:20 - 00000000 ____D C:\Program Files\Social Privacy DNS
2013-11-13 12:11 - 2013-11-13 12:10 - 00022961 _____ C:\Documents and Settings\banderson\Desktop\Addition.txt
2013-11-13 12:04 - 2013-11-13 12:03 - 00000178 ___SH C:\Documents and Settings\Administrator.D94GBLF1\ntuser.ini
2013-11-13 12:03 - 2013-11-13 12:03 - 00000000 ____D C:\Documents and Settings\Administrator.D94GBLF1
2013-11-13 10:50 - 2008-08-11 11:21 - 00000000 __SHD C:\WINDOWS\CSC
2013-11-12 11:22 - 2013-11-13 12:03 - 01090275 _____ (Farbar) C:\Documents and Settings\banderson\Desktop\FRST.exe
2013-11-12 10:57 - 2013-11-13 00:32 - 04121440 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\banderson\Desktop\TDSSKiller.exe
2013-11-12 08:28 - 2008-08-18 07:43 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Google
2013-11-12 08:28 - 2008-08-18 07:15 - 00000000 ____D C:\Program Files\Google
2013-11-12 08:04 - 2008-08-11 13:30 - 00002515 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office Word 2007.lnk
2013-11-11 09:37 - 2008-08-11 13:29 - 00002483 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office PowerPoint 2007.lnk
2013-11-11 07:57 - 2008-08-11 13:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\FLEXnet
2013-11-10 09:26 - 2012-08-29 09:20 - 00000000 ____D C:\WINDOWS\system32\cache
2013-11-06 13:52 - 2008-08-11 13:29 - 00002473 _____ C:\Documents and Settings\banderson\Desktop\Microsoft Office Excel 2007.lnk
2013-10-31 10:01 - 2013-09-13 09:05 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Citrix
2013-10-31 10:01 - 2008-12-26 07:23 - 00000000 ____D C:\Documents and Settings\banderson\Local Settings\Application Data\Deployment
2013-10-30 08:40 - 2011-11-12 14:52 - 00458144 _____ C:\WINDOWS\setupapi.log
2013-10-30 07:26 - 2008-08-11 13:42 - 00002335 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 8 Standard.lnk
2013-10-29 09:05 - 2009-02-17 08:57 - 00255488 ___SH C:\Documents and Settings\banderson\Desktop\Thumbs.db
2013-10-29 02:24 - 2013-08-20 10:07 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-10-29 02:12 - 2008-12-03 10:11 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-29 02:08 - 2004-08-04 05:00 - 00000582 _____ C:\WINDOWS\win.ini
2013-10-28 06:16 - 2013-10-28 06:16 - 00816838 _____ C:\Documents and Settings\banderson\Desktop\Beer Lounge and Kitchen Ideas.pptx
2013-10-25 11:11 - 2013-10-25 11:11 - 00110592 _____ C:\WINDOWS\Minidump\Mini102513-01.dmp
2013-10-25 11:11 - 2009-01-13 14:45 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-24 14:36 - 2012-11-02 08:40 - 01209951 _____ C:\Documents and Settings\banderson\Desktop\Final Routing Matrix 11-1-12 FINAL VERSION.xlsx
2013-10-16 12:55 - 2013-08-01 07:05 - 00002316 _____ C:\Documents and Settings\banderson\Desktop\Google Chrome.lnk

Some content of TEMP:
====================
C:\Documents and Settings\administrator\Local Settings\temp\sp_setpoint.exe
C:\Documents and Settings\banderson\Local Settings\temp\7z.dll
C:\Documents and Settings\banderson\Local Settings\temp\7z.exe
C:\Documents and Settings\banderson\Local Settings\temp\avguidx.dll
C:\Documents and Settings\banderson\Local Settings\temp\CommonInstaller.exe
C:\Documents and Settings\banderson\Local Settings\temp\dtkill.exe
C:\Documents and Settings\banderson\Local Settings\temp\Executor.exe
C:\Documents and Settings\banderson\Local Settings\temp\G2MInstallerExtractor.exe
C:\Documents and Settings\banderson\Local Settings\temp\ICReinstall_PDFCreatorSetup.exe
C:\Documents and Settings\banderson\Local Settings\temp\iGearedHelper.dll
C:\Documents and Settings\banderson\Local Settings\temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u15-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u17-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u21-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u25-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u40-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\banderson\Local Settings\temp\MachineIdCreator.exe
C:\Documents and Settings\banderson\Local Settings\temp\nsh83.exe
C:\Documents and Settings\banderson\Local Settings\temp\nsu86.exe
C:\Documents and Settings\banderson\Local Settings\temp\nsu89.exe
C:\Documents and Settings\banderson\Local Settings\temp\nsw80.exe
C:\Documents and Settings\banderson\Local Settings\temp\oi_{3CBB1E8C-B01B-4192-A7AB-8B217A4BFAE5}.exe
C:\Documents and Settings\banderson\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\banderson\Local Settings\temp\setup{FAB4B8CF-33C7-40C8-ADDC-6CCBF5F6C3A1}.exe
C:\Documents and Settings\banderson\Local Settings\temp\SSUPDATE.EXE
C:\Documents and Settings\banderson\Local Settings\temp\System.Data.SQLite.dll
C:\Documents and Settings\banderson\Local Settings\temp\ToolbarInstaller.exe
C:\Documents and Settings\banderson\Local Settings\temp\vcredist_x86.exe
C:\Documents and Settings\banderson\Local Settings\temp\{5C339956-A905-45CB-9108-2A54B57E8BD9}.exe
C:\Documents and Settings\banderson\Local Settings\temp\~tmf645148103571096384.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ===========================

Whew! Thanks again.

#15
Machiavelli

Posted 14 November 2013 - 11:47 PM

GeekU Moderator

GeekU Moderator
4,722 posts

Hello beerman!

- FIRST -

Please download ESET Services Repair Tool from here and save it to your Desktop;
Right click and choose Run as administrator
If security notifications appear, click Continue or Run and then click Yes when asked if you want to proceed
Once the tool has finished, you will be prompted to restart your computer. Click Yes to restart

- NEXT -

Please run FSS again

Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

- NEXT -

Download OTL to your Desktop
Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the box in OTL. To do that:
- Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.
  
  netsvcs
  BASESERVICES
  %SYSTEMDRIVE%\*.exe
  /md5start
  services.*
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  qmgr.dll
  winsock.*
  /md5stop
  dir "%systemdrive%\*" /S /A:L /C
  CREATERESTOREPOINT
Open on the desktop. To do that:
- XP users: Double click on the OTL icon.
- Vista / 7 Users: Right click on the icon and click Run as Administrator)
Make sure all other windows are closed.
- You will see a console like the one below:
- Click the box beside Scan All Users at the top of the console
- IF you have a 64bit Windows, click the box beside Include 64bit Scans at the top of the console.
- Make sure the Output box at the top is set to Standard Output.
- Check the boxes beside LOP Checkand Purity Check.
  Place the mouse pointer inside the box, right click and click Paste. This will put the above script inside OTL
- Click the button. Do not change any settings unless otherwise told to do so.
- Let the scan run uninterrupted.
- When the scan completes, it will open OTL.Txt on the desktop. The Extras.txt file will be minimized on the taskbar. These files is also saved in the same location as OTL (it should be on your desktop).
- Please copy the contents of these files and paste it into your reply. To do that:
- On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
- Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.

[/list]Repeat for the Extras.txtfile.

- NEXT -

How is your computer running?

Please don't forget to include following logfiles in your next answer: