Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How do I remove isearch.fantastigames.com/465 browser redirect virus?


  • Please log in to reply
16 replies to this topic

#1 Confused365

Confused365

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 09 March 2013 - 10:18 PM

I have a Dell Optiplex 755 running Windows Vista Business Service Pack 2.  This is a computer that just came into my possession, and I have noticed that when searching the web my search results seem to be random, and the home page, no matter what I do, reverts to isearch.fantastigames.com/465.  

 

I have just used revo uninstaller to get rid of a lot of junk on the system, plus installed Norton 360 and scanned with that, plus installed Spybot and scanned with that, but this problem keeps popping back up.  What do I need to do in order to rid this system of the virus?  What data do you need from me in order to help?  Thank you in advance for any support!


Edited by Queen-Evie, 09 March 2013 - 10:22 PM.
moved from Vista to the appropriate forum


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:24 PM

Posted 09 March 2013 - 10:19 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results


 



#3 Confused365

Confused365
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 10 March 2013 - 04:30 PM

C:\Users\All Users\Spybot - Search & Destroy\Recovery\Wajam29.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\Wajam30.zip Win32/Bagle.gen.zip worm
C:\Program Files\MapsGalaxy_39\bar\1.bin\39datact.dll a variant of Win32/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\Program Files\MapsGalaxy_39\bar\1.bin\39html.dll probably a variant of Win32/Toolbar.MyWebSearch.F application cleaned by deleting - quarantined
C:\Program Files\MapsGalaxy_39\bar\1.bin\39htmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting - quarantined
C:\Program Files\MapsGalaxy_39\bar\1.bin\39ieovr.dll probably a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\Program Files\MapsGalaxy_39\bar\1.bin\39Plugin.dll probably a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files\MapsGalaxy_39\bar\1.bin\39skin.dll a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam29.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam30.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Main Computer\AppData\Local\Google\Chrome\User Data\Default\Default\aagedegddegfgdgfdjdhgddfdegggddf\background.js Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\Main Computer\AppData\Local\Temp\DM2\FlashPlayer_151\software\OptimizerPro.exe a variant of Win32/SpeedingUpMyPC.B application cleaned by deleting - quarantined
C:\Users\Main Computer\AppData\Local\Temp\DM2\FlashPlayer_151\software\Supreme Savings.exe multiple threats cleaned by deleting - quarantined



#4 Confused365

Confused365
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 10 March 2013 - 04:31 PM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-10 14:43:39
-----------------------------
14:43:39.035    OS Version: Windows 6.0.6002 Service Pack 2
14:43:39.035    Number of processors: 2 586 0xF0B
14:43:39.036    ComputerName: MAINCOMPUTER-PC  UserName: Main Computer
14:43:59.020    Initialize success
14:50:08.775    AVAST engine defs: 13031000
14:50:22.269    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:50:22.271    Disk 0 Vendor: WDC_WD25 02.0 Size: 238418MB BusType: 3
14:50:22.284    Disk 0 MBR read successfully
14:50:22.286    Disk 0 MBR scan
14:50:22.290    Disk 0 Windows VISTA default MBR code
14:50:22.293    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       47 MB offset 63
14:50:22.303    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS         2048 MB offset 98304
14:50:22.320    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS       236321 MB offset 4292608
14:50:22.327    Disk 0 scanning sectors +488278016
14:50:22.412    Disk 0 scanning C:\Windows\system32\drivers
14:50:31.667    Service scanning
14:50:53.387    Modules scanning
14:50:59.281    Disk 0 trace - called modules:
14:50:59.296    ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
14:50:59.300    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8665bac8]
14:50:59.305    3 CLASSPNP.SYS[8b19f8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x854d1028]
14:51:00.472    AVAST engine scan C:\Windows
14:51:02.273    AVAST engine scan C:\Windows\system32
14:53:27.860    AVAST engine scan C:\Windows\system32\drivers
14:53:40.415    AVAST engine scan C:\Users\Main Computer
14:57:48.514    AVAST engine scan C:\ProgramData
14:59:34.471    Scan finished successfully
15:00:30.543    Disk 0 MBR has been saved successfully to "C:\Users\Main Computer\Desktop\MBR.dat"
15:00:30.548    The log file has been saved successfully to "C:\Users\Main Computer\Desktop\aswMBR.txt"

 



#5 Confused365

Confused365
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 10 March 2013 - 04:34 PM

14:36:15.0115 3584  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:36:24.0975 3584  ============================================================
14:36:24.0975 3584  Current date / time: 2013/03/10 14:36:24.0975
14:36:24.0975 3584  SystemInfo:
14:36:24.0975 3584 
14:36:24.0975 3584  OS Version: 6.0.6002 ServicePack: 2.0
14:36:24.0975 3584  Product type: Workstation
14:36:24.0975 3584  ComputerName: MAINCOMPUTER-PC
14:36:24.0975 3584  UserName: Main Computer
14:36:24.0975 3584  Windows directory: C:\Windows
14:36:24.0975 3584  System windows directory: C:\Windows
14:36:24.0975 3584  Processor architecture: Intel x86
14:36:24.0975 3584  Number of processors: 2
14:36:24.0975 3584  Page size: 0x1000
14:36:24.0975 3584  Boot type: Normal boot
14:36:24.0975 3584  ============================================================
14:36:26.0239 3584  BG loaded
14:36:29.0857 3584  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:36:29.0857 3584  ============================================================
14:36:29.0857 3584  \Device\Harddisk0\DR0:
14:36:29.0857 3584  MBR partitions:
14:36:29.0857 3584  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x400000
14:36:29.0857 3584  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x418000, BlocksNum 0x1CD90800
14:36:29.0857 3584  ============================================================
14:36:29.0882 3584  C: <-> \Device\Harddisk0\DR0\Partition2
14:36:29.0902 3584  D: <-> \Device\Harddisk0\DR0\Partition1
14:36:29.0902 3584  ============================================================
14:36:29.0902 3584  Initialize success
14:36:29.0902 3584  ============================================================
14:38:08.0044 5132  ============================================================
14:38:08.0044 5132  Scan started
14:38:08.0045 5132  Mode: Manual;
14:38:08.0045 5132  ============================================================
14:38:08.0294 5132  ================ Scan system memory ========================
14:38:08.0295 5132  System memory - ok
14:38:08.0295 5132  ================ Scan services =============================
14:38:08.0458 5132  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
14:38:08.0462 5132  ACPI - ok
14:38:08.0493 5132  [ 3DB3FB83217627D9A0CB8BAE6CC5B491 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
14:38:08.0495 5132  ADIHdAudAddService - ok
14:38:08.0583 5132  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:38:08.0587 5132  AdobeFlashPlayerUpdateSvc - ok
14:38:08.0620 5132  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:38:08.0645 5132  adp94xx - ok
14:38:08.0670 5132  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:38:08.0675 5132  adpahci - ok
14:38:08.0689 5132  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
14:38:08.0692 5132  adpu160m - ok
14:38:08.0709 5132  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:38:08.0734 5132  adpu320 - ok
14:38:08.0770 5132  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:38:08.0771 5132  AeLookupSvc - ok
14:38:08.0829 5132  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
14:38:08.0831 5132  AFD - ok
14:38:08.0858 5132  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:38:08.0860 5132  agp440 - ok
14:38:08.0877 5132  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
14:38:08.0890 5132  aic78xx - ok
14:38:08.0907 5132  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
14:38:08.0907 5132  ALG - ok
14:38:08.0923 5132  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:38:08.0925 5132  aliide - ok
14:38:08.0936 5132  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
14:38:08.0938 5132  amdagp - ok
14:38:08.0950 5132  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:38:08.0965 5132  amdide - ok
14:38:08.0989 5132  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
14:38:09.0000 5132  AmdK7 - ok
14:38:09.0012 5132  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:38:09.0014 5132  AmdK8 - ok
14:38:09.0044 5132  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
14:38:09.0045 5132  Appinfo - ok
14:38:09.0083 5132  [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:38:09.0084 5132  AppMgmt - ok
14:38:09.0098 5132  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
14:38:09.0108 5132  arc - ok
14:38:09.0141 5132  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:38:09.0144 5132  arcsas - ok
14:38:09.0232 5132  [ A60BDB22CDCEA7818465D58BE76640FA ] ASFAgent        C:\Program Files\Intel\ASF Agent\ASFAgent.exe
14:38:09.0233 5132  ASFAgent - ok
14:38:09.0253 5132  [ C139FA963DBB9BD6560F404F509D1196 ] AsfAlrt         C:\Windows\system32\Drivers\AsfAlrt.sys
14:38:09.0254 5132  AsfAlrt - ok
14:38:09.0338 5132  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:38:09.0370 5132  aspnet_state - ok
14:38:09.0399 5132  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:38:09.0400 5132  AsyncMac - ok
14:38:09.0444 5132  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:38:09.0445 5132  atapi - ok
14:38:09.0509 5132  [ EECC1D40AA10F85126708796ABA1E7D5 ] atchksrv        C:\Program Files\Intel\AMT\atchksrv.exe
14:38:09.0510 5132  atchksrv - ok
14:38:09.0585 5132  [ F1FC2FD87FF77F63CD7F8BF95940B40C ] athur           C:\Windows\system32\DRIVERS\athur.sys
14:38:09.0595 5132  athur - ok
14:38:09.0646 5132  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:38:09.0649 5132  AudioEndpointBuilder - ok
14:38:09.0703 5132  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:38:09.0705 5132  Audiosrv - ok
14:38:09.0742 5132  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:38:09.0743 5132  Beep - ok
14:38:09.0785 5132  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
14:38:09.0787 5132  BFE - ok
14:38:10.0041 5132  [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130301.001\BHDrvx86.sys
14:38:10.0047 5132  BHDrvx86 - ok
14:38:10.0145 5132  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
14:38:10.0152 5132  BITS - ok
14:38:10.0181 5132  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:38:10.0182 5132  blbdrive - ok
14:38:10.0342 5132  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:38:10.0342 5132  bowser - ok
14:38:10.0376 5132  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
14:38:10.0377 5132  BrFiltLo - ok
14:38:10.0422 5132  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
14:38:10.0423 5132  BrFiltUp - ok
14:38:10.0495 5132  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
14:38:10.0496 5132  Browser - ok
14:38:10.0614 5132  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
14:38:10.0655 5132  Brserid - ok
14:38:10.0699 5132  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
14:38:10.0700 5132  BrSerWdm - ok
14:38:10.0721 5132  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
14:38:10.0722 5132  BrUsbMdm - ok
14:38:10.0739 5132  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
14:38:10.0740 5132  BrUsbSer - ok
14:38:10.0764 5132  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:38:10.0765 5132  BTHMODEM - ok
14:38:10.0894 5132  [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360      C:\Windows\system32\drivers\N360\1403000.024\ccSetx86.sys
14:38:10.0895 5132  ccSet_N360 - ok
14:38:10.0936 5132  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:38:10.0937 5132  cdfs - ok
14:38:11.0029 5132  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:38:11.0030 5132  cdrom - ok
14:38:11.0112 5132  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:38:11.0113 5132  CertPropSvc - ok
14:38:11.0243 5132  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
14:38:11.0244 5132  circlass - ok
14:38:11.0906 5132  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
14:38:11.0945 5132  CLFS - ok
14:38:13.0155 5132  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:13.0830 5132  clr_optimization_v2.0.50727_32 - ok
14:38:14.0367 5132  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:38:14.0642 5132  clr_optimization_v4.0.30319_32 - ok
14:38:14.0674 5132  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:38:14.0676 5132  cmdide - ok
14:38:14.0687 5132  [ 4FC0A44DA7603229E1A9454126A59EFD ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:38:14.0689 5132  Compbatt - ok
14:38:14.0693 5132  COMSysApp - ok
14:38:14.0716 5132  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:38:14.0717 5132  crcdisk - ok
14:38:14.0772 5132  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
14:38:14.0774 5132  Crusoe - ok
14:38:14.0859 5132  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:38:14.0860 5132  CryptSvc - ok
14:38:14.0912 5132  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC             C:\Windows\system32\drivers\csc.sys
14:38:14.0914 5132  CSC - ok
14:38:14.0969 5132  [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService      C:\Windows\System32\cscsvc.dll
14:38:14.0972 5132  CscService - ok
14:38:15.0048 5132  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:38:15.0054 5132  DcomLaunch - ok
14:38:15.0110 5132  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:38:15.0111 5132  DfsC - ok
14:38:15.0234 5132  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
14:38:15.0301 5132  DFSR - ok
14:38:15.0378 5132  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
14:38:15.0380 5132  Dhcp - ok
14:38:15.0463 5132  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
14:38:15.0464 5132  disk - ok
14:38:15.0554 5132  [ DF1C4D56BFA7D5231069A8D4FF818362 ] DLPWD           C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
14:38:15.0555 5132  DLPWD - ok
14:38:15.0574 5132  [ 4771300058D6E04F274A4B9D1817E442 ] DLSDB           C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
14:38:15.0575 5132  DLSDB - ok
14:38:15.0655 5132  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:38:15.0656 5132  Dnscache - ok
14:38:15.0706 5132  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:38:15.0707 5132  dot3svc - ok
14:38:15.0734 5132  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
14:38:15.0736 5132  DPS - ok
14:38:15.0811 5132  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:38:15.0812 5132  drmkaud - ok
14:38:15.0872 5132  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:38:15.0876 5132  DXGKrnl - ok
14:38:15.0912 5132  [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
14:38:15.0914 5132  e1express - ok
14:38:15.0940 5132  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
14:38:15.0942 5132  E1G60 - ok
14:38:15.0991 5132  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
14:38:15.0992 5132  EapHost - ok
14:38:16.0074 5132  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
14:38:16.0077 5132  Ecache - ok
14:38:16.0166 5132  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
14:38:16.0169 5132  eeCtrl - ok
14:38:16.0204 5132  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:38:16.0209 5132  elxstor - ok
14:38:16.0258 5132  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
14:38:16.0263 5132  EMDMgmt - ok
14:38:16.0286 5132  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:38:16.0287 5132  EraserUtilRebootDrv - ok
14:38:16.0312 5132  [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:38:16.0313 5132  ErrDev - ok
14:38:16.0370 5132  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
14:38:16.0372 5132  EventSystem - ok
14:38:16.0453 5132  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
14:38:16.0456 5132  exfat - ok
14:38:16.0506 5132  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:38:16.0507 5132  fastfat - ok
14:38:16.0557 5132  [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax             C:\Windows\system32\fxssvc.exe
14:38:16.0561 5132  Fax - ok
14:38:16.0629 5132  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:38:16.0629 5132  fdc - ok
14:38:16.0647 5132  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:38:16.0648 5132  fdPHost - ok
14:38:16.0661 5132  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:38:16.0662 5132  FDResPub - ok
14:38:16.0683 5132  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:38:16.0684 5132  FileInfo - ok
14:38:16.0700 5132  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:38:16.0701 5132  Filetrace - ok
14:38:16.0869 5132  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:38:16.0869 5132  flpydisk - ok
14:38:16.0932 5132  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:38:16.0933 5132  FltMgr - ok
14:38:17.0012 5132  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
14:38:17.0017 5132  FontCache - ok
14:38:17.0364 5132  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:38:17.0365 5132  FontCache3.0.0.0 - ok
14:38:17.0966 5132  [ B0082808A6856A252F7CDD939892CE50 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
14:38:17.0967 5132  fssfltr - ok
14:38:19.0609 5132  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
14:38:19.0776 5132  fsssvc - ok
14:38:19.0885 5132  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:38:19.0885 5132  Fs_Rec - ok
14:38:19.0902 5132  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:38:19.0904 5132  gagp30kx - ok
14:38:20.0008 5132  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:38:20.0013 5132  gpsvc - ok
14:38:20.0410 5132  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
14:38:20.0411 5132  gupdate - ok
14:38:20.0420 5132  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
14:38:20.0421 5132  gupdatem - ok
14:38:20.0482 5132  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:38:20.0486 5132  HDAudBus - ok
14:38:20.0524 5132  [ C865D1F6D03595DF213DC3C67E4E4C58 ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
14:38:20.0525 5132  HECI - ok
14:38:20.0585 5132  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:38:20.0597 5132  HidBth - ok
14:38:20.0646 5132  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:38:20.0697 5132  HidIr - ok
14:38:20.0812 5132  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
14:38:20.0813 5132  hidserv - ok
14:38:20.0917 5132  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:38:20.0987 5132  HidUsb - ok
14:38:21.0137 5132  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:38:21.0139 5132  hkmsvc - ok
14:38:21.0212 5132  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
14:38:21.0228 5132  HpCISSs - ok
14:38:21.0370 5132  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:38:21.0373 5132  HTTP - ok
14:38:21.0460 5132  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
14:38:21.0461 5132  i2omp - ok
14:38:21.0537 5132  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:38:21.0539 5132  i8042prt - ok
14:38:21.0750 5132  [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
14:38:21.0753 5132  IAANTMON - ok
14:38:22.0001 5132  [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor          C:\Windows\system32\drivers\iastor.sys
14:38:22.0003 5132  iaStor - ok
14:38:22.0039 5132  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
14:38:22.0042 5132  iaStorV - ok
14:38:22.0211 5132  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:38:22.0328 5132  idsvc - ok
14:38:23.0239 5132  [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130308.001\IDSvix86.sys
14:38:23.0241 5132  IDSVix86 - ok
14:38:23.0299 5132  [ A03B37DBC601C35DE9591B6AA1A20C22 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
14:38:23.0310 5132  igfx - ok
14:38:23.0328 5132  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:38:23.0329 5132  iirsp - ok
14:38:24.0054 5132  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:38:24.0058 5132  IKEEXT - ok
14:38:24.0146 5132  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:38:24.0147 5132  intelide - ok
14:38:24.0172 5132  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:38:24.0173 5132  intelppm - ok
14:38:24.0200 5132  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:38:24.0202 5132  IPBusEnum - ok
14:38:24.0427 5132  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:38:24.0447 5132  IpFilterDriver - ok
14:38:24.0677 5132  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:38:24.0679 5132  iphlpsvc - ok
14:38:24.0685 5132  IpInIp - ok
14:38:24.0890 5132  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
14:38:24.0892 5132  IPMIDRV - ok
14:38:25.0466 5132  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
14:38:25.0468 5132  IPNAT - ok
14:38:25.0541 5132  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:38:25.0543 5132  IRENUM - ok
14:38:25.0631 5132  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:38:25.0680 5132  isapnp - ok
14:38:26.0453 5132  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
14:38:26.0455 5132  iScsiPrt - ok
14:38:26.0470 5132  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
14:38:26.0471 5132  iteatapi - ok
14:38:26.0918 5132  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
14:38:26.0921 5132  iteraid - ok
14:38:27.0602 5132  [ CF9BA304B8047B9582D72D9BFEF42EAE ] jswpsapi        C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe
14:38:27.0627 5132  jswpsapi - ok
14:38:28.0256 5132  [ 55C9B4252B751226B838EED2BC50BB64 ] jswpslwf        C:\Windows\system32\DRIVERS\jswpslwf.sys
14:38:28.0257 5132  jswpslwf - ok
14:38:28.0543 5132  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:38:28.0544 5132  kbdclass - ok
14:38:29.0118 5132  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:38:29.0118 5132  kbdhid - ok
14:38:29.0463 5132  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
14:38:29.0466 5132  KeyIso - ok
14:38:29.0967 5132  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:38:30.0105 5132  KSecDD - ok
14:38:30.0286 5132  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:38:30.0289 5132  KtmRm - ok
14:38:30.0349 5132  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:38:30.0352 5132  LanmanServer - ok
14:38:30.0463 5132  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:38:30.0467 5132  LanmanWorkstation - ok
14:38:30.0787 5132  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:38:30.0787 5132  lltdio - ok
14:38:31.0037 5132  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:38:31.0045 5132  lltdsvc - ok
14:38:31.0097 5132  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:38:31.0099 5132  lmhosts - ok
14:38:31.0249 5132  [ C518D248041C259FCFA7175C866915C3 ] LMS             C:\Program Files\Intel\AMT\LMS.exe
14:38:31.0250 5132  LMS - ok
14:38:31.0349 5132  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:38:31.0352 5132  LSI_FC - ok
14:38:31.0457 5132  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:38:31.0460 5132  LSI_SAS - ok
14:38:31.0592 5132  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:38:31.0595 5132  LSI_SCSI - ok
14:38:31.0612 5132  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
14:38:31.0613 5132  luafv - ok
14:38:33.0297 5132  [ 622FCF264119F7DF127BE353F796B319 ] MapsGalaxy_39Service C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe
14:38:33.0297 5132  MapsGalaxy_39Service - ok
14:38:33.0320 5132  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:38:33.0322 5132  megasas - ok
14:38:34.0021 5132  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
14:38:34.0046 5132  MegaSR - ok
14:38:34.0087 5132  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
14:38:34.0089 5132  MMCSS - ok
14:38:34.0101 5132  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
14:38:34.0102 5132  Modem - ok
14:38:34.0229 5132  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:38:34.0230 5132  monitor - ok
14:38:34.0257 5132  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:38:34.0257 5132  mouclass - ok
14:38:34.0303 5132  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:38:34.0305 5132  mouhid - ok
14:38:34.0310 5132  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
14:38:34.0311 5132  MountMgr - ok
14:38:34.0388 5132  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:38:34.0391 5132  mpio - ok
14:38:34.0420 5132  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:38:34.0421 5132  mpsdrv - ok
14:38:34.0464 5132  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:38:34.0468 5132  MpsSvc - ok
14:38:34.0491 5132  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
14:38:34.0507 5132  Mraid35x - ok
14:38:34.0547 5132  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:38:34.0548 5132  MRxDAV - ok
14:38:34.0587 5132  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:38:34.0588 5132  mrxsmb - ok
14:38:34.0611 5132  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:38:34.0613 5132  mrxsmb10 - ok
14:38:34.0618 5132  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:38:34.0619 5132  mrxsmb20 - ok
14:38:34.0635 5132  [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:38:34.0643 5132  msahci - ok
14:38:34.0659 5132  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:38:34.0661 5132  msdsm - ok
14:38:34.0688 5132  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
14:38:34.0692 5132  MSDTC - ok
14:38:34.0724 5132  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:38:34.0724 5132  Msfs - ok
14:38:34.0730 5132  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:38:34.0732 5132  msisadrv - ok
14:38:34.0758 5132  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:38:34.0761 5132  MSiSCSI - ok
14:38:34.0765 5132  msiserver - ok
14:38:34.0792 5132  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:38:34.0793 5132  MSKSSRV - ok
14:38:34.0825 5132  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:38:34.0826 5132  MSPCLOCK - ok
14:38:34.0836 5132  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:38:34.0837 5132  MSPQM - ok
14:38:34.0882 5132  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:38:34.0884 5132  MsRPC - ok
14:38:34.0893 5132  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:38:34.0894 5132  mssmbios - ok
14:38:34.0906 5132  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:38:34.0906 5132  MSTEE - ok
14:38:34.0950 5132  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
14:38:34.0951 5132  Mup - ok
14:38:35.0104 5132  [ 241BD3019FB31E812A51B31B06906335 ] N360            C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
14:38:35.0105 5132  N360 - ok
14:38:35.0152 5132  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
14:38:35.0155 5132  napagent - ok
14:38:35.0203 5132  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:38:35.0204 5132  NativeWifiP - ok
14:38:35.0333 5132  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\NAVENG.SYS
14:38:35.0334 5132  NAVENG - ok
14:38:35.0406 5132  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\NAVEX15.SYS
14:38:35.0416 5132  NAVEX15 - ok
14:38:35.0465 5132  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:38:35.0479 5132  NDIS - ok
14:38:35.0500 5132  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:38:35.0501 5132  NdisTapi - ok
14:38:35.0508 5132  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:38:35.0508 5132  Ndisuio - ok
14:38:35.0570 5132  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:38:35.0571 5132  NdisWan - ok
14:38:35.0598 5132  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:38:35.0598 5132  NDProxy - ok
14:38:35.0637 5132  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:38:35.0637 5132  NetBIOS - ok
14:38:35.0695 5132  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
14:38:35.0696 5132  netbt - ok
14:38:35.0704 5132  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
14:38:35.0706 5132  Netlogon - ok
14:38:35.0740 5132  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
14:38:35.0743 5132  Netman - ok
14:38:35.0990 5132  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:38:36.0157 5132  NetMsmqActivator - ok
14:38:36.0162 5132  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:38:36.0163 5132  NetPipeActivator - ok
14:38:36.0211 5132  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
14:38:36.0214 5132  netprofm - ok
14:38:36.0265 5132  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:38:36.0267 5132  NetTcpActivator - ok
14:38:36.0271 5132  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:38:36.0273 5132  NetTcpPortSharing - ok
14:38:36.0357 5132  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:38:36.0359 5132  nfrd960 - ok
14:38:36.0395 5132  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:38:36.0398 5132  NlaSvc - ok
14:38:36.0439 5132  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:38:36.0439 5132  Npfs - ok
14:38:36.0457 5132  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
14:38:36.0459 5132  nsi - ok
14:38:36.0467 5132  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:38:36.0468 5132  nsiproxy - ok
14:38:36.0529 5132  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:38:36.0554 5132  Ntfs - ok
14:38:36.0599 5132  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
14:38:36.0600 5132  ntrigdigi - ok
14:38:36.0646 5132  [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
14:38:36.0647 5132  NuidFltr - ok
14:38:36.0664 5132  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
14:38:36.0664 5132  Null - ok
14:38:36.0680 5132  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:38:36.0682 5132  nvraid - ok
14:38:36.0703 5132  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:38:36.0705 5132  nvstor - ok
14:38:36.0718 5132  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:38:36.0721 5132  nv_agp - ok
14:38:36.0725 5132  NwlnkFlt - ok
14:38:36.0729 5132  NwlnkFwd - ok
14:38:36.0836 5132  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:38:36.0842 5132  odserv - ok
14:38:36.0867 5132  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:38:36.0869 5132  ohci1394 - ok
14:38:36.0934 5132  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:38:36.0938 5132  ose - ok
14:38:36.0991 5132  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
14:38:36.0996 5132  p2pimsvc - ok
14:38:37.0016 5132  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:38:37.0022 5132  p2psvc - ok
14:38:37.0053 5132  [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:38:37.0054 5132  Parport - ok
14:38:37.0078 5132  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:38:37.0080 5132  partmgr - ok
14:38:37.0088 5132  [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
14:38:37.0088 5132  Parvdm - ok
14:38:37.0114 5132  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:38:37.0116 5132  PcaSvc - ok
14:38:37.0162 5132  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
14:38:37.0164 5132  pci - ok
14:38:37.0206 5132  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
14:38:37.0207 5132  pciide - ok
14:38:37.0243 5132  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:38:37.0246 5132  pcmcia - ok
14:38:37.0275 5132  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:38:37.0280 5132  PEAUTH - ok
14:38:37.0325 5132  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
14:38:37.0337 5132  pla - ok
14:38:37.0389 5132  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:38:37.0392 5132  PlugPlay - ok
14:38:37.0416 5132  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
14:38:37.0421 5132  PNRPAutoReg - ok
14:38:37.0441 5132  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
14:38:37.0446 5132  PNRPsvc - ok
14:38:37.0495 5132  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:38:37.0498 5132  PolicyAgent - ok
14:38:37.0533 5132  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:38:37.0534 5132  PptpMiniport - ok
14:38:37.0549 5132  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
14:38:37.0551 5132  Processor - ok
14:38:37.0628 5132  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:38:37.0630 5132  ProfSvc - ok
14:38:37.0637 5132  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:38:37.0640 5132  ProtectedStorage - ok
14:38:37.0680 5132  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
14:38:37.0681 5132  PSched - ok
14:38:37.0709 5132  [ 68B57D7C11277EA89F78255480376B4D ] PSI             C:\Windows\system32\DRIVERS\psi_mf_x86.sys
14:38:37.0710 5132  PSI - ok
14:38:37.0754 5132  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:38:37.0780 5132  ql2300 - ok
14:38:37.0801 5132  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:38:37.0803 5132  ql40xx - ok
14:38:37.0822 5132  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
14:38:37.0826 5132  QWAVE - ok
14:38:37.0832 5132  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:38:37.0833 5132  QWAVEdrv - ok
14:38:37.0893 5132  [ E642B131FB74CAF4BB8A014F31113142 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
14:38:37.0969 5132  R300 - ok
14:38:37.0980 5132  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:38:37.0980 5132  RasAcd - ok
14:38:38.0008 5132  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
14:38:38.0011 5132  RasAuto - ok
14:38:38.0026 5132  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:38:38.0027 5132  Rasl2tp - ok
14:38:38.0090 5132  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
14:38:38.0094 5132  RasMan - ok
14:38:38.0139 5132  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:38:38.0139 5132  RasPppoe - ok
14:38:38.0244 5132  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:38:38.0245 5132  RasSstp - ok
14:38:38.0327 5132  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:38:38.0329 5132  rdbss - ok
14:38:38.0381 5132  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:38:38.0381 5132  RDPCDD - ok
14:38:38.0469 5132  [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
14:38:38.0471 5132  rdpdr - ok
14:38:38.0477 5132  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:38:38.0478 5132  RDPENCDD - ok
14:38:38.0524 5132  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:38:38.0525 5132  RDPWD - ok
14:38:38.0561 5132  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:38:38.0563 5132  RemoteAccess - ok
14:38:38.0612 5132  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:38:38.0615 5132  RemoteRegistry - ok
14:38:38.0645 5132  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
14:38:38.0647 5132  RpcLocator - ok
14:38:38.0671 5132  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
14:38:38.0678 5132  RpcSs - ok
14:38:38.0735 5132  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:38:38.0735 5132  rspndr - ok
14:38:38.0740 5132  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
14:38:38.0742 5132  SamSs - ok
14:38:38.0779 5132  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:38:38.0781 5132  sbp2port - ok
14:38:38.0931 5132  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
14:38:38.0938 5132  SBSDWSCService - ok
14:38:38.0986 5132  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:38:38.0989 5132  SCardSvr - ok
14:38:39.0061 5132  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
14:38:39.0067 5132  Schedule - ok
14:38:39.0126 5132  [ 3B68015683C27CB00C7A6B60A37CBCFD ] SCMNdisP        C:\Windows\system32\DRIVERS\scmndisp.sys
14:38:39.0127 5132  SCMNdisP - ok
14:38:39.0151 5132  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:38:39.0151 5132  SCPolicySvc - ok
14:38:39.0172 5132  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:38:39.0175 5132  SDRSVC - ok
14:38:39.0195 5132  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:38:39.0196 5132  secdrv - ok
14:38:39.0209 5132  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
14:38:39.0211 5132  seclogon - ok
14:38:39.0261 5132  [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
14:38:39.0268 5132  Secunia PSI Agent - ok
14:38:39.0294 5132  [ CB2D183E27D1443F7D4CF10665B2BDED ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
14:38:39.0298 5132  Secunia Update Agent - ok
14:38:39.0335 5132  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
14:38:39.0337 5132  SENS - ok
14:38:39.0373 5132  [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:38:39.0374 5132  Serenum - ok
14:38:39.0427 5132  [ 6D663022DB3E7058907784AE14B69898 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:38:39.0428 5132  Serial - ok
14:38:39.0443 5132  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:38:39.0444 5132  sermouse - ok
14:38:39.0502 5132  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:38:39.0504 5132  SessionEnv - ok
14:38:39.0542 5132  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:38:39.0543 5132  sffdisk - ok
14:38:39.0587 5132  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:38:39.0588 5132  sffp_mmc - ok
14:38:39.0616 5132  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:38:39.0617 5132  sffp_sd - ok
14:38:39.0632 5132  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:38:39.0633 5132  sfloppy - ok
14:38:39.0677 5132  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:38:39.0680 5132  SharedAccess - ok
14:38:39.0760 5132  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:38:39.0764 5132  ShellHWDetection - ok
14:38:39.0784 5132  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
14:38:39.0786 5132  sisagp - ok
14:38:39.0794 5132  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
14:38:39.0798 5132  SiSRaid2 - ok
14:38:39.0812 5132  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:38:39.0814 5132  SiSRaid4 - ok
14:38:39.0913 5132  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
14:38:39.0933 5132  slsvc - ok
14:38:39.0985 5132  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
14:38:39.0987 5132  SLUINotify - ok
14:38:40.0094 5132  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:38:40.0095 5132  Smb - ok
14:38:40.0168 5132  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:38:40.0170 5132  SNMPTRAP - ok
14:38:40.0190 5132  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
14:38:40.0191 5132  spldr - ok
14:38:40.0270 5132  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
14:38:40.0272 5132  Spooler - ok
14:38:40.0403 5132  [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP           C:\Windows\system32\drivers\N360\1403000.024\SRTSP.SYS
14:38:40.0407 5132  SRTSP - ok
14:38:40.0428 5132  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\Windows\system32\drivers\N360\1403000.024\SRTSPX.SYS
14:38:40.0428 5132  SRTSPX - ok
14:38:40.0483 5132  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:38:40.0485 5132  srv - ok
14:38:40.0526 5132  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:38:40.0528 5132  srv2 - ok
14:38:40.0564 5132  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:38:40.0565 5132  srvnet - ok
14:38:40.0596 5132  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:38:40.0599 5132  SSDPSRV - ok
14:38:40.0619 5132  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:38:40.0621 5132  SstpSvc - ok
14:38:40.0667 5132  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
14:38:40.0672 5132  stisvc - ok
14:38:40.0697 5132  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:38:40.0697 5132  swenum - ok
14:38:40.0742 5132  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
14:38:40.0745 5132  swprv - ok
14:38:40.0757 5132  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
14:38:40.0758 5132  Symc8xx - ok
14:38:40.0800 5132  [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS           C:\Windows\system32\drivers\N360\1403000.024\SYMDS.SYS
14:38:40.0805 5132  SymDS - ok
14:38:40.0879 5132  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\Windows\system32\drivers\N360\1403000.024\SYMEFA.SYS
14:38:40.0891 5132  SymEFA - ok
14:38:41.0000 5132  [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
14:38:41.0001 5132  SymEvent - ok
14:38:41.0062 5132  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\Windows\system32\drivers\N360\1403000.024\Ironx86.SYS
14:38:41.0063 5132  SymIRON - ok
14:38:41.0159 5132  [ 93DE018EC6FBAA9A58FF9F2EB9198092 ] SYMTDIv         C:\Windows\system32\drivers\N360\1403000.024\SYMTDIV.SYS
14:38:41.0161 5132  SYMTDIv - ok
14:38:41.0194 5132  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
14:38:41.0195 5132  Sym_hi - ok
14:38:41.0229 5132  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
14:38:41.0231 5132  Sym_u3 - ok
14:38:41.0303 5132  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
14:38:41.0309 5132  SysMain - ok
14:38:41.0333 5132  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:38:41.0337 5132  TabletInputService - ok
14:38:41.0400 5132  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:38:41.0404 5132  TapiSrv - ok
14:38:41.0437 5132  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
14:38:41.0439 5132  TBS - ok
14:38:41.0520 5132  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:38:41.0536 5132  Tcpip - ok
14:38:41.0569 5132  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
14:38:41.0574 5132  Tcpip6 - ok
14:38:41.0620 5132  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:38:41.0621 5132  tcpipreg - ok
14:38:41.0634 5132  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:38:41.0636 5132  TDPIPE - ok
14:38:41.0646 5132  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:38:41.0647 5132  TDTCP - ok
14:38:41.0688 5132  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:38:41.0689 5132  tdx - ok
14:38:41.0845 5132  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8     C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
14:38:41.0865 5132  TeamViewer8 - ok
14:38:41.0877 5132  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:38:41.0878 5132  TermDD - ok
14:38:42.0000 5132  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
14:38:42.0005 5132  TermService - ok
14:38:42.0018 5132  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
14:38:42.0022 5132  Themes - ok
14:38:42.0036 5132  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
14:38:42.0038 5132  THREADORDER - ok
14:38:42.0064 5132  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
14:38:42.0067 5132  TrkWks - ok
14:38:42.0119 5132  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:38:42.0120 5132  TrustedInstaller - ok
14:38:42.0145 5132  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:38:42.0146 5132  tssecsrv - ok
14:38:42.0162 5132  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
14:38:42.0163 5132  tunmp - ok
14:38:42.0227 5132  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:38:42.0228 5132  tunnel - ok
14:38:42.0248 5132  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:38:42.0249 5132  uagp35 - ok
14:38:42.0338 5132  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:38:42.0341 5132  udfs - ok
14:38:42.0398 5132  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:38:42.0401 5132  UI0Detect - ok
14:38:42.0410 5132  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:38:42.0412 5132  uliagpkx - ok
14:38:42.0426 5132  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
14:38:42.0429 5132  uliahci - ok
14:38:42.0439 5132  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
14:38:42.0441 5132  UlSata - ok
14:38:42.0470 5132  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
14:38:42.0472 5132  ulsata2 - ok
14:38:42.0484 5132  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:38:42.0485 5132  umbus - ok
14:38:42.0532 5132  [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:38:42.0535 5132  UmRdpService - ok
14:38:42.0621 5132  [ 0558985BD646203DF5F36BF0FBD241A3 ] UNS             C:\Program Files\Intel\AMT\UNS.exe
14:38:42.0634 5132  UNS - ok
14:38:42.0696 5132  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
14:38:42.0699 5132  upnphost - ok
14:38:42.0761 5132  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:38:42.0762 5132  usbccgp - ok
14:38:42.0778 5132  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:38:42.0780 5132  usbcir - ok
14:38:42.0901 5132  [ 8D75AEC2BBA8D041976D1831A03E42FC ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:38:42.0901 5132  usbehci - ok
14:38:42.0964 5132  [ 7AE1E0745B06E9DD5DF66EDE062BACFA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:38:42.0965 5132  usbhub - ok
14:38:43.0020 5132  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:38:43.0022 5132  usbohci - ok
14:38:43.0045 5132  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:38:43.0045 5132  usbprint - ok
14:38:43.0060 5132  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:38:43.0061 5132  usbscan - ok
14:38:43.0144 5132  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:38:43.0145 5132  USBSTOR - ok
14:38:43.0199 5132  [ 407FA9318014A409C4575B77493950C8 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:38:43.0200 5132  usbuhci - ok
14:38:43.0238 5132  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
14:38:43.0241 5132  UxSms - ok
14:38:43.0295 5132  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
14:38:43.0299 5132  vds - ok
14:38:43.0321 5132  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:38:43.0322 5132  vga - ok
14:38:43.0332 5132  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:38:43.0333 5132  VgaSave - ok
14:38:43.0349 5132  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
14:38:43.0351 5132  viaagp - ok
14:38:43.0408 5132  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
14:38:43.0409 5132  ViaC7 - ok
14:38:43.0424 5132  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
14:38:43.0425 5132  viaide - ok
14:38:43.0430 5132  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:38:43.0432 5132  volmgr - ok
14:38:43.0490 5132  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:38:43.0494 5132  volmgrx - ok
14:38:43.0547 5132  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:38:43.0550 5132  volsnap - ok
14:38:43.0565 5132  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:38:43.0567 5132  vsmraid - ok
14:38:43.0599 5132  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
14:38:43.0608 5132  VSS - ok
14:38:43.0666 5132  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
14:38:43.0669 5132  W32Time - ok
14:38:43.0731 5132  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:38:43.0732 5132  WacomPen - ok
14:38:43.0746 5132  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:38:43.0746 5132  Wanarp - ok
14:38:43.0751 5132  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:38:43.0752 5132  Wanarpv6 - ok
14:38:43.0817 5132  [ 20B23332885DFB93FE0185362EE811E9 ] wbengine        C:\Windows\system32\wbengine.exe
14:38:43.0824 5132  wbengine - ok
14:38:43.0880 5132  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:38:43.0884 5132  wcncsvc - ok
14:38:43.0916 5132  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:38:43.0919 5132  WcsPlugInService - ok
14:38:43.0982 5132  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
14:38:43.0983 5132  Wd - ok
14:38:44.0032 5132  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:38:44.0036 5132  Wdf01000 - ok
14:38:44.0048 5132  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:38:44.0051 5132  WdiServiceHost - ok
14:38:44.0055 5132  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:38:44.0058 5132  WdiSystemHost - ok
14:38:44.0079 5132  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
14:38:44.0083 5132  WebClient - ok
14:38:44.0142 5132  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:38:44.0145 5132  Wecsvc - ok
14:38:44.0169 5132  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:38:44.0172 5132  wercplsupport - ok
14:38:44.0220 5132  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:38:44.0223 5132  WerSvc - ok
14:38:44.0261 5132  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
14:38:44.0263 5132  WinDefend - ok
14:38:44.0272 5132  WinHttpAutoProxySvc - ok
14:38:44.0343 5132  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:38:44.0344 5132  Winmgmt - ok
14:38:44.0388 5132  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:38:44.0397 5132  WinRM - ok
14:38:44.0455 5132  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:38:44.0460 5132  Wlansvc - ok
14:38:44.0616 5132  [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:38:44.0618 5132  wlcrasvc - ok
14:38:44.0693 5132  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:38:44.0704 5132  wlidsvc - ok
14:38:44.0749 5132  [ 48CA581C12022AC60FE82E2B96FBF5D4 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:38:44.0750 5132  WmiAcpi - ok
14:38:44.0817 5132  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:38:44.0818 5132  wmiApSrv - ok
14:38:44.0880 5132  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:38:44.0886 5132  WMPNetworkSvc - ok
14:38:44.0986 5132  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:38:44.0990 5132  WPDBusEnum - ok
14:38:45.0051 5132  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
14:38:45.0052 5132  WpdUsb - ok
14:38:45.0207 5132  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:38:45.0212 5132  WPFFontCache_v0400 - ok
14:38:45.0231 5132  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:38:45.0248 5132  ws2ifsl - ok
14:38:45.0306 5132  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
14:38:45.0310 5132  wscsvc - ok
14:38:45.0313 5132  WSearch - ok
14:38:45.0393 5132  [ 35A20217C4D06D1D36A3ADDFD8CE58C2 ] WSWNA1100       C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
14:38:45.0394 5132  WSWNA1100 - ok
14:38:45.0459 5132  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
14:38:45.0472 5132  wuauserv - ok
14:38:45.0523 5132  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:38:45.0523 5132  WudfPf - ok
14:38:45.0536 5132  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:38:45.0538 5132  WUDFRd - ok
14:38:45.0584 5132  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:38:45.0587 5132  wudfsvc - ok
14:38:45.0596 5132  ================ Scan global ===============================
14:38:45.0639 5132  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
14:38:45.0678 5132  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
14:38:45.0695 5132  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
14:38:45.0757 5132  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
14:38:45.0760 5132  [Global] - ok
14:38:45.0761 5132  ================ Scan MBR ==================================
14:38:45.0772 5132  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:38:45.0956 5132  \Device\Harddisk0\DR0 - ok
14:38:45.0956 5132  ================ Scan VBR ==================================
14:38:45.0983 5132  [ D4E719827E04FF8763328D7EDC5EF03A ] \Device\Harddisk0\DR0\Partition1
14:38:45.0984 5132  \Device\Harddisk0\DR0\Partition1 - ok
14:38:45.0987 5132  [ 9529A7DE2180077F9B0B2F35CE1D00FE ] \Device\Harddisk0\DR0\Partition2
14:38:45.0988 5132  \Device\Harddisk0\DR0\Partition2 - ok
14:38:45.0989 5132  ================ Scan active images ========================
14:38:45.0991 5132  [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys
14:38:45.0991 5132  C:\Windows\System32\drivers\crashdmp.sys - ok
14:38:45.0995 5132  [ E5A0034847537EAEE3C00349D5C34C5F ] C:\Windows\System32\drivers\iaStor.sys
14:38:45.0995 5132  C:\Windows\System32\drivers\iaStor.sys - ok
14:38:46.0001 5132  [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys
14:38:46.0001 5132  C:\Windows\System32\drivers\tunnel.sys - ok
14:38:46.0005 5132  [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys
14:38:46.0005 5132  C:\Windows\System32\drivers\intelppm.sys - ok
14:38:46.0008 5132  [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS
14:38:46.0008 5132  C:\Windows\System32\drivers\TUNMP.SYS - ok
14:38:46.0012 5132  [ A03B37DBC601C35DE9591B6AA1A20C22 ] C:\Windows\System32\drivers\igdkmd32.sys
14:38:46.0012 5132  C:\Windows\System32\drivers\igdkmd32.sys - ok
14:38:46.0016 5132  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys
14:38:46.0016 5132  C:\Windows\System32\drivers\dxgkrnl.sys - ok
14:38:46.0019 5132  [ 71F19B26115C240B7FBB6D238B630639 ] C:\Windows\System32\drivers\watchdog.sys
14:38:46.0019 5132  C:\Windows\System32\drivers\watchdog.sys - ok
14:38:46.0022 5132  [ C865D1F6D03595DF213DC3C67E4E4C58 ] C:\Windows\System32\drivers\HECI.sys
14:38:46.0022 5132  C:\Windows\System32\drivers\HECI.sys - ok
14:38:46.0026 5132  [ CE9EC966638EF0B10B864DDEDF62A099 ] C:\Windows\System32\drivers\serenum.sys
14:38:46.0026 5132  C:\Windows\System32\drivers\serenum.sys - ok
14:38:46.0029 5132  [ 6D663022DB3E7058907784AE14B69898 ] C:\Windows\System32\drivers\serial.sys
14:38:46.0029 5132  C:\Windows\System32\drivers\serial.sys - ok
14:38:46.0033 5132  [ 04944F4FC4F0477185F5D26AE0DDB90E ] C:\Windows\System32\drivers\e1e6032.sys
14:38:46.0033 5132  C:\Windows\System32\drivers\e1e6032.sys - ok
14:38:46.0037 5132  [ 8D75AEC2BBA8D041976D1831A03E42FC ] C:\Windows\System32\drivers\usbehci.sys
14:38:46.0037 5132  C:\Windows\System32\drivers\usbehci.sys - ok
14:38:46.0040 5132  [ 708347B00B58F48CD6B3D403D40236A8 ] C:\Windows\System32\drivers\usbport.sys
14:38:46.0040 5132  C:\Windows\System32\drivers\usbport.sys - ok
14:38:46.0044 5132  [ 407FA9318014A409C4575B77493950C8 ] C:\Windows\System32\drivers\usbuhci.sys
14:38:46.0044 5132  C:\Windows\System32\drivers\usbuhci.sys - ok
14:38:46.0047 5132  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] C:\Windows\System32\drivers\fdc.sys
14:38:46.0047 5132  C:\Windows\System32\drivers\fdc.sys - ok
14:38:46.0051 5132  [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys
14:38:46.0051 5132  C:\Windows\System32\drivers\hdaudbus.sys - ok
14:38:46.0055 5132  [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys
14:38:46.0055 5132  C:\Windows\System32\drivers\cdrom.sys - ok
14:38:46.0058 5132  [ 8A79FDF04A73428597E2CAF9D0D67850 ] C:\Windows\System32\drivers\parport.sys
14:38:46.0058 5132  C:\Windows\System32\drivers\parport.sys - ok
14:38:46.0062 5132  [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys
14:38:46.0062 5132  C:\Windows\System32\drivers\msiscsi.sys - ok
14:38:46.0066 5132  [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\Windows\System32\drivers\Storport.sys
14:38:46.0066 5132  C:\Windows\System32\drivers\Storport.sys - ok
14:38:46.0071 5132  [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys
14:38:46.0071 5132  C:\Windows\System32\drivers\tdi.sys - ok
14:38:46.0074 5132  [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys
14:38:46.0074 5132  C:\Windows\System32\drivers\ndistapi.sys - ok
14:38:46.0077 5132  [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys
14:38:46.0077 5132  C:\Windows\System32\drivers\rasl2tp.sys - ok
14:38:46.0083 5132  [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys
14:38:46.0083 5132  C:\Windows\System32\drivers\ndiswan.sys - ok
14:38:46.0087 5132  [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys
14:38:46.0087 5132  C:\Windows\System32\drivers\raspppoe.sys - ok
14:38:46.0091 5132  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys
14:38:46.0091 5132  C:\Windows\System32\drivers\raspptp.sys - ok
14:38:46.0095 5132  [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys
14:38:46.0095 5132  C:\Windows\System32\drivers\rassstp.sys - ok
14:38:46.0098 5132  [ 943B18305EAE3935598A9B4A3D560B4C ] C:\Windows\System32\drivers\rdpdr.sys
14:38:46.0098 5132  C:\Windows\System32\drivers\rdpdr.sys - ok
14:38:46.0102 5132  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys
14:38:46.0102 5132  C:\Windows\System32\drivers\termdd.sys - ok
14:38:46.0104 5132  [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys
14:38:46.0104 5132  C:\Windows\System32\drivers\kbdclass.sys - ok
14:38:46.0107 5132  [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys
14:38:46.0107 5132  C:\Windows\System32\drivers\mouclass.sys - ok
14:38:46.0111 5132  [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys
14:38:46.0111 5132  C:\Windows\System32\drivers\ks.sys - ok
14:38:46.0115 5132  [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys
14:38:46.0115 5132  C:\Windows\System32\drivers\mssmbios.sys - ok
14:38:46.0119 5132  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys
14:38:46.0119 5132  C:\Windows\System32\drivers\swenum.sys - ok
14:38:46.0123 5132  [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys
14:38:46.0123 5132  C:\Windows\System32\drivers\umbus.sys - ok
14:38:46.0128 5132  [ 7AE1E0745B06E9DD5DF66EDE062BACFA ] C:\Windows\System32\drivers\usbhub.sys
14:38:46.0128 5132  C:\Windows\System32\drivers\usbhub.sys - ok
14:38:46.0133 5132  [ 85B7CF99D532820495D68D747FDA9EBD ] C:\Windows\System32\drivers\flpydisk.sys
14:38:46.0133 5132  C:\Windows\System32\drivers\flpydisk.sys - ok
14:38:46.0137 5132  [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys
14:38:46.0137 5132  C:\Windows\System32\drivers\ndproxy.sys - ok
14:38:46.0140 5132  [ 3DB3FB83217627D9A0CB8BAE6CC5B491 ] C:\Windows\System32\drivers\ADIHdAud.sys
14:38:46.0140 5132  C:\Windows\System32\drivers\ADIHdAud.sys - ok
14:38:46.0144 5132  [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys
14:38:46.0144 5132  C:\Windows\System32\drivers\drmk.sys - ok
14:38:46.0147 5132  [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys
14:38:46.0147 5132  C:\Windows\System32\drivers\portcls.sys - ok
14:38:46.0151 5132  [ 1277AD8F053CC60C17CAFAB411F3CF40 ] C:\Windows\System32\drivers\N360\1403000.024\ccSetx86.sys
14:38:46.0151 5132  C:\Windows\System32\drivers\N360\1403000.024\ccSetx86.sys - ok
14:38:46.0154 5132  [ 5961CADB7CAD938368D2028725EF771D ] C:\Windows\System32\drivers\hidclass.sys
14:38:46.0154 5132  C:\Windows\System32\drivers\hidclass.sys - ok
14:38:46.0158 5132  [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys
14:38:46.0158 5132  C:\Windows\System32\drivers\hidparse.sys - ok
14:38:46.0161 5132  [ CCA4B519B17E23A00B826C55716809CC ] C:\Windows\System32\drivers\hidusb.sys
14:38:46.0161 5132  C:\Windows\System32\drivers\hidusb.sys - ok
14:38:46.0165 5132  [ 4179B1E80741724EA45DFA482AB3A22C ] C:\Windows\System32\drivers\usbd.sys
14:38:46.0165 5132  C:\Windows\System32\drivers\usbd.sys - ok
14:38:46.0168 5132  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\Windows\System32\drivers\kbdhid.sys
14:38:46.0168 5132  C:\Windows\System32\drivers\kbdhid.sys - ok
14:38:46.0173 5132  [ 93B8D4869E12CFBE663915502900876F ] C:\Windows\System32\drivers\mouhid.sys
14:38:46.0173 5132  C:\Windows\System32\drivers\mouhid.sys - ok
14:38:46.0177 5132  [ 0A8F71E1DB5432A5B9285111421E77EC ] C:\Windows\System32\drivers\N360\1403000.024\srtsp.sys
14:38:46.0177 5132  C:\Windows\System32\drivers\N360\1403000.024\srtsp.sys - ok
14:38:46.0181 5132  [ FE9BD381778A344F0E39AE2D5E607D7F ] C:\Windows\System32\drivers\N360\1403000.024\srtspx.sys
14:38:46.0181 5132  C:\Windows\System32\drivers\N360\1403000.024\srtspx.sys - ok
14:38:46.0185 5132  [ 8C9B9036E301A9965CF15BEC91C58A12 ] C:\Windows\System32\drivers\N360\1403000.024\Ironx86.sys
14:38:46.0185 5132  C:\Windows\System32\drivers\N360\1403000.024\Ironx86.sys - ok
14:38:46.0188 5132  [ F1FC2FD87FF77F63CD7F8BF95940B40C ] C:\Windows\System32\drivers\athur.sys
14:38:46.0188 5132  C:\Windows\System32\drivers\athur.sys - ok
14:38:46.0191 5132  [ C940F10C31E2C60CC967FFD6A370720C ] C:\Windows\System32\drivers\SYMEVENT.SYS
14:38:46.0191 5132  C:\Windows\System32\drivers\SYMEVENT.SYS - ok
14:38:46.0195 5132  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\NAVEX15.SYS
14:38:46.0195 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\NAVEX15.SYS - ok
14:38:46.0201 5132  [ 7D7A3BC6640C1A0D1442816B30856928 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\NAVENG.SYS
14:38:46.0201 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\NAVENG.SYS - ok
14:38:46.0204 5132  [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys
14:38:46.0204 5132  C:\Windows\System32\drivers\usbccgp.sys - ok
14:38:46.0208 5132  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] C:\Windows\System32\drivers\usbprint.sys
14:38:46.0208 5132  C:\Windows\System32\drivers\usbprint.sys - ok
14:38:46.0211 5132  [ A508C9BD8724980512136B039BBA65E9 ] C:\Windows\System32\drivers\usbscan.sys
14:38:46.0211 5132  C:\Windows\System32\drivers\usbscan.sys - ok
14:38:46.0215 5132  [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys
14:38:46.0215 5132  C:\Windows\System32\drivers\fs_rec.sys - ok
14:38:46.0218 5132  [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys
14:38:46.0218 5132  C:\Windows\System32\drivers\null.sys - ok
14:38:46.0222 5132  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys
14:38:46.0222 5132  C:\Windows\System32\drivers\beep.sys - ok
14:38:46.0226 5132  [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys
14:38:46.0226 5132  C:\Windows\System32\drivers\vga.sys - ok
14:38:46.0232 5132  [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys
14:38:46.0232 5132  C:\Windows\System32\drivers\videoprt.sys - ok
14:38:46.0238 5132  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys
14:38:46.0238 5132  C:\Windows\System32\drivers\RDPCDD.sys - ok
14:38:46.0242 5132  [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys
14:38:46.0242 5132  C:\Windows\System32\drivers\msfs.sys - ok
14:38:46.0246 5132  [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys
14:38:46.0246 5132  C:\Windows\System32\drivers\RDPENCDD.sys - ok
14:38:46.0252 5132  [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys
14:38:46.0252 5132  C:\Windows\System32\drivers\npfs.sys - ok
14:38:46.0255 5132  [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys
14:38:46.0256 5132  C:\Windows\System32\drivers\rasacd.sys - ok
14:38:46.0259 5132  [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys
14:38:46.0259 5132  C:\Windows\System32\drivers\tdx.sys - ok
14:38:46.0264 5132  [ 93DE018EC6FBAA9A58FF9F2EB9198092 ] C:\Windows\System32\drivers\N360\1403000.024\symtdiv.sys
14:38:46.0264 5132  C:\Windows\System32\drivers\N360\1403000.024\symtdiv.sys - ok
14:38:46.0269 5132  [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys
14:38:46.0269 5132  C:\Windows\System32\drivers\smb.sys - ok
14:38:46.0273 5132  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\Windows\System32\drivers\netbt.sys
14:38:46.0273 5132  C:\Windows\System32\drivers\netbt.sys - ok
14:38:46.0277 5132  [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys
14:38:46.0277 5132  C:\Windows\System32\drivers\afd.sys - ok
14:38:46.0284 5132  [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys
14:38:46.0285 5132  C:\Windows\System32\drivers\pacer.sys - ok
14:38:46.0288 5132  [ 55C9B4252B751226B838EED2BC50BB64 ] C:\Windows\System32\drivers\jswpslwf.sys
14:38:46.0288 5132  C:\Windows\System32\drivers\jswpslwf.sys - ok
14:38:46.0293 5132  [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys
14:38:46.0293 5132  C:\Windows\System32\drivers\netbios.sys - ok
14:38:46.0296 5132  [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys
14:38:46.0297 5132  C:\Windows\System32\drivers\wanarp.sys - ok
14:38:46.0302 5132  [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys
14:38:46.0302 5132  C:\Windows\System32\drivers\nsiproxy.sys - ok
14:38:46.0306 5132  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys
14:38:46.0306 5132  C:\Windows\System32\drivers\rdbss.sys - ok
14:38:46.0310 5132  [ 404FB2AAF532BC7BBACC8880BE401C74 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130308.001\IDSvix86.sys
14:38:46.0310 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130308.001\IDSvix86.sys - ok
14:38:46.0316 5132  [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
14:38:46.0316 5132  C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
14:38:46.0320 5132  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:38:46.0320 5132  C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
14:38:46.0324 5132  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] C:\Windows\System32\drivers\csc.sys
14:38:46.0324 5132  C:\Windows\System32\drivers\csc.sys - ok
14:38:46.0328 5132  [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys
14:38:46.0328 5132  C:\Windows\System32\drivers\dfsc.sys - ok
14:38:46.0333 5132  [ D2A55F5FE6B716913FB573872F2E5944 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130301.001\BHDrvx86.sys
14:38:46.0333 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130301.001\BHDrvx86.sys - ok
14:38:46.0337 5132  [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll
14:38:46.0337 5132  C:\Windows\System32\ntdll.dll - ok
14:38:46.0342 5132  [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\Windows\System32\smss.exe
14:38:46.0342 5132  C:\Windows\System32\smss.exe - ok
14:38:46.0345 5132  [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe
14:38:46.0345 5132  C:\Windows\System32\autochk.exe - ok
14:38:46.0351 5132  [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll
14:38:46.0351 5132  C:\Windows\System32\msvcrt.dll - ok
14:38:46.0354 5132  [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\System32\urlmon.dll
14:38:46.0354 5132  C:\Windows\System32\urlmon.dll - ok
14:38:46.0358 5132  [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll
14:38:46.0358 5132  C:\Windows\System32\imm32.dll - ok
14:38:46.0362 5132  [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll
14:38:46.0362 5132  C:\Windows\System32\lpk.dll - ok
14:38:46.0367 5132  [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll
14:38:46.0367 5132  C:\Windows\System32\rpcrt4.dll - ok
14:38:46.0371 5132  [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\System32\iertutil.dll
14:38:46.0371 5132  C:\Windows\System32\iertutil.dll - ok
14:38:46.0376 5132  [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll
14:38:46.0376 5132  C:\Windows\System32\nsi.dll - ok
14:38:46.0382 5132  [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll
14:38:46.0382 5132  C:\Windows\System32\advapi32.dll - ok
14:38:46.0386 5132  [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll
14:38:46.0386 5132  C:\Windows\System32\usp10.dll - ok
14:38:46.0390 5132  [ 420B075CD71AB9E58D15DD258958FBA3 ] C:\Windows\System32\shlwapi.dll
14:38:46.0390 5132  C:\Windows\System32\shlwapi.dll - ok
14:38:46.0394 5132  [ DC3105CC925A0D47F61B54E66AB730FC ] C:\Windows\System32\kernel32.dll
14:38:46.0394 5132  C:\Windows\System32\kernel32.dll - ok
14:38:46.0398 5132  [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll
14:38:46.0398 5132  C:\Windows\System32\setupapi.dll - ok
14:38:46.0402 5132  [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll
14:38:46.0402 5132  C:\Windows\System32\shell32.dll - ok
14:38:46.0405 5132  [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
14:38:46.0405 5132  C:\Windows\System32\normaliz.dll - ok
14:38:46.0408 5132  [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll
14:38:46.0408 5132  C:\Windows\System32\comdlg32.dll - ok
14:38:46.0412 5132  [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll
14:38:46.0412 5132  C:\Windows\System32\Wldap32.dll - ok
14:38:46.0415 5132  [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll
14:38:46.0415 5132  C:\Windows\System32\imagehlp.dll - ok
14:38:46.0419 5132  [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll
14:38:46.0419 5132  C:\Windows\System32\oleaut32.dll - ok
14:38:46.0422 5132  [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll
14:38:46.0422 5132  C:\Windows\System32\gdi32.dll - ok
14:38:46.0425 5132  [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll
14:38:46.0425 5132  C:\Windows\System32\ole32.dll - ok
14:38:46.0428 5132  [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll
14:38:46.0428 5132  C:\Windows\System32\ws2_32.dll - ok
14:38:46.0431 5132  [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll
14:38:46.0431 5132  C:\Windows\System32\msctf.dll - ok
14:38:46.0435 5132  [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll
14:38:46.0435 5132  C:\Windows\System32\user32.dll - ok
14:38:46.0438 5132  [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\System32\wininet.dll
14:38:46.0438 5132  C:\Windows\System32\wininet.dll - ok
14:38:46.0442 5132  [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll
14:38:46.0442 5132  C:\Windows\System32\clbcatq.dll - ok
14:38:46.0445 5132  [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll
14:38:46.0445 5132  C:\Windows\System32\comctl32.dll - ok
14:38:46.0449 5132  [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
14:38:46.0449 5132  C:\Windows\System32\psapi.dll - ok
14:38:46.0453 5132  [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys
14:38:46.0453 5132  C:\Windows\System32\drivers\dxapi.sys - ok
14:38:46.0457 5132  [ 1C1F3014453865E805A8708751743A48 ] C:\Windows\System32\win32k.sys
14:38:46.0457 5132  C:\Windows\System32\win32k.sys - ok
14:38:46.0460 5132  [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe
14:38:46.0460 5132  C:\Windows\System32\csrss.exe - ok
14:38:46.0464 5132  [ 187076DD5D8D4D5D23079D0741195EAD ] C:\Windows\System32\csrsrv.dll
14:38:46.0464 5132  C:\Windows\System32\csrsrv.dll - ok
14:38:46.0468 5132  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll
14:38:46.0468 5132  C:\Windows\System32\basesrv.dll - ok
14:38:46.0473 5132  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\System32\winsrv.dll
14:38:46.0473 5132  C:\Windows\System32\winsrv.dll - ok
14:38:46.0476 5132  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys
14:38:46.0476 5132  C:\Windows\System32\drivers\monitor.sys - ok
14:38:46.0480 5132  [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll
14:38:46.0480 5132  C:\Windows\System32\tsddd.dll - ok
14:38:46.0486 5132  [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe
14:38:46.0486 5132  C:\Windows\System32\wininit.exe - ok
14:38:46.0492 5132  [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll
14:38:46.0492 5132  C:\Windows\System32\secur32.dll - ok
14:38:46.0497 5132  [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll
14:38:46.0497 5132  C:\Windows\System32\userenv.dll - ok
14:38:46.0501 5132  [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL
14:38:46.0501 5132  C:\Windows\System32\KBDUS.DLL - ok
14:38:46.0505 5132  [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll
14:38:46.0505 5132  C:\Windows\System32\cdd.dll - ok
14:38:46.0509 5132  [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe
14:38:46.0510 5132  C:\Windows\System32\winlogon.exe - ok
14:38:46.0513 5132  [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll
14:38:46.0514 5132  C:\Windows\System32\winsta.dll - ok
14:38:46.0520 5132  [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
14:38:46.0520 5132  C:\Windows\System32\WlS0WndH.dll - ok
14:38:46.0528 5132  [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll
14:38:46.0528 5132  C:\Windows\System32\apphelp.dll - ok
14:38:46.0537 5132  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe
14:38:46.0537 5132  C:\Windows\System32\services.exe - ok
14:38:46.0542 5132  [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll
14:38:46.0542 5132  C:\Windows\System32\sxs.dll - ok
14:38:46.0546 5132  [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll
14:38:46.0546 5132  C:\Windows\System32\authz.dll - ok
14:38:46.0552 5132  [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll
14:38:46.0552 5132  C:\Windows\System32\scesrv.dll - ok
14:38:46.0557 5132  [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe
14:38:46.0557 5132  C:\Windows\System32\lsass.exe - ok
14:38:46.0561 5132  [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll
14:38:46.0561 5132  C:\Windows\System32\netapi32.dll - ok
14:38:46.0566 5132  [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll
14:38:46.0566 5132  C:\Windows\System32\ncobjapi.dll - ok
14:38:46.0571 5132  [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe
14:38:46.0571 5132  C:\Windows\System32\lsm.exe - ok
14:38:46.0575 5132  [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll
14:38:46.0575 5132  C:\Windows\System32\lsasrv.dll - ok
14:38:46.0579 5132  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
14:38:46.0579 5132  C:\Windows\System32\aelupsvc.dll - ok
14:38:46.0587 5132  [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
14:38:46.0587 5132  C:\Windows\System32\sysntfy.dll - ok
14:38:46.0592 5132  [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
14:38:46.0592 5132  C:\Windows\System32\wmsgapi.dll - ok
14:38:46.0596 5132  [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe
14:38:46.0596 5132  C:\Windows\System32\alg.exe - ok
14:38:46.0601 5132  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll
14:38:46.0601 5132  C:\Windows\System32\appinfo.dll - ok
14:38:46.0604 5132  [ 0FE769CAE5855B53C90E23F85E7E89FF ] C:\Windows\System32\appmgmts.dll
14:38:46.0604 5132  C:\Windows\System32\appmgmts.dll - ok
14:38:46.0608 5132  [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll
14:38:46.0608 5132  C:\Windows\System32\rascfg.dll - ok
14:38:46.0612 5132  [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll
14:38:46.0612 5132  C:\Windows\System32\audiosrv.dll - ok
14:38:46.0617 5132  [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL
14:38:46.0617 5132  C:\Windows\System32\BFE.DLL - ok
14:38:46.0621 5132  [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll
14:38:46.0621 5132  C:\Windows\System32\samsrv.dll - ok
14:38:46.0625 5132  [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll
14:38:46.0625 5132  C:\Windows\System32\cryptdll.dll - ok
14:38:46.0629 5132  [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll
14:38:46.0629 5132  C:\Windows\System32\dnsapi.dll - ok
14:38:46.0636 5132  [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll
14:38:46.0636 5132  C:\Windows\System32\feclient.dll - ok
14:38:46.0640 5132  [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll
14:38:46.0640 5132  C:\Windows\System32\msasn1.dll - ok
14:38:46.0644 5132  [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll
14:38:46.0644 5132  C:\Windows\System32\ntdsapi.dll - ok
14:38:46.0648 5132  [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll
14:38:46.0648 5132  C:\Windows\System32\samlib.dll - ok
14:38:46.0653 5132  [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\System32\crypt32.dll
14:38:46.0653 5132  C:\Windows\System32\crypt32.dll - ok
14:38:46.0657 5132  [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll
14:38:46.0657 5132  C:\Windows\System32\mpr.dll - ok
14:38:46.0661 5132  [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll
14:38:46.0661 5132  C:\Windows\System32\SLC.dll - ok
14:38:46.0666 5132  [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll
14:38:46.0666 5132  C:\Windows\System32\wevtapi.dll - ok
14:38:46.0671 5132  [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll
14:38:46.0671 5132  C:\Windows\System32\dhcpcsvc.dll - ok
14:38:46.0675 5132  [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll
14:38:46.0675 5132  C:\Windows\System32\dhcpcsvc6.dll - ok
14:38:46.0680 5132  [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL
14:38:46.0680 5132  C:\Windows\System32\IPHLPAPI.DLL - ok
14:38:46.0686 5132  [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll
14:38:46.0686 5132  C:\Windows\System32\winnsi.dll - ok
14:38:46.0692 5132  [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
14:38:46.0693 5132  C:\Windows\System32\cngaudit.dll - ok
14:38:46.0696 5132  [ 13CC59C1B04E9F20A87987C68CD4BE3F ] C:\Windows\System32\ncrypt.dll
14:38:46.0696 5132  C:\Windows\System32\ncrypt.dll - ok
14:38:46.0704 5132  [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll
14:38:46.0705 5132  C:\Windows\System32\bcrypt.dll - ok
14:38:46.0709 5132  [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll
14:38:46.0709 5132  C:\Windows\System32\credssp.dll - ok
14:38:46.0713 5132  [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll
14:38:46.0713 5132  C:\Windows\System32\kerberos.dll - ok
14:38:46.0718 5132  [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
14:38:46.0718 5132  C:\Windows\System32\msprivs.dll - ok
14:38:46.0722 5132  [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL
14:38:46.0722 5132  C:\Windows\System32\WSHTCPIP.DLL - ok
14:38:46.0726 5132  [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll
14:38:46.0726 5132  C:\Windows\System32\qmgr.dll - ok
14:38:46.0730 5132  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll
14:38:46.0730 5132  C:\Windows\System32\browser.dll - ok
14:38:46.0736 5132  [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll
14:38:46.0736 5132  C:\Windows\System32\certprop.dll - ok
14:38:46.0740 5132  [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll
14:38:46.0740 5132  C:\Windows\System32\comres.dll - ok
14:38:46.0744 5132  [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\Windows\System32\cryptsvc.dll
14:38:46.0744 5132  C:\Windows\System32\cryptsvc.dll - ok
14:38:46.0750 5132  [ 0A2095F92F6AE4FE6484D911B0C21E95 ] C:\Windows\System32\cscsvc.dll
14:38:46.0750 5132  C:\Windows\System32\cscsvc.dll - ok
14:38:46.0754 5132  [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll
14:38:46.0754 5132  C:\Windows\System32\dfsrres.dll - ok
14:38:46.0757 5132  [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
14:38:46.0757 5132  C:\Windows\System32\oleres.dll - ok
14:38:46.0760 5132  [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll
14:38:46.0760 5132  C:\Windows\System32\wship6.dll - ok
14:38:46.0763 5132  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll
14:38:46.0763 5132  C:\Windows\System32\dot3svc.dll - ok
14:38:46.0767 5132  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll
14:38:46.0767 5132  C:\Windows\System32\dps.dll - ok
14:38:46.0770 5132  [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll
14:38:46.0770 5132  C:\Windows\System32\eapsvc.dll - ok
14:38:46.0774 5132  [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll
14:38:46.0774 5132  C:\Windows\System32\emdmgmt.dll - ok
14:38:46.0777 5132  [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll
14:38:46.0777 5132  C:\Windows\System32\wshqos.dll - ok
14:38:46.0780 5132  [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll
14:38:46.0780 5132  C:\Windows\System32\wevtsvc.dll - ok
14:38:46.0784 5132  [ 5C23BBF67E6C373926525367D29F6E0C ] C:\Windows\System32\FXSRESM.dll
14:38:46.0784 5132  C:\Windows\System32\FXSRESM.dll - ok
14:38:46.0788 5132  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll
14:38:46.0788 5132  C:\Windows\System32\nlasvc.dll - ok
14:38:46.0791 5132  [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll
14:38:46.0791 5132  C:\Windows\System32\NapiNSP.dll - ok
14:38:46.0795 5132  [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll
14:38:46.0795 5132  C:\Windows\System32\mswsock.dll - ok
14:38:46.0798 5132  [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll
14:38:46.0798 5132  C:\Windows\System32\pnrpnsp.dll - ok
14:38:46.0802 5132  [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll
14:38:46.0802 5132  C:\Windows\System32\msv1_0.dll - ok
14:38:46.0805 5132  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll
14:38:46.0805 5132  C:\Windows\System32\fdPHost.dll - ok
14:38:46.0808 5132  [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll
14:38:46.0808 5132  C:\Windows\System32\netlogon.dll - ok
14:38:46.0812 5132  [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
14:38:46.0812 5132  C:\Windows\System32\winbrand.dll - ok
14:38:46.0815 5132  [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll
14:38:46.0815 5132  C:\Windows\System32\schannel.dll - ok
14:38:46.0819 5132  [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll
14:38:46.0819 5132  C:\Windows\System32\wdigest.dll - ok
14:38:46.0823 5132  [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll
14:38:46.0823 5132  C:\Windows\System32\rsaenh.dll - ok
14:38:46.0826 5132  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
14:38:46.0826 5132  C:\Windows\System32\FDResPub.dll - ok
14:38:46.0829 5132  [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll
14:38:46.0829 5132  C:\Windows\System32\FntCache.dll - ok
14:38:46.0833 5132  [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll
14:38:46.0833 5132  C:\Windows\System32\gpapi.dll - ok
14:38:46.0836 5132  [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll
14:38:46.0836 5132  C:\Windows\System32\hidserv.dll - ok
14:38:46.0840 5132  [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe
14:38:46.0840 5132  C:\Windows\System32\PresentationHost.exe - ok
14:38:46.0844 5132  [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
14:38:46.0844 5132  C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
14:38:46.0848 5132  [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL
14:38:46.0848 5132  C:\Windows\System32\KMSVC.DLL - ok
14:38:46.0855 5132  [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll
14:38:46.0855 5132  C:\Windows\System32\TSpkg.dll - ok
14:38:46.0857 5132  [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL
14:38:46.0857 5132  C:\Windows\System32\IKEEXT.DLL - ok
14:38:46.0865 5132  [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll
14:38:46.0865 5132  C:\Windows\System32\IPBusEnum.dll - ok
14:38:46.0870 5132  [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll
14:38:46.0870 5132  C:\Windows\System32\iphlpsvc.dll - ok
14:38:46.0874 5132  [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
14:38:46.0874 5132  C:\Windows\System32\keyiso.dll - ok
14:38:46.0879 5132  [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
14:38:46.0879 5132  C:\Windows\System32\lltdres.dll - ok
14:38:46.0884 5132  [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
14:38:46.0884 5132  C:\Windows\System32\lmhsvc.dll - ok
14:38:46.0890 5132  [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll
14:38:46.0890 5132  C:\Windows\System32\srvsvc.dll - ok
14:38:46.0893 5132  [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll
14:38:46.0894 5132  C:\Windows\System32\wkssvc.dll - ok
14:38:46.0897 5132  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll
14:38:46.0897 5132  C:\Windows\System32\mmcss.dll - ok
14:38:46.0901 5132  [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll
14:38:46.0901 5132  C:\Windows\System32\FirewallAPI.dll - ok
14:38:46.0904 5132  [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
14:38:46.0904 5132  C:\Windows\System32\iscsidsc.dll - ok
14:38:46.0908 5132  [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll
14:38:46.0908 5132  C:\Windows\System32\msimsg.dll - ok
14:38:46.0911 5132  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL
14:38:46.0911 5132  C:\Windows\System32\QAGENTRT.DLL - ok
14:38:46.0914 5132  [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll
14:38:46.0914 5132  C:\Windows\System32\netman.dll - ok
14:38:46.0919 5132  [ 4EF5DF1B011B05737ECB8F0B7B171510 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
14:38:46.0919 5132  C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll - ok
14:38:46.0924 5132  [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll
14:38:46.0924 5132  C:\Windows\System32\netprof.dll - ok
14:38:46.0929 5132  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll
14:38:46.0929 5132  C:\Windows\System32\nsisvc.dll - ok
14:38:46.0934 5132  [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll
14:38:46.0934 5132  C:\Windows\System32\p2psvc.dll - ok
14:38:46.0938 5132  [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll
14:38:46.0938 5132  C:\Windows\System32\pcasvc.dll - ok
14:38:46.0942 5132  [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll
14:38:46.0942 5132  C:\Windows\System32\pla.dll - ok
14:38:46.0945 5132  [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll
14:38:46.0945 5132  C:\Windows\System32\polstore.dll - ok
14:38:46.0948 5132  [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll
14:38:46.0948 5132  C:\Windows\System32\umpnpmgr.dll - ok
14:38:46.0952 5132  [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll
14:38:46.0953 5132  C:\Windows\System32\profsvc.dll - ok
14:38:46.0956 5132  [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll
14:38:46.0956 5132  C:\Windows\System32\psbase.dll - ok
14:38:46.0959 5132  [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll
14:38:46.0959 5132  C:\Windows\System32\qwave.dll - ok
14:38:46.0963 5132  [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys
14:38:46.0963 5132  C:\Windows\System32\drivers\qwavedrv.sys - ok
14:38:46.0967 5132  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll
14:38:46.0967 5132  C:\Windows\System32\rasauto.dll - ok
14:38:46.0971 5132  [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll
14:38:46.0971 5132  C:\Windows\System32\rasmans.dll - ok
14:38:46.0974 5132  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll
14:38:46.0974 5132  C:\Windows\System32\mprdim.dll - ok
14:38:46.0977 5132  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll
14:38:46.0977 5132  C:\Windows\System32\sstpsvc.dll - ok
14:38:46.0981 5132  [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
14:38:46.0981 5132  C:\Windows\System32\Locator.exe - ok
14:38:46.0986 5132  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll
14:38:46.0986 5132  C:\Windows\System32\regsvc.dll - ok
14:38:46.0990 5132  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll
14:38:46.0990 5132  C:\Windows\System32\SCardSvr.dll - ok
14:38:46.0994 5132  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll
14:38:46.0994 5132  C:\Windows\System32\schedsvc.dll - ok
14:38:46.0998 5132  [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll
14:38:46.0998 5132  C:\Windows\System32\sdrsvc.dll - ok
14:38:47.0003 5132  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll
14:38:47.0003 5132  C:\Windows\System32\seclogon.dll - ok
14:38:47.0007 5132  [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll
14:38:47.0007 5132  C:\Windows\System32\Sens.dll - ok
14:38:47.0011 5132  [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll
14:38:47.0011 5132  C:\Windows\System32\SessEnv.dll - ok
14:38:47.0014 5132  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll
14:38:47.0014 5132  C:\Windows\System32\ipnathlp.dll - ok
14:38:47.0017 5132  [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll
14:38:47.0018 5132  C:\Windows\System32\shsvcs.dll - ok
14:38:47.0021 5132  [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe
14:38:47.0021 5132  C:\Windows\System32\SLsvc.exe - ok
14:38:47.0024 5132  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll
14:38:47.0024 5132  C:\Windows\System32\SLUINotify.dll - ok
14:38:47.0027 5132  [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll
14:38:47.0027 5132  C:\Windows\System32\tcpipcfg.dll - ok
14:38:47.0031 5132  [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
14:38:47.0031 5132  C:\Windows\System32\snmptrap.exe - ok
14:38:47.0034 5132  [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe
14:38:47.0034 5132  C:\Windows\System32\spoolsv.exe - ok
14:38:47.0038 5132  [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll
14:38:47.0038 5132  C:\Windows\System32\ssdpsrv.dll - ok
14:38:47.0041 5132  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll
14:38:47.0041 5132  C:\Windows\System32\wiaservc.dll - ok
14:38:47.0044 5132  [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll
14:38:47.0044 5132  C:\Windows\System32\swprv.dll - ok
14:38:47.0047 5132  [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll
14:38:47.0047 5132  C:\Windows\System32\sysmain.dll - ok
14:38:47.0051 5132  [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll
14:38:47.0051 5132  C:\Windows\System32\TabSvc.dll - ok
14:38:47.0055 5132  [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll
14:38:47.0055 5132  C:\Windows\System32\tapisrv.dll - ok
14:38:47.0059 5132  [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll
14:38:47.0059 5132  C:\Windows\System32\tbssvc.dll - ok
14:38:47.0062 5132  [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll
14:38:47.0062 5132  C:\Windows\System32\termsrv.dll - ok
14:38:47.0065 5132  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe
14:38:47.0065 5132  C:\Windows\servicing\TrustedInstaller.exe - ok
14:38:47.0071 5132  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll
14:38:47.0071 5132  C:\Windows\System32\trkwks.dll - ok
14:38:47.0075 5132  [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe
14:38:47.0075 5132  C:\Windows\System32\UI0Detect.exe - ok
14:38:47.0081 5132  [ 8A66360F38F81E960E2367B428CBD5D9 ] C:\Windows\System32\umrdp.dll
14:38:47.0081 5132  C:\Windows\System32\umrdp.dll - ok
14:38:47.0088 5132  [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe
14:38:47.0088 5132  C:\Windows\System32\dwm.exe - ok
14:38:47.0093 5132  [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll
14:38:47.0094 5132  C:\Windows\System32\upnphost.dll - ok
14:38:47.0098 5132  [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe
14:38:47.0098 5132  C:\Windows\System32\vds.exe - ok
14:38:47.0102 5132  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe
14:38:47.0102 5132  C:\Windows\System32\VSSVC.exe - ok
14:38:47.0108 5132  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll
14:38:47.0108 5132  C:\Windows\System32\w32time.dll - ok
14:38:47.0111 5132  [ 20B23332885DFB93FE0185362EE811E9 ] C:\Windows\System32\wbengine.exe
14:38:47.0111 5132  C:\Windows\System32\wbengine.exe - ok
14:38:47.0119 5132  [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll
14:38:47.0119 5132  C:\Windows\System32\wcncsvc.dll - ok
14:38:47.0121 5132  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
14:38:47.0121 5132  C:\Windows\System32\WcsPlugInService.dll - ok
14:38:47.0126 5132  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys
14:38:47.0126 5132  C:\Windows\System32\drivers\Wdf01000.sys - ok
14:38:47.0130 5132  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll
14:38:47.0130 5132  C:\Windows\System32\wdi.dll - ok
14:38:47.0138 5132  [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll
14:38:47.0138 5132  C:\Windows\System32\WebClnt.dll - ok
14:38:47.0143 5132  [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll
14:38:47.0143 5132  C:\Windows\System32\wecsvc.dll - ok
14:38:47.0151 5132  [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll
14:38:47.0151 5132  C:\Windows\System32\wercplsupport.dll - ok
14:38:47.0153 5132  [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll
14:38:47.0153 5132  C:\Windows\System32\wersvc.dll - ok
14:38:47.0158 5132  [ 62DB790A860CDFC4278D2F03CC5675D8 ] C:\Program Files\Windows Defender\MsMpRes.dll
14:38:47.0158 5132  C:\Program Files\Windows Defender\MsMpRes.dll - ok
14:38:47.0164 5132  [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll
14:38:47.0164 5132  C:\Windows\System32\winhttp.dll - ok
14:38:47.0170 5132  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll
14:38:47.0171 5132  C:\Windows\System32\wbem\WMIsvc.dll - ok
14:38:47.0173 5132  [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll
14:38:47.0173 5132  C:\Windows\System32\WsmSvc.dll - ok
14:38:47.0177 5132  [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll
14:38:47.0177 5132  C:\Windows\System32\wlansvc.dll - ok
14:38:47.0181 5132  [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe
14:38:47.0181 5132  C:\Windows\System32\wbem\WmiApSrv.exe - ok
14:38:47.0189 5132  [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
14:38:47.0189 5132  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
14:38:47.0195 5132  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:38:47.0195 5132  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
14:38:47.0204 5132  [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll
14:38:47.0204 5132  C:\Windows\System32\wpdbusenum.dll - ok
14:38:47.0207 5132  [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll
14:38:47.0207 5132  C:\Windows\System32\wscsvc.dll - ok
14:38:47.0216 5132  [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe
14:38:47.0217 5132  C:\Windows\System32\SearchIndexer.exe - ok
14:38:47.0222 5132  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
14:38:47.0222 5132  C:\Windows\System32\wuaueng.dll - ok
14:38:47.0227 5132  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
14:38:47.0227 5132  C:\Windows\System32\drivers\WUDFPf.sys - ok
14:38:47.0231 5132  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] 



C:\Windows\System32\WUDFSvc.dll
14:38:47.0231 5132  C:\Windows\System32\WUDFSvc.dll - ok
14:38:47.0235 5132  [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll
14:38:47.0235 5132  C:\Windows\System32\scecli.dll - ok
14:38:47.0239 5132  [ D4152EB9099917EE50329447EAC0BD62 ] C:\Windows\System32\atmfd.dll
14:38:47.0239 5132  C:\Windows\System32\atmfd.dll - ok
14:38:47.0242 5132  [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll
14:38:47.0242 5132  C:\Windows\System32\ntmarta.dll - ok
14:38:47.0245 5132  [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe
14:38:47.0245 5132  C:\Windows\System32\svchost.exe - ok
14:38:47.0249 5132  [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll
14:38:47.0249 5132  C:\Windows\System32\powrprof.dll - ok
14:38:47.0254 5132  [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys
14:38:47.0254 5132  C:\Windows\System32\drivers\luafv.sys - ok
14:38:47.0257 5132  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll
14:38:47.0257 5132  C:\Windows\System32\rpcss.dll - ok
14:38:47.0261 5132  [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll
14:38:47.0261 5132  C:\Windows\System32\version.dll - ok
14:38:47.0264 5132  [ 4575AA12561C5648483403541D0D7F2B ] C:\Program Files\Windows Defender\MpSvc.dll
14:38:47.0264 5132  C:\Program Files\Windows Defender\MpSvc.dll - ok
14:38:47.0270 5132  [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe
14:38:47.0270 5132  C:\Windows\System32\LogonUI.exe - ok
14:38:47.0273 5132  [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll
14:38:47.0273 5132  C:\Windows\System32\authui.dll - ok
14:38:47.0276 5132  [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
14:38:47.0276 5132  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
14:38:47.0280 5132  [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
14:38:47.0280 5132  C:\Windows\System32\msimg32.dll - ok
14:38:47.0285 5132  [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll
14:38:47.0285 5132  C:\Windows\System32\uxtheme.dll - ok
14:38:47.0288 5132  [ 1BD363738B672A394EBE3B8A78EAB9D3 ] C:\Program Files\Windows Defender\MpClient.dll
14:38:47.0289 5132  C:\Program Files\Windows Defender\MpClient.dll - ok
14:38:47.0293 5132  [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll
14:38:47.0293 5132  C:\Windows\System32\wintrust.dll - ok
14:38:47.0297 5132  [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll
14:38:47.0297 5132  C:\Windows\System32\MMDevAPI.dll - ok
14:38:47.0302 5132  [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll
14:38:47.0302 5132  C:\Windows\System32\wtsapi32.dll - ok
14:38:47.0306 5132  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys
14:38:47.0306 5132  C:\Windows\System32\drivers\fltMgr.sys - ok
14:38:47.0309 5132  [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll
14:38:47.0309 5132  C:\Windows\System32\avrt.dll - ok
14:38:47.0312 5132  [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll
14:38:47.0313 5132  C:\Windows\System32\cabinet.dll - ok
14:38:47.0316 5132  [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll
14:38:47.0316 5132  C:\Windows\System32\adtschema.dll - ok
14:38:47.0321 5132  [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL
14:38:47.0321 5132  C:\Windows\System32\PSHED.DLL - ok
14:38:47.0324 5132  [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe
14:38:47.0324 5132  C:\Windows\System32\audiodg.exe - ok
14:38:47.0328 5132  [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll
14:38:47.0328 5132  C:\Windows\System32\nlaapi.dll - ok
14:38:47.0332 5132  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll
14:38:47.0332 5132  C:\Windows\System32\gpsvc.dll - ok
14:38:47.0338 5132  [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll
14:38:47.0338 5132  C:\Windows\System32\atl.dll - ok
14:38:47.0342 5132  [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys
14:38:47.0342 5132  C:\Windows\System32\drivers\spsys.sys - ok
14:38:47.0346 5132  [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll
14:38:47.0346 5132  C:\Windows\System32\es.dll - ok
14:38:47.0352 5132  [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll
14:38:47.0352 5132  C:\Windows\System32\propsys.dll - ok
14:38:47.0356 5132  [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll
14:38:47.0356 5132  C:\Windows\System32\uxsms.dll - ok
14:38:47.0359 5132  [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
14:38:47.0359 5132  C:\Windows\System32\hid.dll - ok
14:38:47.0363 5132  [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
14:38:47.0363 5132  C:\Windows\System32\WUDFPlatform.dll - ok
14:38:47.0366 5132  [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys
14:38:47.0366 5132  C:\Windows\System32\drivers\lltdio.sys - ok
14:38:47.0373 5132  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\Windows\System32\drivers\nwifi.sys
14:38:47.0373 5132  C:\Windows\System32\drivers\nwifi.sys - ok
14:38:47.0376 5132  [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\Windows\System32\drivers\ndisuio.sys
14:38:47.0376 5132  C:\Windows\System32\drivers\ndisuio.sys - ok
14:38:47.0381 5132  [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys
14:38:47.0381 5132  C:\Windows\System32\drivers\rspndr.sys - ok
14:38:47.0386 5132  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll
14:38:47.0386 5132  C:\Windows\System32\dnsrslvr.dll - ok
14:38:47.0390 5132  [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\Windows\System32\eapphost.dll
14:38:47.0390 5132  C:\Windows\System32\eapphost.dll - ok
14:38:47.0394 5132  [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll
14:38:47.0394 5132  C:\Windows\System32\raschap.dll - ok
14:38:47.0398 5132  [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll
14:38:47.0398 5132  C:\Windows\System32\rastls.dll - ok
14:38:47.0403 5132  [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll
14:38:47.0403 5132  C:\Windows\System32\umb.dll - ok
14:38:47.0407 5132  [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\Windows\System32\wlanmsm.dll
14:38:47.0407 5132  C:\Windows\System32\wlanmsm.dll - ok
14:38:47.0411 5132  [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\Windows\System32\wlansec.dll
14:38:47.0411 5132  C:\Windows\System32\wlansec.dll - ok
14:38:47.0414 5132  [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll
14:38:47.0414 5132  C:\Windows\System32\onex.dll - ok
14:38:47.0420 5132  [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll
14:38:47.0420 5132  C:\Windows\System32\eappprxy.dll - ok
14:38:47.0425 5132  [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll
14:38:47.0425 5132  C:\Windows\System32\eappcfg.dll - ok
14:38:47.0429 5132  [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
14:38:47.0429 5132  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
14:38:47.0432 5132  [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll
14:38:47.0432 5132  C:\Windows\System32\duser.dll - ok
14:38:47.0436 5132  [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll
14:38:47.0436 5132  C:\Windows\System32\oleacc.dll - ok
14:38:47.0440 5132  [ 91D995A67D9447592A1BF21CBC15C628 ] C:\Windows\System32\wlgpclnt.dll
14:38:47.0440 5132  C:\Windows\System32\wlgpclnt.dll - ok
14:38:47.0443 5132  [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\Windows\System32\l2gpstore.dll
14:38:47.0443 5132  C:\Windows\System32\l2gpstore.dll - ok
14:38:47.0447 5132  [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
14:38:47.0447 5132  C:\Windows\System32\wlanutil.dll - ok
14:38:47.0450 5132  [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll
14:38:47.0451 5132  C:\Windows\System32\xmllite.dll - ok
14:38:47.0456 5132  [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll
14:38:47.0456 5132  C:\Windows\System32\WinSCard.dll - ok
14:38:47.0460 5132  [ 0296DAEB5555A248E8ABF7E5012A37A6 ] C:\Windows\System32\msxml6.dll
14:38:47.0460 5132  C:\Windows\System32\msxml6.dll - ok
14:38:47.0466 5132  [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll
14:38:47.0466 5132  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
14:38:47.0470 5132  [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll
14:38:47.0470 5132  C:\Windows\System32\rasplap.dll - ok
14:38:47.0474 5132  [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll
14:38:47.0474 5132  C:\Windows\System32\rasapi32.dll - ok
14:38:47.0477 5132  [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll
14:38:47.0477 5132  C:\Windows\System32\rasman.dll - ok
14:38:47.0480 5132  [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
14:38:47.0480 5132  C:\Windows\System32\tapi32.dll - ok
14:38:47.0486 5132  [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll
14:38:47.0486 5132  C:\Windows\System32\rtutils.dll - ok
14:38:47.0489 5132  [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll
14:38:47.0489 5132  C:\Windows\System32\winmm.dll - ok
14:38:47.0495 5132  [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll
14:38:47.0495 5132  C:\Windows\System32\shgina.dll - ok
14:38:47.0500 5132  [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll
14:38:47.0500 5132  C:\Windows\System32\shacct.dll - ok
14:38:47.0506 5132  [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
14:38:47.0506 5132  C:\Windows\System32\ksuser.dll - ok
14:38:47.0509 5132  [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv
14:38:47.0509 5132  C:\Windows\System32\wdmaud.drv - ok
14:38:47.0512 5132  [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll
14:38:47.0512 5132  C:\Windows\System32\AudioEng.dll - ok
14:38:47.0516 5132  [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll
14:38:47.0516 5132  C:\Windows\System32\AudioSes.dll - ok
14:38:47.0521 5132  [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv
14:38:47.0521 5132  C:\Windows\System32\msacm32.drv - ok
14:38:47.0524 5132  [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll
14:38:47.0524 5132  C:\Windows\System32\midimap.dll - ok
14:38:47.0527 5132  [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll
14:38:47.0527 5132  C:\Windows\System32\msacm32.dll - ok
14:38:47.0531 5132  [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll
14:38:47.0531 5132  C:\Windows\System32\WindowsCodecs.dll - ok
14:38:47.0536 5132  [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll
14:38:47.0536 5132  C:\Windows\System32\AUDIOKSE.dll - ok
14:38:47.0539 5132  [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll
14:38:47.0540 5132  C:\Windows\System32\netcfgx.dll - ok
14:38:47.0543 5132  [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll
14:38:47.0543 5132  C:\Windows\System32\ktmw32.dll - ok
14:38:47.0547 5132  [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
14:38:47.0547 5132  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
14:38:47.0553 5132  [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
14:38:47.0553 5132  C:\Windows\System32\dllhost.exe - ok
14:38:47.0562 5132  [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
14:38:47.0562 5132  C:\Windows\System32\shimeng.dll - ok
14:38:47.0566 5132  [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll
14:38:47.0566 5132  C:\Windows\System32\taskcomp.dll - ok
14:38:47.0570 5132  [ F870AA3E254628EBEAFE754108D664DE ] C:\Windows\System32\drivers\http.sys
14:38:47.0570 5132  C:\Windows\System32\drivers\http.sys - ok
14:38:47.0574 5132  [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll
14:38:47.0574 5132  C:\Windows\System32\wiarpc.dll - ok
14:38:47.0577 5132  [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe
14:38:47.0577 5132  C:\Windows\System32\AtBroker.exe - ok
14:38:47.0581 5132  [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll
14:38:47.0581 5132  C:\Windows\System32\spoolss.dll - ok
14:38:47.0584 5132  [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys
14:38:47.0584 5132  C:\Windows\System32\drivers\srvnet.sys - ok
14:38:47.0590 5132  [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe
14:38:47.0590 5132  C:\Windows\System32\userinit.exe - ok
14:38:47.0594 5132  [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll
14:38:47.0594 5132  C:\Windows\System32\dwmapi.dll - ok
14:38:47.0599 5132  [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe
14:38:47.0599 5132  C:\Windows\System32\taskeng.exe - ok
14:38:47.0605 5132  [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll
14:38:47.0605 5132  C:\Windows\System32\dwmredir.dll - ok
14:38:47.0607 5132  [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll
14:38:47.0607 5132  C:\Windows\System32\milcore.dll - ok
14:38:47.0611 5132  [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL
14:38:47.0612 5132  C:\Windows\System32\FWPUCLNT.DLL - ok
14:38:47.0615 5132  [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
14:38:47.0615 5132  C:\Windows\System32\TSChannel.dll - ok
14:38:47.0621 5132  [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys
14:38:47.0621 5132  C:\Windows\System32\drivers\bowser.sys - ok
14:38:47.0625 5132  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys
14:38:47.0625 5132  C:\Windows\System32\drivers\mpsdrv.sys - ok
14:38:47.0629 5132  [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys
14:38:47.0629 5132  C:\Windows\System32\drivers\mrxdav.sys - ok
14:38:47.0633 5132  [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll
14:38:47.0633 5132  C:\Windows\System32\MPSSVC.dll - ok
14:38:47.0639 5132  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys
14:38:47.0639 5132  C:\Windows\System32\drivers\mrxsmb.sys - ok
14:38:47.0643 5132  [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll
14:38:47.0643 5132  C:\Windows\System32\d3d9.dll - ok
14:38:47.0647 5132  [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys
14:38:47.0647 5132  C:\Windows\System32\drivers\mrxsmb10.sys - ok
14:38:47.0653 5132  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys
14:38:47.0653 5132  C:\Windows\System32\drivers\mrxsmb20.sys - ok
14:38:47.0658 5132  [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys
14:38:47.0658 5132  C:\Windows\System32\drivers\srv2.sys - ok
14:38:47.0661 5132  [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe
14:38:47.0661 5132  C:\Windows\explorer.exe - ok
14:38:47.0665 5132  [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll
14:38:47.0665 5132  C:\Windows\System32\HotStartUserAgent.dll - ok
14:38:47.0670 5132  [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys
14:38:47.0670 5132  C:\Windows\System32\drivers\srv.sys - ok
14:38:47.0674 5132  [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll
14:38:47.0674 5132  C:\Windows\System32\PlaySndSrv.dll - ok
14:38:47.0678 5132  [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll
14:38:47.0678 5132  C:\Windows\System32\MsCtfMonitor.dll - ok
14:38:47.0683 5132  [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll
14:38:47.0683 5132  C:\Windows\System32\msutb.dll - ok
14:38:47.0689 5132  [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll
14:38:47.0689 5132  C:\Windows\System32\wfapigp.dll - ok
14:38:47.0693 5132  [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll
14:38:47.0693 5132  C:\Windows\System32\mscms.dll - ok
14:38:47.0696 5132  [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
14:38:47.0696 5132  C:\Windows\System32\d3d8thk.dll - ok
14:38:47.0701 5132  [ F066473915A96C69189B9D7B2DFE9D05 ] C:\Windows\System32\igdumd32.dll
14:38:47.0701 5132  C:\Windows\System32\igdumd32.dll - ok
14:38:47.0705 5132  [ F845CB13B1D1FC68C97900FEF94D03CC ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
14:38:47.0705 5132  C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
14:38:47.0709 5132  [ E223D2851906B84F52E1B75EA16198F9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
14:38:47.0709 5132  C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
14:38:47.0713 5132  [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll
14:38:47.0713 5132  C:\Windows\System32\uDWM.dll - ok
14:38:47.0719 5132  [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll
14:38:47.0719 5132  C:\Windows\System32\WsmRes.dll - ok
14:38:47.0725 5132  [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe
14:38:47.0725 5132  C:\Windows\System32\plasrv.exe - ok
14:38:47.0731 5132  [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll
14:38:47.0731 5132  C:\Windows\System32\shdocvw.dll - ok
14:38:47.0738 5132  [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll
14:38:47.0738 5132  C:\Windows\System32\browseui.dll - ok
14:38:47.0742 5132  [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll
14:38:47.0742 5132  C:\Windows\System32\netmsg.dll - ok
14:38:47.0745 5132  [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll
14:38:47.0745 5132  C:\Windows\System32\sscore.dll - ok
14:38:47.0748 5132  [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll
14:38:47.0748 5132  C:\Windows\System32\clusapi.dll - ok
14:38:47.0753 5132  [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll
14:38:47.0753 5132  C:\Windows\System32\activeds.dll - ok
14:38:47.0757 5132  [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll
14:38:47.0757 5132  C:\Windows\System32\adsldpc.dll - ok
14:38:47.0760 5132  [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll
14:38:47.0760 5132  C:\Windows\System32\credui.dll - ok
14:38:47.0763 5132  [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll
14:38:47.0764 5132  C:\Windows\System32\resutils.dll - ok
14:38:47.0767 5132  [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll
14:38:47.0767 5132  C:\Windows\System32\EhStorShell.dll - ok
14:38:47.0773 5132  [ 22B81ADCA500945D8009EC615E760364 ] C:\Windows\System32\cscui.dll
14:38:47.0773 5132  C:\Windows\System32\cscui.dll - ok
14:38:47.0777 5132  [ C1BB3EF5FAFCBC9573DEEB57E8DF9309 ] C:\Windows\System32\cscdll.dll
14:38:47.0777 5132  C:\Windows\System32\cscdll.dll - ok
14:38:47.0780 5132  [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll
14:38:47.0780 5132  C:\Windows\System32\cscapi.dll - ok
14:38:47.0787 5132  [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv
14:38:47.0787 5132  C:\Windows\System32\winspool.drv - ok
14:38:47.0791 5132  [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll
14:38:47.0791 5132  C:\Windows\System32\winrnr.dll - ok
14:38:47.0794 5132  [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
14:38:47.0794 5132  C:\Windows\System32\rasadhlp.dll - ok
14:38:47.0797 5132  [ 17948FD8611D5EEC637959C668F439F5 ] C:\Program Files\Norton 360\Engine\20.3.0.36\buShell.dll
14:38:47.0797 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\buShell.dll - ok
14:38:47.0801 5132  [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll
14:38:47.0801 5132  C:\Windows\System32\localspl.dll - ok
14:38:47.0806 5132  [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
14:38:47.0806 5132  C:\Windows\System32\sfc.dll - ok
14:38:47.0809 5132  [ 4DC52B7F3FCE2E7B8EB5AF756B3B908C ] C:\Windows\System32\FXSMON.dll
14:38:47.0809 5132  C:\Windows\System32\FXSMON.dll - ok
14:38:47.0813 5132  [ BB424A2D6E6B14BEC688B64E02DBE159 ] C:\Windows\System32\pxc25pm.dll
14:38:47.0813 5132  C:\Windows\System32\pxc25pm.dll - ok
14:38:47.0818 5132  [ F438D077605B9737AD472FD2CE1606A0 ] C:\Windows\System32\pdf995mon.dll
14:38:47.0818 5132  C:\Windows\System32\pdf995mon.dll - ok
14:38:47.0824 5132  [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll
14:38:47.0824 5132  C:\Windows\System32\tcpmon.dll - ok
14:38:47.0827 5132  [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
14:38:47.0827 5132  C:\Windows\System32\snmpapi.dll - ok
14:38:47.0831 5132  [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll
14:38:47.0831 5132  C:\Windows\System32\wsnmp32.dll - ok
14:38:47.0834 5132  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
14:38:47.0834 5132  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
14:38:47.0840 5132  [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
14:38:47.0840 5132  C:\Windows\System32\tcpmib.dll - ok
14:38:47.0843 5132  [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
14:38:47.0843 5132  C:\Windows\System32\mgmtapi.dll - ok
14:38:47.0848 5132  [ 06B13F3BC671E4DCE2559AECFE5B9996 ] C:\Windows\System32\dlxbazil.dll
14:38:47.0848 5132  C:\Windows\System32\dlxbazil.dll - ok
14:38:47.0854 5132  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files\Norton 360\Engine\20.3.0.36\msvcp100.dll
14:38:47.0854 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\msvcp100.dll - ok
14:38:47.0858 5132  [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll
14:38:47.0858 5132  C:\Windows\System32\usbmon.dll - ok
14:38:47.0861 5132  [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll
14:38:47.0861 5132  C:\Windows\System32\WSDMon.dll - ok
14:38:47.0865 5132  [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll
14:38:47.0865 5132  C:\Windows\System32\WSDApi.dll - ok
14:38:47.0871 5132  [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\Windows\System32\httpapi.dll
14:38:47.0871 5132  C:\Windows\System32\httpapi.dll - ok
14:38:47.0875 5132  [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll
14:38:47.0875 5132  C:\Windows\System32\cfgmgr32.dll - ok
14:38:47.0879 5132  [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll
14:38:47.0879 5132  C:\Windows\System32\fundisc.dll - ok
14:38:47.0883 5132  [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll
14:38:47.0883 5132  C:\Windows\System32\msxml3.dll - ok
14:38:47.0886 5132  [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll
14:38:47.0886 5132  C:\Windows\System32\TMM.dll - ok
14:38:47.0890 5132  [ 2A221CBB96F0EBA04E4FEF907FBAC03D ] C:\Windows\System32\igfxTMM.dll
14:38:47.0890 5132  C:\Windows\System32\igfxTMM.dll - ok
14:38:47.0894 5132  [ 7601305A158367EBFCB8F01DC2E12E28 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130301.001\UMEngx86.dll
14:38:47.0894 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130301.001\UMEngx86.dll - ok
14:38:47.0897 5132  [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe
14:38:47.0897 5132  C:\Windows\System32\rundll32.exe - ok
14:38:47.0901 5132  [ D6804F089CBB6749E95124E7C4D80900 ] C:\Windows\AppPatch\AcLayers.dll
14:38:47.0901 5132  C:\Windows\AppPatch\AcLayers.dll - ok
14:38:47.0907 5132  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
14:38:47.0907 5132  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
14:38:47.0911 5132  [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll
14:38:47.0911 5132  C:\Windows\System32\msi.dll - ok
14:38:47.0914 5132  [ 295363D4317820AED0D527E15B90A8ED ] C:\Windows\System32\pdh.dll
14:38:47.0914 5132  C:\Windows\System32\pdh.dll - ok
14:38:47.0917 5132  [ 8A38B5E8493A9D103083B8620AC5F3A1 ] C:\Windows\System32\tdh.dll
14:38:47.0917 5132  C:\Windows\System32\tdh.dll - ok
14:38:47.0923 5132  [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll
14:38:47.0923 5132  C:\Windows\System32\dbghelp.dll - ok
14:38:47.0927 5132  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
14:38:47.0927 5132  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
14:38:47.0930 5132  [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll
14:38:47.0930 5132  C:\Windows\System32\mstask.dll - ok
14:38:47.0934 5132  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files\Norton 360\Engine\20.3.0.36\msvcr100.dll
14:38:47.0934 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\msvcr100.dll - ok
14:38:47.0938 5132  [ 0739819B2653DBD8D71EC5784BE6D9FC ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccL120U.dll
14:38:47.0938 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccL120U.dll - ok
14:38:47.0942 5132  [ 3ECC194DFEA426A3F3B4ECFDB8454F14 ] C:\Program Files\Norton 360\Engine\20.3.0.36\EFACli.dll
14:38:47.0942 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\EFACli.dll - ok
14:38:47.0945 5132  [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
14:38:47.0945 5132  C:\Windows\System32\imageres.dll - ok
14:38:47.0948 5132  [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
14:38:47.0949 5132  C:\Windows\System32\IconCodecService.dll - ok
14:38:47.0953 5132  [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll
14:38:47.0953 5132  C:\Windows\System32\win32spl.dll - ok
14:38:47.0957 5132  [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
14:38:47.0957 5132  C:\Windows\System32\netrap.dll - ok
14:38:47.0960 5132  [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll
14:38:47.0960 5132  C:\Windows\System32\printcom.dll - ok
14:38:47.0964 5132  [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
14:38:47.0964 5132  C:\Windows\System32\SensApi.dll - ok
14:38:47.0967 5132  [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll
14:38:47.0967 5132  C:\Windows\System32\inetpp.dll - ok
14:38:47.0970 5132  [ 6C580025C81CAF3AE9E3617C22CAD00E ] C:\Windows\System32\drivers\parvdm.sys
14:38:47.0971 5132  C:\Windows\System32\drivers\parvdm.sys - ok
14:38:47.0974 5132  [ A60BDB22CDCEA7818465D58BE76640FA ] C:\Program Files\Intel\ASF Agent\ASFAgent.exe
14:38:47.0974 5132  C:\Program Files\Intel\ASF Agent\ASFAgent.exe - ok
14:38:47.0977 5132  [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL
14:38:47.0977 5132  C:\Windows\System32\QAGENT.DLL - ok
14:38:47.0980 5132  [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL
14:38:47.0980 5132  C:\Windows\System32\QUTIL.DLL - ok
14:38:47.0983 5132  [ EECC1D40AA10F85126708796ABA1E7D5 ] C:\Program Files\Intel\AMT\atchksrv.exe
14:38:47.0983 5132  C:\Program Files\Intel\AMT\atchksrv.exe - ok
14:38:47.0987 5132  [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll
14:38:47.0987 5132  C:\Windows\System32\vssapi.dll - ok
14:38:47.0991 5132  [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll
14:38:47.0991 5132  C:\Windows\System32\vsstrace.dll - ok
14:38:47.0994 5132  [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll
14:38:47.0994 5132  C:\Windows\System32\cryptnet.dll - ok
14:38:47.0998 5132  [ 4771300058D6E04F274A4B9D1817E442 ] C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
14:38:47.0998 5132  C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe - ok
14:38:48.0003 5132  [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll
14:38:48.0003 5132  C:\Windows\System32\taskschd.dll - ok
14:38:48.0007 5132  [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll
14:38:48.0007 5132  C:\Windows\System32\wdscore.dll - ok
14:38:48.0011 5132  [ 72B53E9C8924949DEC8F3799BCBA2251 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
14:38:48.0011 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
14:38:48.0015 5132  [ 3A1E66A261DEA3187EF5DCC746CDE971 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
14:38:48.0015 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
14:38:48.0020 5132  [ 4278079BAD7EC9F1ABDD16E11AFC3AE7 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
14:38:48.0020 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
14:38:48.0023 5132  [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll
14:38:48.0023 5132  C:\Windows\System32\wbemcomn.dll - ok
14:38:48.0028 5132  [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll
14:38:48.0028 5132  C:\Windows\System32\wbem\wbemprox.dll - ok
14:38:48.0032 5132  [ C518D248041C259FCFA7175C866915C3 ] C:\Program Files\Intel\AMT\LMS.exe
14:38:48.0032 5132  C:\Program Files\Intel\AMT\LMS.exe - ok
14:38:48.0035 5132  [ 622FCF264119F7DF127BE353F796B319 ] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe
14:38:48.0035 5132  C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe - ok
14:38:48.0039 5132  [ 580DB14E2FB3881717C95EE926D39A96 ] C:\Program Files\Intel\ASF Agent\ASFCfgsv.dll
14:38:48.0039 5132  C:\Program Files\Intel\ASF Agent\ASFCfgsv.dll - ok
14:38:48.0042 5132  [ 9A8509D60997783A54AAEFE853E4BE14 ] C:\Windows\System32\AsfBios.dll
14:38:48.0043 5132  C:\Windows\System32\AsfBios.dll - ok
14:38:48.0047 5132  [ 241BD3019FB31E812A51B31B06906335 ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
14:38:48.0047 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe - ok
14:38:48.0051 5132  [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
14:38:48.0051 5132  C:\Windows\System32\drivers\PEAuth.sys - ok
14:38:48.0055 5132  [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll
14:38:48.0055 5132  C:\Windows\System32\ncsi.dll - ok
14:38:48.0059 5132  [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
14:38:48.0059 5132  C:\Windows\System32\drivers\secdrv.sys - ok
14:38:48.0063 5132  [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
14:38:48.0063 5132  C:\Windows\System32\ssdpapi.dll - ok
14:38:48.0067 5132  [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll
14:38:48.0067 5132  C:\Windows\System32\diagperf.dll - ok
14:38:48.0071 5132  [ 1E9B9A70D332103C52995E957DC09EF8 ] C:\Windows\System32\drivers\fastfat.sys
14:38:48.0071 5132  C:\Windows\System32\drivers\fastfat.sys - ok
14:38:48.0074 5132  [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL
14:38:48.0074 5132  C:\Windows\System32\IPSECSVC.DLL - ok
14:38:48.0078 5132  [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll
14:38:48.0078 5132  C:\Windows\System32\FwRemoteSvr.dll - ok
14:38:48.0082 5132  [ 35AC6003760ED3C65942F6D89C28CFA7 ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccVrTrst.dll
14:38:48.0082 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccVrTrst.dll - ok
14:38:48.0085 5132  [ E43C0D32FF2D9A72F2D975B83B916964 ] C:\Program Files\Secunia\PSI\psia.exe
14:38:48.0085 5132  C:\Program Files\Secunia\PSI\psia.exe - ok
14:38:48.0089 5132  [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\Windows\System32\fltLib.dll
14:38:48.0089 5132  C:\Windows\System32\fltLib.dll - ok
14:38:48.0092 5132  [ 8843B6A1B8E102841B2DFF02805C5CEC ] C:\Windows\System32\jscript.dll
14:38:48.0092 5132  C:\Windows\System32\jscript.dll - ok
14:38:48.0095 5132  [ CB2D183E27D1443F7D4CF10665B2BDED ] C:\Program Files\Secunia\PSI\sua.exe
14:38:48.0095 5132  C:\Program Files\Secunia\PSI\sua.exe - ok
14:38:48.0099 5132  [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys
14:38:48.0099 5132  C:\Windows\System32\drivers\tcpipreg.sys - ok
14:38:48.0102 5132  [ B9CF40ABF316A863DB9760727D882C6A ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvc.dll
14:38:48.0102 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvc.dll - ok
14:38:48.0106 5132  [ BDBC187D16A423F5E10CEA4F85E335FB ] C:\Program Files\Norton 360\Engine\20.3.0.36\srtsp32.dll
14:38:48.0106 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\srtsp32.dll - ok
14:38:48.0108 5132  [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
14:38:48.0108 5132  C:\Windows\System32\wiatrace.dll - ok
14:38:48.0112 5132  [ 57D1527A7EB0D6F6BBA04796AA4839EE ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccIPC.dll
14:38:48.0112 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccIPC.dll - ok
14:38:48.0116 5132  [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll
14:38:48.0116 5132  C:\Windows\System32\wsdchngr.dll - ok
14:38:48.0120 5132  [ 8DB5F7821B06062EA254992AF2802C84 ] C:\Program Files\Norton 360\Engine\20.3.0.36\diMaster.dll
14:38:48.0120 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\diMaster.dll - ok
14:38:48.0123 5132  [ 3B2DF621CADA482C06AF0006EC18BF2E ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccSet.dll
14:38:48.0123 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccSet.dll - ok
14:38:48.0127 5132  [ ED727726D9E22558FD926BD188C56B17 ] C:\Program Files\Norton 360\Engine\20.3.0.36\coSvcPlg.dll
14:38:48.0127 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\coSvcPlg.dll - ok
14:38:48.0131 5132  [ A7D50D81D3743B551BC097EE4808EBBD ] C:\Windows\System32\dlsbaisc.dll
14:38:48.0131 5132  C:\Windows\System32\dlsbaisc.dll - ok
14:38:48.0134 5132  [ 8ED53A57C7406E214666CCA031D9DCB6 ] C:\Program Files\Norton 360\Engine\20.3.0.36\coFFPlgn.dll
14:38:48.0134 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\coFFPlgn.dll - ok
14:38:48.0138 5132  [ CC19133AB94723A75727D632C24D1B13 ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccGEvt.dll
14:38:48.0138 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccGEvt.dll - ok
14:38:48.0142 5132  [ 8ED53A57C7406E214666CCA031D9DCB6 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\coFFPlgn\components\coFFPlgn.dll
14:38:48.0142 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\coFFPlgn\components\coFFPlgn.dll - ok
14:38:48.0145 5132  [ 1A6F7C832BE552F67C3A034486A07FED ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccGLog.dll
14:38:48.0145 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccGLog.dll - ok
14:38:48.0148 5132  [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll
14:38:48.0148 5132  C:\Windows\System32\actxprxy.dll - ok
14:38:48.0156 5132  [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll
14:38:48.0156 5132  C:\Windows\System32\ntshrui.dll - ok
14:38:48.0159 5132  [ 95F84EDCE6FC2DC3E2DF82126D4C9CB3 ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccJobMgr.dll
14:38:48.0159 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccJobMgr.dll - ok
14:38:48.0163 5132  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
14:38:48.0163 5132  C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe - ok
14:38:48.0166 5132  [ 8F58544719E1C435BC36A8B207096581 ] C:\Windows\System32\verclsid.exe
14:38:48.0166 5132  C:\Windows\System32\verclsid.exe - ok
14:38:48.0170 5132  [ 6E895BDCB3158E3860A49662332736BA ] C:\Windows\System32\d3d11.dll
14:38:48.0170 5132  C:\Windows\System32\d3d11.dll - ok
14:38:48.0174 5132  [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll
14:38:48.0174 5132  C:\Windows\System32\icaapi.dll - ok
14:38:48.0177 5132  [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll
14:38:48.0177 5132  C:\Windows\System32\dxgi.dll - ok
14:38:48.0180 5132  [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\Windows\System32\ddraw.dll
14:38:48.0180 5132  C:\Windows\System32\ddraw.dll - ok
14:38:48.0183 5132  [ 66872F61C1BBC99B530B9D37B7A61025 ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccSubEng.dll
14:38:48.0183 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccSubEng.dll - ok
14:38:48.0187 5132  [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\System32\dciman32.dll
14:38:48.0187 5132  C:\Windows\System32\dciman32.dll - ok
14:38:48.0191 5132  [ 18AAB47E84ABDC8AEA129E76681FEC9F ] C:\Windows\System32\Magnification.dll
14:38:48.0191 5132  C:\Windows\System32\Magnification.dll - ok
14:38:48.0195 5132  [ 1314E60A6339CD88BCBEACF702A8C8C7 ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccEmlPxy.dll
14:38:48.0195 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccEmlPxy.dll - ok
14:38:48.0198 5132  [ 5A79B1723A1128E57239B5A713377E8E ] C:\Program Files\Norton 360\Engine\20.3.0.36\Iron.dll
14:38:48.0198 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\Iron.dll - ok
14:38:48.0202 5132  [ C3C852983195ECC7CFF639F2244BC3ED ] C:\Program Files\Norton 360\Engine\20.3.0.36\buSvc.dll
14:38:48.0202 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\buSvc.dll - ok
14:38:48.0206 5132  [ 2146C133412A3E09E60D7D08CDD387DF ] C:\Program Files\Norton 360\Engine\20.3.0.36\SymRedir.dll
14:38:48.0206 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\SymRedir.dll - ok
14:38:48.0210 5132  [ 15D3A8832309A367002168A982158D60 ] C:\Program Files\Norton 360\Engine\20.3.0.36\buComm.dll
14:38:48.0210 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\buComm.dll - ok
14:38:48.0213 5132  [ 0558985BD646203DF5F36BF0FBD241A3 ] C:\Program Files\Intel\AMT\UNS.exe
14:38:48.0213 5132  C:\Program Files\Intel\AMT\UNS.exe - ok
14:38:48.0216 5132  [ 065878E29EBCC5B2C901AC92229D3167 ] C:\Program Files\Norton 360\Engine\20.3.0.36\BuEng.dll
14:38:48.0216 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\BuEng.dll - ok
14:38:48.0220 5132  [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll
14:38:48.0220 5132  C:\Windows\System32\wsock32.dll - ok
14:38:48.0224 5132  [ DF9DA836F30C17CD05307641A6531664 ] C:\Program Files\Norton 360\Engine\20.3.0.36\isDataPr.dll
14:38:48.0224 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\isDataPr.dll - ok
14:38:48.0228 5132  [ 6A9A804175AC6015F8843838D1FB9970 ] C:\Program Files\Norton 360\Engine\20.3.0.36\SNDSvc.dll
14:38:48.0228 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\SNDSvc.dll - ok
14:38:48.0234 5132  [ A10F446963B39EEAB50868944A3D8E99 ] C:\Program Files\Norton 360\Engine\20.3.0.36\SymRdrSv.dll
14:38:48.0234 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\SymRdrSv.dll - ok
14:38:48.0241 5132  [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
14:38:48.0241 5132  C:\Windows\System32\wbem\WinMgmtR.dll - ok
14:38:48.0245 5132  [ CF1D48D820FADE9BC1A0E1C1D7FA53B3 ] C:\Program Files\Norton 360\Engine\20.3.0.36\hncore.dll
14:38:48.0245 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\hncore.dll - ok
14:38:48.0249 5132  [ 26E049064069ADAAE40468E4B144873D ] C:\Program Files\Norton 360\Engine\20.3.0.36\AppMgr32.dll
14:38:48.0249 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\AppMgr32.dll - ok
14:38:48.0254 5132  [ A2A729F6925252E3DB9ADF3E4FA39A48 ] C:\Program Files\Norton 360\Engine\20.3.0.36\SymNeti.dll
14:38:48.0254 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\SymNeti.dll - ok
14:38:48.0257 5132  [ 006F4A78D6C0014F18D638E77974E36B ] C:\Program Files\Norton 360\Engine\20.3.0.36\AVModule.dll
14:38:48.0257 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\AVModule.dll - ok
14:38:48.0261 5132  [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
14:38:48.0261 5132  C:\Program Files\Windows Calendar\WinCal.exe - ok
14:38:48.0264 5132  [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\System32\dssenh.dll
14:38:48.0264 5132  C:\Windows\System32\dssenh.dll - ok
14:38:48.0268 5132  [ 04615EAAA929586096AE7A4D348915F1 ] C:\Program Files\Norton 360\Engine\20.3.0.36\NCW.dll
14:38:48.0268 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\NCW.dll - ok
14:38:48.0273 5132  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
14:38:48.0273 5132  C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok
14:38:48.0278 5132  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL
14:38:48.0278 5132  C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok
14:38:48.0281 5132  [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\System32\wer.dll
14:38:48.0281 5132  C:\Windows\System32\wer.dll - ok
14:38:48.0284 5132  [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll
14:38:48.0284 5132  C:\Windows\System32\PortableDeviceApi.dll - ok
14:38:48.0288 5132  [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll
14:38:48.0288 5132  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
14:38:48.0292 5132  [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll
14:38:48.0292 5132  C:\Windows\System32\tquery.dll - ok
14:38:48.0296 5132  [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll
14:38:48.0296 5132  C:\Windows\System32\p2pcollab.dll - ok
14:38:48.0299 5132  [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll
14:38:48.0299 5132  C:\Windows\System32\wbem\wbemcore.dll - ok
14:38:48.0302 5132  [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll
14:38:48.0302 5132  C:\Windows\System32\wbem\esscli.dll - ok
14:38:48.0306 5132  [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll
14:38:48.0306 5132  C:\Windows\System32\wbem\fastprox.dll - ok
14:38:48.0310 5132  [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll
14:38:48.0310 5132  C:\Windows\System32\mssrch.dll - ok
14:38:48.0313 5132  [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll
14:38:48.0313 5132  C:\Windows\System32\wbem\wbemsvc.dll - ok
14:38:48.0316 5132  [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll
14:38:48.0316 5132  C:\Windows\System32\wbem\wmiutils.dll - ok
14:38:48.0321 5132  [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll
14:38:48.0321 5132  C:\Windows\System32\msidle.dll - ok
14:38:48.0323 5132  [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll
14:38:48.0323 5132  C:\Windows\System32\wbem\repdrvfs.dll - ok
14:38:48.0327 5132  [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll
14:38:48.0327 5132  C:\Windows\System32\Query.dll - ok
14:38:48.0330 5132  [ 35A20217C4D06D1D36A3ADDFD8CE58C2 ] C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
14:38:48.0330 5132  C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe - ok
14:38:48.0334 5132  [ A329EE5A003E92538DF55D72CAF17A80 ] C:\Program Files\Norton 360\Engine\20.3.0.36\DefUtDCD.dll
14:38:48.0334 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\DefUtDCD.dll - ok
14:38:48.0337 5132  [ DCA3FA9F9DD103DC39C24C85EF073DB1 ] C:\Windows\System32\icmp.dll
14:38:48.0337 5132  C:\Windows\System32\icmp.dll - ok
14:38:48.0345 5132  [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll
14:38:48.0345 5132  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
14:38:48.0350 5132  [ 2B628EFB95B1F02CB4C81006EA3CF807 ] C:\Program Files\NETGEAR\WNA1100\WifiLib.dll
14:38:48.0350 5132  C:\Program Files\NETGEAR\WNA1100\WifiLib.dll - ok
14:38:48.0354 5132  [ FFC9128367BA19F175562CAFE23BAF8F ] C:\Program Files\Norton 360\Engine\20.3.0.36\ducclib.dll
14:38:48.0355 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ducclib.dll - ok
14:38:48.0358 5132  [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll
14:38:48.0358 5132  C:\Windows\System32\wbem\wbemess.dll - ok
14:38:48.0361 5132  [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll
14:38:48.0361 5132  C:\Windows\System32\wlanapi.dll - ok
14:38:48.0364 5132  [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui
14:38:48.0364 5132  C:\Windows\System32\en-US\tquery.dll.mui - ok
14:38:48.0367 5132  [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll
14:38:48.0367 5132  C:\Windows\System32\esent.dll - ok
14:38:48.0371 5132  [ CD55F6DA8474D136E95C5B38848518C9 ] C:\Program Files\Norton 360\Engine\20.3.0.36\DataStor.dll
14:38:48.0371 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\DataStor.dll - ok
14:38:48.0375 5132  [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll
14:38:48.0375 5132  C:\Windows\System32\msscb.dll - ok
14:38:48.0378 5132  [ CFC429263ED9F389D7A80D9D66904E4C ] C:\Program Files\Norton 360\Engine\20.3.0.36\cltPE.dll
14:38:48.0378 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\cltPE.dll - ok
14:38:48.0382 5132  [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe
14:38:48.0382 5132  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
14:38:48.0385 5132  [ 876AFFC7ED37A39109E85E32947ABBF7 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\NAVENG32.DLL
14:38:48.0386 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\NAVENG32.DLL - ok
14:38:48.0390 5132  [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll
14:38:48.0390 5132  C:\Windows\System32\wbem\NCProv.dll - ok
14:38:48.0394 5132  [ 85CF4109D0142C38F0F22DA6A1941D31 ] C:\Program Files\Norton 360\Engine\20.3.0.36\AVPSVC32.dll
14:38:48.0394 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\AVPSVC32.dll - ok
14:38:48.0397 5132  [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll
14:38:48.0397 5132  C:\Windows\System32\wbem\cimwin32.dll - ok
14:38:48.0400 5132  [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll
14:38:48.0400 5132  C:\Windows\System32\framedynos.dll - ok
14:38:48.0406 5132  [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\System32\security.dll
14:38:48.0406 5132  C:\Windows\System32\security.dll - ok
14:38:48.0409 5132  [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll
14:38:48.0409 5132  C:\Windows\System32\wbem\wbemcons.dll - ok
14:38:48.0412 5132  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
14:38:48.0413 5132  C:\Windows\System32\wuapi.dll - ok
14:38:48.0416 5132  [ 5E20B3E042A42EFEC419C3E74817FFE4 ] C:\Program Files\Norton 360\Engine\20.3.0.36\sqsvc.dll
14:38:48.0416 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\sqsvc.dll - ok
14:38:48.0420 5132  [ C649F293B8B047A2694F3C615D09BF17 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
14:38:48.0420 5132  C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok
14:38:48.0425 5132  [ DF1C4D56BFA7D5231069A8D4FF818362 ] C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
14:38:48.0425 5132  C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe - ok
14:38:48.0429 5132  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
14:38:48.0429 5132  C:\Windows\System32\wups.dll - ok
14:38:48.0433 5132  [ BBE844361BDAB1120D1B7D2F7B04A220 ] C:\Windows\System32\dlsrm.dll
14:38:48.0433 5132  C:\Windows\System32\dlsrm.dll - ok
14:38:48.0438 5132  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll
14:38:48.0438 5132  C:\Windows\System32\netprofm.dll - ok
14:38:48.0441 5132  [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll
14:38:48.0442 5132  C:\Windows\System32\ntlanman.dll - ok
14:38:48.0445 5132  [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll
14:38:48.0445 5132  C:\Windows\System32\davclnt.dll - ok
14:38:48.0448 5132  [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll
14:38:48.0448 5132  C:\Windows\System32\drprov.dll - ok
14:38:48.0452 5132  [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
14:38:48.0453 5132  C:\Windows\System32\npmproxy.dll - ok
14:38:48.0458 5132  [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll
14:38:48.0458 5132  C:\Windows\System32\sqmapi.dll - ok
14:38:48.0463 5132  [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll
14:38:48.0463 5132  C:\Windows\System32\hnetcfg.dll - ok
14:38:48.0466 5132  [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll
14:38:48.0466 5132  C:\Windows\System32\wmi.dll - ok
14:38:48.0473 5132  [ FFBE713990C5CA6A444A94B055A173EF ] C:\Program Files\Norton 360\Engine\20.3.0.36\AVifc.dll
14:38:48.0473 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\AVifc.dll - ok
14:38:48.0478 5132  [ 34172E5FCBFA3AADB3DA7A93777D46EB ] C:\Program Files\Norton 360\Engine\20.3.0.36\QSPlugin.dll
14:38:48.0478 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\QSPlugin.dll - ok
14:38:48.0483 5132  [ 794D4B48DFB6E999537C7C3947863463 ] C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
14:38:48.0483 5132  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe - ok
14:38:48.0487 5132  [ 7748C469C411D4AFAEA94EF8410C8044 ] C:\Program Files\Norton 360\Engine\20.3.0.36\cltLMS.dll
14:38:48.0487 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\cltLMS.dll - ok
14:38:48.0491 5132  [ 77784A2BD5912A4EC6284255865526BC ] C:\Windows\System32\Faultrep.dll
14:38:48.0491 5132  C:\Windows\System32\Faultrep.dll - ok
14:38:48.0495 5132  [ 1FD37C00535502429DD964EC53D66FB8 ] C:\Program Files\Norton 360\Engine\20.3.0.36\BHSvcPlg.dll
14:38:48.0495 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\BHSvcPlg.dll - ok
14:38:48.0498 5132  [ 6B44700917F45B19B96B46B345B6F0E7 ] C:\Program Files\Spybot - Search & Destroy\SDMain.exe
14:38:48.0498 5132  C:\Program Files\Spybot - Search & Destroy\SDMain.exe - ok
14:38:48.0501 5132  [ 83C2F5076E1B4A63C04F2B14EE7CAD47 ] C:\Windows\System32\wbem\wbemdisp.dll
14:38:48.0501 5132  C:\Windows\System32\wbem\wbemdisp.dll - ok
14:38:48.0505 5132  [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll
14:38:48.0505 5132  C:\Windows\System32\pnpts.dll - ok
14:38:48.0508 5132  [ 1A8FAA5D7FBEB599FCC8C1021FA72987 ] C:\Program Files\Norton 360\Engine\20.3.0.36\WSCStub.exe
14:38:48.0508 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\WSCStub.exe - ok
14:38:48.0512 5132  [ BF2156D8D9866983B55D95382131DC4A ] C:\Windows\System32\lsmproxy.dll
14:38:48.0512 5132  C:\Windows\System32\lsmproxy.dll - ok
14:38:48.0515 5132  [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll
14:38:48.0515 5132  C:\Windows\System32\pcadm.dll - ok
14:38:48.0518 5132  [ F4ADADBB0A2B560D4F2AAB5DA623E5BE ] C:\Program Files\Norton 360\Engine\20.3.0.36\tuDataPr.dll
14:38:48.0518 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\tuDataPr.dll - ok
14:38:48.0523 5132  [ 09362D91CF5631EBB1C99276E1DCDAF2 ] C:\Program Files\Norton 360\Engine\20.3.0.36\DSCli.dll
14:38:48.0523 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\DSCli.dll - ok
14:38:48.0527 5132  [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll
14:38:48.0527 5132  C:\Windows\System32\mssprxy.dll - ok
14:38:48.0530 5132  [ A6250DF429D0D78DACFBC6B87074E584 ] C:\Windows\System32\regapi.dll
14:38:48.0530 5132  C:\Windows\System32\regapi.dll - ok
14:38:48.0533 5132  [ C139FA963DBB9BD6560F404F509D1196 ] C:\Windows\System32\drivers\Asfalrt.sys
14:38:48.0533 5132  C:\Windows\System32\drivers\Asfalrt.sys - ok
14:38:48.0536 5132  [ A1F734BDE374EDE1AE4A16EB8F0E254F ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
14:38:48.0536 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
14:38:48.0541 5132  [ 3008E92ACE0A5BFF69532AD78F2AB894 ] C:\Program Files\Norton 360\Engine\20.3.0.36\SpocClnt.dll
14:38:48.0541 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\SpocClnt.dll - ok
14:38:48.0544 5132  [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll
14:38:48.0544 5132  C:\Windows\System32\rastapi.dll - ok
14:38:48.0548 5132  [ EE60FC8F65B94C392DE0F75533C014FB ] C:\Windows\System32\mstlsapi.dll
14:38:48.0548 5132  C:\Windows\System32\mstlsapi.dll - ok
14:38:48.0551 5132  [ E67DAF21DDBE6D4B5771E12902902EEA ] C:\Windows\System32\rdpwsx.dll
14:38:48.0551 5132  C:\Windows\System32\rdpwsx.dll - ok
14:38:48.0555 5132  [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp
14:38:48.0555 5132  C:\Windows\System32\unimdm.tsp - ok
14:38:48.0559 5132  [ 4C3C30FA8DC2F16DD89759882935477E ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
14:38:48.0559 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
14:38:48.0562 5132  [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe
14:38:48.0562 5132  C:\Windows\System32\runonce.exe - ok
14:38:48.0566 5132  [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
14:38:48.0566 5132  C:\Windows\System32\uniplat.dll - ok
14:38:48.0569 5132  [ E3B15688F26049B981F19517EF46D57B ] C:\Program Files\Norton 360\Engine\20.3.0.36\SQLite.dll
14:38:48.0569 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\SQLite.dll - ok
14:38:48.0574 5132  [ FBF1C00F54579BB7A66EE497427E9885 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
14:38:48.0575 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
14:38:48.0579 5132  [ 3D525A7AB3C01793A94DC89E9FFCF8C0 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
14:38:48.0579 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
14:38:48.0583 5132  [ A3B6CBB71BD7C54B8E7DC4EB2C4B7E21 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
14:38:48.0583 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
14:38:48.0588 5132  [ A8590E33BCF59D4D75FCB940F95E7BBB ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
14:38:48.0588 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
14:38:48.0592 5132  [ 623ECC167CE924D4B13D4791157446F1 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
14:38:48.0592 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
14:38:48.0597 5132  [ EC9B27B37D8E9D361C38E8D364F09611 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
14:38:48.0597 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
14:38:48.0600 5132  [ 389C63E32B3CEFED425B61ED92D3F021 ] C:\Windows\System32\drivers\tdtcp.sys
14:38:48.0601 5132  C:\Windows\System32\drivers\tdtcp.sys - ok
14:38:48.0604 5132  [ DCF0F056A2E4F52287264F5AB29CF206 ] C:\Windows\System32\drivers\tssecsrv.sys
14:38:48.0604 5132  C:\Windows\System32\drivers\tssecsrv.sys - ok
14:38:48.0608 5132  [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp
14:38:48.0608 5132  C:\Windows\System32\kmddsp.tsp - ok
14:38:48.0610 5132  [ 5764150E8FD9B86F797EF2BF4C1ECBDC ] C:\Program Files\Norton 360\Engine\20.3.0.36\Comm.dll
14:38:48.0610 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\Comm.dll - ok
14:38:48.0613 5132  [ C127EBD5AFAB31524662C48DFCEB773A ] C:\Windows\System32\drivers\rdpwd.sys
14:38:48.0613 5132  C:\Windows\System32\drivers\rdpwd.sys - ok
14:38:48.0617 5132  [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp
14:38:48.0617 5132  C:\Windows\System32\ndptsp.tsp - ok
14:38:48.0620 5132  [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
14:38:48.0620 5132  C:\Windows\System32\hidphone.tsp - ok
14:38:48.0624 5132  [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe
14:38:48.0624 5132  C:\Windows\System32\cmd.exe - ok
14:38:48.0627 5132  [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll
14:38:48.0627 5132  C:\Windows\System32\rasppp.dll - ok
14:38:48.0630 5132  [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll
14:38:48.0630 5132  C:\Windows\System32\mprapi.dll - ok
14:38:48.0633 5132  [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll
14:38:48.0633 5132  C:\Windows\System32\rasqec.dll - ok
14:38:48.0636 5132  [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\Windows\System32\ieframe.dll
14:38:48.0636 5132  C:\Windows\System32\ieframe.dll - ok
14:38:48.0642 5132  [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll
14:38:48.0642 5132  C:\Windows\System32\cryptui.dll - ok
14:38:48.0646 5132  [ BF1BE2625743A3B02D829572FA810C79 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130301.001\BHEngine.dll
14:38:48.0646 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130301.001\BHEngine.dll - ok
14:38:48.0649 5132  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Main Computer\AppData\Local\Temp\590DA0F9-6D94-43D9-ACD1-D6B3C3A19E45.exe
14:38:48.0649 5132  C:\Users\Main Computer\AppData\Local\Temp\590DA0F9-6D94-43D9-ACD1-D6B3C3A19E45.exe - ok
14:38:48.0653 5132  [ 0B4A811CC972F37F0ED607345B74F317 ] C:\Program Files\Norton 360\Engine\20.3.0.36\cltLMJ.dll
14:38:48.0653 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\cltLMJ.dll - ok
14:38:48.0657 5132  [ 18F2D656D28363939DEE16ADE2F7F127 ] C:\Program Files\Norton 360\Engine\20.3.0.36\BHClient.dll
14:38:48.0657 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\BHClient.dll - ok
14:38:48.0661 5132  [ A379F28D79B5F24DA1B27BE82F382ADA ] C:\Program Files\Norton 360\Engine\20.3.0.36\MClnTask.dll
14:38:48.0661 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\MClnTask.dll - ok
14:38:48.0665 5132  [ 04B12B3456589866291571AC74CE63F2 ] C:\Program Files\Norton 360\Engine\20.3.0.36\ProxyClt.dll
14:38:48.0665 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ProxyClt.dll - ok
14:38:48.0668 5132  [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll
14:38:48.0668 5132  C:\Windows\System32\wscapi.dll - ok
14:38:48.0673 5132  [ D0A95E567224B4C347CBDD6541E5D928 ] C:\Windows\System32\wscisvif.dll
14:38:48.0673 5132  C:\Windows\System32\wscisvif.dll - ok
14:38:48.0677 5132  [ 14D289F63D9538306CB560C4CD12172F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130308.001\IDSxpx86.dll
14:38:48.0677 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130308.001\IDSxpx86.dll - ok
14:38:48.0681 5132  [ A96A8FDD7D35F55DF08A8CEC067334ED ] C:\Program Files\Norton 360\Engine\20.3.0.36\AVMail.dll
14:38:48.0681 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\AVMail.dll - ok
14:38:48.0685 5132  [ DBEC1C7A74D22B09D4BADEB37909486D ] C:\Program Files\Norton 360\Engine\20.3.0.36\naHelper.dll
14:38:48.0685 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\naHelper.dll - ok
14:38:48.0691 5132  [ 23755F682E95C4A0F98695BA55C95DB2 ] C:\Program Files\Norton 360\Engine\20.3.0.36\coDataPr.dll
14:38:48.0691 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\coDataPr.dll - ok
14:38:48.0695 5132  [ EF2415D4AFB1488FE6FAECB781E5B927 ] C:\Program Files\Norton 360\Engine\20.3.0.36\coShdObj.dll
14:38:48.0695 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\coShdObj.dll - ok
14:38:48.0698 5132  [ C5A469C70BEDDB361BD3F2084552C835 ] C:\Program Files\Norton 360\Engine\20.3.0.36\buDataCl.dll
14:38:48.0698 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\buDataCl.dll - ok
14:38:48.0702 5132  [ 28F02728FF78C7503E3579F595DF9897 ] C:\Program Files\Norton 360\Engine\20.3.0.36\buProv.dll
14:38:48.0702 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\buProv.dll - ok
14:38:48.0706 5132  [ 4FC36B1BA8C8642EDD310A93D36008B1 ] C:\Program Files\Norton 360\Engine\20.3.0.36\gwrks32.dll
14:38:48.0706 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\gwrks32.dll - ok
14:38:48.0710 5132  [ 00120204D347C4FECE76F18E2A2EE295 ] C:\Program Files\Norton 360\Engine\20.3.0.36\gearaw32.dll
14:38:48.0710 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\gearaw32.dll - ok
14:38:48.0714 5132  [ 176E34260B7BC6DDD3440EE0E4605E20 ] C:\Program Files\Norton 360\Engine\20.3.0.36\asEngine.dll
14:38:48.0714 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\asEngine.dll - ok
14:38:48.0717 5132  [ C5D664FCEFE3B7E1541B38529A9E994A ] C:\Program Files\Norton 360\Engine\20.3.0.36\IPSPlug.dll
14:38:48.0717 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\IPSPlug.dll - ok
14:38:48.0722 5132  [ CEEE7412086DC9ED25BCFA60B055A140 ] C:\Program Files\Norton 360\Engine\20.3.0.36\ISDataSv.dll
14:38:48.0722 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ISDataSv.dll - ok
14:38:48.0729 5132  [ 3193932027850726C0CA2E06F401D629 ] C:\Program Files\Norton 360\Engine\20.3.0.36\FWCore.dll
14:38:48.0729 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\FWCore.dll - ok
14:38:48.0735 5132  [ B7B6472D86A96D04BC08B1A54AA11320 ] C:\Program Files\Norton 360\Engine\20.3.0.36\FWSetup.dll
14:38:48.0735 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\FWSetup.dll - ok
14:38:48.0739 5132  [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll
14:38:48.0739 5132  C:\Windows\System32\shfolder.dll - ok
14:38:48.0744 5132  [ 34E1BA63F0F73893FEAAFB67B7D027D8 ] C:\Program Files\Norton 360\Engine\20.3.0.36\FWGenPlg.dll
14:38:48.0745 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\FWGenPlg.dll - ok
14:38:48.0751 5132  [ 95A5497D129D95D12A46F7848AFFE1DB ] C:\Windows\System32\comsvcs.dll
14:38:48.0751 5132  C:\Windows\System32\comsvcs.dll - ok
14:38:48.0759 5132  [ 27E7C315861C59FA3C347046A6E39882 ] C:\Windows\System32\mtxoci.dll
14:38:48.0759 5132  C:\Windows\System32\mtxoci.dll - ok
14:38:48.0765 5132  [ 45A93316C3C40C75FC82F7BD302966A8 ] C:\Program Files\Norton 360\Engine\20.3.0.36\FWHelper.dll
14:38:48.0765 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\FWHelper.dll - ok
14:38:48.0772 5132  [ CDE9F06A3F1D7907599329561D71C8F3 ] C:\Windows\System32\FirewallSettings.exe
14:38:48.0773 5132  C:\Windows\System32\FirewallSettings.exe - ok
14:38:48.0776 5132  [ 35CDEEF8027CA2B8CB3414D3E27C383E ] C:\Program Files\Norton 360\Engine\20.3.0.36\isPwd.dll
14:38:48.0777 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\isPwd.dll - ok
14:38:48.0782 5132  [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys
14:38:48.0782 5132  C:\Windows\System32\drivers\cdfs.sys - ok
14:38:48.0789 5132  [ 996C6E958FD4981C2C44F3C754A23F44 ] C:\Program Files\Norton 360\Engine\20.3.0.36\IDSaux.dll
14:38:48.0789 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\IDSaux.dll - ok
14:38:48.0795 5132  [ 595B527E1961AFE8EC33A22516853C57 ] C:\Program Files\Norton 360\Engine\20.3.0.36\NPCTray.dll
14:38:48.0795 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\NPCTray.dll - ok
14:38:48.0799 5132  [ EC6F5E416749AC9CC17DBE4EB5687625 ] C:\Program Files\Norton 360\Engine\20.3.0.36\ccScanW.dll
14:38:48.0799 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ccScanW.dll - ok
14:38:48.0803 5132  [ F890C197ADF21D08DBA4643C9AA54B9F ] C:\Program Files\Norton 360\Engine\20.3.0.36\ecmldr32.DLL
14:38:48.0803 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\ecmldr32.DLL - ok
14:38:48.0806 5132  [ 3F478F7DCBB7E031E609C9A28382EEA6 ] C:\Program Files\Norton 360\Engine\20.3.0.36\uiMain.dll
14:38:48.0807 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\uiMain.dll - ok
14:38:48.0810 5132  [ D66D82989DCF0D0C269DC21E413E2208 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\ECMSVR32.DLL
14:38:48.0810 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\ECMSVR32.DLL - ok
14:38:48.0814 5132  [ 8C6B3E7CE7FA66EBD40549AEEBB51B8B ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130308.001\IPSFFPl.dll
14:38:48.0814 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130308.001\IPSFFPl.dll - ok
14:38:48.0818 5132  [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll
14:38:48.0818 5132  C:\Windows\System32\d2d1.dll - ok
14:38:48.0822 5132  [ 7BAD1E584DBE290C06B8AE0FABF7BEDE ] C:\Program Files\Norton 360\Engine\20.3.0.36\SymHTMDX.dll
14:38:48.0822 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\SymHTMDX.dll - ok
14:38:48.0825 5132  [ FE3702015BE4D214808A2FBC07B8E5FF ] C:\Windows\System32\wscproxystub.dll
14:38:48.0825 5132  C:\Windows\System32\wscproxystub.dll - ok
14:38:48.0828 5132  [ 8C6B3E7CE7FA66EBD40549AEEBB51B8B ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\IPSFFPlgn\components\IPSFFPl.dll
14:38:48.0829 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\IPSFFPlgn\components\IPSFFPl.dll - ok
14:38:48.0832 5132  [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll
14:38:48.0832 5132  C:\Windows\System32\DWrite.dll - ok
14:38:48.0835 5132  [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll
14:38:48.0835 5132  C:\Windows\System32\d3d10_1.dll - ok
14:38:48.0839 5132  [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll
14:38:48.0840 5132  C:\Windows\System32\d3d10_1core.dll - ok
14:38:48.0844 5132  [ 956019F9950947A06389BAA6BE8438CA ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\NAVEX32A.DLL
14:38:48.0844 5132  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130309.003\NAVEX32A.DLL - ok
14:38:48.0847 5132  [ 93084B33E85CA77DAD9648AA1191D0F6 ] C:\Program Files\Norton 360\Engine\20.3.0.36\diStRptr.dll
14:38:48.0847 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\diStRptr.dll - ok
14:38:48.0851 5132  [ 15D19A4FEABA2DA7109F0111C6F4C461 ] C:\Program Files\Norton 360\Engine\20.3.0.36\asHelper.dll
14:38:48.0851 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\asHelper.dll - ok
14:38:48.0854 5132  [ D3B5CF62C53FCBFAEF12404A8CCF27C1 ] C:\Program Files\Norton 360\Engine\20.3.0.36\asOEHook.dll
14:38:48.0854 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\asOEHook.dll - ok
14:38:48.0859 5132  [ 15542082693D7BE4C7F44C7BE3CB3194 ] C:\Program Files\Norton 360\Engine\20.3.0.36\AVPAPP32.dll
14:38:48.0859 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\AVPAPP32.dll - ok
14:38:48.0861 5132  [ 9255022EAB2F58881109F63EC293F423 ] C:\Program Files\Norton 360\Engine\20.3.0.36\buUIPlg.dll
14:38:48.0861 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\buUIPlg.dll - ok
14:38:48.0867 5132  [ 69C7E5950B4BDC2141521DC9105EE565 ] C:\Program Files\Norton 360\Engine\20.3.0.36\cltAlDis.dll
14:38:48.0867 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\cltAlDis.dll - ok
14:38:48.0869 5132  [ 3184278B3FC0CA30F51ACE0E1B8B4302 ] C:\Program Files\Norton 360\MUI\20.3.0.36\09\01\cltRes.loc
14:38:48.0870 5132  C:\Program Files\Norton 360\MUI\20.3.0.36\09\01\cltRes.loc - ok
14:38:48.0874 5132  [ 34F34566FF42855D45A33F904C3074ED ] C:\Program Files\Norton 360\Engine\20.3.0.36\FWSesAl.dll
14:38:48.0874 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\FWSesAl.dll - ok
14:38:48.0878 5132  [ 43A64651D79385F30923B86251BA9206 ] C:\Program Files\Norton 360\Engine\20.3.0.36\coActMgr.dll
14:38:48.0878 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\coActMgr.dll - ok
14:38:48.0881 5132  [ 45D5610E63EA3EAFCE94B12EC3F3EF7E ] C:\Program Files\Norton 360\Engine\20.3.0.36\wincfi39.dll
14:38:48.0881 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\wincfi39.dll - ok
14:38:48.0885 5132  [ 1087649B78D941BFF585E079D8B4D39A ] C:\Program Files\Norton 360\Engine\20.3.0.36\SDKCmn.dll
14:38:48.0885 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\SDKCmn.dll - ok
14:38:48.0889 5132  [ 5B244432E3F54E9D9B74B4BC8361B3DF ] C:\Program Files\Norton 360\Engine\20.3.0.36\uiAlert.dll
14:38:48.0889 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\uiAlert.dll - ok
14:38:48.0893 5132  [ B4AD112D9D4626923650218C9BF88250 ] C:\Program Files\Norton 360\Engine\20.3.0.36\UserCtxt.dll
14:38:48.0893 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\UserCtxt.dll - ok
14:38:48.0897 5132  [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe
14:38:48.0897 5132  C:\Program Files\Windows Defender\MSASCui.exe - ok
14:38:48.0901 5132  [ 0E59C6EE0BA5844D7963EE8F0E1B2FCD ] C:\Windows\System32\hkcmd.exe
14:38:48.0901 5132  C:\Windows\System32\hkcmd.exe - ok
14:38:48.0907 5132  [ 048EC16C1A5476C20004C851734B524F ] C:\Windows\System32\igfxpers.exe
14:38:48.0908 5132  C:\Windows\System32\igfxpers.exe - ok
14:38:48.0912 5132  [ 4E2D21A49F49C53EF63120C03E97C302 ] C:\Windows\System32\igfxtray.exe
14:38:48.0912 5132  C:\Windows\System32\igfxtray.exe - ok
14:38:48.0916 5132  [ DB6FF27683A1D8A29C57F55EC128532D ] C:\Program Files\Intel\AMT\atchk.exe
14:38:48.0916 5132  C:\Program Files\Intel\AMT\atchk.exe - ok
14:38:48.0922 5132  [ 814166E5A49982482248DB1E9A74DE5E ] C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\Address Book Editor\Launcher.exe
14:38:48.0922 5132  C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\Address Book Editor\Launcher.exe - ok
14:38:48.0930 5132  [ 846965AE55A2662B1576C0F392DD1D6E ] C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
14:38:48.0930 5132  C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe - ok
14:38:48.0936 5132  [ 8800874A87336C813ED6937D5C58BE5B ] C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
14:38:48.0936 5132  C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe - ok
14:38:48.0946 5132  [ D49675FE04202899C133F97AC6227027 ] C:\Program Files\Dell Printers\paperport\IndexSearch.exe
14:38:48.0946 5132  C:\Program Files\Dell Printers\paperport\IndexSearch.exe - ok
14:38:48.0951 5132  [ E57FCE5824F28A8D66386C17CF003481 ] C:\Program Files\Dell Printers\paperport\pptd40nt.exe
14:38:48.0951 5132  C:\Program Files\Dell Printers\paperport\pptd40nt.exe - ok
14:38:48.0959 5132  [ 81AC5268574856C96D83C4519446864A ] C:\Program Files\Analog Devices\Core\smax4pnp.exe
14:38:48.0960 5132  C:\Program Files\Analog Devices\Core\smax4pnp.exe - ok
14:38:48.0965 5132  [ E66532FD491AD5604C36916715FBA092 ] C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
14:38:48.0965 5132  C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
14:38:48.0970 5132  [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:38:48.0970 5132  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
14:38:48.0974 5132  [ 35D6CAAA9E4D82974A74DBDB53801F98 ] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
14:38:48.0974 5132  C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe - ok
14:38:48.0977 5132  [ C04E676CDA28972D41B85256A8D10483 ] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39SrchMn.exe
14:38:48.0977 5132  C:\PROGRA~1\MAPSGA~2\bar\1.bin\39SrchMn.exe - ok
14:38:48.0981 5132  [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files\QuickTime\QTTask.exe
14:38:48.0981 5132  C:\Program Files\QuickTime\QTTask.exe - ok
14:38:48.0985 5132  [ 1781F55C5C237C9FBD2EB0092F777CD8 ] C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
14:38:48.0985 5132  C:\Program Files\NETGEAR\WNA1100\WNA1100.exe - ok
14:38:48.0991 5132  [ 3C065EAF8210FA1B73BA5388F0A579C8 ] C:\Program Files\Secunia\PSI\psi_tray.exe
14:38:48.0991 5132  C:\Program Files\Secunia\PSI\psi_tray.exe - ok
14:38:48.0995 5132  [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
14:38:48.0995 5132  C:\Windows\System32\linkinfo.dll - ok
14:38:48.0998 5132  [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll
14:38:48.0998 5132  C:\Windows\System32\sfc_os.dll - ok
14:38:49.0002 5132  [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
14:38:49.0002 5132  C:\Windows\System32\ie4uinit.exe - ok
14:38:49.0006 5132  [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
14:38:49.0006 5132  C:\Windows\System32\iedkcs32.dll - ok
14:38:49.0009 5132  [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl
14:38:49.0009 5132  C:\Windows\System32\timedate.cpl - ok
14:38:49.0013 5132  [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll
14:38:49.0013 5132  C:\Windows\System32\msshsq.dll - ok
14:38:49.0016 5132  [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll
14:38:49.0016 5132  C:\Windows\System32\NaturalLanguage6.dll - ok
14:38:49.0019 5132  [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll
14:38:49.0019 5132  C:\Windows\System32\NlsData0009.dll - ok
14:38:49.0023 5132  [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll
14:38:49.0023 5132  C:\Windows\System32\NlsLexicons0009.dll - ok
14:38:49.0027 5132  [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll
14:38:49.0027 5132  C:\Windows\System32\networkexplorer.dll - ok
14:38:49.0030 5132  [ 2D821AFA5A1A9CA7F9F997A1AAD09E72 ] C:\Program Files\Windows Media Player\wmplayer.exe
14:38:49.0030 5132  C:\Program Files\Windows Media Player\wmplayer.exe - ok
14:38:49.0034 5132  [ 1502417B401F5206ADE73995571AE8CB ] C:\Program Files\Google\Chrome\Application\chrome.exe
14:38:49.0034 5132  C:\Program Files\Google\Chrome\Application\chrome.exe - ok
14:38:49.0038 5132  [ 7E6EA9CB72B5DE84A5D700BED877E5F9 ] C:\Program Files\Windows Mail\WinMail.exe
14:38:49.0038 5132  C:\Program Files\Windows Mail\WinMail.exe - ok
14:38:49.0042 5132  [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll
14:38:49.0042 5132  C:\Windows\System32\thumbcache.dll - ok
14:38:49.0046 5132  [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll
14:38:49.0046 5132  C:\Windows\System32\ExplorerFrame.dll - ok
14:38:49.0052 5132  [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~1\WI1F86~1\MESSEN~1\msgslang.dll
14:38:49.0052 5132  C:\PROGRA~1\WI1F86~1\MESSEN~1\msgslang.dll - ok
14:38:49.0056 5132  [ 75F829427C19014B930640E99AD5A123 ] C:\Program Files\TeamViewer\Version8\TeamViewer.exe
14:38:49.0056 5132  C:\Program Files\TeamViewer\Version8\TeamViewer.exe - ok
14:38:49.0060 5132  [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll
14:38:49.0060 5132  C:\Windows\System32\mlang.dll - ok
14:38:49.0064 5132  [ F7F2F299DD5019C67D9FDDB18E5D3916 ] C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
14:38:49.0064 5132  C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
14:38:49.0067 5132  [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
14:38:49.0067 5132  C:\Windows\System32\control.exe - ok
14:38:49.0071 5132  [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\xlicons.exe
14:38:49.0071 5132  C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\xlicons.exe - ok
14:38:49.0077 5132  [ 801977E92F985EDD788D3D6F761E69C5 ] C:\Windows\System32\hccutils.dll
14:38:49.0077 5132  C:\Windows\System32\hccutils.dll - ok
14:38:49.0083 5132  [ 1C7BA0E8D1E800DE01349AE82B558B28 ] C:\Windows\Installer\{854FCA42-5318-47CA-95D7-7394B1A16616}\ScanDirect_E83FF44A7DFF4E6FBC59F82CFBCEA26C.exe
14:38:49.0083 5132  C:\Windows\Installer\{854FCA42-5318-47CA-95D7-7394B1A16616}\ScanDirect_E83FF44A7DFF4E6FBC59F82CFBCEA26C.exe - ok
14:38:49.0087 5132  [ 698EB1E5F8C66344D97C00B5699E871D ] C:\Program Files\Internet Explorer\iexplore.exe
14:38:49.0088 5132  C:\Program Files\Internet Explorer\iexplore.exe - ok
14:38:49.0094 5132  [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\wordicon.exe
14:38:49.0094 5132  C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\wordicon.exe - ok
14:38:49.0100 5132  [ 6CE25A4F4F2F70EBF004C9006C647F32 ] C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\pubs.exe
14:38:49.0100 5132  C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\pubs.exe - ok
14:38:49.0108 5132  [ 68A6B69AF6C99773945109B8D61D32E0 ] C:\Program Files\Secunia\PSI\psi.exe
14:38:49.0108 5132  C:\Program Files\Secunia\PSI\psi.exe - ok
14:38:49.0113 5132  [ 4EA854F0477446189105D003A546ED7D ] C:\Windows\System32\igfxsrvc.exe
14:38:49.0113 5132  C:\Windows\System32\igfxsrvc.exe - ok
14:38:49.0118 5132  [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
14:38:49.0118 5132  C:\Program Files\Windows Mail\wab.exe - ok
14:38:49.0124 5132  [ BCA47F799A18A35C9B27C8621FDCE352 ] C:\Program Files\Dell Printers\Additional Color Laser Software\Reorder\dlrmm.exe
14:38:49.0124 5132  C:\Program Files\Dell Printers\Additional Color Laser Software\Reorder\dlrmm.exe - ok
14:38:49.0131 5132  [ 6ED28075D6D9E0C0464048A30432A142 ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe
14:38:49.0131 5132  C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok
14:38:49.0136 5132  [ 8AB90809C01511FB75EC606C9EEC5B9F ] C:\Windows\System32\WFS.exe
14:38:49.0136 5132  C:\Windows\System32\WFS.exe - ok
14:38:49.0142 5132  [ 7CCF99C26718E3B07ED766B5D0A6B077 ] C:\Program Files\Norton 360\Engine\20.3.0.36\uiStub.exe
14:38:49.0142 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\uiStub.exe - ok
14:38:49.0145 5132  [ 4663A05D1C8D8A591C2F5B3865ED868C ] C:\Windows\System32\WFSR.dll
14:38:49.0146 5132  C:\Windows\System32\WFSR.dll - ok
14:38:49.0149 5132  [ 525D60ED71367618B67B00B148876ADB ] C:\Windows\System32\igfxsrvc.dll
14:38:49.0149 5132  C:\Windows\System32\igfxsrvc.dll - ok
14:38:49.0153 5132  [ 47373897D92B005F6EA8BE6D5ADF5F29 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll
14:38:49.0153 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok
14:38:49.0157 5132  [ 21AD332BE723EFE40D9F32AD97BA8376 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
14:38:49.0157 5132  C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
14:38:49.0161 5132  [ F68EA33A40E7B079E61F667FC9F7AD19 ] C:\Windows\System32\igfxdev.dll
14:38:49.0161 5132  C:\Windows\System32\igfxdev.dll - ok
14:38:49.0164 5132  [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll
14:38:49.0164 5132  C:\Windows\System32\stobject.dll - ok
14:38:49.0168 5132  [ BC8088F1D1EA9273A0CA3DED69D79DF2 ] C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\Address Book Editor\LauncherRes_eng.dll
14:38:49.0168 5132  C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\Address Book Editor\LauncherRes_eng.dll - ok
14:38:49.0173 5132  [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
14:38:49.0173 5132  C:\Windows\System32\batmeter.dll - ok
14:38:49.0176 5132  [ CAE9F89033066610198664AAFAD6DA14 ] C:\Program Files\Norton 360\Engine\20.3.0.36\NPC360ui.dll
14:38:49.0176 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\NPC360ui.dll - ok
14:38:49.0179 5132  [ 77BD0166102F3B9BB9499B2952C3BCFA ] C:\Program Files\Windows Live\Mail\wlmail.exe
14:38:49.0179 5132  C:\Program Files\Windows Live\Mail\wlmail.exe - ok
14:38:49.0183 5132  [ 24B1666FD14CC71C7B0679AC61625B90 ] C:\Program Files\Windows Live\Messenger\msnmsgr.exe
14:38:49.0183 5132  C:\Program Files\Windows Live\Messenger\msnmsgr.exe - ok
14:38:49.0186 5132  [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe
14:38:49.0186 5132  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
14:38:49.0189 5132  [ 896A1DB9A972AD2339C2E8569EC926D1 ] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
14:38:49.0189 5132  C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe - ok
14:38:49.0194 5132  [ C2FB797884D9CC30AC0B5FB28146FE7A ] C:\Program Files\Windows Live\Messenger\uccapi.dll
14:38:49.0194 5132  C:\Program Files\Windows Live\Messenger\uccapi.dll - ok
14:38:49.0197 5132  [ 39D8EAA29CC2CC144E2B1214FA774F6A ] C:\Program Files\Windows Live\Messenger\vvpltfrm.dll
14:38:49.0197 5132  C:\Program Files\Windows Live\Messenger\vvpltfrm.dll - ok
14:38:49.0201 5132  [ 8EB5E95365AC5796E0C8175267D50744 ] C:\Program Files\Windows Live\Messenger\shareanything.dll
14:38:49.0201 5132  C:\Program Files\Windows Live\Messenger\shareanything.dll - ok
14:38:49.0204 5132  [ 82E53EC685889AD8CFB3AD812A906489 ] C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe
14:38:49.0204 5132  C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe - ok
14:38:49.0208 5132  [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\Windows\System32\oledlg.dll
14:38:49.0208 5132  C:\Windows\System32\oledlg.dll - ok
14:38:49.0213 5132  [ 9CB27AE21BF0553BF20F571DD9E2C3A0 ] C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
14:38:49.0213 5132  C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe - ok
14:38:49.0219 5132  [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
14:38:49.0219 5132  C:\Program Files\Windows Collaboration\WinCollab.exe - ok
14:38:49.0223 5132  [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
14:38:49.0224 5132  C:\Program Files\Movie Maker\MOVIEMK.exe - ok
14:38:49.0227 5132  [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
14:38:49.0227 5132  C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
14:38:49.0231 5132  [ 7687774D2C2AD60C393C1A300854AE1F ] C:\Program Files\Dell Printers\paperport\MaxRes.dll
14:38:49.0231 5132  C:\Program Files\Dell Printers\paperport\MaxRes.dll - ok
14:38:49.0234 5132  [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe
14:38:49.0234 5132  C:\Windows\System32\wuapp.exe - ok
14:38:49.0237 5132  [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll
14:38:49.0237 5132  C:\Windows\System32\wucltux.dll - ok
14:38:49.0242 5132  [ 22B2BE91C66E0A56B2878CA1DEC230DB ] C:\Program Files\Dell Printers\paperport\PPRecDiag.dll
14:38:49.0242 5132  C:\Program Files\Dell Printers\paperport\PPRecDiag.dll - ok
14:38:49.0246 5132  [ C836967A636DDC614FB7A191AA152262 ] C:\Program Files\Analog Devices\Core\smwdmif.dll
14:38:49.0246 5132  C:\Program Files\Analog Devices\Core\smwdmif.dll - ok
14:38:49.0251 5132  [ EE97E5922AFFD538B2C53A94EE4FD4F4 ] C:\Windows\System32\igfxres.dll
14:38:49.0251 5132  C:\Windows\System32\igfxres.dll - ok
14:38:49.0255 5132  [ D3EFE03300CAF0FA2215206280D31220 ] C:\Program Files\MapsGalaxy_39\bar\1.bin\39brstub.dll
14:38:49.0255 5132  C:\Program Files\MapsGalaxy_39\bar\1.bin\39brstub.dll - ok
14:38:49.0261 5132  [ 1A876EE8487725093FE55AF1D94CA8DB ] C:\Program Files\Dell Printers\paperport\XMaxUtil.dll
14:38:49.0261 5132  C:\Program Files\Dell Printers\paperport\XMaxUtil.dll - ok
14:38:49.0265 5132  [ 7686EF44D476926BAA3412EDA4D4DD70 ] C:\Program Files\NETGEAR\WNA1100\WifiSvcLib.dll
14:38:49.0265 5132  C:\Program Files\NETGEAR\WNA1100\WifiSvcLib.dll - ok
14:38:49.0270 5132  [ 05B6A5CE1C7767C32DF35966107CB1EC ] C:\Windows\System32\hhctrl.ocx
14:38:49.0270 5132  C:\Windows\System32\hhctrl.ocx - ok
14:38:49.0278 5132  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
14:38:49.0278 5132  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
14:38:49.0284 5132  [ E2BF206E5164569500742637B5459402 ] C:\Program Files\Dell Printers\paperport\BliceCtr.dll
14:38:49.0284 5132  C:\Program Files\Dell Printers\paperport\BliceCtr.dll - ok
14:38:49.0289 5132  [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
14:38:49.0289 5132  C:\Windows\System32\msiltcfg.dll - ok
14:38:49.0295 5132  [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
14:38:49.0295 5132  C:\Windows\System32\SndVolSSO.dll - ok
14:38:49.0301 5132  [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll
14:38:49.0301 5132  C:\Windows\System32\netshell.dll - ok
14:38:49.0308 5132  [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll
14:38:49.0308 5132  C:\Windows\System32\pnidui.dll - ok
14:38:49.0314 5132  [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll
14:38:49.0314 5132  C:\Windows\System32\rasdlg.dll - ok
14:38:49.0318 5132  [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
14:38:49.0318 5132  C:\Windows\System32\AltTab.dll - ok
14:38:49.0321 5132  [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll
14:38:49.0321 5132  C:\Windows\System32\WPDShServiceObj.dll - ok
14:38:49.0325 5132  [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll
14:38:49.0326 5132  C:\Windows\System32\PortableDeviceTypes.dll - ok
14:38:49.0329 5132  [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll
14:38:49.0329 5132  C:\Windows\System32\srchadmin.dll - ok
14:38:49.0333 5132  [ 2CDAF8849A20D8DF8ACCE36BBB8849F3 ] C:\Windows\System32\cscobj.dll
14:38:49.0333 5132  C:\Windows\System32\cscobj.dll - ok
14:38:49.0336 5132  [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
14:38:49.0336 5132  C:\Windows\System32\webcheck.dll - ok
14:38:49.0340 5132  [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll
14:38:49.0340 5132  C:\Windows\System32\SyncCenter.dll - ok
14:38:49.0343 5132  [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\Windows\System32\wscntfy.dll
14:38:49.0343 5132  C:\Windows\System32\wscntfy.dll - ok
14:38:49.0347 5132  [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll
14:38:49.0347 5132  C:\Windows\System32\imapi2.dll - ok
14:38:49.0350 5132  [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl
14:38:49.0350 5132  C:\Windows\System32\bthprops.cpl - ok
14:38:49.0355 5132  [ E2554540B42EEAE89C17A708EA61854F ] C:\Windows\System32\FXSST.dll
14:38:49.0355 5132  C:\Windows\System32\FXSST.dll - ok
14:38:49.0359 5132  [ A4CB04C22EC6D8BC799AE7E3C8290510 ] C:\Windows\System32\FXSAPI.dll
14:38:49.0359 5132  C:\Windows\System32\FXSAPI.dll - ok
14:38:49.0363 5132  [ DFBA0F60FA301E5B1BFB1403A93EE23E ] C:\Windows\System32\FXSSVC.exe
14:38:49.0363 5132  C:\Windows\System32\FXSSVC.exe - ok
14:38:49.0365 5132  [ A48000301461B93B80AFFFE2DB916EB4 ] C:\Program Files\Dell Printers\paperport\BindRes.dll
14:38:49.0365 5132  C:\Program Files\Dell Printers\paperport\BindRes.dll - ok
14:38:49.0368 5132  [ DAF60E13E96ECB67F0EDAA89C6B01B8D ] C:\Windows\System32\notepad.exe
14:38:49.0369 5132  C:\Windows\System32\notepad.exe - ok
14:38:49.0372 5132  [ 941486AB385556BF6A62342F8CA15BD8 ] C:\Windows\System32\accessibilitycpl.dll
14:38:49.0372 5132  C:\Windows\System32\accessibilitycpl.dll - ok
14:38:49.0376 5132  [ E47C854A28A81F2939F42CBE9FEA994C ] C:\Windows\System32\Magnify.exe
14:38:49.0376 5132  C:\Windows\System32\Magnify.exe - ok
14:38:49.0380 5132  [ EDE37F173B1B9D0E3C851058C2111E73 ] C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\Status Monitor\DLH07DZ.DLL
14:38:49.0380 5132  C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\Status Monitor\DLH07DZ.DLL - ok
14:38:49.0383 5132  [ 27BB54357A51594D9F9B6257B5B9A879 ] C:\Windows\System32\Narrator.exe
14:38:49.0383 5132  C:\Windows\System32\Narrator.exe - ok
14:38:49.0386 5132  [ 877F2939794EBA4F3D1BB967007E99E8 ] C:\Windows\System32\osk.exe
14:38:49.0386 5132  C:\Windows\System32\osk.exe - ok
14:38:49.0391 5132  [ 2D13B059776B26B65E2EEA6B2EDA189C ] C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
14:38:49.0391 5132  C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe - ok
14:38:49.0395 5132  [ C91D2962373AE6B473C61C1F4B3596BD ] C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
14:38:49.0395 5132  C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe - ok
14:38:49.0399 5132  [ B1CAD81CC8E6291A89892CFAFE4216F0 ] C:\Program Files\ZipLogix\zipForm6\zipForm6.exe
14:38:49.0399 5132  C:\Program Files\ZipLogix\zipForm6\zipForm6.exe - ok
14:38:49.0403 5132  [ 1ED2124313CCE34C877247574212EFC8 ] C:\Windows\System32\calc.exe
14:38:49.0403 5132  C:\Windows\System32\calc.exe - ok
14:38:49.0407 5132  [ 338104E0E18307CD65604FE317B5FB8D ] C:\Windows\System32\mblctr.exe
14:38:49.0407 5132  C:\Windows\System32\mblctr.exe - ok
14:38:49.0410 5132  [ B1AFF0B6DED627A1D22A6817DD58AC0F ] C:\Windows\System32\NetProj.exe
14:38:49.0410 5132  C:\Windows\System32\NetProj.exe - ok
14:38:49.0413 5132  [ A577868F76CEE16D6A82625FD55F379A ] C:\Windows\System32\NetProjW.dll
14:38:49.0413 5132  C:\Windows\System32\NetProjW.dll - ok
14:38:49.0417 5132  [ 694AF8B27C9A0A99399E02CE977F986B ] C:\Windows\System32\mspaint.exe
14:38:49.0417 5132  C:\Windows\System32\mspaint.exe - ok
14:38:49.0422 5132  [ F8E4E9839D4278A5F3F77E8101D899C4 ] C:\Program Files\Norton 360\Engine\20.3.0.36\QBackup.dll
14:38:49.0422 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\QBackup.dll - ok
14:38:49.0428 5132  [ 2553AD01F1ED5CDD939F5D12303E9709 ] C:\Windows\System32\mstsc.exe
14:38:49.0428 5132  C:\Windows\System32\mstsc.exe - ok
14:38:49.0433 5132  [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe
14:38:49.0433 5132  C:\Program Files\Windows Sidebar\sidebar.exe - ok
14:38:49.0438 5132  [ E80DB295132C5EF0C623935422BD0FC7 ] C:\Windows\System32\SnippingTool.exe
14:38:49.0438 5132  C:\Windows\System32\SnippingTool.exe - ok
14:38:49.0445 5132  [ 248F33A6C2380757BC1E20E34D9E827B ] C:\Windows\System32\SoundRecorder.exe
14:38:49.0445 5132  C:\Windows\System32\SoundRecorder.exe - ok
14:38:49.0451 5132  [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\Windows\System32\mobsync.exe
14:38:49.0451 5132  C:\Windows\System32\mobsync.exe - ok
14:38:49.0457 5132  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
14:38:49.0458 5132  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
14:38:49.0462 5132  [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll
14:38:49.0462 5132  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
14:38:49.0467 5132  [ 16FC5B430123238E522B18E63C257AF8 ] C:\Windows\System32\oobefldr.dll
14:38:49.0467 5132  C:\Windows\System32\oobefldr.dll - ok
14:38:49.0474 5132  [ 19D0FC69D4E68D5CE2E4B34940529727 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
14:38:49.0474 5132  C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
14:38:49.0478 5132  [ 105A4D87C8DCF2CF5DB042830B203E5F ] C:\Windows\Speech\Common\sapisvr.exe
14:38:49.0478 5132  C:\Windows\Speech\Common\sapisvr.exe - ok
14:38:49.0484 5132  [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\Windows\System32\dsound.dll
14:38:49.0484 5132  C:\Windows\System32\dsound.dll - ok
14:38:49.0488 5132  [ 9AD8AEAAB3EB89277AF1DDF31B14F90F ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
14:38:49.0488 5132  C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
14:38:49.0494 5132  [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\Windows\System32\wmpmde.dll
14:38:49.0494 5132  C:\Windows\System32\wmpmde.dll - ok
14:38:49.0497 5132  [ A623666C8A8EC9A57DCA07915A3F1EC6 ] C:\Windows\System32\sdclt.exe
14:38:49.0497 5132  C:\Windows\System32\sdclt.exe - ok
14:38:49.0501 5132  [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\Windows\System32\mf.dll
14:38:49.0501 5132  C:\Windows\System32\mf.dll - ok
14:38:49.0504 5132  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\76195428.sys
14:38:49.0504 5132  C:\Windows\System32\drivers\76195428.sys - ok
14:38:49.0509 5132  [ BB4910DE8B6C5E30DF39EC97308D44BA ] C:\Windows\System32\charmap.exe
14:38:49.0509 5132  C:\Windows\System32\charmap.exe - ok
14:38:49.0515 5132  [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll
14:38:49.0515 5132  C:\Windows\System32\mfplat.dll - ok
14:38:49.0521 5132  [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\Windows\System32\evr.dll
14:38:49.0521 5132  C:\Windows\System32\evr.dll - ok
14:38:49.0527 5132  [ 4DF10CE50010D70152944B51E03588B0 ] C:\Windows\System32\wmdrmsdk.dll
14:38:49.0528 5132  C:\Windows\System32\wmdrmsdk.dll - ok
14:38:49.0531 5132  [ 2327C11B043FCEB80BE00CC8D077E9AA ] C:\Windows\System32\dfrgui.exe
14:38:49.0531 5132  C:\Windows\System32\dfrgui.exe - ok
14:38:49.0534 5132  [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll
14:38:49.0534 5132  C:\Windows\System32\dxva2.dll - ok
14:38:49.0537 5132  [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll
14:38:49.0537 5132  C:\Windows\System32\upnp.dll - ok
14:38:49.0541 5132  [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll
14:38:49.0541 5132  C:\Windows\System32\wmp.dll - ok
14:38:49.0544 5132  [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll
14:38:49.0544 5132  C:\Windows\System32\msvfw32.dll - ok
14:38:49.0548 5132  [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\Windows\System32\wmploc.DLL
14:38:49.0548 5132  C:\Windows\System32\wmploc.DLL - ok
14:38:49.0551 5132  [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll
14:38:49.0551 5132  C:\Windows\System32\wmpps.dll - ok
14:38:49.0555 5132  [ F1ECEC53B9FFC30E123D14E087C49111 ] C:\Windows\System32\wmdrmdev.dll
14:38:49.0555 5132  C:\Windows\System32\wmdrmdev.dll - ok
14:38:49.0558 5132  [ 7C7C620860819A62F926D7EC0B72C50B ] C:\Windows\System32\drmv2clt.dll
14:38:49.0558 5132  C:\Windows\System32\drmv2clt.dll - ok
14:38:49.0563 5132  [ 02F0BE91B0F2B1C30F6F48334F47D625 ] C:\Windows\System32\blackbox.dll
14:38:49.0563 5132  C:\Windows\System32\blackbox.dll - ok
14:38:49.0566 5132  [ D571295B71C60A67F6F2EA987E5CC3B0 ] C:\Windows\System32\wmdrmnet.dll
14:38:49.0566 5132  C:\Windows\System32\wmdrmnet.dll - ok
14:38:49.0570 5132  [ 50ABE7CDA2DAE898216121D14092C182 ] C:\Windows\System32\WMVCORE.DLL
14:38:49.0570 5132  C:\Windows\System32\WMVCORE.DLL - ok
14:38:49.0575 5132  [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\Windows\System32\WMASF.DLL
14:38:49.0575 5132  C:\Windows\System32\WMASF.DLL - ok
14:38:49.0579 5132  [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
14:38:49.0579 5132  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
14:38:49.0582 5132  [ 86AB3F6C784197DC1D994A83AF4259CD ] C:\Windows\System32\cleanmgr.exe
14:38:49.0582 5132  C:\Windows\System32\cleanmgr.exe - ok
14:38:49.0586 5132  [ FBF628702A408977FEB0845D48F4F154 ] C:\Windows\System32\migwiz\migwiz.exe
14:38:49.0586 5132  C:\Windows\System32\migwiz\migwiz.exe - ok
14:38:49.0589 5132  [ D3D1CE8FF30786D50272DA3085149904 ] C:\Windows\System32\msinfo32.exe
14:38:49.0589 5132  C:\Windows\System32\msinfo32.exe - ok
14:38:49.0595 5132  [ 95D5AC5CCBE10E8B4B8A0DF41022568D ] C:\Windows\System32\rstrui.exe
14:38:49.0596 5132  C:\Windows\System32\rstrui.exe - ok
14:38:49.0603 5132  [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll
14:38:49.0603 5132  C:\Windows\System32\riched20.dll - ok
14:38:49.0609 5132  [ B13A8D6F708AA2034A9DE0979F81D890 ] C:\Windows\System32\miguiresource.dll
14:38:49.0609 5132  C:\Windows\System32\miguiresource.dll - ok
14:38:49.0613 5132  [ C9B520028498E5DA23651619F8A556D4 ] C:\Windows\System32\StikyNot.exe
14:38:49.0613 5132  C:\Windows\System32\StikyNot.exe - ok
14:38:49.0620 5132  [ 7122B0AA2212B07BBFC49BD22215BF3B ] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
14:38:49.0620 5132  C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe - ok
14:38:49.0628 5132  [ C20436B4F0596ACD5569749206F99265 ] C:\Program Files\Windows Journal\Journal.exe
14:38:49.0628 5132  C:\Program Files\Windows Journal\Journal.exe - ok
14:38:49.0634 5132  [ 36B6F71B6D7D280302B348145DB05A9F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe
14:38:49.0634 5132  C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe - ok
14:38:49.0640 5132  [ DF4217DDB34A0B73DC7AAC7829371C0C ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
14:38:49.0640 5132  C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
14:38:49.0647 5132  [ 4CAAD229A00C0DEFFF51841AE2B93B46 ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll
14:38:49.0647 5132  C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll - ok
14:38:49.0652 5132  [ 2CB350B72FEA6FB5A010099A4444B636 ] C:\Windows\System32\mycomput.dll
14:38:49.0652 5132  C:\Windows\System32\mycomput.dll - ok
14:38:49.0660 5132  [ 1C474C0C4CB5F15A555FE912CBF4549C ] C:\Windows\System32\odbcad32.exe
14:38:49.0660 5132  C:\Windows\System32\odbcad32.exe - ok
14:38:49.0664 5132  [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
14:38:49.0664 5132  C:\Windows\System32\odbcint.dll - ok
14:38:49.0668 5132  [ 1CB1B95D67BC380FBCCFAEA3CF2DDA80 ] C:\Windows\System32\iscsicpl.exe
14:38:49.0668 5132  C:\Windows\System32\iscsicpl.exe - ok
14:38:49.0672 5132  [ F84D0B1B90404D0A27E86F159FBDAC81 ] C:\Windows\System32\iscsicpl.dll
14:38:49.0672 5132  C:\Windows\System32\iscsicpl.dll - ok
14:38:49.0676 5132  [ 8D865A3E7E2C78317EDE4EAE8316284F ] C:\Windows\System32\MdSched.exe
14:38:49.0676 5132  C:\Windows\System32\MdSched.exe - ok
14:38:49.0680 5132  [ 415DEF33B1B23DD094824614D5A326E0 ] C:\Windows\System32\pmcsnap.dll
14:38:49.0680 5132  C:\Windows\System32\pmcsnap.dll - ok
14:38:49.0683 5132  [ 1959E5AAEE0D988C10F19CEC7DFF2242 ] C:\Windows\System32\wdc.dll
14:38:49.0683 5132  C:\Windows\System32\wdc.dll - ok
14:38:49.0686 5132  [ 210FFD034BDB5108B55B6EC23CD4CE6E ] C:\Windows\System32\wsecedit.dll
14:38:49.0686 5132  C:\Windows\System32\wsecedit.dll - ok
14:38:49.0691 5132  [ 90438B514A5AC6A23602484A907E20A7 ] C:\Windows\System32\filemgmt.dll
14:38:49.0691 5132  C:\Windows\System32\filemgmt.dll - ok
14:38:49.0695 5132  [ 7629E9BB2FF06EACA62580A2C1D4FE6A ] C:\Windows\System32\msconfig.exe
14:38:49.0696 5132  C:\Windows\System32\msconfig.exe - ok
14:38:49.0699 5132  [ 0ADED25D371AE14665CE514E413988E7 ] C:\Windows\System32\AuthFWGP.dll
14:38:49.0699 5132  C:\Windows\System32\AuthFWGP.dll - ok
14:38:49.0703 5132  [ B117316F0D77B9D05318A2A49C1C22C7 ] C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\Address Book Editor\AddressEditor.exe
14:38:49.0703 5132  C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\Address Book Editor\AddressEditor.exe - ok
14:38:49.0709 5132  [ 039CC46AD1CC0E667F0718D12CBA33FE ] C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\ScanButton Set\AIOScanEnv.exe
14:38:49.0709 5132  C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\ScanButton Set\AIOScanEnv.exe - ok
14:38:49.0714 5132  [ 626F198768F67A0FEB3AD909E638F551 ] C:\Windows\System32\WindowsAnytimeUpgrade.exe
14:38:49.0714 5132  C:\Windows\System32\WindowsAnytimeUpgrade.exe - ok
14:38:49.0717 5132  [ C5DCA09AAC95A0BB75E1003A4D34231B ] C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
14:38:49.0717 5132  C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll - ok
14:38:49.0721 5132  [ 9A75518600FBA10980EE94267CA98489 ] C:\Windows\System32\gameux.dll
14:38:49.0721 5132  C:\Windows\System32\gameux.dll - ok
14:38:49.0725 5132  [ 7A88900F2F11882FFCE3BF3D4EAEFB4B ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
14:38:49.0725 5132  C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok
14:38:49.0729 5132  [ 07302F014858D038CB93CC349505D0E6 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
14:38:49.0730 5132  C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
14:38:49.0733 5132  [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe
14:38:49.0733 5132  C:\Windows\System32\SearchProtocolHost.exe - ok
14:38:49.0737 5132  [ 401A203AB058DEC44BD44AA81BF2CB64 ] C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
14:38:49.0737 5132  C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe - ok
14:38:49.0742 5132  [ A963352EDFCC13E84741B578E23FDCCC ] C:\Program Files\Google\Google Earth\client\googleearth.exe
14:38:49.0742 5132  C:\Program Files\Google\Google Earth\client\googleearth.exe - ok
14:38:49.0746 5132  [ 6CEA08419C3BD4F68BDAF051AF7993A5 ] C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
14:38:49.0746 5132  C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe - ok
14:38:49.0750 5132  [ 6CEA08419C3BD4F68BDAF051AF7993A5 ] C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
14:38:49.0750 5132  C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe - ok
14:38:49.0753 5132  [ 6CEA08419C3BD4F68BDAF051AF7993A5 ] C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
14:38:49.0753 5132  C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe - ok
14:38:49.0757 5132  [ C559672F31ABE6BA7277DD73C4502238 ] C:\Windows\System32\msiexec.exe
14:38:49.0757 5132  C:\Windows\System32\msiexec.exe - ok
14:38:49.0762 5132  [ 3287AFFC2CB27F5AE72A679221AA2016 ] C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
14:38:49.0762 5132  C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe - ok
14:38:49.0769 5132  [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
14:38:49.0769 5132  C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
14:38:49.0774 5132  [ 33FDADD07FACCE979FC4450441AA10B3 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Shell.exe
14:38:49.0774 5132  C:\Program Files\Intel\Intel Matrix Storage Manager\Shell.exe - ok
14:38:49.0779 5132  [ 6DDAF035CB7BEB3A158BBDD323301B18 ] C:\Windows\System32\Imsmudlg.exe
14:38:49.0780 5132  C:\Windows\System32\Imsmudlg.exe - ok
14:38:49.0785 5132  [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll
14:38:49.0785 5132  C:\Windows\System32\msshooks.dll - ok
14:38:49.0792 5132  [ A5CBDC87E694154F90DBA134733E7E8B ] C:\Windows\System32\brcpl.dll
14:38:49.0792 5132  C:\Windows\System32\brcpl.dll - ok
14:38:49.0798 5132  [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll
14:38:49.0798 5132  C:\Windows\System32\mssvp.dll - ok
14:38:49.0803 5132  [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll
14:38:49.0803 5132  C:\Windows\System32\mapi32.dll - ok
14:38:49.0810 5132  [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll
14:38:49.0810 5132  C:\Windows\System32\mssph.dll - ok
14:38:49.0816 5132  [ CBC39CAD3421AB71966BDD98ABF847E0 ] C:\Windows\System32\msfeeds.dll
14:38:49.0816 5132  C:\Windows\System32\msfeeds.dll - ok
14:38:49.0821 5132  [ BF899F57858B8C6F162D9EEB2370641C ] C:\Windows\System32\wercon.exe
14:38:49.0821 5132  C:\Windows\System32\wercon.exe - ok
14:38:49.0827 5132  [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe
14:38:49.0827 5132  C:\Windows\System32\SearchFilterHost.exe - ok
14:38:49.0833 5132  [ 3141224EEBA075BC085175E60CD14782 ] C:\Windows\System32\msra.exe
14:38:49.0834 5132  C:\Windows\System32\msra.exe - ok
14:38:49.0837 5132  [ 39511E05F37F0BEF8FA3B85386800BB9 ] C:\Windows\System32\jsproxy.dll
14:38:49.0837 5132  C:\Windows\System32\jsproxy.dll - ok
14:38:49.0842 5132  [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\pptico.exe
14:38:49.0842 5132  C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\pptico.exe - ok
14:38:49.0846 5132  [ FF6669F7A1782D54E338F5C6EC806E1E ] C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\misc.exe
14:38:49.0846 5132  C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\misc.exe - ok
14:38:49.0850 5132  [ E1AB2AC4A4D50B479DF1B1CEA4A7409B ] C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\cagicon.exe
14:38:49.0850 5132  C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\cagicon.exe - ok
14:38:49.0853 5132  [ 3E5AA6A816FA331E64C38A45C6FF5637 ] C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\oisicon.exe
14:38:49.0853 5132  C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\oisicon.exe - ok
14:38:49.0857 5132  [ 222EDB9234167E6793D488E1CD0E2CA1 ] C:\Program Files\Microsoft Silverlight\5.1.10411.0\Silverlight.Configuration.exe
14:38:49.0857 5132  C:\Program Files\Microsoft Silverlight\5.1.10411.0\Silverlight.Configuration.exe - ok
14:38:49.0862 5132  [ 051023B22D675856D49360356293A939 ] C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll
14:38:49.0862 5132  C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll - ok
14:38:49.0864 5132  [ 87822B0AA424E8EA4013C8EC7F4A1125 ] C:\Program Files\NETGEAR\WNA1100\Uninstall.exe
14:38:49.0864 5132  C:\Program Files\NETGEAR\WNA1100\Uninstall.exe - ok
14:38:49.0868 5132  [ 4725057FE3532EB319CBAE41201B5C78 ] C:\Program Files\Norton 360\MUI\20.3.0.36\IMAGES\360Base.dll
14:38:49.0868 5132  C:\Program Files\Norton 360\MUI\20.3.0.36\IMAGES\360Base.dll - ok
14:38:49.0872 5132  [ 3832D44C0811EED1338B34328EB493EB ] C:\Program Files\Norton 360\Engine\20.3.0.36\symerr.exe
14:38:49.0872 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\symerr.exe - ok
14:38:49.0876 5132  [ D37FA05F4F8449C99ACA8A54487D0F5E ] C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\20.3.0.36\InstStub.exe
14:38:49.0877 5132  C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\20.3.0.36\InstStub.exe - ok
14:38:49.0881 5132  [ A344995A80467F4CFE77AB20BD986193 ] C:\Windows\Installer\{854FCA42-5318-47CA-95D7-7394B1A16616}\PageViewer.exe
14:38:49.0881 5132  C:\Windows\Installer\{854FCA42-5318-47CA-95D7-7394B1A16616}\PageViewer.exe - ok
14:38:49.0884 5132  [ 05D3962574DA5840F41EA5E3E2BF7A14 ] C:\Windows\Installer\{854FCA42-5318-47CA-95D7-7394B1A16616}\PaperPort.exe
14:38:49.0884 5132  C:\Windows\Installer\{854FCA42-5318-47CA-95D7-7394B1A16616}\PaperPort.exe - ok
14:38:49.0888 5132  [ E9EAB5CFF1B313F788162A978D781834 ] C:\Program Files\Dell Printers\paperport\ScannerWizard.exe
14:38:49.0888 5132  C:\Program Files\Dell Printers\paperport\ScannerWizard.exe - ok
14:38:49.0892 5132  [ 894836E07CFDEC240DE19AE9BB97437B ] C:\Program Files\pdf995\res\utilities\pdfEdit995.exe
14:38:49.0892 5132  C:\Program Files\pdf995\res\utilities\pdfEdit995.exe - ok
14:38:49.0896 5132  [ 4CD08EEAC08BA53A38E48AF4813E1968 ] C:\Program Files\Spybot - Search & Destroy\SDShred.exe
14:38:49.0897 5132  C:\Program Files\Spybot - Search & Destroy\SDShred.exe - ok
14:38:49.0900 5132  [ 0477C2F9171599CA5BC3307FDFBA8D89 ] C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
14:38:49.0900 5132  C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe - ok
14:38:49.0904 5132  [ 0BA1ACFEE0532249412F53EE6374EE93 ] C:\Program Files\Spybot - Search & Destroy\unins000.exe
14:38:49.0904 5132  C:\Program Files\Spybot - Search & Destroy\unins000.exe - ok
14:38:49.0907 5132  [ 7C616AD7AE8F75278A069641ECFCDC06 ] C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe
14:38:49.0907 5132  C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe - ok
14:38:49.0911 5132  [ 7C0FC379D4B066C2D2189792DED0E4AA ] C:\Windows\System32\xmlfilter.dll
14:38:49.0911 5132  C:\Windows\System32\xmlfilter.dll - ok
14:38:49.0915 5132  [ 5DF19A45F9BCB2F3C7C14BCA2E931A39 ] C:\Program Files\Windows Live\Mesh\WLSync.exe
14:38:49.0915 5132  C:\Program Files\Windows Live\Mesh\WLSync.exe - ok
14:38:49.0919 5132  [ 6EE227818F6A756126275905CA8C1B70 ] C:\Program Files\Windows Live\Writer\WindowsLiveWriter.exe
14:38:49.0919 5132  C:\Program Files\Windows Live\Writer\WindowsLiveWriter.exe - ok
14:38:49.0922 5132  [ AB530FDD34C67B497A20171D1234CFE9 ] C:\Windows\System32\riched32.dll
14:38:49.0922 5132  C:\Windows\System32\riched32.dll - ok
14:38:49.0926 5132  [ 9761B7BC0E43622AC09B7DD09B5B79E5 ] C:\Program Files\Dell Printers\paperport\PPMetaDataServer.dll
14:38:49.0926 5132  C:\Program Files\Dell Printers\paperport\PPMetaDataServer.dll - ok
14:38:49.0930 5132  [ 51415E6009C76D2C079BD6246E094563 ] C:\Program Files\Dell Printers\paperport\maxkernl.dll
14:38:49.0930 5132  C:\Program Files\Dell Printers\paperport\maxkernl.dll - ok
14:38:49.0933 5132  [ 25A37216372D9AAE9FBC647447767493 ] C:\Program Files\Dell Printers\paperport\maxcodec.dll
14:38:49.0933 5132  C:\Program Files\Dell Printers\paperport\maxcodec.dll - ok
14:38:49.0936 5132  [ 2FFB7230F0C828DB2C9E0AB7853E0EDC ] C:\Program Files\Dell Printers\paperport\maxrast.dll
14:38:49.0937 5132  C:\Program Files\Dell Printers\paperport\maxrast.dll - ok
14:38:49.0942 5132  [ 51D815C822EAEBA673E85253633AD19D ] C:\Program Files\Dell Printers\paperport\PDFUtil.dll
14:38:49.0942 5132  C:\Program Files\Dell Printers\paperport\PDFUtil.dll - ok
14:38:49.0946 5132  [ F03082F27271C71FBE123403CE6E0344 ] C:\Program Files\Dell Printers\paperport\PasswDB.dll
14:38:49.0946 5132  C:\Program Files\Dell Printers\paperport\PasswDB.dll - ok
14:38:49.0949 5132  [ 898ABECCD5F0B9A8E8F1318DDB234685 ] C:\Windows\System32\dot3api.dll
14:38:49.0949 5132  C:\Windows\System32\dot3api.dll - ok
14:38:49.0952 5132  [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295 ] C:\Windows\System32\wlanhlp.dll
14:38:49.0952 5132  C:\Windows\System32\wlanhlp.dll - ok
14:38:49.0955 5132  [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll
14:38:49.0955 5132  C:\Windows\System32\msvcp60.dll - ok
14:38:49.0959 5132  [ ED186F0E942D7F56F5055C6903C8FCFE ] C:\Program Files\Dell Printers\paperport\xdocparse.dll
14:38:49.0959 5132  C:\Program Files\Dell Printers\paperport\xdocparse.dll - ok
14:38:49.0963 5132  [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll
14:38:49.0963 5132  C:\Windows\System32\mfc42.dll - ok
14:38:49.0966 5132  [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll
14:38:49.0966 5132  C:\Windows\System32\odbc32.dll - ok
14:38:49.0969 5132  [ 254AC97C9AF4DDF3F5F57855198527B7 ] C:\Windows\System32\wermgr.exe
14:38:49.0969 5132  C:\Windows\System32\wermgr.exe - ok
14:38:49.0972 5132  [ 01C5A928DE132CFDFD3B427472B7DA9D ] C:\Windows\System32\udhisapi.dll
14:38:49.0972 5132  C:\Windows\System32\udhisapi.dll - ok
14:38:49.0976 5132  [ 7599E425947A595448DA778B610923BC ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll
14:38:49.0976 5132  C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok
14:38:49.0979 5132  [ 70C6489D56008D75DEDF73226FA63C11 ] C:\Windows\System32\dimsjob.dll
14:38:49.0980 5132  C:\Windows\System32\dimsjob.dll - ok
14:38:49.0983 5132  [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll
14:38:49.0983 5132  C:\Windows\System32\pautoenr.dll - ok
14:38:49.0986 5132  [ AC48FD62E22C4425879FCA5A63F50497 ] C:\Windows\System32\certcli.dll
14:38:49.0986 5132  C:\Windows\System32\certcli.dll - ok
14:38:49.0989 5132  [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\Windows\System32\CertEnroll.dll
14:38:49.0989 5132  C:\Windows\System32\CertEnroll.dll - ok
14:38:49.0994 5132  [ E687CA5AFFC9271072A68E7CD2848541 ] C:\Program Files\Google\Chrome\Application\25.0.1364.152\chrome.dll
14:38:49.0994 5132  C:\Program Files\Google\Chrome\Application\25.0.1364.152\chrome.dll - ok
14:38:50.0000 5132  [ D25002C745D2638A7FA46A5CE552DB50 ] C:\Program Files\Norton 360\Engine\20.3.0.36\avScnTsk.dll
14:38:50.0000 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\avScnTsk.dll - ok
14:38:50.0004 5132  [ 80F74B0F3F441AEC5238961CBB10B7D2 ] C:\Windows\System32\igfxpph.dll
14:38:50.0004 5132  C:\Windows\System32\igfxpph.dll - ok
14:38:50.0009 5132  [ 0CB4298F408762EA2479366B4A5EA2C7 ] C:\Windows\System32\igfxress.dll
14:38:50.0009 5132  C:\Windows\System32\igfxress.dll - ok
14:38:50.0015 5132  [ 1824AB2AE5C135014741802CAD008EF0 ] C:\Program Files\Norton 360\Engine\20.3.0.36\IMCfg.dll
14:38:50.0015 5132  C:\Program Files\Norton 360\Engine\20.3.0.36\IMCfg.dll - ok
14:38:50.0023 5132  [ 44B35307F7C57223EA1891F61E40A7FB ] C:\Program Files\Google\Chrome\Application\25.0.1364.152\icudt.dll
14:38:50.0023 5132  C:\Program Files\Google\Chrome\Application\25.0.1364.152\icudt.dll - ok
14:38:50.0029 5132  [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\Windows\System32\msftedit.dll
14:38:50.0029 5132  C:\Windows\System32\msftedit.dll - ok
14:38:50.0035 5132  [ F1B180ECE14160B0B9FDA56CCB37F087 ] C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll
14:38:50.0035 5132  C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll - ok
14:38:50.0043 5132  [ A9B393AC430A5DE0A4BBAF1A3E644A11 ] C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppgooglenaclpluginchrome.dll
14:38:50.0043 5132  C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppgooglenaclpluginchrome.dll - ok
14:38:50.0049 5132  [ 433C73AA1EF5EFEEA28E9B37F8805953 ] C:\Program Files\Google\Chrome\Application\25.0.1364.152\ffmpegsumo.dll
14:38:50.0050 5132  C:\Program Files\Google\Chrome\Application\25.0.1364.152\ffmpegsumo.dll - ok
14:38:50.0056 5132  [ 820AB10BB0186A7845A1B6460E50088B ] C:\Program Files\Spybot - Search & Destroy\advcheck.dll
14:38:50.0056 5132  C:\Program Files\Spybot - Search & Destroy\advcheck.dll - ok
14:38:50.0063 5132  [ 68B57D7C11277EA89F78255480376B4D ] C:\Windows\System32\drivers\psi_mf_x86.sys
14:38:50.0063 5132  C:\Windows\System32\drivers\psi_mf_x86.sys - ok
14:38:50.0069 5132  [ F21F255B91CA4F04E4250DECD2067CBB ] C:\Windows\System32\bitsperf.dll
14:38:50.0069 5132  C:\Windows\System32\bitsperf.dll - ok
14:38:50.0073 5132  [ 632557F2495931D952161465AA177B3B ] C:\Windows\System32\bitsigd.dll
14:38:50.0073 5132  C:\Windows\System32\bitsigd.dll - ok
14:38:50.0077 5132  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:38:50.0077 5132  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
14:38:50.0080 5132  [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
14:38:50.0080 5132  C:\Windows\System32\msvcr100_clr0400.dll - ok
14:38:50.0083 5132  [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll
14:38:50.0084 5132  C:\Windows\System32\mscoree.dll - ok
14:38:50.0087 5132  [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll
14:38:50.0087 5132  C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll - ok
14:38:50.0091 5132  [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll
14:38:50.0091 5132  C:\Windows\System32\msdtckrm.dll - ok
14:38:50.0095 5132  [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll
14:38:50.0096 5132  C:\Windows\System32\mspatcha.dll - ok
14:38:50.0099 5132  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll
14:38:50.0099 5132  C:\Windows\System32\wups2.dll - ok
14:38:50.0103 5132  [ ECD88CDFC178E6A84DB1346EABF9F03F ] C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
14:38:50.0103 5132  C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll - ok
14:38:50.0106 5132  [ 534FB04D167CE2B8DE6E180A23646074 ] C:\Program Files\QuickTime\Plugins\npqtplugin.dll
14:38:50.0106 5132  C:\Program Files\QuickTime\Plugins\npqtplugin.dll - ok
14:38:50.0110 5132  [ 15A10AEA93A48B82E7AF02B6F32D3564 ] C:\Program Files\QuickTime\Plugins\npqtplugin2.dll
14:38:50.0110 5132  C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - ok
14:38:50.0114 5132  [ 01986158921B5064631F6C47A998FD99 ] C:\Program Files\QuickTime\Plugins\npqtplugin3.dll
14:38:50.0114 5132  C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - ok
14:38:50.0118 5132  [ 21EF01CBD2E5D126D51EF8FFDBB98390 ] C:\Program Files\QuickTime\Plugins\npqtplugin4.dll
14:38:50.0118 5132  C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - ok
14:38:50.0122 5132  [ BD879D8AFBCCAB1F957904168D9CD6D8 ] C:\Program Files\QuickTime\Plugins\npqtplugin5.dll
14:38:50.0122 5132  C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - ok
14:38:50.0126 5132  [ 2F7E933613F278A713F45E51B9BFE954 ] C:\Program Files\QuickTime\Plugins\npqtplugin6.dll
14:38:50.0126 5132  C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - ok
14:38:50.0131 5132  [ AE1971EEAD01BEEE155F0EBB4B09D2D7 ] C:\Program Files\QuickTime\Plugins\npqtplugin7.dll
14:38:50.0131 5132  C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - ok
14:38:50.0134 5132  [ ECD88CDFC178E6A84DB1346EABF9F03F ] C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
14:38:50.0134 5132  C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - ok
14:38:50.0138 5132  [ 2437BE68D5A37A75FAD51C5F0E9A03ED ] C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
14:38:50.0138 5132  C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - ok
14:38:50.0141 5132  [ E0FF893763BA82BAABB869A351F0C455 ] C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
14:38:50.0141 5132  C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - ok
14:38:50.0145 5132  [ 05C4A7136F3012BB47107333B5D351D3 ] C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
14:38:50.0145 5132  C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - ok
14:38:50.0149 5132  [ 48E69ACB30866D2B35631BA46C1CC11B ] C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll
14:38:50.0149 5132  C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll - ok
14:38:50.0153 5132  [ D0DA6B2FB50A0667CF4BACC2AEFEA009 ] C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
14:38:50.0153 5132  C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - ok
14:38:50.0156 5132  [ C517E5EA7CEE783F3681F62D2A362E5B ] C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
14:38:50.0156 5132  C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - ok
14:38:50.0160 5132  [ 7A1E2AF50DDCDD49C114C1099DBEF6E1 ] C:\Windows\System32\npDeployJava1.dll
14:38:50.0160 5132  C:\Windows\System32\npDeployJava1.dll - ok
14:38:50.0164 5132  [ 9013599B12923A45C029C34E8D2211AC ] C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
14:38:50.0164 5132  C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - ok
14:38:50.0168 5132  [ AB87EEFFD18F2BAAFC274E7075EA6C67 ] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
14:38:50.0169 5132  C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - ok
14:38:50.0174 5132  [ 2C7B4E944A48B9A07B7BF2AB262F197E ] C:\Windows\System32\icm32.dll
14:38:50.0174 5132  C:\Windows\System32\icm32.dll - ok
14:38:50.0177 5132  ============================================================
14:38:50.0177 5132  Scan finished
14:38:50.0177 5132  ============================================================
14:38:50.0186 4436  Detected object count: 0
14:38:50.0186 4436  Actual detected object count: 0
14:39:13.0350 1024  Deinitialize success



#6 Confused365

Confused365
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 10 March 2013 - 04:35 PM

I had to split the TDSS report into two parts because bleepingcomputer said the post was too long, but here it is.



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:24 PM

Posted 10 March 2013 - 04:38 PM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log



#8 Confused365

Confused365
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 10 March 2013 - 05:16 PM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.10.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Main Computer :: MAINCOMPUTER-PC [administrator]

3/10/2013 5:50:14 PM
mbam-log-2013-03-10 (17-50-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 197561
Time elapsed: 3 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

 



MiniToolBox by Farbar  Version:05-03-2013
Ran by Main Computer (administrator) on 10-03-2013 at 17:56:06
Running from "C:\Users\Main Computer\Downloads"
Windows Vista ™ Business Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

NETGEAR WNA1100 N150 Wireless USB Adapter = Wireless Network Connection (Connected)
Intel® 82566DM-2 Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

Windows IP Configuration

   Host Name . . . . . . . . . . . . : MainComputer-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : westell.com

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : westell.com
   Description . . . . . . . . . . . : NETGEAR WNA1100 N150 Wireless USB Adapter
   Physical Address. . . . . . . . . : E0-46-9A-AB-DF-2B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b060:66f7:f66f:2c30%14(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.23(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, March 10, 2013 5:26:56 PM
   Lease Expires . . . . . . . . . . : Monday, March 11, 2013 5:26:55 PM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 333465242
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-0D-C5-AB-00-1E-4F-9E-3C-D8
   DNS Servers . . . . . . . . . . . : 10.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82566DM-2 Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-1E-4F-9E-3C-D8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{0E3E4F12-3975-4C38-88E0-1F1504048C00}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{0E3E4F12-3975-4C38-88E0-1F1504048C00}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : westell.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dslrouter.westell.com
Address:  10.0.0.1

Name:    google.com
Addresses:  2607:f8b0:4004:800::1001
   74.125.228.0
   74.125.228.1
   74.125.228.2
   74.125.228.3
   74.125.228.4
   74.125.228.5
   74.125.228.6
   74.125.228.7
   74.125.228.8
   74.125.228.9
   74.125.228.14

Pinging google.com [74.125.228.14] with 32 bytes of data:Reply from 74.125.228.14: bytes=32 time=31ms TTL=57Reply from 74.125.228.14: bytes=32 time=35ms TTL=57Ping statistics for 74.125.228.14:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 31ms, Maximum = 35ms, Average = 33msServer:  dslrouter.westell.com
Address:  10.0.0.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=239ms TTL=53Reply from 98.139.183.24: bytes=32 time=311ms TTL=53Ping statistics for 98.139.183.24:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 239ms, Maximum = 311ms, Average = 275msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
14 ...e0 46 9a ab df 2b ...... NETGEAR WNA1100 N150 Wireless USB Adapter
11 ...00 1e 4f 9e 3c d8 ...... Intel® 82566DM-2 Gigabit Network Connection
  1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0  isatap.{0E3E4F12-3975-4C38-88E0-1F1504048C00}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0  isatap.{0E3E4F12-3975-4C38-88E0-1F1504048C00}
15 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.23     25
         10.0.0.0    255.255.255.0         On-link         10.0.0.23    281
        10.0.0.23  255.255.255.255         On-link         10.0.0.23    281
       10.0.0.255  255.255.255.255         On-link         10.0.0.23    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.23    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.23    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
14    281 fe80::/64                On-link
14    281 fe80::b060:66f7:f66f:2c30/128
                                    On-link
  1    306 ff00::/8                 On-link
14    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/10/2013 05:32:07 PM) (Source: LMS) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (03/10/2013 05:29:21 PM) (Source: LMS) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (03/10/2013 04:36:39 PM) (Source: LMS) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (03/10/2013 04:35:11 PM) (Source: LMS) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (03/10/2013 04:34:42 PM) (Source: LMS) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (03/10/2013 04:23:16 PM) (Source: LMS) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (03/10/2013 04:19:29 PM) (Source: LMS) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (03/10/2013 04:18:50 PM) (Source: LMS) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (03/10/2013 03:12:04 PM) (Source: LMS) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (03/10/2013 02:35:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/10/2013 05:26:49 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.23 for the Network Card with network address E0469AABDF2B has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/10/2013 04:58:31 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.23 for the Network Card with network address E0469AABDF2B has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/10/2013 04:31:45 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.23 for the Network Card with network address E0469AABDF2B has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/09/2013 01:12:27 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.23 for the Network Card with network address E0469AABDF2B has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/09/2013 11:24:26 AM) (Source: Service Control Manager) (User: )
Description: DefaultTabSearch1

Error: (03/09/2013 10:54:09 AM) (Source: Service Control Manager) (User: )
Description: Service Sendori

Error: (03/09/2013 10:43:12 AM) (Source: Service Control Manager) (User: )
Description: SRTSP

Error: (03/09/2013 10:42:21 AM) (Source: Service Control Manager) (User: )
Description: Service Sendori

Error: (03/09/2013 10:39:39 AM) (Source: SRTSP) (User: )
Description: Error loading virus definitions.

Error: (03/09/2013 10:39:04 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-03-10 17:52:47.968
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 17:52:47.772
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 17:52:47.556
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 17:52:47.363
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 17:52:47.172
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 17:52:46.977
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 17:51:04.825
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 17:51:04.635
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 17:51:04.441
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 17:51:04.249
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.171)
Adobe Reader 9.5.4 (Version: 9.5.4)
Adobe SVG Viewer 6.0 (Version:  6.0)
D3DX10 (Version: 15.4.2368.0902)
Dell Edoc Viewer (Version: 1.0.0)
Dell ETS Factory Installation (Version: 1.0.0)
Dell MFP Laser 3115cn ScanButton Manager Ver.1.1.0.1 (Version: 1.1.0.1)
Dell MFP Laser 3115cn Scanner Driver (Version: 1.1.6.1)
Dell MFP Laser 3115cn Utilities Ver.1.0.2.0 (Version: 1.0.2.0)
Dell Printer Software (Version: 1.00.000)
DomaIQ
ESET Online Scanner v3
FormViewer (Version: 4.1.3016)
Google Chrome (Version: 25.0.1364.152)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.135)
HiDef Media Player 1.1.12 (Version: 1.1.12)
Intel® Matrix Storage Manager
Intel® PRO Alerting Agent (Version: 12.0.2)
Intel® PRO Network Connections 12.1.12.4 (Version: )
Intel® Active Management Technology
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Java Forms Viewer
Java™ 6 Update 43 (Version: 6.0.430)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MapsGalaxy
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NETGEAR WNA1100 N150 Wireless USB Adapter (Version: 1.0.0.133)
Norton 360 (Version: 20.3.0.36)
PaperPort Image Printer (Version: 1.00.0000)
Pdf995
PdfEdit995
QuickTime (Version: 7.73.80.64)
Revo Uninstaller 1.94 (Version: 1.94)
ScanSoft PaperPort 10 (Version: 10.4.1000)
Secunia PSI (3.0.0.6005) (Version: 3.0.0.6005)
Segoe UI (Version: 15.4.2271.0615)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
TeamViewer 8 (Version: 8.0.16642)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
zipForm6 (Version: 1.0.0.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 3315.7 MB
Available physical RAM: 1858.2 MB
Total Pagefile: 6836.41 MB
Available Pagefile: 5455.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.03 MB

========================= Partitions: =====================================

2 Drive c: (OS) (Fixed) (Total:230.78 GB) (Free:128.27 GB) NTFS
3 Drive d: (RECOVERY) (Fixed) (Total:2 GB) (Free:1.13 GB) NTFS

========================= Users: ========================================

User accounts for \\MAINCOMPUTER-PC

Administrator            Guest                    Main Computer           


**** End of log ****



Farbar Service Scanner Version: 03-03-2013
Ran by Main Computer (administrator) on 10-03-2013 at 17:57:21
Running from "C:\Users\Main Computer\Downloads"
Windows Vista ™ Business Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-02-13 05:42] - [2013-01-04 07:28] - 0905576 ____A (Microsoft Corporation) 74E2D020C47BB2B2FCCBA29A518A7EB4

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



# AdwCleaner v2.114 - Logfile created 03/10/2013 at 17:58:20
# Updated 05/03/2013 by Xplode
# Operating system : Windows Vista ™ Business Service Pack 2 (32 bits)
# User : Main Computer - MAINCOMPUTER-PC
# Boot Mode : Normal
# Running from : C:\Users\Main Computer\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager
File Deleted : C:\END
File Deleted : C:\Users\MAINCO~1\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DailyBibleGuideEI
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Main Computer\AppData\Local\APN
Folder Deleted : C:\Users\Main Computer\AppData\Local\Conduit
Folder Deleted : C:\Users\Main Computer\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\MAINCO~1\AppData\Local\Temp\AskSearch

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\incredibar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3239904
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Main Computer\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.51] : keyword = "search-results.com",
Deleted [l.54] : search_url = "hxxp://isearch.fantastigames.com/web?src=crb&gct=ds&appid=107&systemid=465&q={s[...]
Deleted [l.1796] : homepage = "hxxp://isearch.fantastigames.com/465",

*************************

AdwCleaner[S1].txt - [10605 octets] - [10/03/2013 17:58:20]

########## EOF - C:\AdwCleaner[S1].txt - [10666 octets] ##########



#9 Confused365

Confused365
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 10 March 2013 - 05:18 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows Vista ™ Business x86
Ran by Main Computer on Sun 03/10/2013 at 18:05:19.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{364ea597-e728-4ce4-bb4a-ed846ef47970}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{364ea597-e728-4ce4-bb4a-ed846ef47970}
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

   Val Name      Type   Value Data
   ========      ====   ==========
    Apple    REG_SZ    rundll32.exe "C:\Users\Main Computer\AppData\Local\Apple Computer\Apple\jabevlv.dll",vlc_entry__1_1_0gW

 


~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{364ea597-e728-4ce4-bb4a-ed846ef47970}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pc1data"
Successfully deleted: [Folder] "C:\Users\Main Computer\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Main Computer\appdata\locallow\mapsgalaxy_39"
Failed to delete: [Folder] "C:\Program Files\mapsgalaxy_39"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"

 

~~~ Chrome

Dumping contents of C:\Users\Main Computer\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\Main Computer\appdata\local\Google\Chrome\User Data\Default\Default\aagedegddegfgdgfdjdhgddfdegggddf
C:\Users\Main Computer\appdata\local\Google\Chrome\User Data\Default\Default\aagedegddegfgdgfdjdhgddfdegggddf\manifest.json

Successfully deleted: [Folder] C:\Users\Main Computer\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]

 

~~~ Event Viewer Logs were cleared

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/10/2013 at 18:08:51.63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/10/2013 06:10:33 PM in x86 mode.
Windows Version: Windows Vista ™ Business Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic

* WPCSvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost

Program finished at: 03/10/2013 06:10:44 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)



"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "atchk" "Displays state of Intel® Active Management Technology." "Intel Corporation" "c:\program files\intel\amt\atchk.exe"
+ "Dell MFP Color Laser Printer 3115cn Launcher" "Dell MFP Laser 3115cn Launcher" "Dell Inc." "c:\program files\dell printers\dell mfp color laser printer 3115cn\address book editor\launcher.exe"
+ "DLPSP" "Printer Status Provider" "Dell Inc." "c:\program files\dell printers\additional color laser software\status monitor\dlpsp.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IndexSearch" "PaperPort IndexSearch" "Nuance Communications, Inc." "c:\program files\dell printers\paperport\indexsearch.exe"
+ "jswtrayutil" "" "" "File not found: C:\Program Files\NETGEAR\WNA1100\jswtrayutil.exe"
+ "MapsGalaxy Search Scope Monitor" "" "" "File not found: C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe"
+ "MapsGalaxy_39 Browser Plugin Loader" "VER_DESCRIPTION" "VER_COMPANY_NAME" "c:\program files\mapsgalaxy_39\bar\1.bin\39brmon.exe"
+ "PaperPort PTD" "PaperPort Print to Desktop for NT" "Nuance Communications, Inc." "c:\program files\dell printers\paperport\pptd40nt.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SoundMAXPnP" "SMax4PNP" "Analog Devices, Inc." "c:\program files\analog devices\core\smax4pnp.exe"
+ "SSBkgdUpdate" "SSBkgdUpdate" "Nuance Communications, Inc." "c:\program files\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "NETGEAR WNA1100 Smart Wizard.lnk" "Netgear" "" "c:\program files\netgear\wna1100\wna1100.exe"
+ "Secunia PSI Tray.lnk" "Secunia PSI Tray" "Secunia" "c:\program files\secunia\psi\psi_tray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files\google\chrome\application\25.0.1364.152\installer\chrmstp.exe"
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apple" "" "" "File not found: C:\Users\Main Computer\AppData\Local\Apple Computer\Apple\jabevlv.dll"
+ "SpybotSD TeaTimer" "System settings protector" "Safer Networking Limited" "c:\program files\spybot - search & destroy\teatimer.exe"
+ "WMPNSCFG" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\bushell.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\navshext.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\bushell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\navshext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\bushell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Safe Search" "" "" "File not found: C:\Program Files\AVG\AVG9\avgssie.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\ips\ipsbho.dll"
+ "Search Assistant BHO" "" "" "File not found: C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files\spybot - search & destroy\sdhelper.dll"
+ "Toolbar BHO" "" "" "File not found: C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "39SrcAs.dll" "" "" "File not found: C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\coieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files\windows live\writer\writerbrowserextension.dll"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll"
+ "Spybot - Search && Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.6 r602" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\DealPly" "" "" "File not found: C:\Users\MAINCO~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\WindowsCalendar\Reminders - Main Computer" "Windows Calendar" "Microsoft Corporation" "c:\program files\windows calendar\wincal.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\Norton 360\Norton Error Analyzer" "Symantec Error Reporting" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\symerr.exe"
+ "\Norton 360\Norton Error Processor" "Symantec Error Reporting" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\symerr.exe"
+ "\Norton WSC Integration" "WSCStub" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\wscstub.exe"
+ "\RunAsStdUser Task" "" "" "File not found: C:\Users\Main Computer\AppData\Local\VooMuuSA\bin\2.0.7.0\VooMuuSA.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "ASFAgent" "Provides support for ASF remote manageability, including alert messages sending and remote control operations." "Intel Corporation" "c:\program files\intel\asf agent\asfagent.exe"
+ "atchksrv" "Intel® Active Management Technology System Status Service - Displays status of Intel® Active Management Technology" "Intel Corporation" "c:\program files\intel\amt\atchksrv.exe"
+ "DLPWD" "Printer Status Watcher" "Dell Inc." "c:\program files\dell printers\additional color laser software\status monitor\dlpwdnt.exe"
+ "DLSDB" "Status Database" "Dell Inc." "c:\program files\dell printers\additional color laser software\status monitor\dlsdbnt.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files\windows live\family safety\fsssvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "jswpsapi" "Provides support for JumpStart using Wi-Fi Protected Setup." "Atheros Communications, Inc." "c:\program files\netgear\wna1100\jswpsapi.exe"
+ "LMS" "Intel® Active Management Technology Local Management Service - Allows applications to access the local Intel® Active Management Technology using its locally-available SOAP interfaces." "Intel" "c:\program files\intel\amt\lms.exe"
+ "MapsGalaxy_39Service" "PRODUCTVERS_TITLE" "COMPANYVERS_NAME" "c:\program files\mapsgalaxy_39\bar\1.bin\39barsvc.exe"
+ "N360" "Norton 360" "Symantec Corporation" "c:\program files\norton 360\engine\20.3.0.36\ccsvchst.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files\spybot - search & destroy\sdwinsec.exe"
+ "Secunia PSI Agent" "Performs routine software inspections of the system, the results of which can be seen in your Secunia PSI" "Secunia" "c:\program files\secunia\psi\psia.exe"
+ "Secunia Update Agent" "Performs routine updates of selected software on the system, the results of which can be seen in your Secunia PSI" "Secunia" "c:\program files\secunia\psi\sua.exe"
+ "TeamViewer8" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files\teamviewer\version8\teamviewer_service.exe"
+ "UNS" "Intel® Active Management Technology User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Active Management Technology Device." "Intel" "c:\program files\intel\amt\uns.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "WSWNA1100" "Wifi Service" "" "c:\program files\netgear\wna1100\wifisvc.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ADIHdAudAddService" "High Definition Audio Function Driver" "Analog Devices, Inc." "c:\windows\system32\drivers\adihdaud.sys"
+ "AsfAlrt" "Asfalrt Driver" "Intel Corporation" "c:\windows\system32\drivers\asfalrt.sys"
+ "athur" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athur.sys"
+ "BHDrvx86" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.3.0.36\definitions\bashdefs\20130301.001\bhdrvx86.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "ccSet_N360" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\1403000.024\ccsetx86.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "HECI" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\heci.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "IDSVix86" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.3.0.36\definitions\ipsdefs\20130308.001\idsvix86.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "jswpslwf" "JumpStart Wireless Filter Driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\jswpslwf.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.3.0.36\definitions\virusdefs\20130309.003\naveng.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.3.0.36\definitions\virusdefs\20130309.003\navex15.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "PSI" "PSI mini-filter driver" "Secunia" "c:\windows\system32\drivers\psi_mf_x86.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "SCMNdisP" "General NDIS Protocol Driver" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\scmndisp.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360\1403000.024\srtsp.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360\1403000.024\srtspx.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360\1403000.024\symds.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360\1403000.024\symefa.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\1403000.024\ironx86.sys"
+ "SYMTDIv" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\1403000.024\symtdiv.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PDF-XChange" "PDF-XChange Port Monitor" "Tracker Software" "c:\windows\system32\pxc25pm.dll"
+ "PDF995 Monitor" "" "" "c:\windows\system32\pdf995mon.dll"
+ "Status Monitor Language Monitor for Dell MFP Laser 3115cn" "Language Monitor for Dell MFP Color Laser Printer 3115cn" "Dell Inc." "c:\windows\system32\dlxbazil.dll"
"C:\Users\Main Computer\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"
+ "Feed Headlines" "Track the latest news, sports, and entertainment headlines." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\RSSFeeds.Gadget\en-US\Gadget.xml"
+ "Slide Show" "Show a continuous slide show of your pictures." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-US\Gadget.xml"



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:24 PM

Posted 10 March 2013 - 05:22 PM

Launch Autoruns and uncheck this entry

 

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apple" "" "" "File not found: C:\Users\Main Computer\AppData\Local\Apple Computer\Apple\jabevlv.dll"

 

Restart the PC and let me know if you have any more issues.



#11 Confused365

Confused365
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 10 March 2013 - 07:09 PM

It seems to be cured!  Thank you!  Btw, can you point me to a sheet I can print of the common "do not do's" that I can print and plaster beside my computer so people who use it won't be as likely to do things like click bad links?



#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:24 PM

Posted 10 March 2013 - 07:34 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)



#13 Confused365

Confused365
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 14 March 2013 - 07:53 AM

The virus seemed to be gone until this morning when I did a web search for "Walmart photo" (from the address bar) and got a slightly different formatting in the search results from what Google normally displays and the web address displayed as http://isearch.fantastigames.com/web?src=crb&gct=ds&appid=107&systemid=465&q=walmart+photo

 

I guess the virus is back :(  Do you have any ideas?  Thanks!



#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:24 PM

Posted 14 March 2013 - 10:48 AM

Which browser?



#15 Confused365

Confused365
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 14 March 2013 - 11:09 AM

Chrome Version 25.0.1364.172 m






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users