Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

isearch.fantastigames.com Infection [Solved]

Started by pepper1 , Jun 27 2013 01:33 PM

This topic is locked

#1
pepper1

Posted 27 June 2013 - 01:33 PM

New Member

Member
6 posts

Hi GeeksToGo staff,

My computer was recently infected with a virus that has set my Chrome default search engine and home page to a website called "isearch.fantastigames.com." Also, error messages often appear saying that "A program has stopped working" and "Windows is checking for a solution to the problem." These messages often include names of programs that seem to be randomly generated, consisting of three groups of random numbers and letters. This computer may also have other viruses installed (I'm not really sure) because it has been without an antivirus since Norton expired 6 months ago. No past efforts have been made to remove the virus other than changing Chrome's home page back to the default. Thanks so much for your help! Here are my logs:

OTL.txt:
OTL logfile created on: 6/27/2013 2:54:23 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\NATE\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 44.84% Memory free
6.12 Gb Paging File | 4.06 Gb Available in Paging File | 66.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218.20 Gb Total Space | 60.28 Gb Free Space | 27.62% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 10.32 Gb Free Space | 70.47% Space Free | Partition Type: NTFS
Drive E: | 45.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: NATE-PC | User Name: NATE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/27 14:53:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NATE\Desktop\OTL.exe
PRC - [2013/06/24 20:38:57 | 000,136,704 | ---- | M] () -- C:\Users\NATE\AppData\Local\Temp\F078.exe
PRC - [2013/06/24 20:38:39 | 000,136,704 | ---- | M] () -- C:\Users\NATE\AppData\Local\Temp\A842.exe
PRC - [2013/06/08 12:57:48 | 000,130,048 | ---- | M] () -- C:\Users\NATE\AppData\Roaming\Adobe\WINF9E8.exe
PRC - [2013/05/21 14:58:28 | 001,934,376 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe
PRC - [2013/05/21 14:58:05 | 000,032,808 | ---- | M] (Just Develop It) -- C:\Program Files\MyPC Backup\BackupStack.exe
PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/04/16 17:27:11 | 000,281,160 | ---- | M] (OPerA sOfTWARe) -- C:\Users\NATE\AppData\Roaming\Askaga\qouqfye.exe
PRC - [2013/03/31 14:57:08 | 001,646,216 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2013/03/06 08:36:54 | 002,731,296 | ---- | M] (Conduit) -- C:\Users\NATE\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013/03/06 08:36:52 | 000,093,984 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe
PRC - [2013/01/18 21:29:28 | 001,209,392 | ---- | M] () -- C:\Users\NATE\AppData\Roaming\HoolappForAndroid\Hoolapp.exe
PRC - [2013/01/03 10:50:13 | 001,684,160 | ---- | M] (Koyote-Lab, inc) -- C:\Program Files\Settings Alerter\Datamngr\datamngrUI.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/09/21 20:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/31 10:28:10 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/03/31 10:28:00 | 000,249,938 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe
PRC - [2009/03/31 10:27:48 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe
PRC - [2009/03/31 10:26:12 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2009/03/31 10:25:54 | 000,217,088 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/03/31 10:25:52 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/03/31 10:25:50 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/02/04 22:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/18 13:27:18 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM13Mon.exe
PRC - [2009/01/07 23:55:00 | 000,072,224 | ---- | M] (O2Micro International) -- C:\Windows\System32\drivers\o2flash.exe
PRC - [2008/01/20 22:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/07/27 17:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe

========== Modules (No Company Name) ==========

MOD - [2013/06/24 20:38:57 | 000,136,704 | ---- | M] () -- C:\Users\NATE\AppData\Local\Temp\F078.exe
MOD - [2013/06/24 20:38:39 | 000,136,704 | ---- | M] () -- C:\Users\NATE\AppData\Local\Temp\A842.exe
MOD - [2013/06/08 12:57:48 | 000,130,048 | ---- | M] () -- C:\Users\NATE\AppData\Roaming\Adobe\WINF9E8.exe
MOD - [2013/05/23 14:14:28 | 000,030,208 | ---- | M] () -- C:\Users\NATE\AppData\Roaming\wabEventSupport16\wabEventSupport16.dll
MOD - [2013/05/21 14:58:25 | 003,888,640 | ---- | M] () -- C:\Program Files\MyPC Backup\MPCBIconOverlays.dll
MOD - [2013/05/21 14:58:07 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll
MOD - [2013/05/15 12:20:56 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll
MOD - [2013/05/15 12:17:19 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
MOD - [2013/02/14 04:33:57 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll
MOD - [2013/01/18 21:29:28 | 001,209,392 | ---- | M] () -- C:\Users\NATE\AppData\Roaming\HoolappForAndroid\Hoolapp.exe
MOD - [2013/01/10 04:33:32 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll
MOD - [2013/01/10 04:30:33 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 04:30:32 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\36dc923935a96557c81daa014e7e2ba8\System.EnterpriseServices.ni.dll
MOD - [2013/01/10 04:30:31 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\d995a0e7d64a874cddea6294caaa2539\System.Transactions.ni.dll
MOD - [2013/01/10 04:30:13 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4324113139782a29f66e449cf2f8ac14\System.Xml.ni.dll
MOD - [2013/01/10 04:29:51 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/10 04:29:38 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll
MOD - [2013/01/10 04:28:43 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/10 04:28:33 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012/12/20 07:36:18 | 000,078,336 | ---- | M] () -- C:\ProgramData\Wincert\win32prop.dll
MOD - [2012/12/20 07:36:18 | 000,007,168 | ---- | M] () -- C:\ProgramData\Wincert\win32cert.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/04/18 09:58:58 | 000,904,704 | ---- | M] () -- C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
MOD - [2009/03/30 00:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/12/11 13:47:34 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll

========== Services (SafeList) ==========

SRV - [2013/06/21 20:46:38 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/21 14:58:05 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/03/06 08:36:52 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/05 11:08:42 | 000,109,064 | ---- | M] (Wajam) [On_Demand | Stopped] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/09/21 20:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/03/31 10:28:00 | 000,249,938 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe -- (STacSV)
SRV - [2009/03/31 10:27:48 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe -- (AESTFilters)
SRV - [2009/01/07 23:55:00 | 000,072,224 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\drivers\o2flash.exe -- (O2FLASH)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS -- (SYMREDRV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS -- (SYMDNS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\knmqmjhc.sys -- (knmqmjhc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/12/28 04:29:14 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130112.007\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/12/28 04:29:14 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130112.007\NAVENG.SYS -- (NAVENG)
DRV - [2012/09/06 04:54:30 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130111.002\IDSvix86.sys -- (IDSVix86)
DRV - [2012/07/31 20:34:45 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/10/20 21:53:24 | 000,467,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\cchpx86.sys -- (ccHP)
DRV - [2011/10/15 12:37:55 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/09/21 20:35:58 | 000,217,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\symtdi.sys -- (SYMTDI)
DRV - [2011/09/21 20:35:58 | 000,089,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1008030.006\symfw.sys -- (SYMFW)
DRV - [2011/09/21 20:35:58 | 000,048,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1008030.006\symndisv.sys -- (SYMNDISV)
DRV - [2010/01/20 17:03:39 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\SymEFA.sys -- (SymEFA)
DRV - [2010/01/20 17:03:39 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1008030.006\srtsp.sys -- (SRTSP)
DRV - [2010/01/20 17:03:39 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/20 17:03:39 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\srtspx.sys -- (SRTSPX)
DRV - [2010/01/20 17:03:28 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/03/31 10:28:14 | 000,394,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/31 10:25:48 | 000,196,144 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/02/02 11:21:30 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/01/18 13:27:28 | 000,235,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM13Vid.sys -- (OEM13Vid)
DRV - [2009/01/18 13:27:24 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM13Vfx.sys -- (OEM13Vfx)
DRV - [2009/01/07 23:55:00 | 000,051,616 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2mdg.sys -- (O2MDGRDR)
DRV - [2009/01/07 23:55:00 | 000,041,760 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sdg.sys -- (O2SDGRDR)
DRV - [2008/12/11 13:47:16 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/01/20 22:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/06/18 21:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {d775a78f-33a1-4d54-949a-c251148afd2b} - C:\Program Files\Produtools_Forms_B\prxtbProd.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2439}
IE - HKLM\..\SearchScopes\{5BDD21B5-F8DA-42C4-9597-BD877F3B367E}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2439}: "URL" = http://isearch.fanta...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\NATE\Documents
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USSMB/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {d775a78f-33a1-4d54-949a-c251148afd2b} - C:\Program Files\Produtools_Forms_B\prxtbProd.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {37FB2D1F-F6D8-4623-9519-B1B8FB6B87C9}
IE - HKCU\..\SearchScopes\{37FB2D1F-F6D8-4623-9519-B1B8FB6B87C9}: "URL" = http://search.condui...1841674371&UM=2
IE - HKCU\..\SearchScopes\{5BDD21B5-F8DA-42C4-9597-BD877F3B367E}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2439}: "URL" = http://isearch.fanta...q={searchTerms}
IE - HKCU\..\SearchScopes\{A6C7229D-3157-4574-B88E-EC990111D994}: "URL" = http://websearch.ask...29-C21C3D74E1E2
IE - HKCU\..\SearchScopes\{D7033E09-5F78-4739-95B3-097F9C7949DB}: "URL" = https://dhpdse.googl...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.DictionaryBoss.com/Plugin: C:\Program Files\DictionaryBossEI\Installr\1.bin\NPv4EISB.dll (DictionaryBoss)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\NATE\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\NATE\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\NATE\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\NATE\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\NATE\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\NATE\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/10/20 22:53:08 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Web Search ()
CHR - default_search_provider: search_url = http://isearch.fanta...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://isearch.fantastigames.com/439
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\NATE\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Java™ Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\NATE\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\NATE\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\NATE\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Ask Toolbar = C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.15.49063_0\
CHR - Extension: YouTube = C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Wajam = C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_1\
CHR - Extension: Skype Click to Call = C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Yontoo = C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\
CHR - Extension: Gmail = C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Produtools Forms B Toolbar) - {d775a78f-33a1-4d54-949a-c251148afd2b} - C:\Program Files\Produtools_Forms_B\prxtbProd.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DataMngr) - {F2D6C718-7E52-428E-8852-365C4B1A6E36} - C:\Program Files\Settings Alerter\Datamngr\BrowserConnection.dll (Koyote-Lab, inc)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Produtools Forms B Toolbar) - {d775a78f-33a1-4d54-949a-c251148afd2b} - C:\Program Files\Produtools_Forms_B\prxtbProd.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Produtools Forms B Toolbar) - {D775A78F-33A1-4D54-949A-C251148AFD2B} - C:\Program Files\Produtools_Forms_B\prxtbProd.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Settings Alerter\Datamngr\datamngrUI.exe (Koyote-Lab, inc)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Facebook Update] C:\Users\NATE\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Leduumopzaof] C:\Users\NATE\AppData\Roaming\Askaga\qouqfye.exe (OPerA sOfTWARe)
O4 - HKCU..\Run: [SearchProtect] C:\Users\NATE\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [TimeServer] C:\Users\NATE\AppData\Roaming\Adobe\WINF9E8.exe ()
O4 - HKCU..\Run: [wabEventSupport16] C:\Users\NATE\AppData\Roaming\wabEventSupport16\wabEventSupport16.dll ()
O4 - Startup: C:\Users\NATE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B53064A-6B3B-41A0-8F72-5A59580383CB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F620609-0E9C-4949-A0E1-1735AFA5412B}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\SETTIN~1\Datamngr\datamngr.dll) - C:\Program Files\Settings Alerter\Datamngr\datamngr.dll (Koyote-Lab, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\SETTIN~1\Datamngr\IEBHO.dll) - C:\Program Files\Settings Alerter\Datamngr\IEBHO.dll (Koyote-Lab, inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\NATE\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\NATE\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0ed612e5-6129-11e2-ad23-0024e89bab5b}\Shell - "" = AutoRun
O33 - MountPoints2\{0ed612e5-6129-11e2-ad23-0024e89bab5b}\Shell\AutoRun\command - "" = F:\TL_Bootstrap.exe
O33 - MountPoints2\{71175b82-51d7-11e1-a5eb-0024e89bab5b}\Shell - "" = AutoRun
O33 - MountPoints2\{71175b82-51d7-11e1-a5eb-0024e89bab5b}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{83e0ee2b-695c-11e2-8e8a-0024e89bab5b}\Shell - "" = AutoRun
O33 - MountPoints2\{83e0ee2b-695c-11e2-8e8a-0024e89bab5b}\Shell\AutoRun\command - "" = F:\TL_Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/27 14:53:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\NATE\Desktop\OTL.exe
[2013/06/22 03:03:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2013/06/21 20:47:20 | 000,000,000 | ---D | C] -- C:\Users\NATE\AppData\Roaming\Mozilla
[2013/06/10 08:09:50 | 000,000,000 | ---D | C] -- C:\Users\NATE\Documents\134CANON
[2013/06/10 08:08:55 | 000,000,000 | ---D | C] -- C:\Users\NATE\Documents\135CANON
[2013/06/10 08:07:45 | 000,000,000 | ---D | C] -- C:\Users\NATE\Documents\136CANON
[2013/06/10 08:07:00 | 000,000,000 | ---D | C] -- C:\Users\NATE\Documents\137CANON
[2013/06/10 08:05:43 | 000,000,000 | ---D | C] -- C:\Users\NATE\Documents\139CANON
[2011/10/21 23:28:44 | 001,062,984 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\NATE\gotomypc_540.exe
[2 C:\Users\NATE\Documents\*.tmp files -> C:\Users\NATE\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/27 14:53:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NATE\Desktop\OTL.exe
[2013/06/27 14:23:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/27 14:16:11 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1627533141-4168953869-2929979106-1000UA.job
[2013/06/27 14:12:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1627533141-4168953869-2929979106-1000UA.job
[2013/06/27 14:12:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1627533141-4168953869-2929979106-1000Core.job
[2013/06/27 14:09:29 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1627533141-4168953869-2929979106-1000Core.job
[2013/06/27 14:07:56 | 000,002,613 | ---- | M] () -- C:\Users\NATE\Desktop\htoijhgbbtgu.lnk
[2013/06/27 14:04:59 | 000,000,794 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 4190968579.job
[2013/06/27 14:04:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/27 13:14:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/27 13:14:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/24 20:06:59 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/06/24 20:06:59 | 000,104,420 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/06/22 09:26:12 | 3180,216,320 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/22 09:26:09 | 320,859,261 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/06/22 03:04:31 | 000,000,215 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2 C:\Users\NATE\Documents\*.tmp files -> C:\Users\NATE\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/22 03:04:31 | 000,000,215 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/12/03 01:24:28 | 000,000,680 | ---- | C] () -- C:\Users\NATE\AppData\Local\d3d9caps.dat
[2011/10/17 22:43:04 | 000,008,704 | ---- | C] () -- C:\Users\NATE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/15 09:50:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/10/15 09:50:32 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

========== ZeroAccess Check ==========

[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"" = C:\Users\NATE\AppData\Local\Temp\spyxeos\spqvifd\wow.dll -- [2013/05/15 22:43:26 | 000,088,576 | -HS- | M] ()

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/06 18:25:34 | 000,000,000 | ---D | M] -- C:\Users\NATE\AppData\Roaming\.minecraft
[2013/05/17 14:42:06 | 000,000,000 | ---D | M] -- C:\Users\NATE\AppData\Roaming\Askaga
[2013/02/06 18:24:40 | 000,000,000 | ---D | M] -- C:\Users\NATE\AppData\Roaming\HoolappForAndroid
[2013/03/17 20:22:46 | 000,000,000 | ---D | M] -- C:\Users\NATE\AppData\Roaming\SearchProtect
[2012/10/02 21:20:01 | 000,000,000 | ---D | M] -- C:\Users\NATE\AppData\Roaming\TestApp
[2013/05/23 14:14:28 | 000,000,000 | ---D | M] -- C:\Users\NATE\AppData\Roaming\wabEventSupport16

========== Purity Check ==========

< End of report >

Extras.txt:
OTL Extras logfile created on: 6/27/2013 2:54:23 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\NATE\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 44.84% Memory free
6.12 Gb Paging File | 4.06 Gb Available in Paging File | 66.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218.20 Gb Total Space | 60.28 Gb Free Space | 27.62% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 10.32 Gb Free Space | 70.47% Space Free | Partition Type: NTFS
Drive E: | 45.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: NATE-PC | User Name: NATE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3ECE9DEF-4286-44C8-8DD6-96EE02473120}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5C58E02E-734E-4F80-9E80-FA9E55D75F4C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{CF7837B9-2CFF-4B7C-A7EC-530536A61B1A}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E0F7AD1-1EAB-440D-8287-6E831699E745}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{18D08E8A-64D2-4882-8450-FD17A452A58D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4101CDE8-AB57-44E1-8476-D6507B7E34A0}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{4F19CD87-FBC3-49F2-989C-A404D1BD5B1E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{5BF713D5-7F0C-4EED-B456-4474C42C416E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8E729C26-1B1F-427A-8B2D-C92933F23938}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{916DF6CB-1E0D-4729-873B-4212DD198073}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A3AE8C85-8DBE-43AF-A5B8-7ABE8FC793D3}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{C1054F60-479B-42FB-A368-E22D3B287AA1}" = dir=in | app=c:\users\nate\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{CE2CBE49-910D-4020-B8A9-007E5EF0D466}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D190AD97-211C-43D3-A25A-1F9C4348A105}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{E730C1C6-5BB3-40BB-B6F4-64FCF7527899}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{ED25B5D9-D086-49E6-A6B5-E915CE092B34}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{27979F37-AF9C-33DE-8437-76F7AEFAABAD}" = Google Talk Plugin
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{37F964E4-9C3F-4066-B933-1747D3AC6737}" = Personal Entertainment Launcher
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75685CA8-0B74-45BB-9C64-744A0FB79EDC}" = Business Tools Launcher
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.12.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8ABB25D-1E30-4ED7-A3CE-0F8BED439647}" = Product Support Launcher
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"Creative OEM013" = Laptop Integrated Webcam Driver (1.01.01.0529)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MyPC Backup" = MyPC Backup
"NIS" = Norton Internet Security
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"Produtools_Forms_B Toolbar" = Produtools Forms B Toolbar
"SearchProtect" = Search Protect by conduit
"Settings Alerter" = Settings Alerter
"Wajam" = Wajam
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Google Chrome" = Google Chrome
"Hoolapp For Android" = Hoolapp For Android

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/30/2013 7:08:14 PM | Computer Name = NATE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11201

Error - 5/30/2013 7:08:15 PM | Computer Name = NATE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 5/30/2013 7:08:15 PM | Computer Name = NATE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12215

Error - 5/30/2013 7:08:15 PM | Computer Name = NATE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12215

Error - 5/30/2013 7:08:16 PM | Computer Name = NATE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 5/30/2013 7:08:16 PM | Computer Name = NATE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13213

Error - 5/30/2013 7:08:16 PM | Computer Name = NATE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13213

Error - 5/30/2013 7:08:17 PM | Computer Name = NATE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 5/30/2013 7:08:17 PM | Computer Name = NATE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14227

Error - 5/30/2013 7:08:17 PM | Computer Name = NATE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14227

Error - 6/3/2013 11:14:35 AM | Computer Name = NATE-PC | Source = Application Error | ID = 1000
Description = Faulting application tmp07fdc477.exe, version 80.0.43250.29621, time
stamp 0x4b86006c, faulting module tmp07fdc477.exe, version 80.0.43250.29621, time
stamp 0x4b86006c, exception code 0x80000003, fault offset 0x000245a3, process id
0x216dc, application start time 0x01ce5d47b699b170.

[ Broadcom Wireless LAN Events ]
Error - 4/17/2013 7:13:07 AM | Computer Name = NATE-PC | Source = WLAN-Tray | ID = 0
Description = 07:13:07, Wed, Apr 17, 13 Error - Unable to gain access to user store

Error - 4/23/2013 10:02:30 AM | Computer Name = NATE-PC | Source = WLAN-Tray | ID = 0
Description = 10:02:30, Tue, Apr 23, 13 Error - Unable to gain access to user store

Error - 4/24/2013 8:14:05 PM | Computer Name = NATE-PC | Source = WLAN-Tray | ID = 0
Description = 20:14:04, Wed, Apr 24, 13 Error - Unable to gain access to user store

Error - 5/6/2013 8:24:26 AM | Computer Name = NATE-PC | Source = WLAN-Tray | ID = 0
Description = 08:24:25, Mon, May 06, 13 Error - Unable to gain access to user store

Error - 5/13/2013 6:03:57 PM | Computer Name = NATE-PC | Source = WLAN-Tray | ID = 0
Description = 18:03:57, Mon, May 13, 13 Error - Unable to gain access to user store

Error - 5/15/2013 3:12:13 PM | Computer Name = NATE-PC | Source = WLAN-Tray | ID = 0
Description = 15:12:13, Wed, May 15, 13 Error - Unable to gain access to user store

Error - 5/18/2013 6:11:17 PM | Computer Name = NATE-PC | Source = WLAN-Tray | ID = 0
Description = 18:11:17, Sat, May 18, 13 Error - Unable to gain access to user store

Error - 6/4/2013 11:49:39 AM | Computer Name = NATE-PC | Source = WLAN-Tray | ID = 0
Description = 11:49:39, Tue, Jun 04, 13 Error - Unable to gain access to user store

[ System Events ]
Error - 6/7/2013 11:32:49 PM | Computer Name = NATE-PC | Source = Schannel | ID = 36874
Description = An SSL connection request was received from a remote client application,
but none of the cipher suites supported by the client application are supported
by the server. The SSL connection request has failed.

Error - 6/9/2013 10:43:52 AM | Computer Name = NATE-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{2F620609-0E9C-4949-A0E1-1735AFA5412B}
because another computer on the network has the same name. The server could not
start.

Error - 6/10/2013 5:04:22 AM | Computer Name = NATE-PC | Source = Schannel | ID = 36874
Description = An SSL connection request was received from a remote client application,
but none of the cipher suites supported by the client application are supported
by the server. The SSL connection request has failed.

Error - 6/10/2013 7:35:35 AM | Computer Name = NATE-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 6/22/2013 3:21:42 AM | Computer Name = NATE-PC | Source = DCOM | ID = 10010
Description =

Error - 6/22/2013 3:25:03 AM | Computer Name = NATE-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/22/2013 9:26:36 AM | Computer Name = NATE-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:24:47 AM on 6/22/2013 was unexpected.

Error - 6/22/2013 9:27:53 AM | Computer Name = NATE-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/26/2013 7:42:14 PM | Computer Name = NATE-PC | Source = Schannel | ID = 36874
Description = An SSL connection request was received from a remote client application,
but none of the cipher suites supported by the client application are supported
by the server. The SSL connection request has failed.

Error - 6/27/2013 2:04:45 PM | Computer Name = NATE-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.2.100 for the Network Card with network
address 00265E16ECA3 has been denied by the DHCP server 192.168.2.1 (The DHCP Server
sent a DHCPNACK message).

< End of report >

#2
Phel

Posted 27 June 2013 - 01:38 PM

Trusted Helper

Malware Removal
1,386 posts

Hello, pepper1 and welcome to GeeksToGo!

You can call me Phel and today I will try to help you with your trouble.

Please, read these instructions carefully, because they contain some very useful information.

Please, let me know, if you don't understand something. It is really important to understand any instruction. Also, please read all instructions carefully before performing them. Feel free to ask questions, if you aren't sure.

Please, be patient. You should stay here until your computer will become really clean. Malware Removal isn't very fast procedure, it usually has multiple steps, but result should be glad.

Please, wait for a while now, currently I'm analyzing your logs. Please note, that my answers could come with a slight delay, because they are checked by my teacher.

#3
Phel

Posted 28 June 2013 - 03:54 PM

Trusted Helper

Malware Removal
1,386 posts

Do you know anything about this shortcut on your Desktop?

C:\Users\NATE\Desktop\htoijhgbbtgu.lnk

Please, follow these steps:

Step 1. TDSSKiller scan.

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 2. Uninstalling programs.

Open Start menu.
Click on Control Panel.
Click on Programs and Features. New window should appear.
Uninstall these programs one by one, selecting each program and clicking Uninstall button.

Programs to uninstall:

Ask Toolbar Updater
Wajam
Settings Alerter
Search Protect by conduit
Produtools Forms B Toolbar
Yontoo 1.12.02
Ask Toolbar

Step 3. AdwCleaner scan.

Please, download AdwCleaner from here to your Desktop.
Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
Adwcleaner window should appear.
Click on the Delete button.
Click on OK.
Computer will be rebooted automatically, when program will finish it's job.
After fix Notepad window with report should appear. Post the contents of the report in your next message.

Step 4. Changing Chrome Search provider and Homepage.

Your current Chrome Search provider and Homepage are malicious.

Please, follow this instruction and set your Search provider to www.google.com or to something else, what you you want. For Home page, please, follow this instruction.

Step 5. Uninstall Chrome extensions.

Launch your Google Chrome browser.
In the address bar type the following:

chrome:extensions
Extension list will appear.
Find there Yontoo, Wajam, Ask Toolbar extensions.
Click on the recycle bin icon near them (uninstall them).
Restart your browser.

Step 6. OTL fix.

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
SRV - [2013/03/06 08:36:52 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2012/10/05 11:08:42 | 000,109,064 | ---- | M] (Wajam) [On_Demand | Stopped] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\knmqmjhc.sys -- (knmqmjhc)
IE - HKLM\..\URLSearchHook: {d775a78f-33a1-4d54-949a-c251148afd2b} - C:\Program Files\Produtools_Forms_B\prxtbProd.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2439}: "URL" = http://isearch.fanta...q={searchTerms}
IE - HKCU\..\URLSearchHook: {d775a78f-33a1-4d54-949a-c251148afd2b} - C:\Program Files\Produtools_Forms_B\prxtbProd.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes\{37FB2D1F-F6D8-4623-9519-B1B8FB6B87C9}: "URL" = http://search.condui...1841674371&UM=2
IE - HKCU\..\SearchScopes\{A6C7229D-3157-4574-B88E-EC990111D994}: "URL" = http://websearch.ask...29-C21C3D74E1E2
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2439}: "URL" = http://isearch.fanta...q={searchTerms}
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Produtools Forms B Toolbar) - {d775a78f-33a1-4d54-949a-c251148afd2b} - C:\Program Files\Produtools_Forms_B\prxtbProd.dll (Conduit Ltd.)
O2 - BHO: (DataMngr) - {F2D6C718-7E52-428E-8852-365C4B1A6E36} - C:\Program Files\Settings Alerter\Datamngr\BrowserConnection.dll (Koyote-Lab, inc)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Produtools Forms B Toolbar) - {d775a78f-33a1-4d54-949a-c251148afd2b} - C:\Program Files\Produtools_Forms_B\prxtbProd.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Produtools Forms B Toolbar) - {D775A78F-33A1-4D54-949A-C251148AFD2B} - C:\Program Files\Produtools_Forms_B\prxtbProd.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Settings Alerter\Datamngr\datamngrUI.exe (Koyote-Lab, inc)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [Leduumopzaof] C:\Users\NATE\AppData\Roaming\Askaga\qouqfye.exe (OPerA sOfTWARe)
O4 - HKCU..\Run: [SearchProtect] C:\Users\NATE\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [TimeServer] C:\Users\NATE\AppData\Roaming\Adobe\WINF9E8.exe ()
O4 - HKCU..\Run: [wabEventSupport16] C:\Users\NATE\AppData\Roaming\wabEventSupport16\wabEventSupport16.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~2\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\SETTIN~1\Datamngr\datamngr.dll) - C:\Program Files\Settings Alerter\Datamngr\datamngr.dll (Koyote-Lab, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\SETTIN~1\Datamngr\IEBHO.dll) - C:\Program Files\Settings Alerter\Datamngr\IEBHO.dll (Koyote-Lab, inc)
[2013/06/27 14:04:59 | 000,000,794 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 4190968579.job
[2013/05/17 14:42:06 | 000,000,000 | ---D | M] -- C:\Users\NATE\AppData\Roaming\Askaga
[2013/03/17 20:22:46 | 000,000,000 | ---D | M] -- C:\Users\NATE\AppData\Roaming\SearchProtect
[2013/05/23 14:14:28 | 000,000,000 | ---D | M] -- C:\Users\NATE\AppData\Roaming\wabEventSupport16

:Reg
[-HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

:Files
C:\Program Files\Settings Alerter
C:\ProgramData\Wincert
C:\Program Files\Yontoo
C:\Program Files\Produtools_Forms_B
C:\Program Files\Wajam

:Commands 
[EMPTYTEMP]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done

Step 7. OTL scan.

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following
```
dir "%systemdrive%\*" /S /A:L /C
```
Then click the Run Scan button at the top
Let the program run unhindered
When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of this file, one at a time and post them in your topic.

So, please, don't forget to post in your next message:

TDSSKiller log
AdwCleaner log
OTL log

#4
pepper1

Posted 01 July 2013 - 07:49 AM

New Member

Topic Starter
Member
6 posts

Hi Phel!

I followed your instructions as closely as I could. Here's the results I got as I followed each step:

Firstly, I'm not really sure what that shortcut on the desktop is for. Windows says it links to "Microsoft Word Single Image" and it opens Word just fine. This is a family computer (although there's only one user account) so someone might have created the shortcut and just been too lazy to type a name. :lol:

Step 1 TDSSKiller produced two logs. Here's both logs:

22:32:23.0420 5372 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:32:23.0436 5372 ============================================================
22:32:23.0436 5372 Current date / time: 2013/06/30 22:32:23.0436
22:32:23.0436 5372 SystemInfo:
22:32:23.0436 5372
22:32:23.0436 5372 OS Version: 6.0.6002 ServicePack: 2.0
22:32:23.0436 5372 Product type: Workstation
22:32:23.0436 5372 ComputerName: NATE-PC
22:32:23.0436 5372 UserName: NATE
22:32:23.0436 5372 Windows directory: C:\Windows
22:32:23.0436 5372 System windows directory: C:\Windows
22:32:23.0436 5372 Processor architecture: Intel x86
22:32:23.0436 5372 Number of processors: 2
22:32:23.0436 5372 Page size: 0x1000
22:32:23.0436 5372 Boot type: Normal boot
22:32:23.0436 5372 ============================================================
22:32:23.0873 5372 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:32:23.0873 5372 Drive \Device\Harddisk1\DR1 - Size: 0x7D900000 (1.96 Gb), SectorSize: 0x200, Cylinders: 0x100, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:32:23.0873 5372 ============================================================
22:32:23.0873 5372 \Device\Harddisk0\DR0:
22:32:23.0873 5372 MBR partitions:
22:32:23.0873 5372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
22:32:23.0873 5372 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
22:32:23.0873 5372 \Device\Harddisk1\DR1:
22:32:23.0873 5372 MBR partitions:
22:32:23.0873 5372 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2, BlocksNum 0x3EC7FE
22:32:23.0873 5372 ============================================================
22:32:23.0904 5372 C: <-> \Device\Harddisk0\DR0\Partition2
22:32:23.0935 5372 D: <-> \Device\Harddisk0\DR0\Partition1
22:32:23.0935 5372 ============================================================
22:32:23.0935 5372 Initialize success
22:32:23.0935 5372 ============================================================
22:32:46.0271 5444 Deinitialize success

22:34:13.0843 2464 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:34:13.0859 2464 ============================================================
22:34:13.0859 2464 Current date / time: 2013/06/30 22:34:13.0859
22:34:13.0859 2464 SystemInfo:
22:34:13.0859 2464
22:34:13.0859 2464 OS Version: 6.0.6002 ServicePack: 2.0
22:34:13.0859 2464 Product type: Workstation
22:34:13.0859 2464 ComputerName: NATE-PC
22:34:13.0859 2464 UserName: NATE
22:34:13.0859 2464 Windows directory: C:\Windows
22:34:13.0859 2464 System windows directory: C:\Windows
22:34:13.0859 2464 Processor architecture: Intel x86
22:34:13.0859 2464 Number of processors: 2
22:34:13.0859 2464 Page size: 0x1000
22:34:13.0859 2464 Boot type: Normal boot
22:34:13.0859 2464 ============================================================
22:34:17.0888 2464 BG loaded
22:34:20.0462 2464 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:34:20.0462 2464 Drive \Device\Harddisk1\DR1 - Size: 0x7D900000 (1.96 Gb), SectorSize: 0x200, Cylinders: 0x100, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:34:20.0462 2464 ============================================================
22:34:20.0462 2464 \Device\Harddisk0\DR0:
22:34:20.0462 2464 MBR partitions:
22:34:20.0462 2464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
22:34:20.0462 2464 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
22:34:20.0462 2464 \Device\Harddisk1\DR1:
22:34:20.0462 2464 MBR partitions:
22:34:20.0462 2464 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2, BlocksNum 0x3EC7FE
22:34:20.0462 2464 ============================================================
22:34:20.0556 2464 C: <-> \Device\Harddisk0\DR0\Partition2
22:34:20.0665 2464 D: <-> \Device\Harddisk0\DR0\Partition1
22:34:20.0665 2464 ============================================================
22:34:20.0665 2464 Initialize success
22:34:20.0665 2464 ============================================================
22:34:57.0970 5256 ============================================================
22:34:57.0970 5256 Scan started
22:34:57.0970 5256 Mode: Manual; SigCheck; TDLFS;
22:34:57.0970 5256 ============================================================
22:34:58.0266 5256 ================ Scan system memory ========================
22:34:58.0266 5256 System memory - ok
22:34:58.0266 5256 ================ Scan services =============================
22:34:58.0438 5256 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:34:58.0625 5256 ACPI - ok
22:34:58.0719 5256 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:34:58.0750 5256 AdobeFlashPlayerUpdateSvc - ok
22:34:58.0812 5256 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:34:58.0859 5256 adp94xx - ok
22:34:58.0890 5256 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:34:58.0906 5256 adpahci - ok
22:34:58.0968 5256 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:34:59.0608 5256 adpu160m - ok
22:34:59.0655 5256 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:34:59.0670 5256 adpu320 - ok
22:34:59.0717 5256 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:35:01.0340 5256 AeLookupSvc - ok
22:35:01.0808 5256 [ 087B04CA45E2F059A55709B0B8F95EA9 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\aestsrv.exe
22:35:01.0917 5256 AESTFilters - ok
22:35:01.0979 5256 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
22:35:02.0042 5256 AFD - ok
22:35:02.0104 5256 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:35:02.0120 5256 agp440 - ok
22:35:02.0151 5256 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:35:02.0166 5256 aic78xx - ok
22:35:02.0198 5256 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:35:02.0900 5256 ALG - ok
22:35:02.0931 5256 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:35:02.0946 5256 aliide - ok
22:35:03.0004 5256 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:35:03.0019 5256 amdagp - ok
22:35:03.0050 5256 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:35:03.0066 5256 amdide - ok
22:35:03.0097 5256 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:35:03.0160 5256 AmdK7 - ok
22:35:03.0206 5256 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:35:03.0269 5256 AmdK8 - ok
22:35:03.0331 5256 [ FB7C669774FFCACD77B5969EE5D9A19B ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
22:35:03.0347 5256 ApfiltrService - ok
22:35:03.0409 5256 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:35:03.0487 5256 Appinfo - ok
22:35:03.0752 5256 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:35:03.0768 5256 Apple Mobile Device - ok
22:35:03.0862 5256 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:35:03.0893 5256 arc - ok
22:35:03.0971 5256 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:35:03.0986 5256 arcsas - ok
22:35:04.0033 5256 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:35:04.0096 5256 AsyncMac - ok
22:35:04.0127 5256 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
22:35:04.0142 5256 atapi - ok
22:35:04.0252 5256 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:35:04.0298 5256 AudioEndpointBuilder - ok
22:35:04.0330 5256 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:35:04.0345 5256 Audiosrv - ok
22:35:04.0595 5256 [ 75F59E6C8806719CBB67D3E73F376CA8 ] BackupStack C:\Program Files\MyPC Backup\BackupStack.exe
22:35:04.0610 5256 BackupStack - ok
22:35:04.0907 5256 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
22:35:04.0922 5256 BBSvc - ok
22:35:05.0000 5256 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
22:35:05.0016 5256 BBUpdate - ok
22:35:05.0078 5256 [ 31A7CF8B26035FCF58BD1DBF36B1E69A ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
22:35:05.0094 5256 BCM42RLY - ok
22:35:05.0359 5256 [ FA6707A346CD122407F3B0BAD1C47639 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
22:35:05.0406 5256 BCM43XX - ok
22:35:05.0453 5256 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:35:05.0500 5256 Beep - ok
22:35:05.0562 5256 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
22:35:05.0593 5256 BFE - ok
22:35:05.0671 5256 [ 76154FA6A742C613B44BB636B1A7C057 ] BHDrvx86 C:\Windows\System32\Drivers\NIS\1008030.006\BHDrvx86.sys
22:35:05.0687 5256 BHDrvx86 - ok
22:35:05.0749 5256 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
22:35:05.0796 5256 BITS - ok
22:35:05.0827 5256 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:35:05.0858 5256 blbdrive - ok
22:35:05.0952 5256 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:35:05.0968 5256 Bonjour Service - ok
22:35:05.0999 5256 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:35:06.0046 5256 bowser - ok
22:35:06.0077 5256 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:35:06.0124 5256 BrFiltLo - ok
22:35:06.0139 5256 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:35:06.0170 5256 BrFiltUp - ok
22:35:06.0202 5256 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:35:06.0233 5256 Browser - ok
22:35:06.0264 5256 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:35:06.0404 5256 Brserid - ok
22:35:06.0451 5256 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:35:06.0498 5256 BrSerWdm - ok
22:35:06.0514 5256 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:35:06.0576 5256 BrUsbMdm - ok
22:35:06.0592 5256 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:35:06.0638 5256 BrUsbSer - ok
22:35:06.0654 5256 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:35:06.0716 5256 BTHMODEM - ok
22:35:06.0794 5256 [ 3182B846490DC4D71FABD4A8CB6B73EA ] ccHP C:\Windows\System32\Drivers\NIS\1008030.006\ccHPx86.sys
22:35:06.0826 5256 ccHP - ok
22:35:06.0857 5256 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:35:06.0888 5256 cdfs - ok
22:35:06.0919 5256 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:35:06.0950 5256 cdrom - ok
22:35:07.0013 5256 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
22:35:07.0044 5256 CertPropSvc - ok
22:35:07.0075 5256 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
22:35:07.0122 5256 circlass - ok
22:35:07.0169 5256 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
22:35:07.0200 5256 CLFS - ok
22:35:07.0262 5256 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:35:07.0262 5256 clr_optimization_v2.0.50727_32 - ok
22:35:07.0325 5256 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:35:07.0356 5256 clr_optimization_v4.0.30319_32 - ok
22:35:07.0418 5256 [ 09D38AEC081F064FD67B8B9C49790020 ] CltMngSvc C:\Program Files\SearchProtect\bin\CltMngSvc.exe
22:35:07.0434 5256 CltMngSvc - ok
22:35:07.0465 5256 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:35:07.0512 5256 CmBatt - ok
22:35:07.0528 5256 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:35:07.0543 5256 cmdide - ok
22:35:07.0543 5256 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:35:07.0559 5256 Compbatt - ok
22:35:07.0559 5256 COMSysApp - ok
22:35:07.0574 5256 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:35:07.0590 5256 crcdisk - ok
22:35:07.0606 5256 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:35:07.0652 5256 Crusoe - ok
22:35:07.0730 5256 [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:35:07.0777 5256 CryptSvc - ok
22:35:07.0933 5256 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:35:07.0996 5256 DcomLaunch - ok
22:35:08.0012 5256 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:35:08.0068 5256 DfsC - ok
22:35:08.0177 5256 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
22:35:08.0349 5256 DFSR - ok
22:35:08.0411 5256 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:35:08.0427 5256 Dhcp - ok
22:35:08.0489 5256 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
22:35:08.0505 5256 disk - ok
22:35:08.0567 5256 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:35:08.0630 5256 Dnscache - ok
22:35:08.0676 5256 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:35:08.0708 5256 dot3svc - ok
22:35:08.0739 5256 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:35:08.0770 5256 DPS - ok
22:35:08.0801 5256 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:35:08.0832 5256 drmkaud - ok
22:35:08.0942 5256 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:35:08.0973 5256 DXGKrnl - ok
22:35:09.0020 5256 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
22:35:09.0035 5256 e1express - ok
22:35:09.0066 5256 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:35:09.0113 5256 E1G60 - ok
22:35:09.0129 5256 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:35:09.0160 5256 EapHost - ok
22:35:09.0207 5256 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:35:09.0222 5256 Ecache - ok
22:35:09.0269 5256 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:35:09.0285 5256 eeCtrl - ok
22:35:09.0332 5256 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:35:09.0347 5256 elxstor - ok
22:35:09.0378 5256 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:35:09.0472 5256 EMDMgmt - ok
22:35:09.0472 5256 EraserUtilRebootDrv - ok
22:35:09.0503 5256 [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:35:09.0519 5256 ErrDev - ok
22:35:09.0566 5256 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
22:35:09.0612 5256 EventSystem - ok
22:35:09.0690 5256 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
22:35:09.0737 5256 exfat - ok
22:35:09.0800 5256 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:35:09.0831 5256 fastfat - ok
22:35:09.0846 5256 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:35:09.0893 5256 fdc - ok
22:35:09.0909 5256 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:35:09.0940 5256 fdPHost - ok
22:35:09.0971 5256 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:35:10.0002 5256 FDResPub - ok
22:35:10.0034 5256 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:35:10.0034 5256 FileInfo - ok
22:35:10.0065 5256 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:35:10.0096 5256 Filetrace - ok
22:35:10.0112 5256 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:35:10.0143 5256 flpydisk - ok
22:35:10.0174 5256 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:35:10.0190 5256 FltMgr - ok
22:35:10.0314 5256 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
22:35:10.0361 5256 FontCache - ok
22:35:10.0439 5256 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:35:10.0455 5256 FontCache3.0.0.0 - ok
22:35:10.0470 5256 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:35:10.0517 5256 Fs_Rec - ok
22:35:10.0533 5256 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:35:10.0564 5256 gagp30kx - ok
22:35:10.0626 5256 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:35:10.0642 5256 GEARAspiWDM - ok
22:35:10.0704 5256 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
22:35:10.0736 5256 gpsvc - ok
22:35:10.0814 5256 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:35:10.0845 5256 HDAudBus - ok
22:35:10.0892 5256 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:35:10.0954 5256 HidBth - ok
22:35:10.0970 5256 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:35:11.0032 5256 HidIr - ok
22:35:11.0079 5256 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
22:35:11.0110 5256 hidserv - ok
22:35:11.0157 5256 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:35:11.0188 5256 HidUsb - ok
22:35:11.0204 5256 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:35:11.0235 5256 hkmsvc - ok
22:35:11.0266 5256 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:35:11.0282 5256 HpCISSs - ok
22:35:11.0313 5256 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:35:11.0344 5256 HTTP - ok
22:35:11.0360 5256 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:35:11.0375 5256 i2omp - ok
22:35:11.0422 5256 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:35:11.0438 5256 i8042prt - ok
22:35:11.0469 5256 [ BAABB0301949774A66B955C65319635A ] iaStor C:\Windows\system32\drivers\iastor.sys
22:35:11.0484 5256 iaStor - ok
22:35:11.0500 5256 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:35:11.0531 5256 iaStorV - ok
22:35:11.0578 5256 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:35:11.0640 5256 idsvc - ok
22:35:11.0796 5256 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20130111.002\IDSvix86.sys
22:35:11.0812 5256 IDSVix86 - ok
22:35:11.0874 5256 [ 4C8D6C40A5743FD5624999E5EFA6E616 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
22:35:12.0015 5256 igfx - ok
22:35:12.0030 5256 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:35:12.0046 5256 iirsp - ok
22:35:12.0077 5256 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
22:35:12.0108 5256 IKEEXT - ok
22:35:12.0186 5256 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:35:12.0202 5256 intelide - ok
22:35:12.0218 5256 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:35:12.0249 5256 intelppm - ok
22:35:12.0280 5256 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:35:12.0311 5256 IPBusEnum - ok
22:35:12.0327 5256 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:35:12.0374 5256 IpFilterDriver - ok
22:35:12.0405 5256 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:35:12.0452 5256 iphlpsvc - ok
22:35:12.0467 5256 IpInIp - ok
22:35:12.0483 5256 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:35:12.0514 5256 IPMIDRV - ok
22:35:12.0530 5256 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:35:12.0561 5256 IPNAT - ok
22:35:12.0608 5256 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:35:12.0639 5256 iPod Service - ok
22:35:12.0654 5256 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:35:12.0701 5256 IRENUM - ok
22:35:12.0717 5256 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:35:12.0732 5256 isapnp - ok
22:35:12.0764 5256 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:35:12.0779 5256 iScsiPrt - ok
22:35:12.0810 5256 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:35:12.0826 5256 iteatapi - ok
22:35:12.0857 5256 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:35:12.0873 5256 iteraid - ok
22:35:12.0888 5256 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:35:12.0904 5256 kbdclass - ok
22:35:12.0951 5256 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:35:12.0998 5256 kbdhid - ok
22:35:13.0013 5256 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
22:35:13.0044 5256 KeyIso - ok
22:35:13.0061 5256 knmqmjhc - ok
22:35:13.0149 5256 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:35:13.0211 5256 KSecDD - ok
22:35:13.0258 5256 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:35:13.0289 5256 KtmRm - ok
22:35:13.0336 5256 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
22:35:13.0367 5256 LanmanServer - ok
22:35:13.0399 5256 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:35:13.0414 5256 LanmanWorkstation - ok
22:35:13.0461 5256 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:35:13.0492 5256 lltdio - ok
22:35:13.0555 5256 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:35:13.0617 5256 lltdsvc - ok
22:35:13.0633 5256 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:35:13.0679 5256 lmhosts - ok
22:35:13.0695 5256 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:35:13.0711 5256 LSI_FC - ok
22:35:13.0726 5256 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:35:13.0742 5256 LSI_SAS - ok
22:35:13.0757 5256 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:35:13.0773 5256 LSI_SCSI - ok
22:35:13.0789 5256 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:35:13.0820 5256 luafv - ok
22:35:13.0835 5256 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:35:13.0851 5256 megasas - ok
22:35:13.0882 5256 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:35:13.0898 5256 MegaSR - ok
22:35:13.0945 5256 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:35:13.0991 5256 MMCSS - ok
22:35:14.0007 5256 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:35:14.0038 5256 Modem - ok
22:35:14.0069 5256 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:35:14.0101 5256 monitor - ok
22:35:14.0147 5256 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
22:35:14.0179 5256 motmodem - ok
22:35:14.0194 5256 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:35:14.0210 5256 mouclass - ok
22:35:14.0225 5256 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:35:14.0272 5256 mouhid - ok
22:35:14.0303 5256 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:35:14.0319 5256 MountMgr - ok
22:35:14.0335 5256 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:35:14.0350 5256 mpio - ok
22:35:14.0381 5256 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:35:14.0397 5256 mpsdrv - ok
22:35:14.0444 5256 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:35:14.0459 5256 MpsSvc - ok
22:35:14.0475 5256 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:35:14.0491 5256 Mraid35x - ok
22:35:14.0537 5256 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:35:14.0553 5256 MRxDAV - ok
22:35:14.0584 5256 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:35:14.0631 5256 mrxsmb - ok
22:35:14.0647 5256 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:35:14.0678 5256 mrxsmb10 - ok
22:35:14.0693 5256 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:35:14.0725 5256 mrxsmb20 - ok
22:35:14.0740 5256 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
22:35:14.0756 5256 msahci - ok
22:35:14.0771 5256 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:35:14.0787 5256 msdsm - ok
22:35:14.0818 5256 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:35:14.0849 5256 MSDTC - ok
22:35:14.0896 5256 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:35:14.0927 5256 Msfs - ok
22:35:14.0990 5256 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:35:14.0990 5256 msisadrv - ok
22:35:15.0037 5256 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:35:15.0068 5256 MSiSCSI - ok
22:35:15.0083 5256 msiserver - ok
22:35:15.0099 5256 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:35:15.0130 5256 MSKSSRV - ok
22:35:15.0146 5256 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:35:15.0177 5256 MSPCLOCK - ok
22:35:15.0193 5256 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:35:15.0224 5256 MSPQM - ok
22:35:15.0271 5256 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:35:15.0286 5256 MsRPC - ok
22:35:15.0302 5256 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:35:15.0317 5256 mssmbios - ok
22:35:15.0333 5256 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:35:15.0364 5256 MSTEE - ok
22:35:15.0395 5256 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
22:35:15.0411 5256 Mup - ok
22:35:15.0442 5256 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
22:35:15.0473 5256 napagent - ok
22:35:15.0505 5256 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:35:15.0520 5256 NativeWifiP - ok
22:35:15.0614 5256 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130112.007\NAVENG.SYS
22:35:15.0629 5256 NAVENG - ok
22:35:15.0692 5256 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130112.007\NAVEX15.SYS
22:35:15.0754 5256 NAVEX15 - ok
22:35:15.0817 5256 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:35:15.0848 5256 NDIS - ok
22:35:15.0863 5256 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:35:15.0895 5256 NdisTapi - ok
22:35:15.0910 5256 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:35:15.0957 5256 Ndisuio - ok
22:35:16.0004 5256 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:35:16.0035 5256 NdisWan - ok
22:35:16.0035 5256 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:35:16.0097 5256 NDProxy - ok
22:35:16.0129 5256 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:35:16.0144 5256 NetBIOS - ok
22:35:16.0175 5256 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:35:16.0207 5256 netbt - ok
22:35:16.0222 5256 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
22:35:16.0238 5256 Netlogon - ok
22:35:16.0285 5256 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:35:16.0316 5256 Netman - ok
22:35:16.0347 5256 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:35:16.0363 5256 netprofm - ok
22:35:16.0425 5256 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:35:16.0441 5256 NetTcpPortSharing - ok
22:35:16.0472 5256 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:35:16.0487 5256 nfrd960 - ok
22:35:16.0519 5256 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:35:16.0550 5256 NlaSvc - ok
22:35:16.0659 5256 [ 64C89DB40949FD0E7C8FF303676A91F1 ] Norton Internet Security C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
22:35:16.0675 5256 Norton Internet Security - ok
22:35:16.0706 5256 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:35:16.0737 5256 Npfs - ok
22:35:16.0768 5256 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:35:16.0815 5256 nsi - ok
22:35:16.0846 5256 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:35:16.0877 5256 nsiproxy - ok
22:35:16.0924 5256 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:35:16.0987 5256 Ntfs - ok
22:35:17.0018 5256 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:35:17.0065 5256 ntrigdigi - ok
22:35:17.0080 5256 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:35:17.0111 5256 Null - ok
22:35:17.0127 5256 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:35:17.0143 5256 nvraid - ok
22:35:17.0158 5256 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:35:17.0174 5256 nvstor - ok
22:35:17.0174 5256 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:35:17.0189 5256 nv_agp - ok
22:35:17.0205 5256 NwlnkFlt - ok
22:35:17.0205 5256 NwlnkFwd - ok
22:35:17.0236 5256 [ F9BEED56D7FCDBD4924AC1E628261882 ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
22:35:17.0252 5256 O2FLASH - ok
22:35:17.0267 5256 [ 4F8D4B1233AF48B30F4FDC76A8865CFA ] O2MDGRDR C:\Windows\system32\DRIVERS\o2mdg.sys
22:35:17.0283 5256 O2MDGRDR - ok
22:35:17.0330 5256 [ 928B7612B65E82D68D489A1474C98B37 ] O2SDGRDR C:\Windows\system32\DRIVERS\o2sdg.sys
22:35:17.0330 5256 O2SDGRDR - ok
22:35:17.0361 5256 [ 86326062A90494BDD79CE383511D7D69 ] OEM13Vfx C:\Windows\system32\DRIVERS\OEM13Vfx.sys
22:35:17.0392 5256 OEM13Vfx - ok
22:35:17.0423 5256 [ 12539B57ED05DE7552403A12B3E0161C ] OEM13Vid C:\Windows\system32\DRIVERS\OEM13Vid.sys
22:35:17.0439 5256 OEM13Vid - ok
22:35:17.0486 5256 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:35:17.0501 5256 ohci1394 - ok
22:35:17.0564 5256 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:35:17.0579 5256 ose - ok
22:35:17.0969 5256 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:35:18.0536 5256 osppsvc - ok
22:35:18.0598 5256 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:35:18.0708 5256 p2pimsvc - ok
22:35:18.0723 5256 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
22:35:18.0754 5256 p2psvc - ok
22:35:18.0786 5256 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:35:18.0848 5256 Parport - ok
22:35:18.0879 5256 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:35:18.0895 5256 partmgr - ok
22:35:18.0910 5256 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:35:18.0957 5256 Parvdm - ok
22:35:19.0035 5256 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:35:19.0051 5256 PcaSvc - ok
22:35:19.0098 5256 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
22:35:19.0113 5256 pci - ok
22:35:19.0129 5256 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
22:35:19.0144 5256 pciide - ok
22:35:19.0176 5256 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:35:19.0191 5256 pcmcia - ok
22:35:19.0222 5256 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:35:19.0300 5256 PEAUTH - ok
22:35:19.0472 5256 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:35:19.0534 5256 pla - ok
22:35:19.0581 5256 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:35:19.0628 5256 PlugPlay - ok
22:35:19.0659 5256 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:35:19.0706 5256 PNRPAutoReg - ok
22:35:19.0737 5256 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:35:19.0753 5256 PNRPsvc - ok
22:35:19.0800 5256 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:35:19.0831 5256 PolicyAgent - ok
22:35:19.0862 5256 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:35:19.0909 5256 PptpMiniport - ok
22:35:19.0956 5256 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:35:19.0987 5256 Processor - ok
22:35:20.0065 5256 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
22:35:20.0112 5256 ProfSvc - ok
22:35:20.0143 5256 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:35:20.0158 5256 ProtectedStorage - ok
22:35:20.0190 5256 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:35:20.0221 5256 PSched - ok
22:35:20.0252 5256 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
22:35:20.0268 5256 PxHelp20 - ok
22:35:20.0314 5256 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:35:20.0361 5256 ql2300 - ok
22:35:20.0392 5256 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:35:20.0408 5256 ql40xx - ok
22:35:20.0439 5256 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:35:20.0470 5256 QWAVE - ok
22:35:20.0486 5256 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:35:20.0502 5256 QWAVEdrv - ok
22:35:20.0548 5256 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
22:35:20.0751 5256 R300 - ok
22:35:20.0767 5256 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:35:20.0798 5256 RasAcd - ok
22:35:20.0829 5256 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:35:20.0892 5256 RasAuto - ok
22:35:20.0907 5256 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:35:20.0938 5256 Rasl2tp - ok
22:35:20.0985 5256 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
22:35:21.0001 5256 RasMan - ok
22:35:21.0032 5256 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:35:21.0063 5256 RasPppoe - ok
22:35:21.0079 5256 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:35:21.0094 5256 RasSstp - ok
22:35:21.0126 5256 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:35:21.0172 5256 rdbss - ok
22:35:21.0172 5256 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:35:21.0219 5256 RDPCDD - ok
22:35:21.0235 5256 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:35:21.0266 5256 rdpdr - ok
22:35:21.0266 5256 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:35:21.0313 5256 RDPENCDD - ok
22:35:21.0360 5256 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:35:21.0406 5256 RDPWD - ok
22:35:21.0438 5256 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:35:21.0453 5256 RemoteAccess - ok
22:35:21.0531 5256 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:35:21.0562 5256 RemoteRegistry - ok
22:35:21.0578 5256 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:35:21.0609 5256 RpcLocator - ok
22:35:21.0640 5256 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
22:35:21.0656 5256 RpcSs - ok
22:35:21.0703 5256 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:35:21.0765 5256 rspndr - ok
22:35:21.0796 5256 [ 53892CBD9735A80712EE9439268344B4 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
22:35:21.0859 5256 RTL8169 - ok
22:35:21.0859 5256 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
22:35:21.0874 5256 SamSs - ok
22:35:21.0906 5256 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:35:21.0921 5256 sbp2port - ok
22:35:21.0952 5256 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:35:21.0984 5256 SCardSvr - ok
22:35:22.0015 5256 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
22:35:22.0046 5256 Schedule - ok
22:35:22.0062 5256 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:35:22.0077 5256 SCPolicySvc - ok
22:35:22.0124 5256 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:35:22.0186 5256 SDRSVC - ok
22:35:22.0202 5256 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:35:22.0233 5256 secdrv - ok
22:35:22.0249 5256 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:35:22.0280 5256 seclogon - ok
22:35:22.0327 5256 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
22:35:22.0389 5256 SENS - ok
22:35:22.0452 5256 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:35:22.0498 5256 Serenum - ok
22:35:22.0561 5256 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:35:22.0608 5256 Serial - ok
22:35:22.0623 5256 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:35:22.0670 5256 sermouse - ok
22:35:22.0701 5256 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:35:22.0748 5256 SessionEnv - ok
22:35:22.0779 5256 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:35:22.0795 5256 sffdisk - ok
22:35:22.0826 5256 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:35:22.0857 5256 sffp_mmc - ok
22:35:22.0873 5256 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:35:22.0904 5256 sffp_sd - ok
22:35:22.0920 5256 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:35:22.0966 5256 sfloppy - ok
22:35:23.0013 5256 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:35:23.0076 5256 SharedAccess - ok
22:35:23.0107 5256 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:35:23.0154 5256 ShellHWDetection - ok
22:35:23.0155 5256 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:35:23.0159 5256 sisagp - ok
22:35:23.0197 5256 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:35:23.0212 5256 SiSRaid2 - ok
22:35:23.0244 5256 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:35:23.0244 5256 SiSRaid4 - ok
22:35:24.0055 5256 [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:35:24.0148 5256 Skype C2C Service - ok
22:35:24.0273 5256 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:35:24.0273 5256 SkypeUpdate - ok
22:35:24.0554 5256 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
22:35:24.0679 5256 slsvc - ok
22:35:24.0726 5256 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:35:24.0741 5256 SLUINotify - ok
22:35:24.0819 5256 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:35:24.0882 5256 Smb - ok
22:35:24.0960 5256 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:35:24.0975 5256 SNMPTRAP - ok
22:35:25.0006 5256 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:35:25.0022 5256 spldr - ok
22:35:25.0053 5256 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:35:25.0069 5256 Spooler - ok
22:35:25.0116 5256 [ E81F6CAEAB9AD5732E94C07C97866AA2 ] SRTSP C:\Windows\System32\Drivers\NIS\1008030.006\SRTSP.SYS
22:35:25.0147 5256 SRTSP - ok
22:35:25.0162 5256 [ E28DE499D942B08058BFFAC69D4122B6 ] SRTSPX C:\Windows\system32\drivers\NIS\1008030.006\SRTSPX.SYS
22:35:25.0178 5256 SRTSPX - ok
22:35:25.0209 5256 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:35:25.0256 5256 srv - ok
22:35:25.0287 5256 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:35:25.0334 5256 srv2 - ok
22:35:25.0365 5256 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:35:25.0396 5256 srvnet - ok
22:35:25.0412 5256 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:35:25.0443 5256 SSDPSRV - ok
22:35:25.0474 5256 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:35:25.0490 5256 SstpSvc - ok
22:35:25.0599 5256 [ D5D40F1A7357595EA9CCF83914D0FE8D ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\STacSV.exe
22:35:25.0599 5256 STacSV - ok
22:35:25.0662 5256 [ 5DB6772707388E1DE4D79D2025E7EF0C ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
22:35:25.0724 5256 STHDA - ok
22:35:25.0771 5256 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
22:35:25.0802 5256 stisvc - ok
22:35:25.0864 5256 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:35:25.0880 5256 stllssvr ( UnsignedFile.Multi.Generic ) - warning
22:35:25.0880 5256 stllssvr - detected UnsignedFile.Multi.Generic (1)
22:35:25.0911 5256 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:35:25.0927 5256 swenum - ok
22:35:26.0020 5256 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
22:35:26.0083 5256 swprv - ok
22:35:26.0098 5256 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:35:26.0114 5256 Symc8xx - ok
22:35:26.0130 5256 SYMDNS - ok
22:35:26.0161 5256 [ D0885F6E24259A6C65E68D6AD749910A ] SymEFA C:\Windows\system32\drivers\NIS\1008030.006\SYMEFA.SYS
22:35:26.0176 5256 SymEFA - ok
22:35:26.0208 5256 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
22:35:26.0223 5256 SymEvent - ok
22:35:26.0270 5256 [ A8C45C36309EE066F9191E511F88ED76 ] SYMFW C:\Windows\System32\Drivers\NIS\1008030.006\SYMFW.SYS
22:35:26.0286 5256 SYMFW - ok
22:35:26.0348 5256 [ 34F1C9D5DCC19DF1E824D6B73767B8AF ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys
22:35:26.0364 5256 SymIM - ok
22:35:26.0426 5256 [ D8B16289F39B63456F48EA95243A788A ] SYMNDISV C:\Windows\System32\Drivers\NIS\1008030.006\SYMNDISV.SYS
22:35:26.0442 5256 SYMNDISV - ok
22:35:26.0457 5256 SYMREDRV - ok
22:35:26.0473 5256 [ 26BC80EC79D7BA478249C266CBDF17B4 ] SYMTDI C:\Windows\System32\Drivers\NIS\1008030.006\SYMTDI.SYS
22:35:26.0488 5256 SYMTDI - ok
22:35:26.0520 5256 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:35:26.0535 5256 Sym_hi - ok
22:35:26.0598 5256 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:35:26.0613 5256 Sym_u3 - ok
22:35:26.0644 5256 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
22:35:26.0691 5256 SysMain - ok
22:35:26.0722 5256 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:35:26.0722 5256 TabletInputService - ok
22:35:26.0785 5256 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:35:26.0800 5256 TapiSrv - ok
22:35:26.0894 5256 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:35:26.0956 5256 TBS - ok
22:35:27.0019 5256 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:35:27.0066 5256 Tcpip - ok
22:35:27.0112 5256 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:35:27.0128 5256 Tcpip6 - ok
22:35:27.0206 5256 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:35:27.0253 5256 tcpipreg - ok
22:35:27.0346 5256 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:35:27.0378 5256 TDPIPE - ok
22:35:27.0393 5256 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:35:27.0456 5256 TDTCP - ok
22:35:27.0502 5256 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:35:27.0518 5256 tdx - ok
22:35:27.0596 5256 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:35:27.0612 5256 TermDD - ok
22:35:27.0674 5256 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
22:35:27.0721 5256 TermService - ok
22:35:27.0768 5256 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
22:35:27.0783 5256 Themes - ok
22:35:27.0892 5256 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:35:27.0924 5256 THREADORDER - ok
22:35:27.0939 5256 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:35:28.0033 5256 TrkWks - ok
22:35:28.0095 5256 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:35:28.0111 5256 TrustedInstaller - ok
22:35:28.0158 5256 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:35:28.0189 5256 tssecsrv - ok
22:35:28.0258 5256 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:35:28.0289 5256 tunmp - ok
22:35:28.0336 5256 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:35:28.0352 5256 tunnel - ok
22:35:28.0367 5256 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:35:28.0383 5256 uagp35 - ok
22:35:28.0414 5256 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:35:28.0445 5256 udfs - ok
22:35:28.0477 5256 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:35:28.0508 5256 UI0Detect - ok
22:35:28.0523 5256 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:35:28.0539 5256 uliagpkx - ok
22:35:28.0570 5256 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:35:28.0601 5256 uliahci - ok
22:35:28.0617 5256 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:35:28.0633 5256 UlSata - ok
22:35:28.0648 5256 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:35:28.0664 5256 ulsata2 - ok
22:35:28.0679 5256 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:35:28.0711 5256 umbus - ok
22:35:28.0773 5256 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:35:28.0804 5256 upnphost - ok
22:35:28.0851 5256 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
22:35:28.0913 5256 USBAAPL - ok
22:35:28.0945 5256 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:35:28.0960 5256 usbccgp - ok
22:35:29.0007 5256 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:35:29.0101 5256 usbcir - ok
22:35:29.0116 5256 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:35:29.0132 5256 usbehci - ok
22:35:29.0288 5256 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:35:29.0319 5256 usbhub - ok
22:35:29.0335 5256 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:35:29.0366 5256 usbohci - ok
22:35:29.0428 5256 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:35:29.0506 5256 usbprint - ok
22:35:29.0537 5256 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:35:29.0553 5256 USBSTOR - ok
22:35:29.0600 5256 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:35:29.0631 5256 usbuhci - ok
22:35:29.0756 5256 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
22:35:29.0771 5256 UxSms - ok
22:35:29.0834 5256 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
22:35:29.0896 5256 vds - ok
22:35:29.0943 5256 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:35:29.0974 5256 vga - ok
22:35:30.0005 5256 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:35:30.0052 5256 VgaSave - ok
22:35:30.0083 5256 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:35:30.0099 5256 viaagp - ok
22:35:30.0130 5256 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:35:30.0161 5256 ViaC7 - ok
22:35:30.0177 5256 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:35:30.0193 5256 viaide - ok
22:35:30.0239 5256 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:35:30.0255 5256 volmgr - ok
22:35:30.0333 5256 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:35:30.0349 5256 volmgrx - ok
22:35:30.0364 5256 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:35:30.0395 5256 volsnap - ok
22:35:30.0411 5256 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:35:30.0427 5256 vsmraid - ok
22:35:30.0645 5256 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
22:35:30.0676 5256 VSS - ok
22:35:30.0723 5256 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
22:35:30.0754 5256 W32Time - ok
22:35:30.0785 5256 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:35:30.0817 5256 WacomPen - ok
22:35:30.0879 5256 [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater C:\Program Files\Wajam\Updater\WajamUpdater.exe
22:35:30.0910 5256 WajamUpdater ( UnsignedFile.Multi.Generic ) - warning
22:35:30.0910 5256 WajamUpdater - detected UnsignedFile.Multi.Generic (1)
22:35:30.0926 5256 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:35:30.0941 5256 Wanarp - ok
22:35:30.0957 5256 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:35:30.0973 5256 Wanarpv6 - ok
22:35:31.0035 5256 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:35:31.0113 5256 wcncsvc - ok
22:35:31.0144 5256 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:35:31.0175 5256 WcsPlugInService - ok
22:35:31.0222 5256 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:35:31.0222 5256 Wd - ok
22:35:31.0253 5256 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:35:31.0285 5256 Wdf01000 - ok
22:35:31.0300 5256 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:35:31.0425 5256 WdiServiceHost - ok
22:35:31.0425 5256 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:35:31.0456 5256 WdiSystemHost - ok
22:35:31.0519 5256 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
22:35:31.0550 5256 WebClient - ok
22:35:31.0565 5256 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:35:31.0612 5256 Wecsvc - ok
22:35:31.0628 5256 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:35:31.0659 5256 wercplsupport - ok
22:35:31.0690 5256 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
22:35:31.0706 5256 WerSvc - ok
22:35:31.0784 5256 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:35:31.0799 5256 WinDefend - ok
22:35:31.0815 5256 WinHttpAutoProxySvc - ok
22:35:32.0065 5256 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:35:32.0080 5256 Winmgmt - ok
22:35:32.0221 5256 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:35:32.0283 5256 WinRM - ok
22:35:32.0330 5256 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:35:32.0486 5256 Wlansvc - ok
22:35:32.0486 5256 wltrysvc - ok
22:35:32.0517 5256 [ 48CA581C12022AC60FE82E2B96FBF5D4 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:35:32.0533 5256 WmiAcpi - ok
22:35:32.0579 5256 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:35:32.0595 5256 wmiApSrv - ok
22:35:32.0751 5256 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:35:32.0829 5256 WMPNetworkSvc - ok
22:35:32.0829 5256 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:35:32.0860 5256 WPCSvc - ok
22:35:32.0891 5256 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:35:32.0954 5256 WPDBusEnum - ok
22:35:32.0985 5256 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:35:33.0001 5256 WpdUsb - ok
22:35:33.0235 5256 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:35:33.0250 5256 WPFFontCache_v0400 - ok
22:35:33.0321 5256 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:35:33.0352 5256 ws2ifsl - ok
22:35:33.0399 5256 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
22:35:33.0414 5256 wscsvc - ok
22:35:33.0414 5256 WSearch - ok
22:35:33.0586 5256 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:35:33.0711 5256 wuauserv - ok
22:35:33.0742 5256 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:35:33.0773 5256 WudfPf - ok
22:35:33.0804 5256 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:35:33.0820 5256 WUDFRd - ok
22:35:33.0867 5256 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:35:33.0898 5256 wudfsvc - ok
22:35:33.0898 5256 ================ Scan global ===============================
22:35:33.0929 5256 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:35:33.0991 5256 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
22:35:34.0038 5256 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
22:35:34.0179 5256 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:35:34.0179 5256 [Global] - ok
22:35:34.0194 5256 ================ Scan MBR ==================================
22:35:34.0225 5256 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
22:35:40.0726 5256 \Device\Harddisk0\DR0 - ok
22:35:40.0742 5256 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:35:41.0007 5256 \Device\Harddisk1\DR1 - ok
22:35:41.0007 5256 ================ Scan VBR ==================================
22:35:41.0054 5256 [ 9B095B97E9D25AE3E70215D19AD73FDA ] \Device\Harddisk0\DR0\Partition1
22:35:41.0054 5256 \Device\Harddisk0\DR0\Partition1 - ok
22:35:41.0085 5256 [ AC82CD2E6118B18995D858CD74781C86 ] \Device\Harddisk0\DR0\Partition2
22:35:41.0085 5256 \Device\Harddisk0\DR0\Partition2 - ok
22:35:41.0085 5256 [ 6756ADEC316FC56CA9B11201DCA1D8D2 ] \Device\Harddisk1\DR1\Partition1
22:35:41.0085 5256 \Device\Harddisk1\DR1\Partition1 - ok
22:35:41.0085 5256 ================ Scan active images ========================
22:35:41.0100 5256 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys
22:35:41.0100 5256 C:\Windows\System32\drivers\crashdmp.sys - ok
22:35:41.0100 5256 [ BAABB0301949774A66B955C65319635A ] C:\Windows\System32\drivers\iaStor.sys
22:35:41.0100 5256 C:\Windows\System32\drivers\iaStor.sys - ok
22:35:41.0100 5256 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS
22:35:41.0100 5256 C:\Windows\System32\drivers\TUNMP.SYS - ok
22:35:41.0116 5256 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys
22:35:41.0116 5256 C:\Windows\System32\drivers\tunnel.sys - ok
22:35:41.0116 5256 [ 4C8D6C40A5743FD5624999E5EFA6E616 ] C:\Windows\System32\drivers\igdkmd32.sys
22:35:41.0116 5256 C:\Windows\System32\drivers\igdkmd32.sys - ok
22:35:41.0132 5256 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] C:\Windows\System32\drivers\dxgkrnl.sys
22:35:41.0132 5256 C:\Windows\System32\drivers\dxgkrnl.sys - ok
22:35:41.0132 5256 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys
22:35:41.0132 5256 C:\Windows\System32\drivers\watchdog.sys - ok
22:35:41.0132 5256 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys
22:35:41.0132 5256 C:\Windows\System32\drivers\usbport.sys - ok
22:35:41.0147 5256 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys
22:35:41.0147 5256 C:\Windows\System32\drivers\usbuhci.sys - ok
22:35:41.0147 5256 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys
22:35:41.0147 5256 C:\Windows\System32\drivers\usbehci.sys - ok
22:35:41.0163 5256 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys
22:35:41.0163 5256 C:\Windows\System32\drivers\hdaudbus.sys - ok
22:35:41.0163 5256 [ 53892CBD9735A80712EE9439268344B4 ] C:\Windows\System32\drivers\Rtlh86.sys
22:35:41.0163 5256 C:\Windows\System32\drivers\Rtlh86.sys - ok
22:35:41.0178 5256 [ FA6707A346CD122407F3B0BAD1C47639 ] C:\Windows\System32\drivers\BCMWL6.SYS
22:35:41.0178 5256 C:\Windows\System32\drivers\BCMWL6.SYS - ok
22:35:41.0178 5256 [ 0349BE02F329F4F48F1D48097FD65974 ] C:\Windows\System32\drivers\1394bus.sys
22:35:41.0178 5256 C:\Windows\System32\drivers\1394bus.sys - ok
22:35:41.0194 5256 [ 6F310E890D46E246E0E261A63D9B36B4 ] C:\Windows\System32\drivers\ohci1394.sys
22:35:41.0194 5256 C:\Windows\System32\drivers\ohci1394.sys - ok
22:35:41.0210 5256 [ 928B7612B65E82D68D489A1474C98B37 ] C:\Windows\System32\drivers\o2sdg.sys
22:35:41.0210 5256 C:\Windows\System32\drivers\o2sdg.sys - ok
22:35:41.0210 5256 [ 6F5CA34AE885645ACF8A20D564DB976C ] C:\Windows\System32\drivers\scsiport.sys
22:35:41.0210 5256 C:\Windows\System32\drivers\scsiport.sys - ok
22:35:41.0225 5256 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] C:\Windows\System32\drivers\CmBatt.sys
22:35:41.0225 5256 C:\Windows\System32\drivers\CmBatt.sys - ok
22:35:41.0225 5256 [ 4F8D4B1233AF48B30F4FDC76A8865CFA ] C:\Windows\System32\drivers\o2mdg.sys
22:35:41.0225 5256 C:\Windows\System32\drivers\o2mdg.sys - ok
22:35:41.0241 5256 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\Windows\System32\drivers\i8042prt.sys
22:35:41.0241 5256 C:\Windows\System32\drivers\i8042prt.sys - ok
22:35:41.0241 5256 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys
22:35:41.0241 5256 C:\Windows\System32\drivers\kbdclass.sys - ok
22:35:41.0241 5256 [ FB7C669774FFCACD77B5969EE5D9A19B ] C:\Windows\System32\drivers\Apfiltr.sys
22:35:41.0241 5256 C:\Windows\System32\drivers\Apfiltr.sys - ok
22:35:41.0256 5256 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys
22:35:41.0256 5256 C:\Windows\System32\drivers\cdrom.sys - ok
22:35:41.0256 5256 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys
22:35:41.0256 5256 C:\Windows\System32\drivers\mouclass.sys - ok
22:35:41.0256 5256 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys
22:35:41.0256 5256 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
22:35:41.0272 5256 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys
22:35:41.0272 5256 C:\Windows\System32\drivers\intelppm.sys - ok
22:35:41.0272 5256 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys
22:35:41.0272 5256 C:\Windows\System32\drivers\msiscsi.sys - ok
22:35:41.0272 5256 [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\Windows\System32\drivers\Storport.sys
22:35:41.0272 5256 C:\Windows\System32\drivers\Storport.sys - ok
22:35:41.0288 5256 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys
22:35:41.0288 5256 C:\Windows\System32\drivers\tdi.sys - ok
22:35:41.0288 5256 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys
22:35:41.0288 5256 C:\Windows\System32\drivers\ndistapi.sys - ok
22:35:41.0288 5256 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys
22:35:41.0288 5256 C:\Windows\System32\drivers\rasl2tp.sys - ok
22:35:41.0303 5256 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys
22:35:41.0303 5256 C:\Windows\System32\drivers\ndiswan.sys - ok
22:35:41.0303 5256 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys
22:35:41.0303 5256 C:\Windows\System32\drivers\raspppoe.sys - ok
22:35:41.0319 5256 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys
22:35:41.0319 5256 C:\Windows\System32\drivers\raspptp.sys - ok
22:35:41.0319 5256 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys
22:35:41.0319 5256 C:\Windows\System32\drivers\rassstp.sys - ok
22:35:41.0319 5256 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys
22:35:41.0319 5256 C:\Windows\System32\drivers\termdd.sys - ok
22:35:41.0334 5256 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys
22:35:41.0334 5256 C:\Windows\System32\drivers\ks.sys - ok
22:35:41.0334 5256 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys
22:35:41.0334 5256 C:\Windows\System32\drivers\swenum.sys - ok
22:35:41.0334 5256 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys
22:35:41.0334 5256 C:\Windows\System32\drivers\mssmbios.sys - ok
22:35:41.0350 5256 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys
22:35:41.0350 5256 C:\Windows\System32\drivers\umbus.sys - ok
22:35:41.0350 5256 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys
22:35:41.0350 5256 C:\Windows\System32\drivers\usbhub.sys - ok
22:35:41.0350 5256 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys
22:35:41.0350 5256 C:\Windows\System32\drivers\ndproxy.sys - ok
22:35:41.0366 5256 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys
22:35:41.0366 5256 C:\Windows\System32\drivers\drmk.sys - ok
22:35:41.0366 5256 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys
22:35:41.0366 5256 C:\Windows\System32\drivers\portcls.sys - ok
22:35:41.0366 5256 [ 5DB6772707388E1DE4D79D2025E7EF0C ] C:\Windows\System32\drivers\stwrt.sys
22:35:41.0366 5256 C:\Windows\System32\drivers\stwrt.sys - ok
22:35:41.0397 5256 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys
22:35:41.0397 5256 C:\Windows\System32\drivers\fs_rec.sys - ok
22:35:41.0397 5256 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys
22:35:41.0397 5256 C:\Windows\System32\drivers\null.sys - ok
22:35:41.0397 5256 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys
22:35:41.0397 5256 C:\Windows\System32\drivers\beep.sys - ok
22:35:41.0412 5256 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys
22:35:41.0412 5256 C:\Windows\System32\drivers\hidparse.sys - ok
22:35:41.0412 5256 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\Windows\System32\drivers\kbdhid.sys
22:35:41.0412 5256 C:\Windows\System32\drivers\kbdhid.sys - ok
22:35:41.0428 5256 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys
22:35:41.0428 5256 C:\Windows\System32\drivers\vga.sys - ok
22:35:41.0428 5256 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys
22:35:41.0428 5256 C:\Windows\System32\drivers\videoprt.sys - ok
22:35:41.0428 5256 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys
22:35:41.0428 5256 C:\Windows\System32\drivers\RDPCDD.sys - ok
22:35:41.0444 5256 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys
22:35:41.0444 5256 C:\Windows\System32\drivers\RDPENCDD.sys - ok
22:35:41.0444 5256 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys
22:35:41.0444 5256 C:\Windows\System32\drivers\msfs.sys - ok
22:35:41.0459 5256 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys
22:35:41.0459 5256 C:\Windows\System32\drivers\npfs.sys - ok
22:35:41.0459 5256 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys
22:35:41.0459 5256 C:\Windows\System32\drivers\rasacd.sys - ok
22:35:41.0475 5256 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys
22:35:41.0475 5256 C:\Windows\System32\drivers\tdx.sys - ok
22:35:41.0475 5256 [ 26BC80EC79D7BA478249C266CBDF17B4 ] C:\Windows\System32\drivers\NIS\1008030.006\symtdi.sys
22:35:41.0475 5256 C:\Windows\System32\drivers\NIS\1008030.006\symtdi.sys - ok
22:35:41.0475 5256 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] C:\Windows\System32\drivers\SYMEVENT.SYS
22:35:41.0475 5256 C:\Windows\System32\drivers\SYMEVENT.SYS - ok
22:35:41.0490 5256 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys
22:35:41.0490 5256 C:\Windows\System32\drivers\smb.sys - ok
22:35:41.0490 5256 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys
22:35:41.0490 5256 C:\Windows\System32\drivers\afd.sys - ok
22:35:41.0506 5256 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\Windows\System32\drivers\netbt.sys
22:35:41.0506 5256 C:\Windows\System32\drivers\netbt.sys - ok
22:35:41.0506 5256 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys
22:35:41.0506 5256 C:\Windows\System32\drivers\pacer.sys - ok
22:35:41.0506 5256 [ 34F1C9D5DCC19DF1E824D6B73767B8AF ] C:\Windows\System32\drivers\SymIMV.sys
22:35:41.0506 5256 C:\Windows\System32\drivers\SymIMV.sys - ok
22:35:41.0522 5256 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys
22:35:41.0522 5256 C:\Windows\System32\drivers\netbios.sys - ok
22:35:41.0522 5256 [ E28DE499D942B08058BFFAC69D4122B6 ] C:\Windows\System32\drivers\NIS\1008030.006\srtspx.sys
22:35:41.0522 5256 C:\Windows\System32\drivers\NIS\1008030.006\srtspx.sys - ok
22:35:41.0537 5256 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys
22:35:41.0537 5256 C:\Windows\System32\drivers\wanarp.sys - ok
22:35:41.0537 5256 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys
22:35:41.0537 5256 C:\Windows\System32\drivers\rdbss.sys - ok
22:35:41.0537 5256 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys
22:35:41.0537 5256 C:\Windows\System32\drivers\nsiproxy.sys - ok
22:35:41.0553 5256 [ 404FB2AAF532BC7BBACC8880BE401C74 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130111.002\IDSvix86.sys
22:35:41.0553 5256 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130111.002\IDSvix86.sys - ok
22:35:41.0553 5256 [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:35:41.0553 5256 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
22:35:41.0568 5256 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys
22:35:41.0568 5256 C:\Windows\System32\drivers\usbd.sys - ok
22:35:41.0568 5256 [ BE3DA31C191BC222D9AD503C5224F2AD ] C:\Windows\System32\drivers\USBSTOR.SYS
22:35:41.0568 5256 C:\Windows\System32\drivers\USBSTOR.SYS - ok
22:35:41.0584 5256 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys
22:35:41.0584 5256 C:\Windows\System32\drivers\dfsc.sys - ok
22:35:41.0584 5256 [ 3182B846490DC4D71FABD4A8CB6B73EA ] C:\Windows\System32\drivers\NIS\1008030.006\cchpx86.sys
22:35:41.0584 5256 C:\Windows\System32\drivers\NIS\1008030.006\cchpx86.sys - ok
22:35:41.0584 5256 [ 76154FA6A742C613B44BB636B1A7C057 ] C:\Windows\System32\drivers\NIS\1008030.006\BHDrvx86.sys
22:35:41.0584 5256 C:\Windows\System32\drivers\NIS\1008030.006\BHDrvx86.sys - ok
22:35:41.0600 5256 [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys
22:35:41.0600 5256 C:\Windows\System32\drivers\usbccgp.sys - ok
22:35:41.0600 5256 [ 86326062A90494BDD79CE383511D7D69 ] C:\Windows\System32\drivers\OEM13Vfx.sys
22:35:41.0600 5256 C:\Windows\System32\drivers\OEM13Vfx.sys - ok
22:35:41.0615 5256 [ 12539B57ED05DE7552403A12B3E0161C ] C:\Windows\System32\drivers\OEM13Vid.sys
22:35:41.0615 5256 C:\Windows\System32\drivers\OEM13Vid.sys - ok
22:35:41.0615 5256 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll
22:35:41.0615 5256 C:\Windows\System32\ntdll.dll - ok
22:35:41.0615 5256 [ BE7480C91E89EB82FC080F772C220AE4 ] C:\Windows\System32\smss.exe
22:35:41.0615 5256 C:\Windows\System32\smss.exe - ok
22:35:41.0631 5256 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe
22:35:41.0631 5256 C:\Windows\System32\autochk.exe - ok
22:35:41.0631 5256 [ 1E9B9A70D332103C52995E957DC09EF8 ] C:\Windows\System32\drivers\fastfat.sys
22:35:41.0631 5256 C:\Windows\System32\drivers\fastfat.sys - ok
22:35:41.0646 5256 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys
22:35:41.0646 5256 C:\Windows\System32\drivers\cdfs.sys - ok
22:35:41.0646 5256 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll
22:35:41.0646 5256 C:\Windows\System32\Wldap32.dll - ok
22:35:41.0646 5256 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll
22:35:41.0646 5256 C:\Windows\System32\imagehlp.dll - ok
22:35:41.0662 5256 [ 71D8D1FD4989932674CD1F5743191286 ] C:\Windows\System32\urlmon.dll
22:35:41.0662 5256 C:\Windows\System32\urlmon.dll - ok
22:35:41.0662 5256 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll
22:35:41.0662 5256 C:\Windows\System32\oleaut32.dll - ok
22:35:41.0678 5256 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll
22:35:41.0678 5256 C:\Windows\System32\msvcrt.dll - ok
22:35:41.0678 5256 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll
22:35:41.0678 5256 C:\Windows\System32\clbcatq.dll - ok
22:35:41.0678 5256 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll
22:35:41.0678 5256 C:\Windows\System32\msctf.dll - ok
22:35:41.0693 5256 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll
22:35:41.0693 5256 C:\Windows\System32\nsi.dll - ok
22:35:41.0693 5256 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll
22:35:41.0693 5256 C:\Windows\System32\ole32.dll - ok
22:35:41.0709 5256 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll
22:35:41.0709 5256 C:\Windows\System32\user32.dll - ok
22:35:41.0709 5256 [ 6057AA7FDF03309A18FAE4E9FCFE7D8F ] C:\Windows\System32\iertutil.dll
22:35:41.0709 5256 C:\Windows\System32\iertutil.dll - ok
22:35:41.0709 5256 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll
22:35:41.0709 5256 C:\Windows\System32\setupapi.dll - ok
22:35:41.0724 5256 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
22:35:41.0724 5256 C:\Windows\System32\normaliz.dll - ok
22:35:41.0724 5256 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll
22:35:41.0724 5256 C:\Windows\System32\rpcrt4.dll - ok
22:35:41.0740 5256 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll
22:35:41.0740 5256 C:\Windows\System32\shell32.dll - ok
22:35:41.0740 5256 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\Windows\System32\kernel32.dll
22:35:41.0740 5256 C:\Windows\System32\kernel32.dll - ok
22:35:41.0740 5256 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll
22:35:41.0740 5256 C:\Windows\System32\imm32.dll - ok
22:35:41.0756 5256 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll
22:35:41.0756 5256 C:\Windows\System32\usp10.dll - ok
22:35:41.0756 5256 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll
22:35:41.0756 5256 C:\Windows\System32\comdlg32.dll - ok
22:35:41.0771 5256 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll
22:35:41.0771 5256 C:\Windows\System32\lpk.dll - ok
22:35:41.0771 5256 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll
22:35:41.0771 5256 C:\Windows\System32\advapi32.dll - ok
22:35:41.0771 5256 [ 420B075CD71AB9E58D15DD258958FBA3 ] C:\Windows\System32\shlwapi.dll
22:35:41.0771 5256 C:\Windows\System32\shlwapi.dll - ok
22:35:41.0787 5256 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll
22:35:41.0787 5256 C:\Windows\System32\ws2_32.dll - ok
22:35:41.0787 5256 [ 6A25377A76479A0C0BF3DB6FC42FE09A ] C:\Windows\System32\wininet.dll
22:35:41.0787 5256 C:\Windows\System32\wininet.dll - ok
22:35:41.0787 5256 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll
22:35:41.0787 5256 C:\Windows\System32\gdi32.dll - ok
22:35:41.0802 5256 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll
22:35:41.0802 5256 C:\Windows\System32\comctl32.dll - ok
22:35:41.0802 5256 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
22:35:41.0802 5256 C:\Windows\System32\psapi.dll - ok
22:35:41.0802 5256 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys
22:35:41.0802 5256 C:\Windows\System32\drivers\dxapi.sys - ok
22:35:41.0818 5256 [ C2DD5271193B4CCF11D63319DA0CA7AE ] C:\Windows\System32\win32k.sys
22:35:41.0818 5256 C:\Windows\System32\win32k.sys - ok
22:35:41.0818 5256 [ 33F84B64D4765BCDFA0AB8464122DA14 ] C:\Windows\System32\csrsrv.dll
22:35:41.0818 5256 C:\Windows\System32\csrsrv.dll - ok
22:35:41.0818 5256 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe
22:35:41.0818 5256 C:\Windows\System32\csrss.exe - ok
22:35:41.0834 5256 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll
22:35:41.0834 5256 C:\Windows\System32\basesrv.dll - ok
22:35:41.0834 5256 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\System32\winsrv.dll
22:35:41.0834 5256 C:\Windows\System32\winsrv.dll - ok
22:35:41.0834 5256 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys
22:35:41.0834 5256 C:\Windows\System32\drivers\monitor.sys - ok
22:35:41.0849 5256 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll
22:35:41.0849 5256 C:\Windows\System32\tsddd.dll - ok
22:35:41.0849 5256 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe
22:35:41.0849 5256 C:\Windows\System32\wininit.exe - ok
22:35:41.0849 5256 [ 4AB92EF53F4B5C0663D3FFF00D59CC81 ] C:\PROGRA~2\Wincert\WIN32C~1.DLL
22:35:41.0849 5256 C:\PROGRA~2\Wincert\WIN32C~1.DLL - ok
22:35:41.0865 5256 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll
22:35:41.0865 5256 C:\Windows\System32\secur32.dll - ok
22:35:41.0865 5256 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll
22:35:41.0865 5256 C:\Windows\System32\sxs.dll - ok
22:35:41.0880 5256 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll
22:35:41.0880 5256 C:\Windows\System32\userenv.dll - ok
22:35:41.0880 5256 [ 3B0DE9086F05786995979BEFF8CC1404 ] C:\PROGRA~1\SETTIN~1\Datamngr\datamngr.dll
22:35:41.0880 5256 C:\PROGRA~1\SETTIN~1\Datamngr\datamngr.dll - ok
22:35:41.0880 5256 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll
22:35:41.0880 5256 C:\Windows\System32\dbghelp.dll - ok
22:35:41.0896 5256 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll
22:35:41.0896 5256 C:\Windows\System32\version.dll - ok
22:35:41.0896 5256 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll
22:35:41.0896 5256 C:\Windows\System32\wtsapi32.dll - ok
22:35:41.0896 5256 [ CDF8B12F78702DBB88434F0E388541FD ] C:\PROGRA~1\SETTIN~1\Datamngr\IEBHO.dll
22:35:41.0896 5256 C:\PROGRA~1\SETTIN~1\Datamngr\IEBHO.dll - ok
22:35:41.0912 5256 [ 6F0D2FBABC62E39413C836B8DAE888E1 ] C:\Windows\System32\cdd.dll
22:35:41.0912 5256 C:\Windows\System32\cdd.dll - ok
22:35:41.0912 5256 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL
22:35:41.0912 5256 C:\Windows\System32\KBDUS.DLL - ok
22:35:41.0912 5256 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll
22:35:41.0912 5256 C:\Windows\System32\apphelp.dll - ok
22:35:41.0927 5256 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe
22:35:41.0927 5256 C:\Windows\System32\services.exe - ok
22:35:41.0927 5256 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
22:35:41.0927 5256 C:\Windows\System32\WlS0WndH.dll - ok
22:35:41.0927 5256 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe
22:35:41.0927 5256 C:\Windows\System32\lsass.exe - ok
22:35:41.0943 5256 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe
22:35:41.0943 5256 C:\Windows\System32\winlogon.exe - ok
22:35:41.0943 5256 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll
22:35:41.0943 5256 C:\Windows\System32\lsasrv.dll - ok
22:35:41.0943 5256 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe
22:35:41.0943 5256 C:\Windows\System32\lsm.exe - ok
22:35:41.0958 5256 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll
22:35:41.0958 5256 C:\Windows\System32\scesrv.dll - ok
22:35:41.0958 5256 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll
22:35:41.0958 5256 C:\Windows\System32\winsta.dll - ok
22:35:41.0958 5256 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
22:35:41.0958 5256 C:\Windows\System32\sysntfy.dll - ok
22:35:41.0974 5256 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll
22:35:41.0974 5256 C:\Windows\System32\authz.dll - ok
22:35:41.0974 5256 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll
22:35:41.0974 5256 C:\Windows\System32\netapi32.dll - ok
22:35:41.0974 5256 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
22:35:41.0974 5256 C:\Windows\System32\wmsgapi.dll - ok
22:35:41.0990 5256 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll
22:35:41.0990 5256 C:\Windows\System32\ncobjapi.dll - ok
22:35:41.0990 5256 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
22:35:41.0990 5256 C:\Windows\System32\aelupsvc.dll - ok
22:35:41.0990 5256 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe
22:35:41.0990 5256 C:\Windows\System32\alg.exe - ok
22:35:42.0005 5256 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll
22:35:42.0005 5256 C:\Windows\System32\samsrv.dll - ok
22:35:42.0005 5256 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll
22:35:42.0005 5256 C:\Windows\System32\appinfo.dll - ok
22:35:42.0005 5256 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll
22:35:42.0005 5256 C:\Windows\System32\cryptdll.dll - ok
22:35:42.0021 5256 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll
22:35:42.0021 5256 C:\Windows\System32\dnsapi.dll - ok
22:35:42.0021 5256 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll
22:35:42.0021 5256 C:\Windows\System32\msasn1.dll - ok
22:35:42.0036 5256 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll
22:35:42.0036 5256 C:\Windows\System32\rascfg.dll - ok
22:35:42.0036 5256 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll
22:35:42.0036 5256 C:\Windows\System32\samlib.dll - ok
22:35:42.0036 5256 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll
22:35:42.0036 5256 C:\Windows\System32\audiosrv.dll - ok
22:35:42.0052 5256 [ 54289361E9150C2D03E68AA6DEEF171F ] C:\Windows\System32\crypt32.dll
22:35:42.0052 5256 C:\Windows\System32\crypt32.dll - ok
22:35:42.0052 5256 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll
22:35:42.0052 5256 C:\Windows\System32\feclient.dll - ok
22:35:42.0052 5256 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll
22:35:42.0052 5256 C:\Windows\System32\mpr.dll - ok
22:35:42.0068 5256 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll
22:35:42.0068 5256 C:\Windows\System32\ntdsapi.dll - ok
22:35:42.0068 5256 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL
22:35:42.0068 5256 C:\Windows\System32\BFE.DLL - ok
22:35:42.0068 5256 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll
22:35:42.0068 5256 C:\Windows\System32\qmgr.dll - ok
22:35:42.0083 5256 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll
22:35:42.0083 5256 C:\Windows\System32\SLC.dll - ok
22:35:42.0083 5256 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll
22:35:42.0083 5256 C:\Windows\System32\wevtapi.dll - ok
22:35:42.0083 5256 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll
22:35:42.0083 5256 C:\Windows\System32\dhcpcsvc.dll - ok
22:35:42.0099 5256 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL
22:35:42.0099 5256 C:\Windows\System32\IPHLPAPI.DLL - ok
22:35:42.0099 5256 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll
22:35:42.0099 5256 C:\Windows\System32\browser.dll - ok
22:35:42.0099 5256 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll
22:35:42.0099 5256 C:\Windows\System32\dhcpcsvc6.dll - ok
22:35:42.0114 5256 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll
22:35:42.0114 5256 C:\Windows\System32\winnsi.dll - ok
22:35:42.0114 5256 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll
22:35:42.0114 5256 C:\Windows\System32\certprop.dll - ok
22:35:42.0114 5256 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
22:35:42.0114 5256 C:\Windows\System32\cngaudit.dll - ok
22:35:42.0130 5256 [ 13CC59C1B04E9F20A87987C68CD4BE3F ] C:\Windows\System32\ncrypt.dll
22:35:42.0130 5256 C:\Windows\System32\ncrypt.dll - ok
22:35:42.0130 5256 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll
22:35:42.0130 5256 C:\Windows\System32\bcrypt.dll - ok
22:35:42.0130 5256 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll
22:35:42.0130 5256 C:\Windows\System32\comres.dll - ok
22:35:42.0146 5256 [ 3EDE4C1F9672C972479201544969ADCB ] C:\Windows\System32\cryptsvc.dll
22:35:42.0146 5256 C:\Windows\System32\cryptsvc.dll - ok
22:35:42.0146 5256 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll
22:35:42.0146 5256 C:\Windows\System32\credssp.dll - ok
22:35:42.0161 5256 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll
22:35:42.0161 5256 C:\Windows\System32\dfsrres.dll - ok
22:35:42.0161 5256 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
22:35:42.0161 5256 C:\Windows\System32\oleres.dll - ok
22:35:42.0161 5256 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll
22:35:42.0161 5256 C:\Windows\System32\kerberos.dll - ok
22:35:42.0177 5256 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
22:35:42.0177 5256 C:\Windows\System32\msprivs.dll - ok
22:35:42.0177 5256 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL
22:35:42.0177 5256 C:\Windows\System32\WSHTCPIP.DLL - ok
22:35:42.0177 5256 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll
22:35:42.0177 5256 C:\Windows\System32\dot3svc.dll - ok
22:35:42.0192 5256 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll
22:35:42.0192 5256 C:\Windows\System32\dps.dll - ok
22:35:42.0192 5256 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll
22:35:42.0192 5256 C:\Windows\System32\wship6.dll - ok
22:35:42.0192 5256 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll
22:35:42.0192 5256 C:\Windows\System32\wshqos.dll - ok
22:35:42.0208 5256 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll
22:35:42.0208 5256 C:\Windows\System32\eapsvc.dll - ok
22:35:42.0208 5256 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll
22:35:42.0208 5256 C:\Windows\System32\emdmgmt.dll - ok
22:35:42.0208 5256 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll
22:35:42.0208 5256 C:\Windows\System32\NapiNSP.dll - ok
22:35:42.0224 5256 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll
22:35:42.0224 5256 C:\Windows\System32\nlasvc.dll - ok
22:35:42.0224 5256 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll
22:35:42.0224 5256 C:\Windows\System32\mswsock.dll - ok
22:35:42.0224 5256 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll
22:35:42.0224 5256 C:\Windows\System32\pnrpnsp.dll - ok
22:35:42.0239 5256 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll
22:35:42.0239 5256 C:\Windows\System32\msv1_0.dll - ok
22:35:42.0239 5256 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll
22:35:42.0239 5256 C:\Windows\System32\netlogon.dll - ok
22:35:42.0239 5256 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll
22:35:42.0239 5256 C:\Windows\System32\wevtsvc.dll - ok
22:35:42.0255 5256 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
22:35:42.0255 5256 C:\Windows\System32\winbrand.dll - ok
22:35:42.0255 5256 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll
22:35:42.0255 5256 C:\Windows\System32\fdPHost.dll - ok
22:35:42.0270 5256 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
22:35:42.0270 5256 C:\Windows\System32\FDResPub.dll - ok
22:35:42.0270 5256 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll
22:35:42.0270 5256 C:\Windows\System32\FntCache.dll - ok
22:35:42.0270 5256 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll
22:35:42.0270 5256 C:\Windows\System32\schannel.dll - ok
22:35:42.0286 5256 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe
22:35:42.0286 5256 C:\Windows\System32\PresentationHost.exe - ok
22:35:42.0286 5256 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll
22:35:42.0286 5256 C:\Windows\System32\wdigest.dll - ok
22:35:42.0286 5256 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll
22:35:42.0286 5256 C:\Windows\System32\gpapi.dll - ok
22:35:42.0302 5256 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll
22:35:42.0302 5256 C:\Windows\System32\hidserv.dll - ok
22:35:42.0302 5256 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL
22:35:42.0302 5256 C:\Windows\System32\KMSVC.DLL - ok
22:35:42.0302 5256 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll
22:35:42.0302 5256 C:\Windows\System32\rsaenh.dll - ok
22:35:42.0317 5256 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
22:35:42.0317 5256 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
22:35:42.0317 5256 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll
22:35:42.0317 5256 C:\Windows\System32\TSpkg.dll - ok
22:35:42.0317 5256 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL
22:35:42.0317 5256 C:\Windows\System32\IKEEXT.DLL - ok
22:35:42.0333 5256 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll
22:35:42.0333 5256 C:\Windows\System32\IPBusEnum.dll - ok
22:35:42.0333 5256 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll
22:35:42.0333 5256 C:\Windows\System32\iphlpsvc.dll - ok
22:35:42.0333 5256 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
22:35:42.0348 5256 C:\Windows\System32\keyiso.dll - ok
22:35:42.0348 5256 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
22:35:42.0348 5256 C:\Windows\System32\lltdres.dll - ok
22:35:42.0364 5256 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
22:35:42.0364 5256 C:\Windows\System32\lmhsvc.dll - ok
22:35:42.0364 5256 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll
22:35:42.0364 5256 C:\Windows\System32\srvsvc.dll - ok
22:35:42.0364 5256 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll
22:35:42.0364 5256 C:\Windows\System32\wkssvc.dll - ok
22:35:42.0380 5256 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll
22:35:42.0380 5256 C:\Windows\System32\FirewallAPI.dll - ok
22:35:42.0380 5256 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll
22:35:42.0380 5256 C:\Windows\System32\mmcss.dll - ok
22:35:42.0380 5256 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
22:35:42.0380 5256 C:\Windows\System32\iscsidsc.dll - ok
22:35:42.0395 5256 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll
22:35:42.0395 5256 C:\Windows\System32\msimsg.dll - ok
22:35:42.0395 5256 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll
22:35:42.0395 5256 C:\Windows\System32\netman.dll - ok
22:35:42.0395 5256 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL
22:35:42.0395 5256 C:\Windows\System32\QAGENTRT.DLL - ok
22:35:42.0411 5256 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll
22:35:42.0411 5256 C:\Windows\System32\netprof.dll - ok
22:35:42.0411 5256 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll
22:35:42.0411 5256 C:\Windows\System32\nsisvc.dll - ok
22:35:42.0411 5256 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll
22:35:42.0411 5256 C:\Windows\System32\p2psvc.dll - ok
22:35:42.0426 5256 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll
22:35:42.0426 5256 C:\Windows\System32\pcasvc.dll - ok
22:35:42.0426 5256 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll
22:35:42.0426 5256 C:\Windows\System32\pla.dll - ok
22:35:42.0426 5256 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll
22:35:42.0426 5256 C:\Windows\System32\umpnpmgr.dll - ok
22:35:42.0442 5256 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll
22:35:42.0442 5256 C:\Windows\System32\polstore.dll - ok
22:35:42.0442 5256 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll
22:35:42.0442 5256 C:\Windows\System32\profsvc.dll - ok
22:35:42.0442 5256 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll
22:35:42.0442 5256 C:\Windows\System32\psbase.dll - ok
22:35:42.0458 5256 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll
22:35:42.0458 5256 C:\Windows\System32\qwave.dll - ok
22:35:42.0458 5256 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys
22:35:42.0458 5256 C:\Windows\System32\drivers\qwavedrv.sys - ok
22:35:42.0473 5256 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll
22:35:42.0473 5256 C:\Windows\System32\rasauto.dll - ok
22:35:42.0473 5256 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll
22:35:42.0473 5256 C:\Windows\System32\rasmans.dll - ok
22:35:42.0473 5256 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll
22:35:42.0473 5256 C:\Windows\System32\sstpsvc.dll - ok
22:35:42.0489 5256 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll
22:35:42.0489 5256 C:\Windows\System32\mprdim.dll - ok
22:35:42.0489 5256 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
22:35:42.0489 5256 C:\Windows\System32\Locator.exe - ok
22:35:42.0504 5256 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll
22:35:42.0504 5256 C:\Windows\System32\regsvc.dll - ok
22:35:42.0504 5256 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll
22:35:42.0504 5256 C:\Windows\System32\SCardSvr.dll - ok
22:35:42.0520 5256 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll
22:35:42.0520 5256 C:\Windows\System32\schedsvc.dll - ok
22:35:42.0520 5256 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll
22:35:42.0520 5256 C:\Windows\System32\sdrsvc.dll - ok
22:35:42.0520 5256 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll
22:35:42.0520 5256 C:\Windows\System32\seclogon.dll - ok
22:35:42.0536 5256 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll
22:35:42.0536 5256 C:\Windows\System32\Sens.dll - ok
22:35:42.0536 5256 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll
22:35:42.0536 5256 C:\Windows\System32\SessEnv.dll - ok
22:35:42.0551 5256 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll
22:35:42.0551 5256 C:\Windows\System32\ipnathlp.dll - ok
22:35:42.0551 5256 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll
22:35:42.0551 5256 C:\Windows\System32\shsvcs.dll - ok
22:35:42.0551 5256 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe
22:35:42.0551 5256 C:\Windows\System32\SLsvc.exe - ok
22:35:42.0567 5256 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll
22:35:42.0567 5256 C:\Windows\System32\SLUINotify.dll - ok
22:35:42.0567 5256 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll
22:35:42.0567 5256 C:\Windows\System32\tcpipcfg.dll - ok
22:35:42.0582 5256 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
22:35:42.0582 5256 C:\Windows\System32\snmptrap.exe - ok
22:35:42.0582 5256 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe
22:35:42.0582 5256 C:\Windows\System32\spoolsv.exe - ok
22:35:42.0582 5256 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll
22:35:42.0582 5256 C:\Windows\System32\ssdpsrv.dll - ok
22:35:42.0598 5256 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll
22:35:42.0598 5256 C:\Windows\System32\wiaservc.dll - ok
22:35:42.0598 5256 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll
22:35:42.0598 5256 C:\Windows\System32\swprv.dll - ok
22:35:42.0598 5256 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll
22:35:42.0598 5256 C:\Windows\System32\sysmain.dll - ok
22:35:42.0614 5256 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll
22:35:42.0614 5256 C:\Windows\System32\TabSvc.dll - ok
22:35:42.0614 5256 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll
22:35:42.0614 5256 C:\Windows\System32\tapisrv.dll - ok
22:35:42.0614 5256 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll
22:35:42.0614 5256 C:\Windows\System32\tbssvc.dll - ok
22:35:42.0629 5256 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll
22:35:42.0629 5256 C:\Windows\System32\termsrv.dll - ok
22:35:42.0629 5256 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe
22:35:42.0629 5256 C:\Windows\servicing\TrustedInstaller.exe - ok
22:35:42.0629 5256 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll
22:35:42.0629 5256 C:\Windows\System32\trkwks.dll - ok
22:35:42.0645 5256 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe
22:35:42.0645 5256 C:\Windows\System32\UI0Detect.exe - ok
22:35:42.0645 5256 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe
22:35:42.0645 5256 C:\Windows\System32\dwm.exe - ok
22:35:42.0660 5256 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll
22:35:42.0660 5256 C:\Windows\System32\upnphost.dll - ok
22:35:42.0660 5256 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe
22:35:42.0660 5256 C:\Windows\System32\vds.exe - ok
22:35:42.0676 5256 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe
22:35:42.0676 5256 C:\Windows\System32\VSSVC.exe - ok
22:35:42.0676 5256 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll
22:35:42.0676 5256 C:\Windows\System32\w32time.dll - ok
22:35:42.0676 5256 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll
22:35:42.0676 5256 C:\Windows\System32\wcncsvc.dll - ok
22:35:42.0692 5256 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys
22:35:42.0692 5256 C:\Windows\System32\drivers\Wdf01000.sys - ok
22:35:42.0692 5256 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
22:35:42.0692 5256 C:\Windows\System32\WcsPlugInService.dll - ok
22:35:42.0707 5256 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll
22:35:42.0707 5256 C:\Windows\System32\wdi.dll - ok
22:35:42.0707 5256 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll
22:35:42.0707 5256 C:\Windows\System32\WebClnt.dll - ok
22:35:42.0707 5256 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll
22:35:42.0707 5256 C:\Windows\System32\wecsvc.dll - ok
22:35:42.0723 5256 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll
22:35:42.0723 5256 C:\Windows\System32\wercplsupport.dll - ok
22:35:42.0723 5256 [ 62DB790A860CDFC4278D2F03CC5675D8 ] C:\Program Files\Windows Defender\MsMpRes.dll
22:35:42.0723 5256 C:\Program Files\Windows Defender\MsMpRes.dll - ok
22:35:42.0738 5256 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll
22:35:42.0738 5256 C:\Windows\System32\wersvc.dll - ok
22:35:42.0738 5256 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll
22:35:42.0738 5256 C:\Windows\System32\winhttp.dll - ok
22:35:42.0738 5256 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll
22:35:42.0738 5256 C:\Windows\System32\wbem\WMIsvc.dll - ok
22:35:42.0754 5256 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll
22:35:42.0754 5256 C:\Windows\System32\WsmSvc.dll - ok
22:35:42.0754 5256 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll
22:35:42.0754 5256 C:\Windows\System32\wlansvc.dll - ok
22:35:42.0754 5256 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe
22:35:42.0754 5256 C:\Windows\System32\wbem\WmiApSrv.exe - ok
22:35:42.0770 5256 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
22:35:42.0770 5256 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
22:35:42.0770 5256 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll
22:35:42.0770 5256 C:\Windows\System32\wpcsvc.dll - ok
22:35:42.0785 5256 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:35:42.0785 5256 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
22:35:42.0785 5256 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll
22:35:42.0785 5256 C:\Windows\System32\wpdbusenum.dll - ok
22:35:42.0801 5256 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll
22:35:42.0801 5256 C:\Windows\System32\wscsvc.dll - ok
22:35:42.0801 5256 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe
22:35:42.0801 5256 C:\Windows\System32\SearchIndexer.exe - ok
22:35:42.0801 5256 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
22:35:42.0801 5256 C:\Windows\System32\wuaueng.dll - ok
22:35:42.0816 5256 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
22:35:42.0816 5256 C:\Windows\System32\drivers\WUDFPf.sys - ok
22:35:42.0816 5256 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
22:35:42.0816 5256 C:\Windows\System32\WUDFSvc.dll - ok
22:35:42.0816 5256 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll
22:35:42.0816 5256 C:\Windows\System32\scecli.dll - ok
22:35:42.0832 5256 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll
22:35:42.0832 5256 C:\Windows\System32\ntmarta.dll - ok
22:35:42.0832 5256 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe
22:35:42.0832 5256 C:\Windows\System32\svchost.exe - ok
22:35:42.0832 5256 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll
22:35:42.0832 5256 C:\Windows\System32\powrprof.dll - ok
22:35:42.0848 5256 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys
22:35:42.0848 5256 C:\Windows\System32\drivers\luafv.sys - ok
22:35:42.0848 5256 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll
22:35:42.0848 5256 C:\Windows\System32\rpcss.dll - ok
22:35:42.0863 5256 [ 4575AA12561C5648483403541D0D7F2B ] C:\Program Files\Windows Defender\MpSvc.dll
22:35:42.0863 5256 C:\Program Files\Windows Defender\MpSvc.dll - ok
22:35:42.0863 5256 [ 1BD363738B672A394EBE3B8A78EAB9D3 ] C:\Program Files\Windows Defender\MpClient.dll
22:35:42.0863 5256 C:\Program Files\Windows Defender\MpClient.dll - ok
22:35:42.0879 5256 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll
22:35:42.0879 5256 C:\Windows\System32\wintrust.dll - ok
22:35:42.0879 5256 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe
22:35:42.0879 5256 C:\Windows\System32\LogonUI.exe - ok
22:35:42.0879 5256 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll
22:35:42.0879 5256 C:\Windows\System32\authui.dll - ok
22:35:42.0894 5256 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
22:35:42.0894 5256 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
22:35:42.0894 5256 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
22:35:42.0894 5256 C:\Windows\System32\msimg32.dll - ok
22:35:42.0910 5256 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll
22:35:42.0910 5256 C:\Windows\System32\uxtheme.dll - ok
22:35:42.0910 5256 [ DA887F28054D78EE8637BEBB924A2DB5 ] C:\Windows\System32\slwga.dll
22:35:42.0910 5256 C:\Windows\System32\slwga.dll - ok
22:35:42.0910 5256 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
22:35:42.0910 5256 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
22:35:42.0926 5256 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll
22:35:42.0926 5256 C:\Windows\System32\p2pcollab.dll - ok
22:35:42.0926 5256 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll
22:35:42.0926 5256 C:\Windows\System32\duser.dll - ok
22:35:42.0926 5256 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll
22:35:42.0926 5256 C:\Windows\System32\xmllite.dll - ok
22:35:42.0941 5256 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll
22:35:42.0941 5256 C:\Windows\System32\avrt.dll - ok
22:35:42.0941 5256 [ D5D40F1A7357595EA9CCF83914D0FE8D ] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe
22:35:42.0941 5256 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe - ok
22:35:42.0941 5256 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll
22:35:42.0941 5256 C:\Windows\System32\MMDevAPI.dll - ok
22:35:42.0957 5256 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll
22:35:42.0957 5256 C:\Windows\System32\adtschema.dll - ok
22:35:42.0957 5256 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\Windows\System32\dsound.dll
22:35:42.0957 5256 C:\Windows\System32\dsound.dll - ok
22:35:42.0972 5256 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll
22:35:42.0972 5256 C:\Windows\System32\cabinet.dll - ok
22:35:42.0972 5256 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll
22:35:42.0972 5256 C:\Windows\System32\winmm.dll - ok
22:35:42.0988 5256 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll
22:35:42.0988 5256 C:\Windows\System32\oleacc.dll - ok
22:35:42.0988 5256 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
22:35:42.0988 5256 C:\Windows\System32\WUDFPlatform.dll - ok
22:35:42.0988 5256 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll
22:35:42.0988 5256 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
22:35:43.0004 5256 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys
22:35:43.0004 5256 C:\Windows\System32\drivers\fltMgr.sys - ok
22:35:43.0004 5256 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll
22:35:43.0004 5256 C:\Windows\System32\rasplap.dll - ok
22:35:43.0004 5256 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL
22:35:43.0004 5256 C:\Windows\System32\PSHED.DLL - ok
22:35:43.0019 5256 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll
22:35:43.0019 5256 C:\Windows\System32\rasapi32.dll - ok
22:35:43.0019 5256 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll
22:35:43.0019 5256 C:\Windows\System32\rasman.dll - ok
22:35:43.0019 5256 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll
22:35:43.0019 5256 C:\Windows\System32\rtutils.dll - ok
22:35:43.0035 5256 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
22:35:43.0035 5256 C:\Windows\System32\tapi32.dll - ok
22:35:43.0035 5256 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll
22:35:43.0035 5256 C:\Windows\System32\WinSCard.dll - ok
22:35:43.0035 5256 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll
22:35:43.0050 5256 C:\Windows\System32\shgina.dll - ok
22:35:43.0050 5256 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll
22:35:43.0050 5256 C:\Windows\System32\propsys.dll - ok
22:35:43.0050 5256 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll
22:35:43.0050 5256 C:\Windows\System32\shacct.dll - ok
22:35:43.0066 5256 [ 3E4F7CEF4D814584D3E9E390CA59DE5F ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3D16FF60-DA56-4D47-9855-1DA4DCF01651}\mpengine.dll
22:35:43.0066 5256 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3D16FF60-DA56-4D47-9855-1DA4DCF01651}\mpengine.dll - ok
22:35:43.0066 5256 [ BB11E4B1B65BD0A1123BCCF265FA65EB ] C:\Windows\System32\stapi32.dll
22:35:43.0066 5256 C:\Windows\System32\stapi32.dll - ok
22:35:43.0066 5256 [ 26535C8F7105D7C2767C93FDFC49CF57 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3D16FF60-DA56-4D47-9855-1DA4DCF01651}\mpasbase.vdm
22:35:43.0066 5256 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3D16FF60-DA56-4D47-9855-1DA4DCF01651}\mpasbase.vdm - ok
22:35:43.0082 5256 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe
22:35:43.0082 5256 C:\Windows\System32\audiodg.exe - ok
22:35:43.0082 5256 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
22:35:43.0082 5256 C:\Windows\System32\ksuser.dll - ok
22:35:43.0082 5256 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv
22:35:43.0082 5256 C:\Windows\System32\wdmaud.drv - ok
22:35:43.0097 5256 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll
22:35:43.0097 5256 C:\Windows\System32\AudioEng.dll - ok
22:35:43.0097 5256 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll
22:35:43.0097 5256 C:\Windows\System32\AudioSes.dll - ok
22:35:43.0097 5256 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll
22:35:43.0097 5256 C:\Windows\System32\gpsvc.dll - ok
22:35:43.0113 5256 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll
22:35:43.0113 5256 C:\Windows\System32\atl.dll - ok
22:35:43.0113 5256 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll
22:35:43.0113 5256 C:\Windows\System32\nlaapi.dll - ok
22:35:43.0128 5256 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll
22:35:43.0128 5256 C:\Windows\System32\es.dll - ok
22:35:43.0128 5256 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll
22:35:43.0128 5256 C:\Windows\System32\midimap.dll - ok
22:35:43.0128 5256 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll
22:35:43.0128 5256 C:\Windows\System32\msacm32.dll - ok
22:35:43.0144 5256 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv
22:35:43.0144 5256 C:\Windows\System32\msacm32.drv - ok
22:35:43.0144 5256 [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll
22:35:43.0144 5256 C:\Windows\System32\AUDIOKSE.dll - ok
22:35:43.0144 5256 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys
22:35:43.0144 5256 C:\Windows\System32\drivers\spsys.sys - ok
22:35:43.0160 5256 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
22:35:43.0160 5256 C:\Windows\System32\hid.dll - ok
22:35:43.0160 5256 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll
22:35:43.0160 5256 C:\Windows\System32\uxsms.dll - ok
22:35:43.0160 5256 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll
22:35:43.0160 5256 C:\Windows\System32\WindowsCodecs.dll - ok
22:35:43.0175 5256 [ 96E6B923497CFE50974386CE09CA69AB ] C:\Windows\System32\stapo.dll
22:35:43.0175 5256 C:\Windows\System32\stapo.dll - ok
22:35:43.0175 5256 [ A65DA4C5932140068F577A890BAEB907 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3D16FF60-DA56-4D47-9855-1DA4DCF01651}\mpasdlta.vdm
22:35:43.0175 5256 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3D16FF60-DA56-4D47-9855-1DA4DCF01651}\mpasdlta.vdm - ok
22:35:43.0191 5256 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys
22:35:43.0191 5256 C:\Windows\System32\drivers\lltdio.sys - ok
22:35:43.0191 5256 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\Windows\System32\drivers\nwifi.sys
22:35:43.0191 5256 C:\Windows\System32\drivers\nwifi.sys - ok
22:35:43.0191 5256 [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\Windows\System32\drivers\ndisuio.sys
22:35:43.0191 5256 C:\Windows\System32\drivers\ndisuio.sys - ok
22:35:43.0206 5256 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys
22:35:43.0206 5256 C:\Windows\System32\drivers\rspndr.sys - ok
22:35:43.0206 5256 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll
22:35:43.0206 5256 C:\Windows\System32\WMALFXGFXDSP.dll - ok
22:35:43.0222 5256 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll
22:35:43.0222 5256 C:\Windows\System32\mfplat.dll - ok
22:35:43.0222 5256 [ 8ECB3BCA5DA3C2AD9DB550D7397622E0 ] C:\Windows\System32\aestaren.dll
22:35:43.0222 5256 C:\Windows\System32\aestaren.dll - ok
22:35:43.0222 5256 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll
22:35:43.0222 5256 C:\Windows\System32\dnsrslvr.dll - ok
22:35:43.0238 5256 [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\Windows\System32\eapphost.dll
22:35:43.0238 5256 C:\Windows\System32\eapphost.dll - ok
22:35:43.0238 5256 [ 6CDB3406B41B5851F788DE287D7EF6E3 ] C:\Program Files\Cisco\Cisco LEAP Module\CiscoEapLeap.dll
22:35:43.0238 5256 C:\Program Files\Cisco\Cisco LEAP Module\CiscoEapLeap.dll - ok
22:35:43.0238 5256 [ D0D93E9CAFCFF7C0AFF51638544B0A3E ] C:\Program Files\Cisco\Cisco PEAP Module\CiscoEapPeap.dll
22:35:43.0238 5256 C:\Program Files\Cisco\Cisco PEAP Module\CiscoEapPeap.dll - ok
22:35:43.0253 5256 [ C481904BD15F51AF0029D6355D45AC94 ] C:\Windows\System32\aestacap.dll
22:35:43.0253 5256 C:\Windows\System32\aestacap.dll - ok
22:35:43.0253 5256 [ 5EF35DBD3B14B1E595712C92949C349E ] C:\Windows\System32\ctapo32.dll
22:35:43.0253 5256 C:\Windows\System32\ctapo32.dll - ok
22:35:43.0253 5256 [ 075CABC503A9B9078E2F36855CD6B1D7 ] C:\Program Files\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll
22:35:43.0253 5256 C:\Program Files\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll - ok
22:35:43.0269 5256 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll
22:35:43.0269 5256 C:\Windows\System32\rastls.dll - ok
22:35:43.0269 5256 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll
22:35:43.0269 5256 C:\Windows\System32\raschap.dll - ok
22:35:43.0269 5256 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll
22:35:43.0269 5256 C:\Windows\System32\umb.dll - ok
22:35:43.0284 5256 [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\Windows\System32\wlanmsm.dll
22:35:43.0284 5256 C:\Windows\System32\wlanmsm.dll - ok
22:35:43.0284 5256 [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\Windows\System32\wlansec.dll
22:35:43.0284 5256 C:\Windows\System32\wlansec.dll - ok
22:35:43.0284 5256 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll
22:35:43.0284 5256 C:\Windows\System32\onex.dll - ok
22:35:43.0300 5256 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll
22:35:43.0300 5256 C:\Windows\System32\eappprxy.dll - ok
22:35:43.0300 5256 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll
22:35:43.0300 5256 C:\Windows\System32\eappcfg.dll - ok
22:35:43.0316 5256 [ 91D995A67D9447592A1BF21CBC15C628 ] C:\Windows\System32\wlgpclnt.dll
22:35:43.0316 5256 C:\Windows\System32\wlgpclnt.dll - ok
22:35:43.0316 5256 [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\Windows\System32\l2gpstore.dll
22:35:43.0316 5256 C:\Windows\System32\l2gpstore.dll - ok
22:35:43.0316 5256 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
22:35:43.0316 5256 C:\Windows\System32\wlanutil.dll - ok
22:35:43.0331 5256 [ 0296DAEB5555A248E8ABF7E5012A37A6 ] C:\Windows\System32\msxml6.dll
22:35:43.0331 5256 C:\Windows\System32\msxml6.dll - ok
22:35:43.0331 5256 [ 3E21BB223AA6054FF27ABEF6781E0B67 ] C:\Windows\System32\WLTRYSVC.EXE
22:35:43.0331 5256 C:\Windows\System32\WLTRYSVC.EXE - ok
22:35:43.0331 5256 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
22:35:43.0331 5256 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
22:35:43.0347 5256 [ 23C3A0680042C0D1DE1F360F8B62BC57 ] C:\Windows\System32\wlanext.exe
22:35:43.0347 5256 C:\Windows\System32\wlanext.exe - ok
22:35:43.0347 5256 [ 52481F9537954D23D188CDE1FB13AE62 ] C:\Windows\System32\BCMWLTRY.EXE
22:35:43.0347 5256 C:\Windows\System32\BCMWLTRY.EXE - ok
22:35:43.0347 5256 [ BA2DDBC002414FE8845717CBF300B11C ] C:\Windows\System32\bcmihvsrv.dll
22:35:43.0347 5256 C:\Windows\System32\bcmihvsrv.dll - ok
22:35:43.0362 5256 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll
22:35:43.0362 5256 C:\Windows\System32\mscoree.dll - ok
22:35:43.0362 5256 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
22:35:43.0362 5256 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
22:35:43.0363 5256 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
22:35:43.0363 5256 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
22:35:43.0363 5256 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll
22:35:43.0363 5256 C:\Windows\System32\wlanapi.dll - ok
22:35:43.0366 5256 [ 1D109ED0D660654EA7FF1574558031C4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll
22:35:43.0366 5256 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll - ok
22:35:43.0374 5256 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
22:35:43.0374 5256 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
22:35:43.0409 5256 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll
22:35:43.0409 5256 C:\Windows\System32\ktmw32.dll - ok
22:35:43.0409 5256 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll
22:35:43.0409 5256 C:\Windows\System32\wsock32.dll - ok
22:35:43.0409 5256 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
22:35:43.0409 5256 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
22:35:43.0424 5256 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
22:35:43.0424 5256 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
22:35:43.0424 5256 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll
22:35:43.0424 5256 C:\Windows\System32\taskcomp.dll - ok
22:35:43.0424 5256 [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
22:35:43.0424 5256 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
22:35:43.0440 5256 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll
22:35:43.0440 5256 C:\Windows\System32\wiarpc.dll - ok
22:35:43.0440 5256 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll
22:35:43.0440 5256 C:\Windows\System32\netcfgx.dll - ok
22:35:43.0440 5256 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] C:\Windows\System32\drivers\http.sys
22:35:43.0440 5256 C:\Windows\System32\drivers\http.sys - ok
22:35:43.0455 5256 [ B0D16BC319E37E875C4B491460807051 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
22:35:43.0455 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll - ok
22:35:43.0455 5256 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll
22:35:43.0455 5256 C:\Windows\System32\spoolss.dll - ok
22:35:43.0471 5256 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys
22:35:43.0471 5256 C:\Windows\System32\drivers\srvnet.sys - ok
22:35:43.0471 5256 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL
22:35:43.0471 5256 C:\Windows\System32\FWPUCLNT.DLL - ok
22:35:43.0471 5256 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys
22:35:43.0471 5256 C:\Windows\System32\drivers\bowser.sys - ok
22:35:43.0487 5256 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys
22:35:43.0487 5256 C:\Windows\System32\drivers\mpsdrv.sys - ok
22:35:43.0487 5256 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll
22:35:43.0487 5256 C:\Windows\System32\MPSSVC.dll - ok
22:35:43.0487 5256 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys
22:35:43.0487 5256 C:\Windows\System32\drivers\mrxdav.sys - ok
22:35:43.0502 5256 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys
22:35:43.0502 5256 C:\Windows\System32\drivers\mrxsmb.sys - ok
22:35:43.0502 5256 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys
22:35:43.0502 5256 C:\Windows\System32\drivers\mrxsmb10.sys - ok
22:35:43.0502 5256 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys
22:35:43.0502 5256 C:\Windows\System32\drivers\mrxsmb20.sys - ok
22:35:43.0518 5256 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys
22:35:43.0518 5256 C:\Windows\System32\drivers\srv2.sys - ok
22:35:43.0518 5256 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys
22:35:43.0518 5256 C:\Windows\System32\drivers\srv.sys - ok
22:35:43.0518 5256 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll
22:35:43.0518 5256 C:\Windows\System32\netmsg.dll - ok
22:35:43.0533 5256 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll
22:35:43.0533 5256 C:\Windows\System32\wfapigp.dll - ok
22:35:43.0533 5256 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll
22:35:43.0533 5256 C:\Windows\System32\sscore.dll - ok
22:35:43.0533 5256 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll
22:35:43.0549 5256 C:\Windows\System32\clusapi.dll - ok
22:35:43.0549 5256 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll
22:35:43.0549 5256 C:\Windows\System32\mscms.dll - ok
22:35:43.0549 5256 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll
22:35:43.0549 5256 C:\Windows\System32\activeds.dll - ok
22:35:43.0565 5256 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll
22:35:43.0565 5256 C:\Windows\System32\adsldpc.dll - ok
22:35:43.0565 5256 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll
22:35:43.0565 5256 C:\Windows\System32\credui.dll - ok
22:35:43.0565 5256 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll
22:35:43.0565 5256 C:\Windows\System32\resutils.dll - ok
22:35:43.0580 5256 [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll
22:35:43.0580 5256 C:\Windows\System32\WsmRes.dll - ok
22:35:43.0580 5256 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe
22:35:43.0580 5256 C:\Windows\System32\plasrv.exe - ok
22:35:43.0580 5256 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\Windows\System32\drivers\parport.sys
22:35:43.0580 5256 C:\Windows\System32\drivers\parport.sys - ok
22:35:43.0596 5256 [ 087B04CA45E2F059A55709B0B8F95EA9 ] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe
22:35:43.0596 5256 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe - ok
22:35:43.0596 5256 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:35:43.0596 5256 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
22:35:43.0596 5256 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
22:35:43.0596 5256 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
22:35:43.0611 5256 [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
22:35:43.0611 5256 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
22:35:43.0611 5256 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
22:35:43.0611 5256 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
22:35:43.0627 5256 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
22:35:43.0627 5256 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
22:35:43.0627 5256 [ 26655CA3645C49DA4A79AC18FE84EE11 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
22:35:43.0627 5256 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
22:35:43.0627 5256 [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
22:35:43.0627 5256 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
22:35:43.0643 5256 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
22:35:43.0643 5256 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
22:35:43.0643 5256 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
22:35:43.0643 5256 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
22:35:43.0658 5256 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
22:35:43.0658 5256 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
22:35:43.0658 5256 [ 24AA9776D6AB032071B61C88089AEA59 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
22:35:43.0658 5256 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
22:35:43.0674 5256 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
22:35:43.0674 5256 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
22:35:43.0674 5256 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
22:35:43.0674 5256 C:\Windows\System32\dnssd.dll - ok
22:35:43.0674 5256 [ 01A24B415926BB5F772DBE12459D97DE ] C:\Program Files\Microsoft\BingBar\BBSvc.EXE
22:35:43.0674 5256 C:\Program Files\Microsoft\BingBar\BBSvc.EXE - ok
22:35:43.0689 5256 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll
22:35:43.0689 5256 C:\Windows\System32\msi.dll - ok
22:35:43.0689 5256 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
22:35:43.0689 5256 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
22:35:43.0705 5256 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
22:35:43.0705 5256 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
22:35:43.0705 5256 [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
22:35:43.0705 5256 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
22:35:43.0721 5256 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
22:35:43.0721 5256 C:\Windows\System32\SensApi.dll - ok
22:35:43.0721 5256 [ 785DE7ABDA13309D6065305542829E76 ] C:\Program Files\Microsoft\BingBar\SeaPort.EXE
22:35:43.0721 5256 C:\Program Files\Microsoft\BingBar\SeaPort.EXE - ok
22:35:43.0721 5256 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
22:35:43.0721 5256 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
22:35:43.0736 5256 [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
22:35:43.0736 5256 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
22:35:43.0736 5256 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
22:35:43.0736 5256 C:\Program Files\Bonjour\mDNSResponder.exe - ok
22:35:43.0752 5256 [ 09D38AEC081F064FD67B8B9C49790020 ] C:\Program Files\SearchProtect\bin\CltMngSvc.exe
22:35:43.0752 5256 C:\Program Files\SearchProtect\bin\CltMngSvc.exe - ok
22:35:43.0752 5256 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\SearchProtect\bin\msvcp100.dll
22:35:43.0752 5256 C:\Program Files\SearchProtect\bin\msvcp100.dll - ok
22:35:43.0752 5256 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\SearchProtect\bin\msvcr100.dll
22:35:43.0752 5256 C:\Program Files\SearchProtect\bin\msvcr100.dll - ok
22:35:43.0767 5256 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll
22:35:43.0767 5256 C:\Windows\System32\WSDApi.dll - ok
22:35:43.0767 5256 [ D9011D2091C6B037A5075C27A470188C ] C:\Windows\System32\httpapi.dll
22:35:43.0767 5256 C:\Windows\System32\httpapi.dll - ok
22:35:43.0767 5256 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll
22:35:43.0767 5256 C:\Windows\System32\vssapi.dll - ok
22:35:43.0783 5256 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll
22:35:43.0783 5256 C:\Windows\System32\taskschd.dll - ok
22:35:43.0783 5256 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll
22:35:43.0783 5256 C:\Windows\System32\fundisc.dll - ok
22:35:43.0799 5256 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll
22:35:43.0799 5256 C:\Windows\System32\wdscore.dll - ok
22:35:43.0799 5256 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll
22:35:43.0799 5256 C:\Windows\System32\msxml3.dll - ok
22:35:43.0799 5256 [ 64C89DB40949FD0E7C8FF303676A91F1 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
22:35:43.0799 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe - ok
22:35:43.0814 5256 [ 9E95363FFD92C19BFD5DFAD317BF2589 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccL80U.dll
22:35:43.0814 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccL80U.dll - ok
22:35:43.0814 5256 [ 8664C9A3B0CBF8E45ABFA48BB7DFE0E3 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccVrTrst.dll
22:35:43.0814 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccVrTrst.dll - ok
22:35:43.0830 5256 [ D3FA6D7F2A1AD28AF9B2D2F02D8AF67A ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\EFACli.dll
22:35:43.0830 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\EFACli.dll - ok
22:35:43.0830 5256 [ B667E7643D459234C8A5D87DC80462C1 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SymNeti.dll
22:35:43.0830 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SymNeti.dll - ok
22:35:43.0830 5256 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll
22:35:43.0845 5256 C:\Windows\System32\diagperf.dll - ok
22:35:43.0845 5256 [ F9BEED56D7FCDBD4924AC1E628261882 ] C:\Windows\System32\drivers\o2flash.exe
22:35:43.0845 5256 C:\Windows\System32\drivers\o2flash.exe - ok
22:35:43.0845 5256 [ FA7CCBBC0D643818DCBE8D2C10D64A33 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvc.dll
22:35:43.0845 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvc.dll - ok
22:35:43.0861 5256 [ 10EE7B8092FCAD11BEBDB10D602BA05B ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\Srtsp32.dll
22:35:43.0861 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\Srtsp32.dll - ok
22:35:43.0861 5256 [ 9B15623C57D07D3C3024BEB7C1447527 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccIPC.dll
22:35:43.0861 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccIPC.dll - ok
22:35:43.0861 5256 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll
22:35:43.0861 5256 C:\Windows\System32\vsstrace.dll - ok
22:35:43.0877 5256 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
22:35:43.0877 5256 C:\Windows\System32\drivers\PEAuth.sys - ok
22:35:43.0877 5256 [ 9340105C246B16EE661FD8FCE579B117 ] C:\Windows\System32\cryptnet.dll
22:35:43.0877 5256 C:\Windows\System32\cryptnet.dll - ok
22:35:43.0877 5256 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll
22:35:43.0877 5256 C:\Windows\System32\ncsi.dll - ok
22:35:43.0892 5256 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll
22:35:43.0892 5256 C:\Windows\System32\cfgmgr32.dll - ok
22:35:43.0892 5256 [ B6B56EEA6FFE7D5DDD8756E68F2DF8F4 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\diMaster.dll
22:35:43.0892 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\diMaster.dll - ok
22:35:43.0908 5256 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
22:35:43.0908 5256 C:\Windows\System32\drivers\secdrv.sys - ok
22:35:43.0908 5256 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL
22:35:43.0908 5256 C:\Windows\System32\IPSECSVC.DLL - ok
22:35:43.0908 5256 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll
22:35:43.0908 5256 C:\Windows\System32\pnpts.dll - ok
22:35:43.0923 5256 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
22:35:43.0923 5256 C:\Windows\System32\ssdpapi.dll - ok
22:35:43.0923 5256 [ EB17DF573B4423DF0B3B2EE3B268A6DE ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:35:43.0923 5256 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
22:35:43.0923 5256 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll
22:35:43.0923 5256 C:\Windows\System32\FwRemoteSvr.dll - ok
22:35:43.0939 5256 [ 8182208C50D7256DF8A03CFB6A488DBB ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSet.dll
22:35:43.0939 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSet.dll - ok
22:35:43.0939 5256 [ E8C28635AC4E946DD5653D77132BD7D1 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSPlug.dll
22:35:43.0939 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSPlug.dll - ok
22:35:43.0939 5256 [ 422D691C7795AB22ECAD8600B724F2A3 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\uiPerfsv.dll
22:35:43.0939 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\uiPerfsv.dll - ok
22:35:43.0955 5256 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] C:\Program Files\Skype\Updater\Updater.exe
22:35:43.0955 5256 C:\Program Files\Skype\Updater\Updater.exe - ok
22:35:43.0955 5256 [ FA4B19EF00299ABA267658ABBBA9EA7E ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccJobMgr.dll
22:35:43.0955 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccJobMgr.dll - ok
22:35:43.0970 5256 [ D3F9C2CD46A4D5E49AD3E22F6923869C ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\FWCore.dll
22:35:43.0970 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\FWCore.dll - ok
22:35:43.0970 5256 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
22:35:43.0970 5256 C:\Windows\System32\shimeng.dll - ok
22:35:43.0970 5256 [ 14D289F63D9538306CB560C4CD12172F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130111.002\IDSxpx86.dll
22:35:43.0970 5256 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130111.002\IDSxpx86.dll - ok
22:35:43.0986 5256 [ CC7295046C9BE2237754B95CFC14F9C3 ] C:\PROGRA~2\Wincert\win32prop.dll
22:35:43.0986 5256 C:\PROGRA~2\Wincert\win32prop.dll - ok
22:35:43.0986 5256 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys
22:35:43.0986 5256 C:\Windows\System32\drivers\tcpipreg.sys - ok
22:35:43.0986 5256 [ 7FE3DE9DBE14205627B2D6D79ECFF770 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IDSAux.dll
22:35:43.0986 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IDSAux.dll - ok
22:35:44.0001 5256 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll
22:35:44.0001 5256 C:\Windows\System32\icaapi.dll - ok
22:35:44.0001 5256 [ 93659F3B85CFED41825F609161CBF7FB ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\htec.dll
22:35:44.0001 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\htec.dll - ok
22:35:44.0017 5256 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll
22:35:44.0017 5256 C:\Windows\System32\tquery.dll - ok
22:35:44.0017 5256 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll
22:35:44.0017 5256 C:\Windows\System32\wbem\wbemprox.dll - ok
22:35:44.0017 5256 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
22:35:44.0017 5256 C:\Program Files\Bonjour\mdnsNSP.dll - ok
22:35:44.0033 5256 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll
22:35:44.0033 5256 C:\Windows\System32\PortableDeviceApi.dll - ok
22:35:44.0033 5256 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
22:35:44.0033 5256 C:\Windows\System32\wiatrace.dll - ok
22:35:44.0033 5256 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll
22:35:44.0033 5256 C:\Windows\System32\winrnr.dll - ok
22:35:44.0048 5256 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll
22:35:44.0048 5256 C:\Windows\System32\wsdchngr.dll - ok
22:35:44.0048 5256 [ 5CC40498D6EA2D2E82D7617D06FE77EB ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ncwTrust.dll
22:35:44.0048 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ncwTrust.dll - ok
22:35:44.0048 5256 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
22:35:44.0048 5256 C:\Windows\System32\rasadhlp.dll - ok
22:35:44.0064 5256 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll
22:35:44.0064 5256 C:\Windows\System32\wbemcomn.dll - ok
22:35:44.0064 5256 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
22:35:44.0064 5256 C:\Windows\System32\wbem\WinMgmtR.dll - ok
22:35:44.0079 5256 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll
22:35:44.0079 5256 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
22:35:44.0079 5256 [ 70DE615623555A16EE8FA63F96C6B9E6 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccGEvt.dll
22:35:44.0079 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccGEvt.dll - ok
22:35:44.0079 5256 [ 867C301E8B790040AE9CF6486E8041DF ] C:\Windows\System32\drivers\WUDFRd.sys
22:35:44.0079 5256 C:\Windows\System32\drivers\WUDFRd.sys - ok
22:35:44.0095 5256 [ C371BD0997CE47CA32301D82BDCBF8DB ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AVPSVC32.dll
22:35:44.0095 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AVPSVC32.dll - ok
22:35:44.0095 5256 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll
22:35:44.0095 5256 C:\Windows\System32\mssrch.dll - ok
22:35:44.0095 5256 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll
22:35:44.0095 5256 C:\Windows\System32\wbem\wbemcore.dll - ok
22:35:44.0111 5256 [ 50F76323253CE77DE6664AAAFAB02985 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\BHSvcPlg.dll
22:35:44.0111 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\BHSvcPlg.dll - ok
22:35:44.0111 5256 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll
22:35:44.0111 5256 C:\Windows\System32\wbem\esscli.dll - ok
22:35:44.0126 5256 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll
22:35:44.0126 5256 C:\Windows\System32\wbem\fastprox.dll - ok
22:35:44.0126 5256 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll
22:35:44.0126 5256 C:\Windows\System32\msidle.dll - ok
22:35:44.0126 5256 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll
22:35:44.0126 5256 C:\Windows\System32\Query.dll - ok
22:35:44.0142 5256 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
22:35:44.0142 5256 C:\Windows\System32\sfc.dll - ok
22:35:44.0142 5256 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll
22:35:44.0142 5256 C:\Windows\System32\sfc_os.dll - ok
22:35:44.0157 5256 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll
22:35:44.0157 5256 C:\Windows\System32\sqmapi.dll - ok
22:35:44.0157 5256 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll
22:35:44.0157 5256 C:\Windows\System32\wbem\wbemsvc.dll - ok
22:35:44.0157 5256 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv
22:35:44.0157 5256 C:\Windows\System32\winspool.drv - ok
22:35:44.0173 5256 [ 016E71D45E5421483CB262419E71DFD3 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccGLog.dll
22:35:44.0173 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccGLog.dll - ok
22:35:44.0173 5256 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll
22:35:44.0173 5256 C:\Windows\System32\wbem\repdrvfs.dll - ok
22:35:44.0189 5256 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll
22:35:44.0189 5256 C:\Windows\System32\wbem\wmiutils.dll - ok
22:35:44.0189 5256 [ EEDDEF1A7623619FBED118E6A3A27DED ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSubEng.dll
22:35:44.0189 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSubEng.dll - ok
22:35:44.0189 5256 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll
22:35:44.0189 5256 C:\Windows\System32\hnetcfg.dll - ok
22:35:44.0204 5256 [ 980B6A5F92B8DB235C4A26728C2BE732 ] C:\Windows\System32\WUDFHost.exe
22:35:44.0204 5256 C:\Windows\System32\WUDFHost.exe - ok
22:35:44.0204 5256 [ 3BC6F51501B1F96AB4B03AA2B5D032E5 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SNDSvc.dll
22:35:44.0204 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SNDSvc.dll - ok
22:35:44.0220 5256 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll
22:35:44.0220 5256 C:\Windows\System32\netprofm.dll - ok
22:35:44.0220 5256 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
22:35:44.0220 5256 C:\Windows\System32\npmproxy.dll - ok
22:35:44.0220 5256 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll
22:35:44.0220 5256 C:\Windows\System32\mssprxy.dll - ok
22:35:44.0235 5256 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll
22:35:44.0235 5256 C:\Windows\System32\shfolder.dll - ok
22:35:44.0235 5256 [ F21F255B91CA4F04E4250DECD2067CBB ] C:\Windows\System32\bitsperf.dll
22:35:44.0235 5256 C:\Windows\System32\bitsperf.dll - ok
22:35:44.0235 5256 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll
22:35:44.0235 5256 C:\Windows\System32\pcadm.dll - ok
22:35:44.0251 5256 [ BBF9D987A16A9CDA18DAF8CAA070A1D0 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coSvcPlg.dll
22:35:44.0251 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coSvcPlg.dll - ok
22:35:44.0251 5256 [ 632557F2495931D952161465AA177B3B ] C:\Windows\System32\bitsigd.dll
22:35:44.0251 5256 C:\Windows\System32\bitsigd.dll - ok
22:35:44.0267 5256 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll
22:35:44.0267 5256 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
22:35:44.0267 5256 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll
22:35:44.0267 5256 C:\Windows\System32\wbem\wbemess.dll - ok
22:35:44.0282 5256 [ 91AD0140701CF93DE6FF520F32AF8078 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\isDataPr.dll
22:35:44.0282 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\isDataPr.dll - ok
22:35:44.0282 5256 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll
22:35:44.0282 5256 C:\Windows\System32\upnp.dll - ok
22:35:44.0282 5256 [ BAD37CD02764EC1654DF3AA8C45DB1FA ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coFFPlgn.dll
22:35:44.0282 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coFFPlgn.dll - ok
22:35:44.0298 5256 [ 10F13FFF542FEC4A2C4FA734EEBE56B9 ] C:\Windows\System32\qmgrprxy.dll
22:35:44.0298 5256 C:\Windows\System32\qmgrprxy.dll - ok
22:35:44.0298 5256 [ A36F7A256E65D858A7039DB00ADEEBDD ] C:\Windows\System32\WUDFx.dll
22:35:44.0298 5256 C:\Windows\System32\WUDFx.dll - ok
22:35:44.0298 5256 [ 497F27E279C0F921E2130BB89C1CB5CA ] C:\Program Files\Skype\Phone\Skype.exe
22:35:44.0298 5256 C:\Program Files\Skype\Phone\Skype.exe - ok
22:35:44.0313 5256 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui
22:35:44.0313 5256 C:\Windows\System32\en-US\tquery.dll.mui - ok
22:35:44.0313 5256 [ BAD37CD02764EC1654DF3AA8C45DB1FA ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
22:35:44.0313 5256 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll - ok
22:35:44.0313 5256 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll
22:35:44.0313 5256 C:\Windows\System32\esent.dll - ok
22:35:44.0329 5256 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe
22:35:44.0329 5256 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
22:35:44.0329 5256 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll
22:35:44.0329 5256 C:\Windows\System32\msscb.dll - ok
22:35:44.0329 5256 [ 119A487B94FCB54D5154EBFBFA124755 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
22:35:44.0329 5256 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
22:35:44.0345 5256 [ 46DD33E12D12A03CABF009FBB3F3D0E4 ] C:\Windows\System32\mpnotify.exe
22:35:44.0345 5256 C:\Windows\System32\mpnotify.exe - ok
22:35:44.0345 5256 [ 731F30A150DCDFA3C43DDDC3A639EC0F ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ISDataSv.dll
22:35:44.0345 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ISDataSv.dll - ok
22:35:44.0360 5256 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll
22:35:44.0360 5256 C:\Windows\System32\wbem\cimwin32.dll - ok
22:35:44.0360 5256 [ 262C6C64BE5BC4B1E97A9675A562DBC4 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\cltLMC.dll
22:35:44.0360 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\cltLMC.dll - ok
22:35:44.0360 5256 [ 50ABE7CDA2DAE898216121D14092C182 ] C:\Windows\System32\WMVCORE.DLL
22:35:44.0360 5256 C:\Windows\System32\WMVCORE.DLL - ok
22:35:44.0376 5256 [ 73C2FB42BD4040A90B683569AB633044 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CLTLMS.DLL
22:35:44.0376 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CLTLMS.DLL - ok
22:35:44.0376 5256 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll
22:35:44.0376 5256 C:\Windows\System32\framedynos.dll - ok
22:35:44.0376 5256 [ 03685E9EED7DC017F4986930ECE84BBB ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SymRdrSv.dll
22:35:44.0376 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SymRdrSv.dll - ok
22:35:44.0391 5256 [ 8B59FBBCE13B9A0BCFDCFAFAC962F621 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AppMgr32.dll
22:35:44.0391 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AppMgr32.dll - ok
22:35:44.0391 5256 [ 8D55BFE9D0354DD40D8AAB004682DB3C ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
22:35:44.0391 5256 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll - ok
22:35:44.0407 5256 [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\Windows\System32\WMASF.DLL
22:35:44.0407 5256 C:\Windows\System32\WMASF.DLL - ok
22:35:44.0407 5256 [ B2B117BD8D1EA80536CDD91797EF4A0A ] C:\Windows\System32\PortableDeviceClassExtension.dll
22:35:44.0407 5256 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
22:35:44.0407 5256 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll
22:35:44.0407 5256 C:\Windows\System32\PortableDeviceTypes.dll - ok
22:35:44.0423 5256 [ A1E45589FAC353D48CF8C342BFCBDDA3 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\hncore.dll
22:35:44.0423 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\hncore.dll - ok
22:35:44.0423 5256 [ 6F413C1D9581FFBC27DFBAF8D1E358B5 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\cltLMJ.dll
22:35:44.0423 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\cltLMJ.dll - ok
22:35:44.0438 5256 [ 9EB748E241AF1759C98F85FEAF15FBB7 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\FWGenPlg.dll
22:35:44.0438 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\FWGenPlg.dll - ok
22:35:44.0438 5256 [ EA1EA603902B1F5E30C2EEBCC974E799 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AVModule.dll
22:35:44.0438 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AVModule.dll - ok
22:35:44.0438 5256 [ AA5607632A1A84ABD82EAA5929800F62 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\DefUtDCD.dll
22:35:44.0438 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\DefUtDCD.dll - ok
22:35:44.0454 5256 [ 8EE84D6B8CCB808834D7E41713520A9D ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ducclib.dll
22:35:44.0454 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ducclib.dll - ok
22:35:44.0454 5256 [ 67689148A20D05FE7DF9BA8D470CFB63 ] C:\Windows\System32\BCMLogon.dll
22:35:44.0454 5256 C:\Windows\System32\BCMLogon.dll - ok
22:35:44.0469 5256 [ 8C7D907F45B9799DB815600EDE58E7C7 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\FWHelper.dll
22:35:44.0469 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\FWHelper.dll - ok
22:35:44.0469 5256 [ 52CB0185C73E1BA86CC7F726F22523C3 ] C:\Windows\System32\msjetoledb40.dll
22:35:44.0469 5256 C:\Windows\System32\msjetoledb40.dll - ok
22:35:44.0469 5256 [ 7CE1E4240F9FA41EE85683B9EEAB8767 ] C:\Windows\System32\msjet40.dll
22:35:44.0469 5256 C:\Windows\System32\msjet40.dll - ok
22:35:44.0485 5256 [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll
22:35:44.0485 5256 C:\Windows\System32\wbem\wmiprov.dll - ok
22:35:44.0485 5256 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll
22:35:44.0485 5256 C:\Windows\System32\wmi.dll - ok
22:35:44.0485 5256 [ E0B787702BAF0CF4CEDF8F61B71F8383 ] C:\Windows\System32\mswstr10.dll
22:35:44.0485 5256 C:\Windows\System32\mswstr10.dll - ok
22:35:44.0501 5256 [ 9371540C7231BC156501AB933F269762 ] C:\Windows\System32\msjint40.dll
22:35:44.0501 5256 C:\Windows\System32\msjint40.dll - ok
22:35:44.0501 5256 [ 534FD777CB2684392411CE7BCBBDF78E ] C:\Windows\System32\msjter40.dll
22:35:44.0501 5256 C:\Windows\System32\msjter40.dll - ok
22:35:44.0501 5256 [ 951F36219C7384C6ED6C9F44D45C5235 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
22:35:44.0501 5256 C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
22:35:44.0516 5256 [ 892125B60BA6C2A66F485A89C4A6B918 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
22:35:44.0516 5256 C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
22:35:44.0516 5256 [ 554ED6988E44FDF18941429E8B2CB652 ] C:\Windows\System32\msdart.dll
22:35:44.0516 5256 C:\Windows\System32\msdart.dll - ok
22:35:44.0516 5256 [ C84A5C60883395B875F01140F48BB887 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130112.007\NAVENG32.DLL
22:35:44.0516 5256 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130112.007\NAVENG32.DLL - ok
22:35:44.0532 5256 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll
22:35:44.0532 5256 C:\Windows\System32\cscapi.dll - ok
22:35:44.0532 5256 [ 2C2BE6006C058AD0D5031B0D1867959F ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\BHClient.dll
22:35:44.0532 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\BHClient.dll - ok
22:35:44.0547 5256 [ 79B0463638C7ED08DB71FE3437C95A44 ] C:\Windows\System32\msjtes40.dll
22:35:44.0547 5256 C:\Windows\System32\msjtes40.dll - ok
22:35:44.0547 5256 [ 254C64B570A99F10952ACA71F24A2236 ] C:\Windows\System32\expsrv.dll
22:35:44.0547 5256 C:\Windows\System32\expsrv.dll - ok
22:35:44.0547 5256 [ 4995B131F6B4DA0F8F7D2191E37054BD ] C:\Windows\System32\vbajet32.dll
22:35:44.0547 5256 C:\Windows\System32\vbajet32.dll - ok
22:35:44.0563 5256 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll
22:35:44.0563 5256 C:\Windows\System32\localspl.dll - ok
22:35:44.0563 5256 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll
22:35:44.0563 5256 C:\Windows\System32\tcpmon.dll - ok
22:35:44.0563 5256 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
22:35:44.0563 5256 C:\Windows\System32\snmpapi.dll - ok
22:35:44.0579 5256 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll
22:35:44.0579 5256 C:\Windows\System32\wsnmp32.dll - ok
22:35:44.0579 5256 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
22:35:44.0579 5256 C:\Windows\System32\mgmtapi.dll - ok
22:35:44.0579 5256 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
22:35:44.0579 5256 C:\Windows\System32\tcpmib.dll - ok
22:35:44.0594 5256 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll
22:35:44.0594 5256 C:\Windows\System32\usbmon.dll - ok
22:35:44.0594 5256 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll
22:35:44.0594 5256 C:\Windows\System32\WSDMon.dll - ok
22:35:44.0610 5256 [ A4E7946B71BBDF8708C7AC97FD9E9008 ] C:\Windows\System32\win32spl.dll
22:35:44.0610 5256 C:\Windows\System32\win32spl.dll - ok
22:35:44.0610 5256 [ E6A9C015DCB58D66E4E71FD74A008FF6 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\FWSetup.dll
22:35:44.0610 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\FWSetup.dll - ok
22:35:44.0625 5256 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll
22:35:44.0625 5256 C:\Windows\System32\inetpp.dll - ok
22:35:44.0625 5256 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
22:35:44.0625 5256 C:\Windows\System32\netrap.dll - ok
22:35:44.0625 5256 [ 2D3D47B93E0BE86EEBB261734AB5B6A1 ] C:\Windows\System32\printcom.dll
22:35:44.0625 5256 C:\Windows\System32\printcom.dll - ok
22:35:44.0641 5256 [ 95A5497D129D95D12A46F7848AFFE1DB ] C:\Windows\System32\comsvcs.dll
22:35:44.0641 5256 C:\Windows\System32\comsvcs.dll - ok
22:35:44.0641 5256 [ 23DC7C3D5C991720CC0F0CA4FD77F77F ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AVifc.dll
22:35:44.0641 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AVifc.dll - ok
22:35:44.0657 5256 [ A8E2F76F136A0E664B68A48028D4AF93 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
22:35:44.0657 5256 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
22:35:44.0657 5256 [ CDE9F06A3F1D7907599329561D71C8F3 ] C:\Windows\System32\FirewallSettings.exe
22:35:44.0657 5256 C:\Windows\System32\FirewallSettings.exe - ok
22:35:44.0672 5256 [ E92B1E9547EE8C46C044E1A85F99377B ] C:\Windows\System32\spool\drivers\w32x86\3\mxdwdrv.dll
22:35:44.0672 5256 C:\Windows\System32\spool\drivers\w32x86\3\mxdwdrv.dll - ok
22:35:44.0672 5256 [ 9A212E987D41A94FA1050DF29157E1FC ] C:\Windows\System32\bcmwlrmt.dll
22:35:44.0672 5256 C:\Windows\System32\bcmwlrmt.dll - ok
22:35:44.0672 5256 [ FECE8C41530B9049C73EBECB8E372B9C ] C:\Windows\System32\wltrynt.dll
22:35:44.0672 5256 C:\Windows\System32\wltrynt.dll - ok
22:35:44.0688 5256 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
22:35:44.0688 5256 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
22:35:44.0688 5256 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
22:35:44.0688 5256 C:\Windows\System32\dllhost.exe - ok
22:35:44.0703 5256 [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe
22:35:44.0703 5256 C:\Windows\System32\AtBroker.exe - ok
22:35:44.0703 5256 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe
22:35:44.0703 5256 C:\Windows\System32\userinit.exe - ok
22:35:44.0703 5256 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll
22:35:44.0703 5256 C:\Windows\System32\dwmapi.dll - ok
22:35:44.0719 5256 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll
22:35:44.0719 5256 C:\Windows\System32\dwmredir.dll - ok
22:35:44.0719 5256 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe
22:35:44.0719 5256 C:\Windows\System32\taskeng.exe - ok
22:35:44.0719 5256 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll
22:35:44.0719 5256 C:\Windows\System32\milcore.dll - ok
22:35:44.0735 5256 [ D102AD7C62914BAB318C57D4080A0F8B ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\uiHost.dll
22:35:44.0735 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\uiHost.dll - ok
22:35:44.0735 5256 [ 9B36E3D7EC78BA7512C54D9FE725B11B ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\NPCTray.dll
22:35:44.0735 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\NPCTray.dll - ok
22:35:44.0735 5256 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll
22:35:44.0735 5256 C:\Windows\System32\d3d9.dll - ok
22:35:44.0750 5256 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll
22:35:44.0750 5256 C:\Windows\System32\HotStartUserAgent.dll - ok
22:35:44.0750 5256 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
22:35:44.0750 5256 C:\Windows\System32\TSChannel.dll - ok
22:35:44.0750 5256 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll
22:35:44.0750 5256 C:\Windows\System32\MsCtfMonitor.dll - ok
22:35:44.0766 5256 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll
22:35:44.0766 5256 C:\Windows\System32\msutb.dll - ok
22:35:44.0766 5256 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll
22:35:44.0766 5256 C:\Windows\System32\PlaySndSrv.dll - ok
22:35:44.0766 5256 [ 81D072F09D6243824F7DE6C4A430CFDE ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AVPAPP32.dll
22:35:44.0781 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AVPAPP32.dll - ok
22:35:44.0781 5256 [ 0FA15B1ADAAA642FFBFE0AE9E959AF51 ] C:\Users\NATE\AppData\Roaming\HOOLAP~1\Hoolapp.exe
22:35:44.0781 5256 C:\Users\NATE\AppData\Roaming\HOOLAP~1\Hoolapp.exe - ok
22:35:44.0781 5256 [ DE515A126F211B054413C0BDD034B55D ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\asOEHook.dll
22:35:44.0781 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\asOEHook.dll - ok
22:35:44.0797 5256 [ DFCFD79107AAF8676C93B828D1767067 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coDataPr.dll
22:35:44.0797 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coDataPr.dll - ok
22:35:44.0797 5256 [ FE06336D43CEB0267D6A4C602736DE73 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccEmlPxy.dll
22:35:44.0797 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccEmlPxy.dll - ok
22:35:44.0797 5256 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
22:35:44.0797 5256 C:\Windows\System32\d3d8thk.dll - ok
22:35:44.0813 5256 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe
22:35:44.0813 5256 C:\Windows\explorer.exe - ok
22:35:44.0813 5256 [ 5424C6ABF120A6C9C284C53F24B815D5 ] C:\Windows\System32\igdumdx32.dll
22:35:44.0813 5256 C:\Windows\System32\igdumdx32.dll - ok
22:35:44.0813 5256 [ 8707CE8BA3BA361FEE17A5238FD83717 ] C:\Windows\System32\igdumd32.dll
22:35:44.0813 5256 C:\Windows\System32\igdumd32.dll - ok
22:35:44.0828 5256 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll
22:35:44.0828 5256 C:\Windows\System32\shdocvw.dll - ok
22:35:44.0828 5256 [ A944A73CEC5921B871542FE5CC5E03E4 ] C:\Windows\System32\olepro32.dll
22:35:44.0828 5256 C:\Windows\System32\olepro32.dll - ok
22:35:44.0828 5256 [ 92D1B7E3981A24B8F3093CE42AB31C68 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
22:35:44.0828 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll - ok
22:35:44.0844 5256 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll
22:35:44.0844 5256 C:\Windows\System32\uDWM.dll - ok
22:35:44.0844 5256 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
22:35:44.0844 5256 C:\Windows\System32\linkinfo.dll - ok
22:35:44.0844 5256 [ 00C143D93BDD790EFF4677BD6D7C0927 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\cltAlDis.dll
22:35:44.0844 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\cltAlDis.dll - ok
22:35:44.0859 5256 [ 3FBCF53FB4E70C2BAB7E22CF252A6019 ] C:\Program Files\Norton Internet Security\MUI\16.8.0.41\09\01\cltRes.loc
22:35:44.0859 5256 C:\Program Files\Norton Internet Security\MUI\16.8.0.41\09\01\cltRes.loc - ok
22:35:44.0859 5256 [ 594FE8289EA3D62A27DE73D3F4FE23B1 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\FWSesAl.dll
22:35:44.0859 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\FWSesAl.dll - ok
22:35:44.0875 5256 [ 643A8A3F3A94E7E6D0B41E9932D1013A ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SymRedir.dll
22:35:44.0875 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SymRedir.dll - ok
22:35:44.0875 5256 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll
22:35:44.0875 5256 C:\Windows\System32\actxprxy.dll - ok
22:35:44.0891 5256 [ B31A568075685F11B0883890DC541A2B ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AcctMgr.dll
22:35:44.0891 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AcctMgr.dll - ok
22:35:44.0891 5256 [ 23B5E7F5C4C71D7143A50DDF67071D7A ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SDKCmn.dll
22:35:44.0891 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SDKCmn.dll - ok
22:35:44.0906 5256 [ E1D0C7866A544A1BA9CBEDFE7C35F085 ] C:\Windows\System32\dinput.dll
22:35:44.0906 5256 C:\Windows\System32\dinput.dll - ok
22:35:44.0906 5256 [ 6D16B419539602E71DC3078B6B906633 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\uiAlert.dll
22:35:44.0906 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\uiAlert.dll - ok
22:35:44.0906 5256 [ 1AFBDE72E62E51B30C0B0F47946CE0DB ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\asFilter.dll
22:35:44.0906 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\asFilter.dll - ok
22:35:44.0922 5256 [ 471D9B5EA8F341A9D0ADD802C2D6B026 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\asUniPlg.dll
22:35:44.0922 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\asUniPlg.dll - ok
22:35:44.0922 5256 [ D959AAFC3AB1291534FF564403C49CF4 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\NPCStatus.dll
22:35:44.0922 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\NPCStatus.dll - ok
22:35:44.0937 5256 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll
22:35:44.0937 5256 C:\Windows\System32\TMM.dll - ok
22:35:44.0937 5256 [ 58A2C50790F4D39BCE7843A64E6CAAC2 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\hsui.dll
22:35:44.0937 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\hsui.dll - ok
22:35:44.0953 5256 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll
22:35:44.0953 5256 C:\Windows\System32\browseui.dll - ok
22:35:44.0953 5256 [ EAC42C5C98AC7E90313065C195655161 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AVMail.dll
22:35:44.0953 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\AVMail.dll - ok
22:35:44.0953 5256 [ 7C7DAC44271CC9BC18A35922DEED4559 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\cltui.dll
22:35:44.0953 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\cltui.dll - ok
22:35:44.0969 5256 [ 73142851D625B94746E5D7B74A1BAE17 ] C:\Windows\System32\igfxTMM.dll
22:35:44.0969 5256 C:\Windows\System32\igfxTMM.dll - ok
22:35:44.0969 5256 [ CECB7971499C5E84F701AFABDDFFA27C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
22:35:44.0969 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll - ok
22:35:44.0984 5256 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
22:35:44.0984 5256 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
22:35:44.0984 5256 [ 5C7E57540A758CD6660101889068053C ] C:\Program Files\MyPC Backup\MPCBIconOverlays.dll
22:35:44.0984 5256 C:\Program Files\MyPC Backup\MPCBIconOverlays.dll - ok
22:35:44.0984 5256 [ 6B184BDCECB71A4EB7081CF3C9196587 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\isPwd.dll
22:35:44.0984 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\isPwd.dll - ok
22:35:45.0000 5256 [ 9B2AC62A9AAB3369B253411C14B92FCB ] C:\Program Files\MyPC Backup\LogicNP.EZShellExtensions.dll
22:35:45.0000 5256 C:\Program Files\MyPC Backup\LogicNP.EZShellExtensions.dll - ok
22:35:45.0000 5256 [ 710F40CF88AA7A1FE5A15BA09EDB8DD7 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SymHTML.dll
22:35:45.0000 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\SymHTML.dll - ok
22:35:45.0000 5256 [ 1CD379DEA582B44D5A367F73EEB79A81 ] C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
22:35:45.0015 5256 C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - ok
22:35:45.0015 5256 [ C4E343A6EBE21F7B3C5E257FF541D0B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll
22:35:45.0015 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll - ok
22:35:45.0031 5256 [ 31A7CF8B26035FCF58BD1DBF36B1E69A ] C:\Windows\System32\drivers\bcm42rly.sys
22:35:45.0031 5256 C:\Windows\System32\drivers\bcm42rly.sys - ok
22:35:45.0031 5256 [ 4E9592BB2C100E571F82640E59E9ECD5 ] C:\Users\NATE\AppData\Local\Google\Chrome\Application\chrome.exe
22:35:45.0031 5256 C:\Users\NATE\AppData\Local\Google\Chrome\Application\chrome.exe - ok
22:35:45.0031 5256 [ 506B6592BF6116521F152DCCB39A6143 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
22:35:45.0031 5256 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
22:35:45.0062 5256 [ FA060A54D3FFB0694EA37A8F82A58F30 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll
22:35:45.0062 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll - ok
22:35:45.0062 5256 [ FD8058C6C9A016C3DB56FDC78A0C2965 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll
22:35:45.0062 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll - ok
22:35:45.0078 5256 [ 295363D4317820AED0D527E15B90A8ED ] C:\Windows\System32\pdh.dll
22:35:45.0078 5256 C:\Windows\System32\pdh.dll - ok
22:35:45.0078 5256 [ 4BF4996B4A35B473803FD479D4813B9E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4324113139782a29f66e449cf2f8ac14\System.Xml.ni.dll
22:35:45.0078 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4324113139782a29f66e449cf2f8ac14\System.Xml.ni.dll - ok
22:35:45.0078 5256 [ 7D1A10A1F3562CCA1FD38E9BADA8FEC0 ] C:\Windows\System32\perfos.dll
22:35:45.0078 5256 C:\Windows\System32\perfos.dll - ok
22:35:45.0093 5256 [ AF2F0222C114C1E917FD54B8EB40CE33 ] C:\Windows\System32\perfproc.dll
22:35:45.0093 5256 C:\Windows\System32\perfproc.dll - ok
22:35:45.0093 5256 [ 80725A732ABA27911402F9CA09FEDE23 ] C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
22:35:45.0093 5256 C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll - ok
22:35:45.0093 5256 [ E6E89CE2D49328E7F20F5A0995E62B91 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\d995a0e7d64a874cddea6294caaa2539\System.Transactions.ni.dll
22:35:45.0093 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\d995a0e7d64a874cddea6294caaa2539\System.Transactions.ni.dll - ok
22:35:45.0109 5256 [ B74BB4FA1CB68892CAF2E3A586A55E23 ] C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
22:35:45.0109 5256 C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
22:35:45.0109 5256 [ 17A282BD98312C835DC9F9429688B93C ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
22:35:45.0109 5256 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
22:35:45.0125 5256 [ 108C49BB443E08DBE065A66DE758B5BA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
22:35:45.0125 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll - ok
22:35:45.0125 5256 [ 1D3D0925F0098E664CAB414D4E507792 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
22:35:45.0125 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll - ok
22:35:45.0125 5256 [ E2C80C6C8BA5D2847601C5F8D426B63A ] C:\Program Files\MyPC Backup\AWSSDK.dll
22:35:45.0125 5256 C:\Program Files\MyPC Backup\AWSSDK.dll - ok
22:35:45.0140 5256 [ FE0BD7AB42B51001EF38A998965A5A4D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\36dc923935a96557c81daa014e7e2ba8\System.EnterpriseServices.ni.dll
22:35:45.0140 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\36dc923935a96557c81daa014e7e2ba8\System.EnterpriseServices.ni.dll - ok
22:35:45.0140 5256 [ 67EE46FD4D3B56531C5DD1BDC149275A ] C:\Program Files\Internet Explorer\iexplore.exe
22:35:45.0140 5256 C:\Program Files\Internet Explorer\iexplore.exe - ok
22:35:45.0140 5256 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL
22:35:45.0140 5256 C:\Windows\System32\QAGENT.DLL - ok
22:35:45.0156 5256 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll
22:35:45.0156 5256 C:\Windows\System32\EhStorShell.dll - ok
22:35:45.0156 5256 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL
22:35:45.0156 5256 C:\Windows\System32\QUTIL.DLL - ok
22:35:45.0156 5256 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
22:35:45.0156 5256 C:\Windows\System32\imageres.dll - ok
22:35:45.0171 5256 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
22:35:45.0171 5256 C:\Windows\System32\IconCodecService.dll - ok
22:35:45.0171 5256 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe
22:35:45.0171 5256 C:\Windows\System32\runonce.exe - ok
22:35:45.0187 5256 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe
22:35:45.0187 5256 C:\Windows\System32\cmd.exe - ok
22:35:45.0187 5256 [ B81388E9FE895065FD5CEAF3C11FDC3F ] C:\Windows\System32\ieframe.dll
22:35:45.0187 5256 C:\Windows\System32\ieframe.dll - ok
22:35:45.0187 5256 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\NATE\AppData\Local\Temp\4C27C403-9333-4DB2-9E79-2A6318E941BE.exe
22:35:45.0187 5256 C:\Users\NATE\AppData\Local\Temp\4C27C403-9333-4DB2-9E79-2A6318E941BE.exe - ok
22:35:45.0203 5256 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
22:35:45.0203 5256 C:\Windows\System32\ie4uinit.exe - ok
22:35:45.0203 5256 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll
22:35:45.0203 5256 C:\Windows\System32\mlang.dll - ok
22:35:45.0203 5256 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
22:35:45.0203 5256 C:\Windows\System32\iedkcs32.dll - ok
22:35:45.0218 5256 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl
22:35:45.0218 5256 C:\Windows\System32\timedate.cpl - ok
22:35:45.0218 5256 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll
22:35:45.0218 5256 C:\Windows\System32\msshsq.dll - ok
22:35:45.0218 5256 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll
22:35:45.0218 5256 C:\Windows\System32\NaturalLanguage6.dll - ok
22:35:45.0234 5256 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll
22:35:45.0234 5256 C:\Windows\System32\NlsData0009.dll - ok
22:35:45.0234 5256 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll
22:35:45.0234 5256 C:\Windows\System32\NlsLexicons0009.dll - ok
22:35:45.0234 5256 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe
22:35:45.0234 5256 C:\Program Files\Windows Defender\MSASCui.exe - ok
22:35:45.0249 5256 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll
22:35:45.0249 5256 C:\Windows\System32\networkexplorer.dll - ok
22:35:45.0249 5256 [ 7BC0410ADF51083C2694AC19FF3C6847 ] C:\Program Files\Windows Defender\MpRtMon.dll
22:35:45.0249 5256 C:\Program Files\Windows Defender\MpRtMon.dll - ok
22:35:45.0265 5256 [ 4B5CB170A7CABCBB4E5328A8116C7816 ] C:\Program Files\DellTPad\Apoint.exe
22:35:45.0265 5256 C:\Program Files\DellTPad\Apoint.exe - ok
22:35:45.0265 5256 [ 8F48849314EF6AF4E0B925539E52B16F ] C:\Windows\OEM13Mon.exe
22:35:45.0265 5256 C:\Windows\OEM13Mon.exe - ok
22:35:45.0281 5256 [ 861797D3C83A6EBA05FB2C63B1A45E82 ] C:\Windows\System32\ksproxy.ax
22:35:45.0281 5256 C:\Windows\System32\ksproxy.ax - ok
22:35:45.0281 5256 [ 58D5885E1ECC03FA688BE1E4B515134E ] C:\Windows\System32\igfxtray.exe
22:35:45.0281 5256 C:\Windows\System32\igfxtray.exe - ok
22:35:45.0296 5256 [ 13856EE6F7FFCC89DBB6482580ADD348 ] C:\Windows\System32\hccutils.dll
22:35:45.0296 5256 C:\Windows\System32\hccutils.dll - ok
22:35:45.0296 5256 [ C8D569ED00259D2F21DBEDEBB5EF720A ] C:\Windows\System32\hkcmd.exe
22:35:45.0296 5256 C:\Windows\System32\hkcmd.exe - ok
22:35:45.0296 5256 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll
22:35:45.0296 5256 C:\Windows\System32\thumbcache.dll - ok
22:35:45.0312 5256 [ 0EBC66039AE6D33E2542D0F8C8B6E305 ] C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll
22:35:45.0312 5256 C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll - ok
22:35:45.0312 5256 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll
22:35:45.0312 5256 C:\Windows\System32\ntshrui.dll - ok
22:35:45.0327 5256 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll
22:35:45.0327 5256 C:\Windows\System32\riched20.dll - ok
22:35:45.0327 5256 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
22:35:45.0327 5256 C:\Windows\System32\control.exe - ok
22:35:45.0327 5256 [ 37839641F7352FC6414E34357BA6AE86 ] C:\Windows\System32\igfxpers.exe
22:35:45.0327 5256 C:\Windows\System32\igfxpers.exe - ok
22:35:45.0343 5256 [ 18BB82931E79F96A93291E9C9C7DDAB5 ] C:\Windows\System32\igfxsrvc.exe
22:35:45.0343 5256 C:\Windows\System32\igfxsrvc.exe - ok
22:35:45.0343 5256 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll
22:35:45.0343 5256 C:\Windows\System32\ExplorerFrame.dll - ok
22:35:45.0343 5256 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
22:35:45.0343 5256 C:\Windows\System32\msiltcfg.dll - ok
22:35:45.0359 5256 [ DAC9B43BBFA0359E252DDB0CB91DEA6D ] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
22:35:45.0359 5256 C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe - ok
22:35:45.0359 5256 [ B797830C7DC0B7E2C53492DC2C3517E8 ] C:\Windows\System32\igfxsrvc.dll
22:35:45.0359 5256 C:\Windows\System32\igfxsrvc.dll - ok
22:35:45.0374 5256 [ 3E767E9E46EB474752A0AF6AF29E7F97 ] C:\Windows\System32\igfxdev.dll
22:35:45.0374 5256 C:\Windows\System32\igfxdev.dll - ok
22:35:45.0374 5256 [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll
22:35:45.0374 5256 C:\Windows\System32\dxgi.dll - ok
22:35:45.0374 5256 [ 915B90252CABC9D755BF247FA0B89CF3 ] C:\Windows\System32\WLTRAY.EXE
22:35:45.0374 5256 C:\Windows\System32\WLTRAY.EXE - ok
22:35:45.0390 5256 [ 267B3A856E9F4DB1CABD4E6DB71E07D2 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
22:35:45.0390 5256 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe - ok
22:35:45.0390 5256 [ 33A8CC84A281B4C7F7FBAA6DC3CA26A4 ] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
22:35:45.0390 5256 C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe - ok
22:35:45.0405 5256 [ BE4C00E9BF06C136A1F63856BB7AAC5E ] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
22:35:45.0405 5256 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe - ok
22:35:45.0405 5256 [ 33BFA6D3DCAA0506B3B888946082A0ED ] C:\Program Files\IDT\WDM\sttray.exe
22:35:45.0405 5256 C:\Program Files\IDT\WDM\sttray.exe - ok
22:35:45.0405 5256 [ 5201ABFD71ABC1C418999E0F7DCBF8BF ] C:\Program Files\DellTPad\Apoint.dll
22:35:45.0405 5256 C:\Program Files\DellTPad\Apoint.dll - ok
22:35:45.0421 5256 [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
22:35:45.0421 5256 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
22:35:45.0421 5256 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
22:35:45.0421 5256 C:\Program Files\Windows Calendar\WinCal.exe - ok
22:35:45.0421 5256 [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files\iTunes\iTunesHelper.exe
22:35:45.0421 5256 C:\Program Files\iTunes\iTunesHelper.exe - ok
22:35:45.0437 5256 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
22:35:45.0437 5256 C:\Program Files\Windows Mail\wab.exe - ok
22:35:45.0437 5256 [ D2CD32B400CEDD0E2B87EF0E46B170C3 ] C:\Program Files\Settings Alerter\Datamngr\datamngrUI.exe
22:35:45.0437 5256 C:\Program Files\Settings Alerter\Datamngr\datamngrUI.exe - ok
22:35:45.0452 5256 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\02176715.sys
22:35:45.0452 5256 C:\Windows\System32\drivers\02176715.sys - ok
22:35:45.0452 5256 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
22:35:45.0452 5256 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
22:35:45.0468 5256 [ 2AA7DBDA264CFDF55880A9E729914B5C ] C:\Program Files\Ask.com\Updater\Updater.exe
22:35:45.0468 5256 C:\Program Files\Ask.com\Updater\Updater.exe - ok
22:35:45.0468 5256 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
22:35:45.0468 5256 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
22:35:45.0468 5256 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
22:35:45.0468 5256 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
22:35:45.0483 5256 [ 8BF6E87D0A6455905B89049851704201 ] C:\Program Files\SearchProtect\bin\cltmng.exe
22:35:45.0483 5256 C:\Program Files\SearchProtect\bin\cltmng.exe - ok
22:35:45.0483 5256 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
22:35:45.0483 5256 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
22:35:45.0483 5256 [ D0B0E7887D449BDAA76738878694A505 ] C:\Windows\System32\igfxrenu.lrc
22:35:45.0499 5256 C:\Windows\System32\igfxrenu.lrc - ok
22:35:45.0499 5256 [ D36E908ECABB9FD76F64D42B736120F5 ] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\dmres.dll
22:35:45.0499 5256 C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\dmres.dll - ok
22:35:45.0499 5256 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe
22:35:45.0499 5256 C:\Windows\System32\wuapp.exe - ok
22:35:45.0515 5256 [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files\iTunes\iTunesHelper.dll
22:35:45.0515 5256 C:\Program Files\iTunes\iTunesHelper.dll - ok
22:35:45.0515 5256 [ 00000000000000000000000000000000 ] C:\Windows\System32\mrt.exe
22:35:45.0515 5256 C:\Windows\System32\mrt.exe - ok
22:35:45.0515 5256 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe
22:35:45.0515 5256 C:\Program Files\Windows Sidebar\sidebar.exe - ok
22:35:45.0530 5256 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\NATE\AppData\Local\Google\Update\GoogleUpdate.exe
22:35:45.0530 5256 C:\Users\NATE\AppData\Local\Google\Update\GoogleUpdate.exe - ok
22:35:45.0530 5256 [ 2A3FB4C98F139038E23330D2439DB8A4 ] C:\Users\NATE\AppData\Local\Facebook\Update\FacebookUpdate.exe
22:35:45.0530 5256 C:\Users\NATE\AppData\Local\Facebook\Update\FacebookUpdate.exe - ok
22:35:45.0530 5256 [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\Windows\System32\msftedit.dll
22:35:45.0530 5256 C:\Windows\System32\msftedit.dll - ok
22:35:45.0546 5256 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll
22:35:45.0546 5256 C:\Windows\System32\stobject.dll - ok
22:35:45.0546 5256 [ B99D94A60ACD927D732732753655AEBD ] C:\Windows\System32\Vxdif.dll
22:35:45.0546 5256 C:\Windows\System32\Vxdif.dll - ok
22:35:45.0546 5256 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
22:35:45.0546 5256 C:\Windows\System32\batmeter.dll - ok
22:35:45.0561 5256 [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
22:35:45.0561 5256 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
22:35:45.0561 5256 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
22:35:45.0561 5256 C:\Windows\System32\SndVolSSO.dll - ok
22:35:45.0561 5256 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll
22:35:45.0561 5256 C:\Windows\System32\netshell.dll - ok
22:35:45.0577 5256 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll
22:35:45.0577 5256 C:\Windows\System32\pnidui.dll - ok
22:35:45.0577 5256 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll
22:35:45.0577 5256 C:\Windows\System32\rasdlg.dll - ok
22:35:45.0577 5256 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll
22:35:45.0577 5256 C:\Windows\System32\mprapi.dll - ok
22:35:45.0593 5256 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
22:35:45.0593 5256 C:\Windows\System32\AltTab.dll - ok
22:35:45.0593 5256 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll
22:35:45.0593 5256 C:\Windows\System32\WPDShServiceObj.dll - ok
22:35:45.0608 5256 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll
22:35:45.0608 5256 C:\Windows\System32\srchadmin.dll - ok
22:35:45.0608 5256 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
22:35:45.0608 5256 C:\Windows\System32\webcheck.dll - ok
22:35:45.0624 5256 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll
22:35:45.0624 5256 C:\Windows\System32\SyncCenter.dll - ok
22:35:45.0624 5256 [ ED52419927B7EB5202B28C5130431326 ] C:\Users\NATE\AppData\Local\Temp\spyxeos\spqvifd\wow.dll
22:35:45.0624 5256 C:\Users\NATE\AppData\Local\Temp\spyxeos\spqvifd\wow.dll - ok
22:35:45.0624 5256 [ 1553A59A0DD0B2092CFFA7B1ADD9C2F3 ] C:\Windows\System32\igfxress.dll
22:35:45.0624 5256 C:\Windows\System32\igfxress.dll - ok
22:35:45.0639 5256 [ DDF544B0B4957235AB4955DD385F31BE ] C:\Program Files\IDT\WDM\stlang.dll
22:35:45.0639 5256 C:\Program Files\IDT\WDM\stlang.dll - ok
22:35:45.0639 5256 [ 81B43F7E896D65CFA3D5F1B640C88F12 ] C:\Program Files\DellTPad\EzAuto.dll
22:35:45.0639 5256 C:\Program Files\DellTPad\EzAuto.dll - ok
22:35:45.0655 5256 [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
22:35:45.0655 5256 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
22:35:45.0655 5256 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll
22:35:45.0655 5256 C:\Windows\System32\cryptui.dll - ok
22:35:45.0655 5256 [ AB530FDD34C67B497A20171D1234CFE9 ] C:\Windows\System32\riched32.dll
22:35:45.0655 5256 C:\Windows\System32\riched32.dll - ok
22:35:45.0671 5256 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll
22:35:45.0671 5256 C:\Windows\System32\mfc42.dll - ok
22:35:45.0671 5256 [ 6434516C878E6A291F72758717FF8DB0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll
22:35:45.0671 5256 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll - ok
22:35:45.0671 5256 [ EB0AD0BBAB987A31AE6478D576403445 ] C:\Program Files\DellTPad\ApMsgFwd.exe
22:35:45.0671 5256 C:\Program Files\DellTPad\ApMsgFwd.exe - ok
22:35:45.0686 5256 [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\Windows\System32\ddraw.dll
22:35:45.0686 5256 C:\Windows\System32\ddraw.dll - ok
22:35:45.0686 5256 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll
22:35:45.0686 5256 C:\Windows\System32\odbc32.dll - ok
22:35:45.0686 5256 [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\System32\dciman32.dll
22:35:45.0686 5256 C:\Windows\System32\dciman32.dll - ok
22:35:45.0702 5256 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll
22:35:45.0702 5256 C:\Windows\System32\mapi32.dll - ok
22:35:45.0702 5256 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
22:35:45.0702 5256 C:\Windows\System32\odbcint.dll - ok
22:35:45.0702 5256 [ E44C7D6F8D665DA2D9385E5E15EDEEF7 ] C:\Windows\System32\consent.exe
22:35:45.0702 5256 C:\Windows\System32\consent.exe - ok
22:35:45.0717 5256 [ 7D1F2AFE12BAFC4C18C5A0E3C6866E38 ] C:\Program Files\Windows Defender\MpRtPlug.dll
22:35:45.0717 5256 C:\Program Files\Windows Defender\MpRtPlug.dll - ok
22:35:45.0717 5256 [ 8A38B5E8493A9D103083B8620AC5F3A1 ] C:\Windows\System32\tdh.dll
22:35:45.0717 5256 C:\Windows\System32\tdh.dll - ok
22:35:45.0733 5256 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll
22:35:45.0733 5256 C:\Windows\System32\wscapi.dll - ok
22:35:45.0733 5256 [ 1B593FBB763150BD225DF266C69A9329 ] C:\Windows\System32\mfc42u.dll
22:35:45.0733 5256 C:\Windows\System32\mfc42u.dll - ok
22:35:45.0749 5256 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll
22:35:45.0749 5256 C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll - ok
22:35:45.0749 5256 [ FB767E28F33F26849FA776DA7379E5C1 ] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.crl
22:35:45.0749 5256 C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.crl - ok
22:35:45.0749 5256 [ 758D99511FD82B6C55E70494039E9F1A ] C:\Users\NATE\AppData\Local\Google\Update\1.3.21.145\goopdate.dll
22:35:45.0749 5256 C:\Users\NATE\AppData\Local\Google\Update\1.3.21.145\goopdate.dll - ok
22:35:45.0764 5256 [ DB1976563498431B55D1A5D6F0548663 ] C:\Users\NATE\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
22:35:45.0764 5256 C:\Users\NATE\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll - ok
22:35:45.0764 5256 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll
22:35:45.0764 5256 C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll - ok
22:35:45.0764 5256 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
22:35:45.0764 5256 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
22:35:45.0780 5256 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll
22:35:45.0780 5256 C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll - ok
22:35:45.0780 5256 [ 0844ABA642082B949C9C05719A4A6774 ] C:\Program Files\Dell\Dell Webcam Manager\HookWnd.dll
22:35:45.0780 5256 C:\Program Files\Dell\Dell Webcam Manager\HookWnd.dll - ok
22:35:45.0780 5256 [ 8BF6E87D0A6455905B89049851704201 ] C:\Users\NATE\AppData\Roaming\SearchProtect\bin\cltmng.exe
22:35:45.0780 5256 C:\Users\NATE\AppData\Roaming\SearchProtect\bin\cltmng.exe - ok
22:35:45.0795 5256 [ 09EAABEC4C378C788E3137F0D31D0CFC ] C:\Program Files\DellTPad\ApntEx.exe
22:35:45.0795 5256 C:\Program Files\DellTPad\ApntEx.exe - ok
22:35:45.0795 5256 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Users\NATE\AppData\Roaming\SearchProtect\bin\msvcp100.dll
22:35:45.0795 5256 C:\Users\NATE\AppData\Roaming\SearchProtect\bin\msvcp100.dll - ok
22:35:45.0811 5256 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll
22:35:45.0811 5256 C:\Windows\System32\mstask.dll - ok
22:35:45.0811 5256 [ EA7F750C761E49B544335D9AE39802CD ] C:\Program Files\DellTPad\hidfind.exe
22:35:45.0811 5256 C:\Program Files\DellTPad\hidfind.exe - ok
22:35:45.0811 5256 [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\Windows\System32\wscntfy.dll
22:35:45.0811 5256 C:\Windows\System32\wscntfy.dll - ok
22:35:45.0827 5256 [ BC0EA61246F8D940FBC5F652D337D6BD ] C:\Program Files\iPod\bin\iPodService.exe
22:35:45.0827 5256 C:\Program Files\iPod\bin\iPodService.exe - ok
22:35:45.0827 5256 [ 663B9790479E487D9B2D0E9580A7C769 ] C:\Users\NATE\AppData\Roaming\Askaga\qouqfye.exe
22:35:45.0827 5256 C:\Users\NATE\AppData\Roaming\Askaga\qouqfye.exe - ok
22:35:45.0827 5256 [ A5627810F2960D2F3B154154AC7D258D ] C:\Users\NATE\AppData\Roaming\Adobe\WINF9E8.exe
22:35:45.0827 5256 C:\Users\NATE\AppData\Roaming\Adobe\WINF9E8.exe - ok
22:35:45.0842 5256 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe
22:35:45.0842 5256 C:\Windows\System32\rundll32.exe - ok
22:35:45.0842 5256 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl
22:35:45.0842 5256 C:\Windows\System32\bthprops.cpl - ok
22:35:45.0858 5256 [ 240DBC4B5E382CA2F63A2562062E9A08 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
22:35:45.0858 5256 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
22:35:45.0858 5256 [ FC509EAAC8CFA34A961BB84147D66076 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
22:35:45.0858 5256 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
22:35:45.0858 5256 [ 7616A85477D2019DC7B4D3597AE615E4 ] C:\Windows\System32\CtCamMgr.dll
22:35:45.0858 5256 C:\Windows\System32\CtCamMgr.dll - ok
22:35:45.0873 5256 [ D19913FEB993FB7C2D1737E954996056 ] C:\Program Files\Windows Defender\MpAsDesc.dll
22:35:45.0873 5256 C:\Program Files\Windows Defender\MpAsDesc.dll - ok
22:35:45.0873 5256 [ 08AF125EE3522486011893FBCC962322 ] C:\Program Files\Windows Defender\MpEvMsg.dll
22:35:45.0873 5256 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
22:35:45.0873 5256 [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Users\NATE\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe
22:35:45.0873 5256 C:\Users\NATE\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
22:35:45.0889 5256 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Users\NATE\AppData\Roaming\SearchProtect\bin\msvcr100.dll
22:35:45.0889 5256 C:\Users\NATE\AppData\Roaming\SearchProtect\bin\msvcr100.dll - ok
22:35:45.0889 5256 [ D6804F089CBB6749E95124E7C4D80900 ] C:\Windows\AppPatch\AcLayers.dll
22:35:45.0889 5256 C:\Windows\AppPatch\AcLayers.dll - ok
22:35:45.0905 5256 [ A6F5B25905CD01AE714990E02C7205A5 ] C:\Windows\System32\mshtml.dll
22:35:45.0905 5256 C:\Windows\System32\mshtml.dll - ok
22:35:45.0905 5256 [ 3143D3E7E4CB7C189A7267253509C7F1 ] C:\Users\NATE\AppData\Roaming\wabEventSupport16\wabEventSupport16.dll
22:35:45.0905 5256 C:\Users\NATE\AppData\Roaming\wabEventSupport16\wabEventSupport16.dll - ok
22:35:45.0905 5256 [ A74DB1E8EBD71B5337DEFA078B4BBCEF ] C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll
22:35:45.0905 5256 C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll - ok
22:35:45.0920 5256 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\System32\msimtf.dll
22:35:45.0920 5256 C:\Windows\System32\msimtf.dll - ok
22:35:45.0920 5256 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll
22:35:45.0920 5256 C:\Windows\System32\rastapi.dll - ok
22:35:45.0920 5256 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
22:35:45.0920 5256 C:\Windows\System32\msls31.dll - ok
22:35:45.0936 5256 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp
22:35:45.0936 5256 C:\Windows\System32\unimdm.tsp - ok
22:35:45.0936 5256 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
22:35:45.0936 5256 C:\Windows\System32\uniplat.dll - ok
22:35:45.0936 5256 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp
22:35:45.0936 5256 C:\Windows\System32\kmddsp.tsp - ok
22:35:45.0951 5256 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
22:35:45.0951 5256 C:\Windows\System32\hidphone.tsp - ok
22:35:45.0951 5256 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp
22:35:45.0951 5256 C:\Windows\System32\ndptsp.tsp - ok
22:35:45.0967 5256 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll
22:35:45.0967 5256 C:\Windows\System32\rasppp.dll - ok
22:35:45.0967 5256 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll
22:35:45.0967 5256 C:\Windows\System32\rasqec.dll - ok
22:35:45.0967 5256 [ 57E68AE0BCEB0F70C8AA1C4A6D5C2050 ] C:\Windows\System32\jscript9.dll
22:35:45.0967 5256 C:\Windows\System32\jscript9.dll - ok
22:35:45.0983 5256 [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll
22:35:45.0983 5256 C:\Windows\System32\d2d1.dll - ok
22:35:45.0983 5256 [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll
22:35:45.0983 5256 C:\Windows\System32\DWrite.dll - ok
22:35:45.0983 5256 [ 6950BBCEB21F9C3CB3B52E90960109C3 ] C:\Windows\System32\devenum.dll
22:35:45.0983 5256 C:\Windows\System32\devenum.dll - ok
22:35:45.0998 5256 [ 5CEDF292F4573A1F36CC7DE598ECCFC7 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
22:35:45.0998 5256 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
22:35:45.0998 5256 [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll
22:35:45.0998 5256 C:\Windows\System32\d3d10_1.dll - ok
22:35:46.0014 5256 [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll
22:35:46.0014 5256 C:\Windows\System32\d3d10_1core.dll - ok
22:35:46.0014 5256 [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\System32\d3d10warp.dll
22:35:46.0014 5256 C:\Windows\System32\d3d10warp.dll - ok
22:35:46.0014 5256 [ B8AEFF80ABD57E6ABC6A46EAC7F4515F ] C:\Windows\System32\msdmo.dll
22:35:46.0014 5256 C:\Windows\System32\msdmo.dll - ok
22:35:46.0029 5256 [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\System32\avicap32.dll
22:35:46.0029 5256 C:\Windows\System32\avicap32.dll - ok
22:35:46.0029 5256 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll
22:35:46.0029 5256 C:\Windows\System32\msvfw32.dll - ok
22:35:46.0029 5256 [ 65C092EF598DCCA1D665D52F06829512 ] C:\Windows\System32\vfwwdm32.dll
22:35:46.0029 5256 C:\Windows\System32\vfwwdm32.dll - ok
22:35:46.0045 5256 [ 22BFD03DF51065A9ED8D17F8FB72296B ] C:\Windows\System32\ctfmon.exe
22:35:46.0045 5256 C:\Windows\System32\ctfmon.exe - ok
22:35:46.0045 5256 [ 3639755A8B5F2AE42B916246AF07C181 ] C:\Windows\System32\OEM13Hwx.dll
22:35:46.0045 5256 C:\Windows\System32\OEM13Hwx.dll - ok
22:35:46.0045 5256 [ BFA034AAC103D8A6F591AC9364688339 ] C:\Windows\System32\t2embed.dll
22:35:46.0045 5256 C:\Windows\System32\t2embed.dll - ok
22:35:46.0061 5256 [ 2E7EE8D14E1AE5E4711D6025D53E50BD ] C:\Windows\System32\OEM13Cvw.dll
22:35:46.0061 5256 C:\Windows\System32\OEM13Cvw.dll - ok
22:35:46.0061 5256 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll
22:35:46.0061 5256 C:\Windows\System32\msvcp60.dll - ok
22:35:46.0076 5256 [ 0EE85658C96593B4043D6CDC7F4167D3 ] C:\Windows\System32\cximage.dll
22:35:46.0076 5256 C:\Windows\System32\cximage.dll - ok
22:35:46.0076 5256 [ B49CEF589D47D9D3F602E118B1F5F3B5 ] C:\Windows\System32\jscript.dll
22:35:46.0076 5256 C:\Windows\System32\jscript.dll - ok
22:35:46.0076 5256 ============================================================
22:35:46.0076 5256 Scan finished
22:35:46.0076 5256 ============================================================
22:35:46.0092 5248 Detected object count: 2
22:35:46.0092 5248 Actual detected object count: 2
22:36:10.0423 5248 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:10.0423 5248 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:10.0423 5248 WajamUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:10.0423 5248 WajamUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:37:14.0887 2148 Deinitialize success

Step 2 I uninstalled the programs you listed. Ask Updater would not uninstall when I tried to remove it, but it was later removed on its own when I uninstalled Ask Toolbar. The rest of the programs uninstalled without a hitch.

Step 3 Here's the Adwcleaner log:

# AdwCleaner v2.303 - Logfile created 06/30/2013 at 22:43:41
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : NATE - NATE-PC
# Boot Mode : Normal
# Running from : C:\Users\NATE\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager
File Deleted : C:\END
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\NATE\AppData\Local\APN
Folder Deleted : C:\Users\NATE\AppData\Local\Conduit
Folder Deleted : C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Folder Deleted : C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Deleted : C:\Users\NATE\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\NATE\AppData\LocalLow\PriceGong

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282144
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.28] : search_url = "hxxp://isearch.fantastigames.com/web?src=crb&gct=ds&appid=100&systemid=439&q={s[...]
Deleted [l.2261] : homepage = "hxxp://isearch.fantastigames.com/439",

*************************

AdwCleaner[S1].txt - [4611 octets] - [30/06/2013 22:43:41]

########## EOF - C:\AdwCleaner[S1].txt - [4671 octets] ##########

Step 4 I changed my Chrome homepage, but the browser would not let me add a new search provider. Actually, no search providers are listed at all in Chrome's "Edit Search Providers" window (which is strange because the rather suspicious "Web Search Search" is the default search provider, even though it is not listed). Upon opening, Google Chrome displays an error message that says "Your Profile could not be opened correctly. Some features may be unavailable. Please check that the profile exists and you have permission to write to its contents." Maybe this error message could be related to the search provider problem?

Step 5 The only extension Chrome had installed was "Skype Click to Call," so I didn't change anything.

Step 6 The first time I tried to run the OTL fix, Windows told me OTL wasn't responding and closed the program. I ran the fix again and it completed without error. Here's the logs from both runs:

Files\Folders moved on Reboot...

Folder move failed. C:\Users\NATE\AppData\Roaming\wabEventSupport16 scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

All processes killed

========== OTL ==========

Error: No service named CltMngSvc was found to stop!

Service\Driver key CltMngSvc not found.

File C:\Program Files\SearchProtect\bin\CltMngSvc.exe not found.

Error: No service named WajamUpdater was found to stop!

Service\Driver key WajamUpdater not found.

File C:\Program Files\Wajam\Updater\WajamUpdater.exe not found.

Error: No service named knmqmjhc was found to stop!

Service\Driver key knmqmjhc not found.

File C:\Windows\system32\drivers\knmqmjhc.sys not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{d775a78f-33a1-4d54-949a-c251148afd2b} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d775a78f-33a1-4d54-949a-c251148afd2b}\ not found.

File C:\Program Files\Produtools_Forms_B\prxtbProd.dll not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2439}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2439}\ not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{d775a78f-33a1-4d54-949a-c251148afd2b} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d775a78f-33a1-4d54-949a-c251148afd2b}\ not found.

File C:\Program Files\Produtools_Forms_B\prxtbProd.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.

File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{37FB2D1F-F6D8-4623-9519-B1B8FB6B87C9}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37FB2D1F-F6D8-4623-9519-B1B8FB6B87C9}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A6C7229D-3157-4574-B88E-EC990111D994}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6C7229D-3157-4574-B88E-EC990111D994}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2439}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2439}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}\ not found.

File C:\Program Files\Wajam\IE\priam_bho.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d775a78f-33a1-4d54-949a-c251148afd2b}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d775a78f-33a1-4d54-949a-c251148afd2b}\ not found.

File C:\Program Files\Produtools_Forms_B\prxtbProd.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2D6C718-7E52-428E-8852-365C4B1A6E36}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2D6C718-7E52-428E-8852-365C4B1A6E36}\ not found.

File C:\Program Files\Settings Alerter\Datamngr\BrowserConnection.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.

File C:\Program Files\Yontoo\YontooIEClient.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{d775a78f-33a1-4d54-949a-c251148afd2b} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d775a78f-33a1-4d54-949a-c251148afd2b}\ not found.

File C:\Program Files\Produtools_Forms_B\prxtbProd.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D775A78F-33A1-4D54-949A-C251148AFD2B} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D775A78F-33A1-4D54-949A-C251148AFD2B}\ not found.

File C:\Program Files\Produtools_Forms_B\prxtbProd.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR not found.

File C:\Program Files\Settings Alerter\Datamngr\datamngrUI.exe not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtectAll not found.

File C:\Program Files\SearchProtect\bin\cltmng.exe not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Leduumopzaof not found.

File C:\Users\NATE\AppData\Roaming\Askaga\qouqfye.exe not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect not found.

File C:\Users\NATE\AppData\Roaming\SearchProtect\bin\cltmng.exe not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\TimeServer not found.

File C:\Users\NATE\AppData\Roaming\Adobe\WINF9E8.exe not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\wabEventSupport16 not found.

File C:\Users\NATE\AppData\Roaming\wabEventSupport16\wabEventSupport16.dll not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\Wincert\WIN32C~1.DLL deleted successfully.

File C:\ProgramData\Wincert\win32cert.dll not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\SETTIN~1\Datamngr\datamngr.dll deleted successfully.

File C:\Program Files\Settings Alerter\Datamngr\datamngr.dll not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\SETTIN~1\Datamngr\IEBHO.dll deleted successfully.

File C:\Program Files\Settings Alerter\Datamngr\IEBHO.dll not found.

File C:\Windows\tasks\Security Center Update - 4190968579.job not found.

Folder C:\Users\NATE\AppData\Roaming\Askaga\ not found.

Folder C:\Users\NATE\AppData\Roaming\SearchProtect\ not found.

C:\Users\NATE\AppData\Roaming\wabEventSupport16 folder moved successfully.

========== REGISTRY ==========

Registry key HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32\ deleted successfully.

========== FILES ==========

File\Folder C:\Program Files\Settings Alerter not found.

File\Folder C:\ProgramData\Wincert not found.

File\Folder C:\Program Files\Yontoo not found.

File\Folder C:\Program Files\Produtools_Forms_B not found.

File\Folder C:\Program Files\Wajam not found.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: NATE

->Temp folder emptied: 476563 bytes

->Temporary Internet Files folder emptied: 227290902 bytes

->Java cache emptied: 1085110 bytes

->Google Chrome cache emptied: 341569333 bytes

->Flash cache emptied: 7921 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 286665725 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 3857632652 bytes

Total Files Cleaned = 4,496.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 06302013_233949

Files\Folders moved on Reboot...

File\Folder C:\Windows\temp\JET72BE.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Step 7 Here's the OTL scan log:

OTL logfile created on: 7/1/2013 9:21:31 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\NATE\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 62.95% Memory free
6.12 Gb Paging File | 5.02 Gb Available in Paging File | 81.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218.20 Gb Total Space | 66.52 Gb Free Space | 30.49% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 10.32 Gb Free Space | 70.47% Space Free | Partition Type: NTFS
Drive E: | 45.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 1.96 Gb Total Space | 1.95 Gb Free Space | 99.60% Space Free | Partition Type: FAT32

Computer Name: NATE-PC | User Name: NATE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/27 14:53:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NATE\Desktop\OTL.exe
PRC - [2013/05/21 14:58:28 | 001,934,376 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe
PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/01/18 21:29:28 | 001,209,392 | ---- | M] () -- C:\Users\NATE\AppData\Roaming\HoolappForAndroid\Hoolapp.exe
PRC - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Updater\Updater.exe
PRC - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/09/21 20:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/31 10:28:10 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/03/31 10:28:00 | 000,249,938 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe
PRC - [2009/03/31 10:27:48 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe
PRC - [2009/03/31 10:26:12 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2009/03/31 10:25:54 | 000,217,088 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/03/31 10:25:52 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/03/31 10:25:50 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/02/04 22:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/18 13:27:18 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM13Mon.exe
PRC - [2009/01/07 23:55:00 | 000,072,224 | ---- | M] (O2Micro International) -- C:\Windows\System32\drivers\o2flash.exe
PRC - [2008/01/20 22:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/07/27 17:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe

========== Modules (No Company Name) ==========

MOD - [2013/05/21 14:58:25 | 003,888,640 | ---- | M] () -- C:\Program Files\MyPC Backup\MPCBIconOverlays.dll
MOD - [2013/05/21 14:58:07 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll
MOD - [2013/05/15 12:20:56 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll
MOD - [2013/05/15 12:17:19 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
MOD - [2013/02/14 04:33:57 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll
MOD - [2013/01/18 21:29:28 | 001,209,392 | ---- | M] () -- C:\Users\NATE\AppData\Roaming\HoolappForAndroid\Hoolapp.exe
MOD - [2013/01/10 04:30:33 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 04:30:32 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\36dc923935a96557c81daa014e7e2ba8\System.EnterpriseServices.ni.dll
MOD - [2013/01/10 04:30:31 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\d995a0e7d64a874cddea6294caaa2539\System.Transactions.ni.dll
MOD - [2013/01/10 04:30:13 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4324113139782a29f66e449cf2f8ac14\System.Xml.ni.dll
MOD - [2013/01/10 04:29:51 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/10 04:29:38 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll
MOD - [2013/01/10 04:28:43 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/10 04:28:33 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/04/18 09:58:58 | 000,904,704 | ---- | M] () -- C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
MOD - [2009/03/30 00:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/12/11 13:47:34 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll

========== Services (SafeList) ==========

SRV - [2013/06/21 20:46:38 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/21 14:58:05 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/09/21 20:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/03/31 10:28:00 | 000,249,938 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe -- (STacSV)
SRV - [2009/03/31 10:27:48 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe -- (AESTFilters)
SRV - [2009/01/07 23:55:00 | 000,072,224 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\drivers\o2flash.exe -- (O2FLASH)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS -- (SYMREDRV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS -- (SYMDNS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/12/28 04:29:14 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130112.007\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/12/28 04:29:14 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130112.007\NAVENG.SYS -- (NAVENG)
DRV - [2012/09/06 04:54:30 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130111.002\IDSvix86.sys -- (IDSVix86)
DRV - [2012/07/31 20:34:45 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/10/20 21:53:24 | 000,467,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\cchpx86.sys -- (ccHP)
DRV - [2011/10/15 12:37:55 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/09/21 20:35:58 | 000,217,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\symtdi.sys -- (SYMTDI)
DRV - [2011/09/21 20:35:58 | 000,089,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1008030.006\symfw.sys -- (SYMFW)
DRV - [2011/09/21 20:35:58 | 000,048,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1008030.006\symndisv.sys -- (SYMNDISV)
DRV - [2010/01/20 17:03:39 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\SymEFA.sys -- (SymEFA)
DRV - [2010/01/20 17:03:39 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1008030.006\srtsp.sys -- (SRTSP)
DRV - [2010/01/20 17:03:39 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/20 17:03:39 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\srtspx.sys -- (SRTSPX)
DRV - [2010/01/20 17:03:28 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/03/31 10:28:14 | 000,394,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/31 10:25:48 | 000,196,144 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/02/02 11:21:30 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/01/18 13:27:28 | 000,235,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM13Vid.sys -- (OEM13Vid)
DRV - [2009/01/18 13:27:24 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM13Vfx.sys -- (OEM13Vfx)
DRV - [2009/01/07 23:55:00 | 000,051,616 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2mdg.sys -- (O2MDGRDR)
DRV - [2009/01/07 23:55:00 | 000,041,760 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sdg.sys -- (O2SDGRDR)
DRV - [2008/12/11 13:47:16 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/01/20 22:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/06/18 21:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{5BDD21B5-F8DA-42C4-9597-BD877F3B367E}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\NATE\Documents
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USSMB/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{5BDD21B5-F8DA-42C4-9597-BD877F3B367E}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{D7033E09-5F78-4739-95B3-097F9C7949DB}: "URL" = https://dhpdse.googl...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.DictionaryBoss.com/Plugin: C:\Program Files\DictionaryBossEI\Installr\1.bin\NPv4EISB.dll (DictionaryBoss)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\NATE\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\NATE\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\NATE\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\NATE\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\NATE\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\NATE\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/10/20 22:53:08 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\NATE\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\NATE\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\NATE\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\NATE\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\NATE\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\NATE\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL
CHR - plugin: DictionaryBoss Installer Plugin Stub (Enabled) = C:\Program Files\DictionaryBossEI\Installr\1.bin\NPv4EISB.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\NATE\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\NATE\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Skype Click to Call = C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Facebook Update] C:\Users\NATE\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - Startup: C:\Users\NATE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B53064A-6B3B-41A0-8F72-5A59580383CB}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\NATE\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\NATE\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0ed612e5-6129-11e2-ad23-0024e89bab5b}\Shell - "" = AutoRun
O33 - MountPoints2\{0ed612e5-6129-11e2-ad23-0024e89bab5b}\Shell\AutoRun\command - "" = F:\TL_Bootstrap.exe
O33 - MountPoints2\{71175b82-51d7-11e1-a5eb-0024e89bab5b}\Shell - "" = AutoRun
O33 - MountPoints2\{71175b82-51d7-11e1-a5eb-0024e89bab5b}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{83e0ee2b-695c-11e2-8e8a-0024e89bab5b}\Shell - "" = AutoRun
O33 - MountPoints2\{83e0ee2b-695c-11e2-8e8a-0024e89bab5b}\Shell\AutoRun\command - "" = F:\TL_Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/30 23:03:31 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/30 22:41:15 | 000,000,000 | ---D | C] -- C:\components
[2013/06/27 14:53:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\NATE\Desktop\OTL.exe
[2013/06/22 03:04:47 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/06/22 03:04:46 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/06/22 03:04:45 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/06/22 03:04:45 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/06/22 03:04:45 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/06/22 03:04:44 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/06/22 03:04:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/06/22 03:04:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/06/22 03:03:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2013/06/21 21:04:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013/06/21 21:03:52 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2013/06/21 21:03:03 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013/06/21 21:03:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013/06/21 21:02:41 | 003,603,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/06/21 21:02:41 | 003,551,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/06/21 20:47:20 | 000,000,000 | ---D | C] -- C:\Users\NATE\AppData\Roaming\Mozilla
[2013/06/10 08:09:50 | 000,000,000 | ---D | C] -- C:\Users\NATE\Documents\134CANON
[2013/06/10 08:08:55 | 000,000,000 | ---D | C] -- C:\Users\NATE\Documents\135CANON
[2013/06/10 08:07:45 | 000,000,000 | ---D | C] -- C:\Users\NATE\Documents\136CANON
[2013/06/10 08:07:00 | 000,000,000 | ---D | C] -- C:\Users\NATE\Documents\137CANON
[2013/06/10 08:05:43 | 000,000,000 | ---D | C] -- C:\Users\NATE\Documents\139CANON
[2011/10/21 23:28:44 | 001,062,984 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\NATE\gotomypc_540.exe
[2 C:\Users\NATE\Documents\*.tmp files -> C:\Users\NATE\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/01 09:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/01 09:20:06 | 000,000,680 | ---- | M] () -- C:\Users\NATE\AppData\Local\d3d9caps.dat
[2013/07/01 09:19:52 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/01 09:19:52 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/01 09:19:48 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1627533141-4168953869-2929979106-1000Core.job
[2013/07/01 09:19:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/01 09:19:43 | 3178,131,456 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/01 09:18:46 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1627533141-4168953869-2929979106-1000UA.job
[2013/07/01 09:18:41 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1627533141-4168953869-2929979106-1000UA.job
[2013/06/30 23:44:31 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/06/30 23:44:31 | 000,104,420 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/06/30 22:54:31 | 000,002,039 | ---- | M] () -- C:\Users\NATE\Desktop\Google Chrome.lnk
[2013/06/30 22:43:55 | 000,000,098 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/06/30 22:30:18 | 000,648,201 | ---- | M] () -- C:\Users\NATE\Desktop\AdwCleaner.exe
[2013/06/30 22:25:23 | 000,002,613 | ---- | M] () -- C:\Users\NATE\Desktop\htoijhgbbtgu.lnk
[2013/06/27 14:53:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NATE\Desktop\OTL.exe
[2013/06/27 14:12:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1627533141-4168953869-2929979106-1000Core.job
[2013/06/22 09:26:09 | 320,859,261 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/06/22 03:04:31 | 000,000,215 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2013/06/21 20:46:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/06/21 20:46:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2 C:\Users\NATE\Documents\*.tmp files -> C:\Users\NATE\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/30 22:43:46 | 000,000,098 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/06/30 22:43:08 | 000,648,201 | ---- | C] () -- C:\Users\NATE\Desktop\AdwCleaner.exe
[2013/06/22 03:04:31 | 000,000,215 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/12/03 01:24:28 | 000,000,680 | ---- | C] () -- C:\Users\NATE\AppData\Local\d3d9caps.dat
[2011/10/17 22:43:04 | 000,008,704 | ---- | C] () -- C:\Users\NATE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/15 09:50:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/10/15 09:50:32 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

========== ZeroAccess Check ==========

[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is FCDF-3092
Directory of C:\ProgramData
10/14/2011 05:51 PM <JUNCTION> Application Data [C:\ProgramData]
10/14/2011 05:51 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/14/2011 05:51 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/14/2011 05:51 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/14/2011 05:51 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/14/2011 05:51 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
10/14/2011 05:51 PM <SYMLINKD> All Users [C:\ProgramData]
10/14/2011 05:51 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
10/14/2011 05:51 PM <JUNCTION> Application Data [C:\ProgramData]
10/14/2011 05:51 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/14/2011 05:51 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/14/2011 05:51 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/14/2011 05:51 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/14/2011 05:51 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
10/14/2011 05:51 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
10/14/2011 05:51 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
10/14/2011 05:51 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
10/14/2011 05:51 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
10/14/2011 05:51 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/14/2011 05:51 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/14/2011 05:51 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
10/14/2011 05:51 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
10/14/2011 05:51 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
10/14/2011 05:51 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
10/14/2011 05:51 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
10/14/2011 05:51 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
10/14/2011 05:51 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
10/14/2011 05:51 PM <JUNCTION> My Music [C:\Users\Default\Music]
10/14/2011 05:51 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
10/14/2011 05:51 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\NATE
10/14/2011 05:56 PM <JUNCTION> Application Data [C:\Users\NATE\AppData\Roaming]
10/14/2011 05:56 PM <JUNCTION> Cookies [C:\Users\NATE\AppData\Roaming\Microsoft\Windows\Cookies]
10/14/2011 05:56 PM <JUNCTION> Local Settings [C:\Users\NATE\AppData\Local]
10/14/2011 05:56 PM <JUNCTION> My Documents [C:\Users\NATE\Documents]
10/14/2011 05:56 PM <JUNCTION> NetHood [C:\Users\NATE\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/14/2011 05:56 PM <JUNCTION> PrintHood [C:\Users\NATE\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/14/2011 05:56 PM <JUNCTION> Recent [C:\Users\NATE\AppData\Roaming\Microsoft\Windows\Recent]
10/14/2011 05:56 PM <JUNCTION> SendTo [C:\Users\NATE\AppData\Roaming\Microsoft\Windows\SendTo]
10/14/2011 05:56 PM <JUNCTION> Start Menu [C:\Users\NATE\AppData\Roaming\Microsoft\Windows\Start Menu]
10/14/2011 05:56 PM <JUNCTION> Templates [C:\Users\NATE\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\NATE\AppData\Local
10/14/2011 05:56 PM <JUNCTION> Application Data [C:\Users\NATE\AppData\Local]
10/14/2011 05:56 PM <JUNCTION> History [C:\Users\NATE\AppData\Local\Microsoft\Windows\History]
10/14/2011 05:56 PM <JUNCTION> Temporary Internet Files [C:\Users\NATE\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\NATE\AppData\LocalLow
02/24/2013 01:59 PM <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\NATE\Documents
10/14/2011 05:56 PM <JUNCTION> My Music [C:\Users\NATE\Music]
10/14/2011 05:56 PM <JUNCTION> My Pictures [C:\Users\NATE\Pictures]
10/14/2011 05:56 PM <JUNCTION> My Videos [C:\Users\NATE\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
10/14/2011 05:51 PM <JUNCTION> My Music [C:\Users\Public\Music]
10/14/2011 05:51 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
10/14/2011 05:51 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
07/23/2009 08:07 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
07/23/2009 08:07 PM <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
07/23/2009 08:07 PM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
07/23/2009 08:07 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
07/23/2009 08:07 PM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
07/23/2009 08:07 PM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
56 Dir(s) 71,430,746,112 bytes free

< End of report >

Thanks so much for all your help! (And sorry my post took so long)

-Pepper1

#5
Phel

Posted 01 July 2013 - 03:18 PM

Trusted Helper

Malware Removal
1,386 posts

How your computer is running now?

Have you installed MyPC Backup by yourself?

Maybe this error message could be related to the search provider problem?

I think that your current Chrome profile is corrupted. Please, follow steps here to fix this problem.

Please, follow these steps:

Step 1. AdwCleaner scan.

Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
AdwCleaner window should appear.
Click on the Search button.
After scan Notepad window with report should appear. Post the contents of the report in your next message.

Step 2. MBAM scan.

Run Malwarebytes Anti-Malware.

Go to the Update tab.
Click on the Check for updates button. New small window should appear.
If an update is found, it will download and install the latest definitions.
Go back to the Scanner tab.
Select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 3. ESET Online Scanner scan.

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Click the green ESET Online Scanner box
Tick the box next to YES, I accept the Terms of Use
then click on: Start
You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
Make sure that the option Scan archives is checked.
Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Click on Start
The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically. The scan may take several hours.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed select Uninstall application on close, make sure you copy the logfile first!
Then click on: Finish
Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
Copy and paste that log as a reply to this topic.

So, please, don't forget to post in your next message:

AdwCleaner log
ESET Online Scanner's log
MBAM log

#6
pepper1

Posted 01 July 2013 - 05:10 PM

New Member

Topic Starter
Member
6 posts

Hi Phel!

The computer is running really well and all my issues with Chrome are fixed with the new, non-corrupt profile. Thanks! I think My PC Backup came with the computer - I don't remember installing it and has not been used at all. Here are the logs:

AdwCleaner

# AdwCleaner v2.303 - Logfile created 07/01/2013 at 17:47:26
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : NATE - NATE-PC
# Boot Mode : Normal
# Running from : C:\Users\NATE\Desktop\AdwCleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\Browser Manager

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [706 octets] - [01/07/2013 17:47:26]
AdwCleaner[S1].txt - [4740 octets] - [30/06/2013 22:43:41]

########## EOF - C:\AdwCleaner[R1].txt - [825 octets] ##########

MBAM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.01.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
NATE :: NATE-PC [administrator]

7/1/2013 5:50:54 PM
mbam-log-2013-07-01 (17-50-54).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 196137
Time elapsed: 4 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\NATE\Downloads\Setup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.

(end)

ESET

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=8
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=1d9637ae5138744aaf172388520d803a
# engine=14228
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-07-01 11:04:45
# local_time=2013-07-01 07:04:45 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=3588 16777213 100 96 52636270 108615679 0 0
# compatibility_mode=5892 16776573 100 100 0 209327457 0 0
# scanned=158638
# found=16
# cleaned=15
# scan_time=3315
sh=7CF12F4D4894719998011681AE7AFEBCB72EC337 ft=1 fh=265bf4a46e32784c vn="a variant of Win32/Kryptik.AIXN trojan" ac=I fn="C:\Users\All Users\Microsoft\Windows\DRM\19A5.tmp"
sh=15E47F711A09D9AC2CBE6E3AA6F5121FD026FE99 ft=1 fh=86bca38206708d48 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\DictionaryBossEI\Installr\1.bin\NPv4EISb.dll"
sh=C2F9200E0D4DF8104B7B8DBFF2C732D5AAA150F0 ft=1 fh=78cc9baef15ca0c0 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\DictionaryBossEI\Installr\1.bin\v4EIPlug.dll"
sh=A4D580AF471B8499AEF29AA73335B73A97E37F74 ft=1 fh=757f5bb0cd0803c2 vn="Win32/Toolbar.MyWebSearch.Q application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\DictionaryBossEI\Installr\1.bin\v4EZSETP.dll"
sh=7CF12F4D4894719998011681AE7AFEBCB72EC337 ft=1 fh=265bf4a46e32784c vn="a variant of Win32/Kryptik.AIXN trojan (cleaned by deleting - quarantined)" ac=C fn="C:\ProgramData\Microsoft\Windows\DRM\19A5.tmp"
sh=79C0E6B5F31110F718667550053143EF19B1E856 ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Tracur.V trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Backup Default\Default\aadidcggddgegegddagfgddedgdjgddg\background.js"
sh=7FD11CC292BA6230A9A2708BDA2A2226A88DA2C6 ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Tracur.AD trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Backup Default\Default\aadidcggddgegegddagfgddedgdjgddg\ContentScript.js"
sh=25D460B079E00118B5EE513AD66A31CE03A06DA0 ft=1 fh=40c2df4d2cb938df vn="a variant of Win32/InstallCore.BI application (cleaned by deleting (after the next restart) - quarantined)" ac=C fn="C:\Users\NATE\AppData\Roaming\HoolappForAndroid\Hoolapp.exe"
sh=1B0CF1B2C68343D94AB4AC167E51E03712A11ACA ft=1 fh=66ab0fc4ae2d1198 vn="a variant of Win32/InstallCore.BD application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\NATE\AppData\Roaming\HoolappForAndroid\UpdateProc\UpdateTask.exe"
sh=02A953E8CDE0E4F1985FF604887E73243F6E8EF9 ft=1 fh=aa8e877a609539f6 vn="Win32/InstallCore.BN.Gen application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\NATE\Downloads\ZipOpenerSetup (1).exe"
sh=02A953E8CDE0E4F1985FF604887E73243F6E8EF9 ft=1 fh=aa8e877a609539f6 vn="Win32/InstallCore.BN.Gen application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\NATE\Downloads\ZipOpenerSetup.exe"
sh=C4A572B051681A51D6685F3ED5908D0931B9D551 ft=1 fh=b68cd570cb76e34f vn="Win32/Agent.PQF trojan (cleaned by deleting - quarantined)" ac=C fn="C:\_OTL\MovedFiles\06302013_230331\C_Users\NATE\AppData\Roaming\Adobe\WINF9E8.exe"
sh=35F55C48CE7B8A54296959C817B46919F8A0FA11 ft=1 fh=7faf5ecdb3c81953 vn="Win32/Spy.Zbot.ABA trojan (cleaned by deleting - quarantined)" ac=C fn="C:\_OTL\MovedFiles\06302013_230331\C_Users\NATE\AppData\Roaming\Askaga\qouqfye.exe"
sh=3D4E197AE8880A588B02CE3E6DAB80BDAAF209C0 ft=1 fh=49057d02d6710b78 vn="Win32/Agent.UVU trojan (cleaned by deleting - quarantined)" ac=C fn="C:\_OTL\MovedFiles\06302013_230331\C_Users\NATE\AppData\Roaming\wabEventSupport16\wabEventSupport16.dll"
sh=C9758D1B62FA2646E66507A5DBF59CAF78855043 ft=1 fh=b6a51c7f8e71ee7c vn="a variant of Win32/Kryptik.BCOR trojan (cleaned by deleting - quarantined)" ac=C fn="C:\_OTL\MovedFiles\06302013_233949\C_Users\NATE\AppData\Roaming\wabEventSupport16\{5aefcf4f-68ee-6d31-3201-a27ec3de3c80}.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/InstallCore.BG application" ac=C fn="${Memory}"

#7
Phel

Posted 02 July 2013 - 03:18 PM

Trusted Helper

Malware Removal
1,386 posts

I don't remember installing it and has not been used at all.

Do you wish to uninstall it?

Please, follow these steps:

Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
Adwcleaner window should appear.
Click on the Delete button.
Click on OK.
Computer will be rebooted automatically, when program will finish it's job.

After reboot:

Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
AdwCleaner window should appear.
Click on the Search button.
After scan Notepad window with report should appear. Post the contents of the report in your next message.

#8
pepper1

Posted 02 July 2013 - 04:41 PM

New Member

Topic Starter
Member
6 posts

Hi Phel!

It would be great if you could help me uninstall My PC Backup - should I just remove it through Add/Remove Programs?
Also, here's the logs from both runs of AdwCleaner.

# AdwCleaner v2.303 - Logfile created 07/02/2013 at 18:09:26
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : NATE - NATE-PC
# Boot Mode : Normal
# Running from : C:\Users\NATE\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [893 octets] - [01/07/2013 17:47:26]
AdwCleaner[S1].txt - [4740 octets] - [30/06/2013 22:43:41]
AdwCleaner[S2].txt - [830 octets] - [02/07/2013 18:09:26]

########## EOF - C:\AdwCleaner[S2].txt - [889 octets] ##########

# AdwCleaner v2.303 - Logfile created 07/02/2013 at 18:13:40
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : NATE - NATE-PC
# Boot Mode : Normal
# Running from : C:\Users\NATE\Desktop\AdwCleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\Browser Manager

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [893 octets] - [01/07/2013 17:47:26]
AdwCleaner[R2].txt - [765 octets] - [02/07/2013 18:13:40]
AdwCleaner[S1].txt - [4740 octets] - [30/06/2013 22:43:41]
AdwCleaner[S2].txt - [957 octets] - [02/07/2013 18:09:26]

########## EOF - C:\AdwCleaner[R2].txt - [943 octets] ##########

#9
Phel

Posted 03 July 2013 - 03:41 PM

Trusted Helper

Malware Removal
1,386 posts

should I just remove it through Add/Remove Programs?

Yup, that's the right way to do it.

Please, follow these steps:

Step 1. OTL fix.

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following
```
:Files
C:\ProgramData\Browser Manager

:Commands
[REBOOT]
```
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done

Step 2. AdwCleaner scan.

Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
AdwCleaner window should appear.
Click on the Search button.
After scan Notepad window with report should appear. Post the contents of the report in your next message.

#10
pepper1

Posted 03 July 2013 - 04:59 PM

New Member

Topic Starter
Member
6 posts

Hi Phel,

My PC Backup uninstalled really easily. Thanks!

Here's the OTL log from the fix:

========== FILES ==========
Folder move failed. C:\ProgramData\Browser Manager scheduled to be moved on reboot.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 07032013_185500

Files\Folders moved on Reboot...
C:\ProgramData\Browser Manager folder moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Here's the AdwCleaner log:

# AdwCleaner v2.303 - Logfile created 07/03/2013 at 18:57:03
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : NATE - NATE-PC
# Boot Mode : Normal
# Running from : C:\Users\NATE\Desktop\AdwCleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\NATE\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [893 octets] - [01/07/2013 17:47:26]
AdwCleaner[R2].txt - [1011 octets] - [02/07/2013 18:13:40]
AdwCleaner[R3].txt - [778 octets] - [03/07/2013 18:57:03]
AdwCleaner[S1].txt - [4740 octets] - [30/06/2013 22:43:41]
AdwCleaner[S2].txt - [957 octets] - [02/07/2013 18:09:26]

########## EOF - C:\AdwCleaner[R3].txt - [956 octets] ##########

#11
Phel

Posted 04 July 2013 - 03:40 AM

Trusted Helper

Malware Removal
1,386 posts

So, are you still experiencing any problems?

#12
pepper1

Posted 04 July 2013 - 06:51 AM

New Member

Topic Starter
Member
6 posts

Nope, everything seems to be resolved. Thanks so much for all your help!

-pepper1

#13
Phel

Posted 05 July 2013 - 04:49 AM

Trusted Helper

Malware Removal
1,386 posts

Congratulations, your PC is clean now.

However, you need to follow some important steps to remove tools and prevent infection again.

Step 1. Uninstalling Programs.

Open Start menu.
Click on Control Panel.
Click on Programs and Features. New window should appear.
Uninstall these programs one by one, selecting each program and clicking Uninstall button.

Programs to uninstall:

ESET Online Scanner

Step 2. Uninstall AdwCleaner.

Run AdwCleaner on your Desktop.
Click Uninstall button.
AdwCleaner will be removed from your computer.

Step 3. CleanUp.

Run OTL.

Under the Custom Scans/Fixes box at the bottom, paste in the following:
```
:Commands
[EMPTYTEMP]
```
Then click the Run Fix button at the top.
Let the program run unhindered, reboot the PC when it is done.
After reboot run OTL again.
Click on CleanUp button.
OTL will be removed from your computer.

Here are some recommendations for you, how to stay safe in the internet.

Keep your system up-to-date. It will increase your protection level, because a lot of malware uses system vulnerabilities.

To learn more, how to turn Automatic Updates on, click here.
Keep another software up-to-date too. Malware often uses third party software vulnerabilities.

You can monitor news about vulnerabilities or simply install software which will scan your computer for outdated and vulnerable software and will notify you about results. Some of these programs are Secunia PSI (Requires installation, you can download it here) and Secunia OSI (java applet, requires Java Runtime Environment, learn more here).
Keep your antivirus software up-to-date.

Turn on automatic updates for your antivirus, it's a basis of protection. Don't forget to keep your antivirus version up-to-date, new versions usually have advanced functionality, clean and prevent infection more effectively, than outdated versions.
Use limited user account. It will considerably increase your level of protection.

90% of Malware won't work under limited user account, because they need administrator priveleges. If you are using Windows XP, then you can use DropMyRights while you are surfing on the internet.
Invent strong and long passwords for your accounts, if you want to keep your personal and confidential data in safety.

Some malware have very dangerous functionality - they can crack your passwords. Please, set very strong password for your administrator account in Windows, then malware won't harm your PC. For each account on the internet invent individual password.

Hope that these recommendations will help you and you will avoid malware infections in the future. Good luck and safe web to you!

#14
Essexboy

Posted 07 July 2013 - 03:16 AM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.